[SCM] Samba Shared Repository - branch v4-6-test updated
Stefan Metzmacher
metze at samba.org
Tue Feb 14 03:14:03 UTC 2017
The branch, v4-6-test has been updated
via 6e6cf90 s4:tests/sec_descriptor: use more unique oid values
via b641595 ctdb-build: Install CTDB tests correctly from toplevel
via 612a3be s3: VFS: Don't allow symlink, link or rename on already converted paths.
via a52e728 s3: VFS: shadow_copy2: Fix usage of saved_errno to only set errno on error.
via d5b1ef7 s3: VFS: shadow_copy2: Fix a memory leak in the connectpath function.
via 5caa093 s3: VFS: shadow_copy2: Fix module to work with variable current working directory.
via bc44e33 s3: VFS: Add utility function check_for_converted_path().
via fc6845f s3: VFS: Ensure shadow:format cannot contain a / path separator.
via 805a7e3 s3: VFS: Allow shadow_copy2_connectpath() to return the cached path derived from $cwd.
via 2caa219 s3: VFS: shadow_copy2: Fix chdir to store off the needed private variables.
via d45ee17 s3: VFS: shadow_copy2: Add two currently unused functions to make pathnames absolute or relative to $cwd.
via 7ed2e5c s3: VFS: shadow_copy2: Change a parameter name.
via fa24756 s3: VFS: shadow_copy2: Add a wrapper function to call the original shadow_copy2_strip_snapshot().
via 5f0ded3 s3: VFS: shadow_copy2: Add two new variables to the private data. Not yet used.
via 5377a0b s3: VFS: shadow_copy2: Fix length comparison to ensure we don't overstep a length.
via 28bd3b7 s3: VFS: shadow_copy2: Ensure pathnames for parameters are correctly relative and terminated.
via ba1091c s3: VFS: shadow_copy2: Correctly initialize timestamp and stripped variables.
via 8d5bb11 s3: smbd: Make set_conn_connectpath() call canonicalize_absolute_path().
via d3446cd s3: smbtorture: Add new local test LOCAL-CANONICALIZE-PATH
via 0cb108f s3: lib: Fix two old, old bugs in set_conn_connectpath(), now in canonicalize_absolute_path().
via 747da44 s3: lib: Add canonicalize_absolute_path().
via 10e63a1 s3: smbd: Correctly canonicalize any incoming shadow copy path.
via 3ebe6e4 waf: backport finding of pkg-config
via c290e63 torture/drs: expand test for DRSUAPI_DRS_GET_ANC
via f0f6c6e getncchanges: implement DRSUAPI_DRS_GET_ANC more correctly
via 616767e getncchanges: calculate getnc_state->min_usn calculation based on the uptodateness vector
via 5983215 getncchanges: improve get_nc_changes_add_links() by checking uSNChanged
via be30185 getncchanges: improve get_nc_changes_build_object() by checking uSNChanged
via 8bf05d4 getncchanges: fix highest_usn off by one calculation in get_nc_changes_add_links()
via e958fcc getncchanges: remove unused c++ comments/code in getncchanges_collect_objects()
via 8d65efb getncchanges: do not replicate links for non critical objects if DRSUAPI_DRS_CRITICAL_ONLY is set
via bf69e32 getncchanges: don't process DRSUAPI_DRS_CRITICAL_ONLY for EXOPs
via 1f3a081 getncchanges: remember the ncRoot_guid on the getncchanges state
via 200b298 getncchanges: pass struct ldb_message as const
via b7deef9 getncchanges: only set nc_{object,linked_attributes}_count with DRSUAPI_DRS_GET_NC_SIZE
via 8b38bec torture/drs: remove pointless nc_object_count replication checks in test_link_utdv_hwm()
via 7016056 python/join: use DRSUAPI_DRS_GET_NC_SIZE for the initial replication
via e8d8720 python/join: set common replica_flags in dc_join.__init__()
via 58b8958 drsuapi.idl: make drsuapi_DsGetNCChangesRequest10 [public]
via 8cb905d drsuapi.idl: add drsuapi_DrsMoreOptions with DRSUAPI_DRS_GET_TGT
via 8bcb35a s4:libnet: s/highestCommitedUSN/highestCommittedUSN
via cad7d1c s4:dsdb/repl: s/highestCommitedUsn/highestCommittedUSN
via 87d6207 dbcheck-links: Test that dbcheck against one-way links does not error
via 7890e42 dbcheck: Do not regard old one-way-links as errors
via c56b9b8 samba_dsdb: Use and maintain compatibleFeatures and requiredFeatures in @SAMBA_DSDB
via d3c8b54 samba-tool: Correct handling of default value for use_ntvfs and use_xattrs
from b162acb ctdb-tests: Use replace headers instead of system headers
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-6-test
- Log -----------------------------------------------------------------
commit 6e6cf9030862e1f1f2f36d4aafc1a7e5a9d2b519
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jan 11 13:34:28 2017 +0100
s4:tests/sec_descriptor: use more unique oid values
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12507
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Autobuild-User(master): David Disseldorp <ddiss at samba.org>
Autobuild-Date(master): Thu Jan 12 04:02:21 CET 2017 on sn-devel-144
(cherry picked from commit b4f40e4d6db4d5a8e889ea778ebbce8eaf6b10f5)
Autobuild-User(v4-6-test): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(v4-6-test): Tue Feb 14 04:13:19 CET 2017 on sn-devel-144
commit b6415953d6802246d235b3327a745121e7ff2a4e
Author: Amitay Isaacs <amitay at gmail.com>
Date: Wed Feb 1 15:53:47 2017 +1100
ctdb-build: Install CTDB tests correctly from toplevel
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12547
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
Autobuild-User(master): Martin Schwenke <martins at samba.org>
Autobuild-Date(master): Thu Feb 2 08:25:57 CET 2017 on sn-devel-144
(cherry picked from commit ce9b72c17abb156de8185b100f27d1ddd3c89b15)
commit 612a3be666f9b9b3a1c85571c40e17ab0d9f091f
Author: Jeremy Allison <jra at samba.org>
Date: Thu Jan 26 17:19:24 2017 -0800
s3: VFS: Don't allow symlink, link or rename on already converted paths.
