[SCM] Samba Shared Repository - branch master updated
Karolin Seeger
kseeger at samba.org
Tue Jul 4 15:43:03 UTC 2017
The branch, master has been updated
via e317dfe WHATSNEW: Start release notes for Samba 4.8.0pre1.
via a9ab0237 VERSION: Bump version up to 4.8.0pre1...
via d4bb8fe VERSION: Disable GIT_SNAPSHOTS for the 4.7.0rc1 release
via 4a95a84 VERSION: Bump version up to 4.7.0rc1
via 176a6ae WHATSNEW: Prepare release notes for Samba 4.7.0rc1.
via 027689a ctdb-daemon: Increase priority of logs when recovery happens
via f9e826a ctdb-daemon: Increase priority of logs when shutting down
via a004c93 ctdb-daemon: Increase priority of logs when ctdb starts up disabled/stopped
via c6f2624 ctdb-daemon: Increase priority of logs when node is stopped/continued
via 1992404 ctdb-daemon: Increase priority of logs for recmaster changes
via 6c03e6d ctdb-daemon: Increase priority of logs for node connect/disconnect
via d3f5a01 WHATSNEW: Fix typo
via 04e3031 WHATSNEW: Add docs for ntlm auth changes
via 8c54092 s3/tests: add a net cache samlogon test
via ee93e65 net: fix net cache samlogon list output
from 332b179 smbldap: expose bind callback via API and increase smbldap ABI version
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit e317dfeccf191d849656dde2238e477fb5e666d7
Author: Karolin Seeger <kseeger at samba.org>
Date: Mon Jul 3 12:09:53 2017 +0200
WHATSNEW: Start release notes for Samba 4.8.0pre1.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(master): Tue Jul 4 17:41:59 CEST 2017 on sn-devel-144
commit a9ab023723c21110d3154459d0c8bd444cdd04b5
Author: Karolin Seeger <kseeger at samba.org>
Date: Mon Jul 3 12:06:30 2017 +0200
VERSION: Bump version up to 4.8.0pre1...
and re-enable GIT_SNAPSHOTS.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit d4bb8febc986aca5f3ed4e80ef122fcb5f99ce7d
Author: Karolin Seeger <kseeger at samba.org>
Date: Mon Jul 3 11:33:38 2017 +0200
VERSION: Disable GIT_SNAPSHOTS for the 4.7.0rc1 release
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 4a95a8427d5134d6ccfdcee6eb26992cb70ee9fe
Author: Karolin Seeger <kseeger at samba.org>
Date: Mon Jul 3 11:30:27 2017 +0200
VERSION: Bump version up to 4.7.0rc1
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 176a6ae1d71e6754166af2996fa2ee3114905fc7
Author: Karolin Seeger <kseeger at samba.org>
Date: Mon Jul 3 11:26:36 2017 +0200
WHATSNEW: Prepare release notes for Samba 4.7.0rc1.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 027689a2cf2b3f7ac0cfb16b882ad0b72c1376a5
Author: Amitay Isaacs <amitay at gmail.com>
Date: Tue Jul 4 15:50:12 2017 +1000
ctdb-daemon: Increase priority of logs when recovery happens
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
commit f9e826a976b919901ef756ddd0ae04a9aa41b0dc
Author: Amitay Isaacs <amitay at gmail.com>
Date: Tue Jul 4 15:49:54 2017 +1000
ctdb-daemon: Increase priority of logs when shutting down
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
commit a004c934104b620c3d4b7dc44fdaa6f1717449bb
Author: Amitay Isaacs <amitay at gmail.com>
Date: Tue Jul 4 15:49:19 2017 +1000
ctdb-daemon: Increase priority of logs when ctdb starts up disabled/stopped
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
commit c6f2624287038d9e7350cf720129dfd024738613
Author: Amitay Isaacs <amitay at gmail.com>
Date: Tue Jul 4 15:32:47 2017 +1000
ctdb-daemon: Increase priority of logs when node is stopped/continued
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
commit 19924043266baedb2ab4df2b23631969ea25aa09
Author: Amitay Isaacs <amitay at gmail.com>
Date: Tue Jul 4 15:31:51 2017 +1000
ctdb-daemon: Increase priority of logs for recmaster changes
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
commit 6c03e6d726ad2f2dfed6c245c0b3e8dbb9342899
Author: Amitay Isaacs <amitay at gmail.com>
Date: Tue Jul 4 15:18:39 2017 +1000
ctdb-daemon: Increase priority of logs for node connect/disconnect
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
commit d3f5a018614ef48849442091348807a6ddff5a36
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 4 15:16:57 2017 +1200
WHATSNEW: Fix typo
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 04e3031192c8cf46454a94c18756466eafc75ee6
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Jul 4 15:16:05 2017 +1200
WHATSNEW: Add docs for ntlm auth changes
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 8c54092cb0a1d4043eae8e