Snapshot paths are a read-only filesystem.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Mon Jan 30 22:26:29 CET 2017 on sn-devel-144
(cherry picked from commit 0e1deb77f2b310ad7e5dd784174207adacf1c981)
commit a52e728b292689de3ba4caeec7e73949c0e5eb81
Author: Jeremy Allison <jra at samba.org>
Date: Mon Jan 23 10:20:13 2017 -0800
s3: VFS: shadow_copy2: Fix usage of saved_errno to only set errno on error.
Rationale:
VFS calls must act like their POSIX equivalents, and the POSIX versions
*only* set errno on a failure. There is actually code in the upper smbd
layers that depends on errno being correct on a fail return from a VFS call.
For a compound VFS module like this, a common pattern is :
SMB_VFS_CALL_X()
{
int ret;
syscall1();
ret = syscall2();
syscall3();
return ret;
}
Where if *any* of the contained syscallX()'s fail, they'll set errno.
However, the actual errno we should return is *only* the one returned
if syscall2() fails (the others are lstat's checking for existence etc.).
So what we should do to correctly return only the errno from syscall2() is:
SMB_VFS_CALL_X()
{
int ret;
int saved_errno = 0;
syscall1()
ret = syscall2();
if (ret == -1) {
saved_errno = errno;
}
syscall3()
if (saved_errno != 0) {
errno = saved_errno;
}
return ret;
}
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit cda6764f1a8db96182bfd1855440bc6a1ba1abee)
commit d5b1ef757e5a01d2e6418307274d42f1d3010996
Author: Jeremy Allison <jra at samba.org>
Date: Mon Jan 23 10:06:44 2017 -0800
s3: VFS: shadow_copy2: Fix a memory leak in the connectpath function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit 4d339a88851f601fae195ac8ff0691cbd3504f41)
commit 5caa093b5080efddd68d465bc7dda5c1bda2dfa3
Author: Jeremy Allison <jra at samba.org>
Date: Thu Jan 26 10:49:51 2017 -0800
s3: VFS: shadow_copy2: Fix module to work with variable current working directory.
Completely cleans up the horrible shadow_copy2_strip_snapshot()
and adds an explaination of what it's actually trying to do.
* This function does two things.
*
* 1). Checks if an incoming filename is already a
* snapshot converted pathname.
* If so, it returns the pathname truncated
* at the snapshot point which will be used
* as the connectpath, and then does an early return.
*
* 2). Checks if an incoming filename contains an
* SMB-layer @GMT- style timestamp.
* If so, it strips the timestamp, and returns
* both the timestamp and the stripped path
* (making it cwd-relative).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit 128d5f27cd42b0c7efcbe3d28fe3eee881e0734b)
commit bc44e33429929accd0b4d83e0424de1371a1dbec
Author: Jeremy Allison <jra at samba.org>
Date: Thu Jan 26 10:35:50 2017 -0800
s3: VFS: Add utility function check_for_converted_path().
Detects an already converted path. Not yet used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit b94dc85d339c9a10496edd07b85bdd7808d2e332)
commit fc6845fab8ab6d46ed05864e58e4ba813914b32a
Author: Jeremy Allison <jra at samba.org>
Date: Thu Jan 26 10:24:52 2017 -0800
s3: VFS: Ensure shadow:format cannot contain a / path separator.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit cd4f940162b17e4f7345d392326a31ae478230fa)
commit 805a7e33db84ef3229573d428c9232e859737524
Author: Jeremy Allison <jra at samba.org>
Date: Fri Jan 20 12:09:08 2017 -0800
s3: VFS: Allow shadow_copy2_connectpath() to return the cached path derived from $cwd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit 42bd1acad75a6b5ea81fe4b30c067dd82623c042)
commit 2caa2197b459aefbf1f4ad92c59937a00ea68f0a
Author: Jeremy Allison <jra at samba.org>
Date: Fri Jan 20 12:06:55 2017 -0800
s3: VFS: shadow_copy2: Fix chdir to store off the needed private variables.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
This is not yet used, the users of this will be added later.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit 27340df4b52e4341f134667c59d71656a7a1fdae)
commit d45ee17cbb853131db16a6f81a0dcef0151483a6
Author: Jeremy Allison <jra at samba.org>
Date: Fri Jan 20 12:00:08 2017 -0800
s3: VFS: shadow_copy2: Add two currently unused functions to make pathnames absolute or relative to $cwd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit 9d65107b8f2864dba8d41b3316c483b3f36d0697)
commit 7ed2e5c0fb41aa8dcaaeb94100eb9babf7d4a4c2
Author: Jeremy Allison <jra at samba.org>
Date: Fri Jan 20 11:56:21 2017 -0800
s3: VFS: shadow_copy2: Change a parameter name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Allows easy substitution later.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit 2887465108aef5e2e7c64417437ecb86c7460e16)
commit fa247562296ff5917470cdf1c517c497f8a2f91d
Author: Jeremy Allison <jra at samba.org>
Date: Fri Jan 20 11:54:56 2017 -0800
s3: VFS: shadow_copy2: Add a wrapper function to call the original shadow_copy2_strip_snapshot().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Allows an extra (currently unused) parameter to be added.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit 5aa1ea95157475dfd2d056f0158b14b2b90895a9)
commit 5f0ded3e467d05b4b6b041c87124278c497173d4
Author: Jeremy Allison <jra at samba.org>
Date: Fri Jan 20 11:50:49 2017 -0800
s3: VFS: shadow_copy2: Add two new variables to the private data. Not yet used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit 72fe2b62e3ee7462e5be855b01943f28b26c36c1)
commit 5377a0bcc68a37681c0f4d2d9c3f33aaeb51c3cb
Author: Jeremy Allison <jra at samba.org>
Date: Fri Jan 20 11:48:40 2017 -0800
s3: VFS: shadow_copy2: Fix length comparison to ensure we don't overstep a length.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit 37ef8d3f65bd1215717eb51b2e1cdb84a7bed348)
commit 28bd3b773dbd01bb99c8cd940845cf7945fbf411
Author: Jeremy Allison <jra at samba.org>
Date: Fri Jan 20 11:45:54 2017 -0800
s3: VFS: shadow_copy2: Ensure pathnames for parameters are correctly relative and terminated.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit 979e39252bcc88e8aacb543b8bf322dd6f17fe7f)
commit ba1091c00ce41d02cc96202051f1b7815a01018a
Author: Jeremy Allison <jra at samba.org>
Date: Fri Jan 20 11:42:39 2017 -0800
s3: VFS: shadow_copy2: Correctly initialize timestamp and stripped variables.
Allow the called functions to be fixed to not touch them on error.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit 0a190f4dd950c947d47c42163d11ea4bd6e6e508)
commit 8d5bb11f5fd58e63a37788918e1640566284b300
Author: Jeremy Allison <jra at samba.org>
Date: Tue Jan 17 11:35:52 2017 -0800
s3: smbd: Make set_conn_connectpath() call canonicalize_absolute_path().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit d650d65488761b30fa34d42cb1ab400618a78c33)
commit d3446cd7ca7a9ab78578df7e6c270e28310b1a59
Author: Jeremy Allison <jra at samba.org>
Date: Thu Jan 26 16:08:42 2017 -0800
s3: smbtorture: Add new local test LOCAL-CANONICALIZE-PATH
Tests new canonicalize_absolute_path() function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit a51363309a4330b65e34ae941ec99d180bdbab56)
commit 0cb108f2e1d330d0acd1e13f0e83b19c16b84490
Author: Jeremy Allison <jra at samba.org>
Date: Thu Jan 19 15:18:41 2017 -0800
s3: lib: Fix two old, old bugs in set_conn_connectpath(), now in canonicalize_absolute_path().
Canonicalizing a path of /foo/bar/../baz would return /foo/barbaz
as moving forward 3 characters would delete the / character.
Canonicalizing /foo/.. would end up as '\0'.
Test to follow.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit 82979afc46cc5e466bdd999a94080e7a5df95518)
commit 747da4452df657d3d5f501bb7620377764736fb8
Author: Jeremy Allison <jra at samba.org>
Date: Tue Jan 17 11:33:18 2017 -0800
s3: lib: Add canonicalize_absolute_path().
Resolves any invalid path components (.) (..)
in an absolute POSIX path.
We will be re-using this in several places.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit 02599c39337c3049762a6b0bd6290577817ee5a5)
commit 10e63a13bb508b05bc9bf7e5699e719cbba1ed56
Author: Jeremy Allison <jra at samba.org>
Date: Wed Jan 11 16:30:38 2017 -0800
s3: smbd: Correctly canonicalize any incoming shadow copy path.
Converts to:
@GMT-token/path/last_component
from all incoming path types. Allows shadow_copy modules
to work when current directory is changed after removing
last component.
Ultimately when the VFS ABI is changed to add a timestamp
to struct smb_filename, this is where the parsing will be
done.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12531
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
(cherry picked from commit 39678ed6af708fb6f2760bfb51051add11e3c498)
commit 3ebe6e493468006273b1f2d124f151816c68c941
Author: Uri Simchoni <uri at samba.org>
Date: Thu Jan 19 07:46:57 2017 +0200
waf: backport finding of pkg-config
Allow the builder to customize the location of pkg-config
utility by setting PKGCONFIG environment variable.
This is backported from upstream waf.
Thanks to Zentaro Kavanagh <zentaro at google.com> for
pointing that out and proposing the fix.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12529
Signed-off-by: Uri Simchoni <uri at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jan 25 04:23:00 CET 2017 on sn-devel-144
(cherry picked from commit 2cf141ed45b4f7b7754cb9525d987ff38495d789)
commit c290e636c6e4aa03a1f0dba2e664a0967627b0d7
Author: Bob Campbell <bobcampbell at catalyst.net.nz>
Date: Mon Dec 12 16:00:35 2016 +1300
torture/drs: expand test for DRSUAPI_DRS_GET_ANC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Bob Campbell <bobcampbell at catalyst.net.nz>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Feb 9 03:16:09 CET 2017 on sn-devel-144
(cherry picked from commit 5c918e29429f4a0c5a4383b33eaa10a66dfdd2f2)
commit f0f6c6ec90e026dc81ce6af630b86a7bf672845f
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Nov 29 11:12:22 2016 +0100
getncchanges: implement DRSUAPI_DRS_GET_ANC more correctly
The most important case is the combination of
DRSUAPI_DRS_CRITICAL_ONLY and DRSUAPI_DRS_GET_ANC.
With DRSUAPI_DRS_GET_ANC we need to make sure all ancestors
included even if they're not marked with
isCriticalSystemObject=TRUE.
I guess we still don't behave exactly as Windows, but it's much
better than before and fixes the initial replication if
someone moved the administrator account to an OU.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Pair-Programmed-With: Bob Campbell <bobcampbell at catalyst.net.nz>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Bob Campbell <bobcampbell at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 5109e777f75670958d193a269bbb575cdf0a67ce)
commit 616767e922cbd3a0499e4dc84c4b988d065fa16b
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Feb 7 12:37:16 2017 +0100
getncchanges: calculate getnc_state->min_usn calculation based on the uptodateness vector
This should improve initial replication of a fresh destination dsa with
a zero highwatermark.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit c61d0c8957bf4eade5da93f4f22ae5f3ce2e7403)
commit 5983215f29556f90fd9ab75cf9475d96f2e9d4fa
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Feb 7 12:28:33 2017 +0100
getncchanges: improve get_nc_changes_add_links() by checking uSNChanged
This will make a difference once we handle DRSUAPI_DRS_GET_ANC correctly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 02f11b925c44ecc0b333f1a5593b7d01dc05560a)
commit be30185d4963c8b933715ded40c2e2fb52a7f4a0
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Feb 7 12:28:33 2017 +0100
getncchanges: improve get_nc_changes_build_object() by checking uSNChanged
This will make a difference once we handle DRSUAPI_DRS_GET_ANC correctly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit c31777a7010e8fb914ae8450a476d7f9ee2a4c39)
commit 8bf05d48f65ed257261ca3bcf272545e88e0fdee
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Feb 7 12:34:45 2017 +0100
getncchanges: fix highest_usn off by one calculation in get_nc_changes_add_links()
highest_usn is the the highest usn the destination dsa already knows about.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 51386342d5f6df2d9aaf801a4137300569458f3d)
commit e958fcc7096f876e8f3d0289e0dd69697c1f734e
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Feb 8 10:24:56 2017 +0100
getncchanges: remove unused c++ comments/code in getncchanges_collect_objects()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 7d8c409792e93490bc4c357436200289df54d3ce)
commit 8d65efbbaa7b2e770f9241ebd2af955f4d9b937f
Author: Garming Sam <garming at catalyst.net.nz>
Date: Wed Dec 14 16:04:32 2016 +1300
getncchanges: do not replicate links for non critical objects if DRSUAPI_DRS_CRITICAL_ONLY is set
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Pair-programmed-with: Bob Campbell <bobcampbell at catalyst.net.nz>
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Signed-off-by: Bob Campbell <bobcampbell at catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 1a328bf404d9b3e6db4b2db963b186223297463a)
commit bf69e32ee24deffce176cbaaa2b97e2d28dafc6c
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Nov 30 09:11:31 2016 +0100
getncchanges: don't process DRSUAPI_DRS_CRITICAL_ONLY for EXOPs
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 1e15cdaa01fdee60f8bd57db41f062ace77c216d)
commit 1f3a0817d84325e2c46ec98ae14347823dfc9765
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Nov 29 11:09:46 2016 +0100
getncchanges: remember the ncRoot_guid on the getncchanges state
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 488eed6977e6bb04be2b1a736115d8887516ebbe)
commit 200b298317ef825ddfc0124c4d7affdcc6481eb4
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Dec 1 11:50:34 2016 +0100
getncchanges: pass struct ldb_message as const
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 23e45b493803b3b2b548b4a3dbec0525feeb928f)
commit b7deef9fe711fe9643b0b400d3faa80c9dd616b4
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Nov 29 13:23:23 2016 +0100
getncchanges: only set nc_{object,linked_attributes}_count with DRSUAPI_DRS_GET_NC_SIZE
The main change is that we return 0 values if DRSUAPI_DRS_GET_NC_SIZE is not
present in order to get the same result as a Windows server in that case.
If DRSUAPI_DRS_GET_NC_SIZE is return the number of links we found so far
during the cycle in addition the number of objects returned in this cycle.
Both values doesn't match what Windows returns, but doing that
correctly and efficient is a task for another day.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit e935a04afb017ff52b6caf9bfa66888ab541c894)
commit 8b38bec390efddbb8b56038899b91ea04e74e012
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Feb 7 17:06:47 2017 +0100
torture/drs: remove pointless nc_object_count replication checks in test_link_utdv_hwm()
nc_object_count and nc_linked_attributes_count are only filled if
DRSUAPI_DRS_GET_NC_SIZE is requested. And they should contain
the total number. This is only useful for the initial replication.
Samba ignores DRSUAPI_DRS_GET_NC_SIZE currently but that will change in
the following commits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 41bc007d49e8bb304cdfb07231d402fa9ad828d7)
commit 7016056bce6a9d589642831bc4ffebae18f6f934
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Nov 29 14:29:59 2016 +0100
python/join: use DRSUAPI_DRS_GET_NC_SIZE for the initial replication
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit dd6d119c801076547fc0d087a2b959100146ba95)
commit e8d8720c5d1f273968b602c70debd92e66952a88
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Nov 29 14:27:57 2016 +0100
python/join: set common replica_flags in dc_join.__init__()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12398
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 330ef9e572b9cf408ccb7721e86dc2afff245637)
commit 58b89581bd703a7aa01b92186c5c7f0508e52ed1
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Feb 7 16:22:41 2017 +0100
drsuapi.idl: make drsuapi_DsGetNCChangesRequest10 [public]
This allows ndr_print to work.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit f5d3b863c75af5373a2044b184a8c9be1f32e60a)
commit 8cb905d380f1c9784e2509511d3aa304d0e90178
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Nov 29 09:22:44 2016 +0100
drsuapi.idl: add drsuapi_DrsMoreOptions with DRSUAPI_DRS_GET_TGT
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 0c77567a4e23bc87c249066319724413e9f9916e)
commit 8bcb35ab02044177d75c91e761d7f708f6846daa
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Dec 1 11:49:25 2016 +0100
s4:libnet: s/highestCommitedUSN/highestCommittedUSN
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 2ef7594eca19b4448f04b138e97768965dc34242)
commit cad7d1c178d8a2fab37266c633d533251acc719a
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Dec 1 11:49:07 2016 +0100
s4:dsdb/repl: s/highestCommitedUsn/highestCommittedUSN
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 7888c250da03b0deaafed0932f9d6bcb1dd296a4)
commit 87d6207b1762335b4381d8e1fe7784835b5bb500
Author: Garming Sam <garming at catalyst.net.nz>
Date: Wed Feb 8 15:24:14 2017 +1300
dbcheck-links: Test that dbcheck against one-way links does not error
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12577
Pair-programmed-with: Bob Campbell <bobcampbell at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Mon Feb 13 07:33:08 CET 2017 on sn-devel-144
(cherry picked from commit 44ee31675afd277d429cb246525741110f8fceec)
commit 7890e42e165da96f62e603e7906eebbbf1a32e3e
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Feb 2 16:27:35 2017 +1300
dbcheck: Do not regard old one-way-links as errors
Samba does not maintain one way links when the target is deleted or renamed
so do not fail dbcheck because of such links, but allow them to be updated.
This matters because administrators and make test expect that normal Samba
operation do NOT cause the database to become corrupt, and any error from
dbcheck tends to trigger alarms (or test failures).
If an object pointed at by a one way link is renamed or deleted in normal
operations (such as intersiteTopologyGenerator pointing at a demoted DC),
or make test, then this could trigger.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12577
(cherry picked from commit 35bfc62a31c9ad73449594ddd48f76f50e0abade)
commit c56b9b8795dec5b01816dbc542701812c1dfe0c7
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Jan 12 16:51:45 2017 +1300
samba_dsdb: Use and maintain compatibleFeatures and requiredFeatures in @SAMBA_DSDB
This will allow us to introduce new database features that are
backward compatible from the point of view of older versions of Samba,
but which will be damaged by modifying the database with such a
version.
For example, if linked attributes are stored in sorted order in 4.7,
and this change, without any values in current_supportedFeatures is
itself included in 4.6, then our sortedLinks are backward compatible
to that release.
That is with 4.6 (including this patch) which doesn't care about
ordering -- but a downgraded 4.7 database used by 4.6 will be broken
when later used with 4.7. If we add a 'sortedLinks' feature flag in
compatibleFeatures, we can detect that.
This will allow us to determine if the database still contains
unsorted links, as that information allows us to make the code
handling links much more efficient.
We won't add the actual flag until all the code is in place.
Andrew wrote the actual code and Douglas wrote the tests, and they
cross-reviewed.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Piar-programmed-with: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
selftest: check for database features flags
(cherry picked from commit 8368e06ff65cc70e1cf13a0eb4349033e068fcc6)
BUG 12573: Samba < 4.7 does not know about compatibleFeatures and
requiredFeatures
commit d3c8b54a1e87a3fac12e6d35960f83edb9240958
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Jan 30 15:34:09 2017 +1300
samba-tool: Correct handling of default value for use_ntvfs and use_xattrs
Because these options are optional based on build-time rules, we need to encode the
default value from the additonal Option() blocks in the run() declaration.
Then we can correctly check only for the expected options, and not inconsistently for
None (causing classicupgrade to fail).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12543
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
(cherry picked from commit ca961e6a62987dc75931b7714d94fb998d586888)
-----------------------------------------------------------------------
Summary of changes:
ctdb/wscript | 7 +-
librpc/idl/drsuapi.idl | 8 +-
python/samba/dbchecker.py | 47 +-
python/samba/join.py | 40 +-
python/samba/netcmd/domain.py | 14 +-
source3/lib/util_path.c | 139 ++++
source3/lib/util_path.h | 1 +
source3/modules/vfs_shadow_copy2.c | 909 +++++++++++++++------
source3/selftest/tests.py | 1 +
source3/smbd/filename.c | 150 ++++
source3/smbd/service.c | 103 +--
source3/torture/torture.c | 44 +
source4/dsdb/repl/drepl_service.h | 2 +-
source4/dsdb/samdb/ldb_modules/samba_dsdb.c | 78 +-
source4/dsdb/samdb/samdb.h | 2 +
source4/dsdb/tests/python/sec_descriptor.py | 82 +-
source4/libnet/libnet_become_dc.c | 2 +-
source4/rpc_server/drsuapi/getncchanges.c | 418 ++++++++--
.../release-4-5-0-pre1/dangling-one-way-link.ldif | 15 +
source4/selftest/tests.py | 5 +
source4/setup/tests/blackbox_supported_features.sh | 86 ++
source4/torture/drs/python/getnc_exop.py | 332 +++++++-
testprogs/blackbox/dbcheck-links.sh | 10 +
testprogs/blackbox/renamedc.sh | 6 +-
third_party/waf/wafadmin/Tools/config_c.py | 4 +-
25 files changed, 1955 insertions(+), 550 deletions(-)
create mode 100644 source4/selftest/provisions/release-4-5-0-pre1/dangling-one-way-link.ldif
create mode 100755 source4/setup/tests/blackbox_supported_features.sh
Changeset truncated at 500 lines:
diff --git a/ctdb/wscript b/ctdb/wscript
index 446bd8d..13384c8 100644
--- a/ctdb/wscript
+++ b/ctdb/wscript
@@ -850,8 +850,13 @@ def build(bld):
'tool'
]
+ if bld.env.standalone_ctdb:
+ testdir = 'tests'
+ else:
+ testdir = 'ctdb/tests'
+
for t in test_subdirs:
- files = SUBDIR_MODE('tests/%s' % t, trim_path='tests')
+ files = SUBDIR_MODE('%s/%s' % (testdir, t), trim_path=testdir)
for fmode in files:
bld.INSTALL_FILES(bld.env.CTDB_TEST_DATADIR, 'tests/%s' % fmode[0],
destname=fmode[0], chmod=fmode[1])
diff --git a/librpc/idl/drsuapi.idl b/librpc/idl/drsuapi.idl
index c3af8a5..d08054f 100644
--- a/librpc/idl/drsuapi.idl
+++ b/librpc/idl/drsuapi.idl
@@ -58,6 +58,10 @@ interface drsuapi
DRSUAPI_DRS_GET_ALL_GROUP_MEMBERSHIP = 0x80000000
} drsuapi_DrsOptions;
+ typedef [public,bitmap32bit] bitmap {
+ DRSUAPI_DRS_GET_TGT = 0x00000001
+ } drsuapi_DrsMoreOptions;
+
/* see DRS_MSG_REPMOD_V1 */
typedef [public,bitmap32bit] bitmap {
DRSUAPI_DRS_UPDATE_FLAGS = 0x00000001,
@@ -573,7 +577,7 @@ interface drsuapi
drsuapi_DsReplicaOIDMapping_Ctr mapping_ctr;
} drsuapi_DsGetNCChangesRequest8;
- typedef struct {
+ typedef [public] struct {
GUID destination_dsa_guid;
GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */
[ref] drsuapi_DsReplicaObjectIdentifier *naming_context;
@@ -587,7 +591,7 @@ interface drsuapi
drsuapi_DsPartialAttributeSet *partial_attribute_set;
drsuapi_DsPartialAttributeSet *partial_attribute_set_ex;
drsuapi_DsReplicaOIDMapping_Ctr mapping_ctr;
- uint32 more_flags;
+ drsuapi_DrsMoreOptions more_flags;
} drsuapi_DsGetNCChangesRequest10;
typedef [switch_type(uint32)] union {
diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py
index 3fcfbc0..22819de 100644
--- a/python/samba/dbchecker.py
+++ b/python/samba/dbchecker.py
@@ -59,6 +59,7 @@ class dbcheck(object):
self.fix_all_string_dn_component_mismatch = False
self.fix_all_GUID_dn_component_mismatch = False
self.fix_all_SID_dn_component_mismatch = False
+ self.fix_all_old_dn_string_component_mismatch = False
self.fix_all_metadata = False
self.fix_time_metadata = False
self.fix_undead_linked_attributes = False
@@ -574,6 +575,23 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base)))
"Failed to fix %s on attribute %s" % (errstr, attrname)):
self.report("Fixed %s on attribute %s" % (errstr, attrname))
+ def err_dn_string_component_old(self, dn, attrname, val, dsdb_dn, correct_dn):
+ """handle a DN string being incorrect"""
+ self.report("NOTE: old (due to rename or delete) DN string component for %s in object %s - %s" % (attrname, dn, val))
+ dsdb_dn.dn = correct_dn
+
+ if not self.confirm_all('Change DN to %s?' % str(dsdb_dn),
+ 'fix_all_old_dn_string_component_mismatch'):
+ self.report("Not fixing old string component")
+ return
+ m = ldb.Message()
+ m.dn = dn
+ m['old_value'] = ldb.MessageElement(val, ldb.FLAG_MOD_DELETE, attrname)
+ m['new_value'] = ldb.MessageElement(str(dsdb_dn), ldb.FLAG_MOD_ADD, attrname)
+ if self.do_modify(m, ["show_recycled:1"],
+ "Failed to fix old DN string on attribute %s" % (attrname)):
+ self.report("Fixed old DN string on attribute %s" % (attrname))
+
def err_dn_component_target_mismatch(self, dn, attrname, val, dsdb_dn, correct_dn, mismatch_type):
"""handle a DN string being incorrect"""
self.report("ERROR: incorrect DN %s component for %s in object %s - %s" % (mismatch_type, attrname, dn, val))
@@ -914,12 +932,16 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base)))
if rmd_flags & 1:
continue
- # check the DN matches in string form
- if str(res[0].dn) != str(dsdb_dn.dn):
- error_count += 1
- self.err_dn_component_target_mismatch(obj.dn, attrname, val, dsdb_dn,
- res[0].dn, "string")
- continue
+ # assert the DN matches in string form, where a reverse
+ # link exists, otherwise (below) offer to fix it as a non-error.
+ # The string form is essentially only kept for forensics,
+ # as we always re-resolve by GUID in normal operations.
+ if reverse_link_name is not None:
+ if str(res[0].dn) != str(dsdb_dn.dn):
+ error_count += 1
+ self.err_dn_component_target_mismatch(obj.dn, attrname, val, dsdb_dn,
+ res[0].dn, "string")
+ continue
if res[0].dn.get_extended_component("GUID") != dsdb_dn.dn.get_extended_component("GUID"):
error_count += 1
@@ -933,9 +955,18 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base)))
res[0].dn, "SID")
continue
+ # Now we have checked the GUID and SID, offer to fix old
+ # DN strings as a non-error (for forward links with no
+ # backlink). Samba does not maintain this string
+ # otherwise, so we don't increment error_count.
+ if reverse_link_name is None:
+ if str(res[0].dn) != str(dsdb_dn.dn):
+ self.err_dn_string_component_old(obj.dn, attrname, val, dsdb_dn,
+ res[0].dn)
+ continue
- # check the reverse_link is correct if there should be one
- if reverse_link_name is not None:
+ else:
+ # check the reverse_link is correct if there should be one
match_count = 0
if reverse_link_name in res[0]:
for v in res[0][reverse_link_name]:
diff --git a/python/samba/join.py b/python/samba/join.py
index c56f8d9..4eb8c58 100644
--- a/python/samba/join.py
+++ b/python/samba/join.py
@@ -165,6 +165,12 @@ class dc_join(object):
ctx.tmp_samdb = None
+ ctx.replica_flags = (drsuapi.DRSUAPI_DRS_INIT_SYNC |
+ drsuapi.DRSUAPI_DRS_PER_SYNC |
+ drsuapi.DRSUAPI_DRS_GET_ANC |
+ drsuapi.DRSUAPI_DRS_GET_NC_SIZE |
+ drsuapi.DRSUAPI_DRS_NEVER_SYNCED)
+
# these elements are optional
ctx.never_reveal_sid = None
ctx.reveal_sid = None
@@ -891,13 +897,11 @@ class dc_join(object):
# Replicate first the critical object for the basedn
if not ctx.domain_replica_flags & drsuapi.DRSUAPI_DRS_CRITICAL_ONLY:
print "Replicating critical objects from the base DN of the domain"
- ctx.domain_replica_flags |= drsuapi.DRSUAPI_DRS_CRITICAL_ONLY | drsuapi.DRSUAPI_DRS_GET_ANC
+ ctx.domain_replica_flags |= drsuapi.DRSUAPI_DRS_CRITICAL_ONLY
repl.replicate(ctx.base_dn, source_dsa_invocation_id,
destination_dsa_guid, rodc=ctx.RODC,
replica_flags=ctx.domain_replica_flags)
ctx.domain_replica_flags ^= drsuapi.DRSUAPI_DRS_CRITICAL_ONLY
- else:
- ctx.domain_replica_flags |= drsuapi.DRSUAPI_DRS_GET_ANC
repl.replicate(ctx.base_dn, source_dsa_invocation_id,
destination_dsa_guid, rodc=ctx.RODC,
replica_flags=ctx.domain_replica_flags)
@@ -1226,11 +1230,7 @@ def join_RODC(logger=None, server=None, creds=None, lp=None, site=None, netbios_
ctx.connection_dn = "CN=RODC Connection (FRS),%s" % ctx.ntds_dn
ctx.secure_channel_type = misc.SEC_CHAN_RODC
ctx.RODC = True
- ctx.replica_flags = (drsuapi.DRSUAPI_DRS_INIT_SYNC |
- drsuapi.DRSUAPI_DRS_PER_SYNC |
- drsuapi.DRSUAPI_DRS_GET_ANC |
- drsuapi.DRSUAPI_DRS_NEVER_SYNCED |
- drsuapi.DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING |
+ ctx.replica_flags |= ( drsuapi.DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING |
drsuapi.DRSUAPI_DRS_GET_ALL_GROUP_MEMBERSHIP)
ctx.domain_replica_flags = ctx.replica_flags
if domain_critical_only:
@@ -1260,12 +1260,8 @@ def join_DC(logger=None, server=None, creds=None, lp=None, site=None, netbios_na
ctx.SPNs.append('E3514235-4B06-11D1-AB04-00C04FC2DCD2/$NTDSGUID/%s' % ctx.dnsdomain)
ctx.secure_channel_type = misc.SEC_CHAN_BDC
- ctx.replica_flags = (drsuapi.DRSUAPI_DRS_WRIT_REP |
- drsuapi.DRSUAPI_DRS_INIT_SYNC |
- drsuapi.DRSUAPI_DRS_PER_SYNC |
- drsuapi.DRSUAPI_DRS_GET_ANC |
- drsuapi.DRSUAPI_DRS_FULL_SYNC_IN_PROGRESS |
- drsuapi.DRSUAPI_DRS_NEVER_SYNCED)
+ ctx.replica_flags |= (drsuapi.DRSUAPI_DRS_WRIT_REP |
+ drsuapi.DRSUAPI_DRS_FULL_SYNC_IN_PROGRESS)
ctx.domain_replica_flags = ctx.replica_flags
if domain_critical_only:
ctx.domain_replica_flags |= drsuapi.DRSUAPI_DRS_CRITICAL_ONLY
@@ -1285,12 +1281,8 @@ def join_clone(logger=None, server=None, creds=None, lp=None,
lp.set("realm", ctx.realm)
logger.info("realm is %s" % ctx.realm)
- ctx.replica_flags = (drsuapi.DRSUAPI_DRS_WRIT_REP |
- drsuapi.DRSUAPI_DRS_INIT_SYNC |
- drsuapi.DRSUAPI_DRS_PER_SYNC |
- drsuapi.DRSUAPI_DRS_GET_ANC |
- drsuapi.DRSUAPI_DRS_FULL_SYNC_IN_PROGRESS |
- drsuapi.DRSUAPI_DRS_NEVER_SYNCED)
+ ctx.replica_flags |= (drsuapi.DRSUAPI_DRS_WRIT_REP |
+ drsuapi.DRSUAPI_DRS_FULL_SYNC_IN_PROGRESS)
if not include_secrets:
ctx.replica_flags |= drsuapi.DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING
ctx.domain_replica_flags = ctx.replica_flags
@@ -1341,12 +1333,8 @@ def join_subdomain(logger=None, server=None, creds=None, lp=None, site=None,
ctx.SPNs.append('E3514235-4B06-11D1-AB04-00C04FC2DCD2/$NTDSGUID/%s' % ctx.dnsdomain)
ctx.secure_channel_type = misc.SEC_CHAN_BDC
- ctx.replica_flags = (drsuapi.DRSUAPI_DRS_WRIT_REP |
- drsuapi.DRSUAPI_DRS_INIT_SYNC |
- drsuapi.DRSUAPI_DRS_PER_SYNC |
- drsuapi.DRSUAPI_DRS_GET_ANC |
- drsuapi.DRSUAPI_DRS_FULL_SYNC_IN_PROGRESS |
- drsuapi.DRSUAPI_DRS_NEVER_SYNCED)
+ ctx.replica_flags |= (drsuapi.DRSUAPI_DRS_WRIT_REP |
+ drsuapi.DRSUAPI_DRS_FULL_SYNC_IN_PROGRESS)
ctx.domain_replica_flags = ctx.replica_flags
ctx.do_join()
diff --git a/python/samba/netcmd/domain.py b/python/samba/netcmd/domain.py
index 9661828..b4081e6 100644
--- a/python/samba/netcmd/domain.py
+++ b/python/samba/netcmd/domain.py
@@ -298,9 +298,9 @@ class cmd_domain_provision(Command):
partitions_only=None,
targetdir=None,
ol_mmr_urls=None,
- use_xattrs=None,
+ use_xattrs="auto",
slapd_path=None,
- use_ntvfs=None,
+ use_ntvfs=False,
use_rfc2307=None,
ldap_backend_nosync=None,
ldap_backend_extra_port=None,
@@ -413,9 +413,9 @@ class cmd_domain_provision(Command):
if use_xattrs == "yes":
eadb = False
- elif use_xattrs == "auto" and use_ntvfs == False or use_ntvfs == None:
+ elif use_xattrs == "auto" and use_ntvfs == False:
eadb = False
- elif use_ntvfs == False or use_ntvfs == None:
+ elif use_ntvfs == False:
raise CommandError("--use-xattrs=no requires --use-ntvfs (not supported for production use). "
"Please re-run with --use-xattrs omitted.")
elif use_xattrs == "auto" and not lp.get("posix:eadb"):
@@ -1491,7 +1491,7 @@ class cmd_domain_classicupgrade(Command):
takes_args = ["smbconf"]
def run(self, smbconf=None, targetdir=None, dbdir=None, testparm=None,
- quiet=False, verbose=False, use_xattrs=None, sambaopts=None, versionopts=None,
+ quiet=False, verbose=False, use_xattrs="auto", sambaopts=None, versionopts=None,
dns_backend=None, use_ntvfs=False):
if not os.path.exists(smbconf):
@@ -1532,9 +1532,9 @@ class cmd_domain_classicupgrade(Command):
eadb = True
if use_xattrs == "yes":
eadb = False
- elif use_xattrs == "auto" and use_ntvfs == False or use_ntvfs == None:
+ elif use_xattrs == "auto" and use_ntvfs == False:
eadb = False
- elif use_ntvfs == False or use_ntvfs == None:
+ elif use_ntvfs == False:
raise CommandError("--use-xattrs=no requires --use-ntvfs (not supported for production use). "
"Please re-run with --use-xattrs omitted.")
elif use_xattrs == "auto" and not s3conf.get("posix:eadb"):
diff --git a/source3/lib/util_path.c b/source3/lib/util_path.c
index 509ba5f..6f58a03 100644
--- a/source3/lib/util_path.c
+++ b/source3/lib/util_path.c
@@ -93,3 +93,142 @@ char *cache_path(const char *name)
{
return xx_path(name, lp_cache_directory());
}
+
+/**
+ * @brief Removes any invalid path components in an absolute POSIX path.
+ *
+ * @param ctx Talloc context to return string.
+ *
+ * @param abs_path Absolute path string to process.
+ *
+ * @retval Pointer to a talloc'ed string containing the absolute full path.
+ **/
+
+char *canonicalize_absolute_path(TALLOC_CTX *ctx, const char *abs_path)
+{
+ char *destname;
+ char *d;
+ const char *s = abs_path;
+ bool start_of_name_component = true;
+
+ /* Allocate for strlen + '\0' + possible leading '/' */
+ destname = (char *)talloc_size(ctx, strlen(abs_path) + 2);
+ if (destname == NULL) {
+ return NULL;
+ }
+ d = destname;
+
+ *d++ = '/'; /* Always start with root. */
+
+ while (*s) {
+ if (*s == '/') {
+ /* Eat multiple '/' */
+ while (*s == '/') {
+ s++;
+ }
+ if ((d > destname + 1) && (*s != '\0')) {
+ *d++ = '/';
+ }
+ start_of_name_component = true;
+ continue;
+ }
+
+ if (start_of_name_component) {
+ if ((s[0] == '.') && (s[1] == '.') &&
+ (s[2] == '/' || s[2] == '\0')) {
+ /* Uh oh - "/../" or "/..\0" ! */
+
+ /* Go past the .. leaving us on the / or '\0' */
+ s += 2;
+
+ /* If we just added a '/' - delete it */
+ if ((d > destname) && (*(d-1) == '/')) {
+ *(d-1) = '\0';
+ d--;
+ }
+
+ /*
+ * Are we at the start ?
+ * Can't go back further if so.
+ */
+ if (d <= destname) {
+ *d++ = '/'; /* Can't delete root */
+ continue;
+ }
+ /* Go back one level... */
+ /*
+ * Decrement d first as d points to
+ * the *next* char to write into.
+ */
+ for (d--; d > destname; d--) {
+ if (*d == '/') {
+ break;
+ }
+ }
+
+ /*
+ * Are we at the start ?
+ * Can't go back further if so.
+ */
+ if (d <= destname) {
+ *d++ = '/'; /* Can't delete root */
+ continue;
+ }
+
+ /*
+ * We're still at the start of a name
+ * component, just the previous one.
+ */
+ continue;
+ } else if ((s[0] == '.') &&
+ ((s[1] == '\0') || s[1] == '/')) {
+ /*
+ * Component of pathname can't be "." only.
+ * Skip the '.' .
+ */
+ if (s[1] == '/') {
+ s += 2;
+ } else {
+ s++;
+ }
+ continue;
+ }
+ }
+
+ if (!(*s & 0x80)) {
+ *d++ = *s++;
+ } else {
+ size_t siz;
+ /* Get the size of the next MB character. */
+ next_codepoint(s,&siz);
+ switch(siz) {
+ case 5:
+ *d++ = *s++;
+ /*fall through*/
+ case 4:
+ *d++ = *s++;
+ /*fall through*/
+ case 3:
+ *d++ = *s++;
+ /*fall through*/
+ case 2:
+ *d++ = *s++;
+ /*fall through*/
+ case 1:
+ *d++ = *s++;
+ break;
+ default:
+ break;
+ }
+ }
+ start_of_name_component = false;
+ }
+ *d = '\0';
+
+ /* And must not end in '/' */
+ if (d > destname + 1 && (*(d-1) == '/')) {
+ *(d-1) = '\0';
+ }
+
+ return destname;
+}
diff --git a/source3/lib/util_path.h b/source3/lib/util_path.h
index 118a4be..16e2792 100644
--- a/source3/lib/util_path.h
+++ b/source3/lib/util_path.h
@@ -27,5 +27,6 @@
char *lock_path(const char *name);
char *state_path(const char *name);
char *cache_path(const char *name);
+char *canonicalize_absolute_path(TALLOC_CTX *ctx, const char *abs_path);
#endif
diff --git a/source3/modules/vfs_shadow_copy2.c b/source3/modules/vfs_shadow_copy2.c
index 6a25c87..402eb70 100644
--- a/source3/modules/vfs_shadow_copy2.c
+++ b/source3/modules/vfs_shadow_copy2.c
@@ -35,6 +35,7 @@
#include "system/filesys.h"
#include "include/ntioctl.h"
#include "util_tdb.h"
+#include "lib/util_path.h"
struct shadow_copy2_config {
char *gmt_format;
@@ -74,6 +75,11 @@ struct shadow_copy2_snaplist_info {
struct shadow_copy2_private {
struct shadow_copy2_config *config;
struct shadow_copy2_snaplist_info *snaps;
+ char *shadow_cwd; /* Absolute $cwd path. */
+ /* Absolute connectpath - can vary depending on $cwd. */
+ char *shadow_connectpath;
+ /* malloc'ed realpath return. */
+ char *shadow_realpath;
};
static int shadow_copy2_get_shadow_copy_data(
@@ -404,79 +410,254 @@ static char *shadow_copy2_snapshot_path(TALLOC_CTX *mem_ctx,
return result;
}
+static char *make_path_absolute(TALLOC_CTX *mem_ctx,
+ struct shadow_copy2_private *priv,
+ const char *name)
+{
+ char *newpath = NULL;
+ char *abs_path = NULL;
+
+ if (name[0] != '/') {
+ newpath = talloc_asprintf(mem_ctx,
+ "%s/%s",
+ priv->shadow_cwd,
+ name);
+ if (newpath == NULL) {
+ return NULL;
+ }
+ name = newpath;
+ }
+ abs_path = canonicalize_absolute_path(mem_ctx, name);
+ TALLOC_FREE(newpath);
+ return abs_path;
+}
+
+/* Return a $cwd-relative path. */
+static bool make_relative_path(const char *cwd, char *abs_path)
+{
+ size_t cwd_len = strlen(cwd);
+ size_t abs_len = strlen(abs_path);
+
+ if (abs_len < cwd_len) {
+ return false;
+ }
+ if (memcmp(abs_path, cwd, cwd_len) != 0) {
+ return false;
+ }
+ if (abs_path[cwd_len] != '/' && abs_path[cwd_len] != '\0') {
+ return false;
+ }
+ if (abs_path[cwd_len] == '/') {
+ cwd_len++;
+ }
+ memmove(abs_path, &abs_path[cwd_len], abs_len + 1 - cwd_len);
+ return true;
+}
--
Samba Shared Repository
More information about the samba-cvs
mailing list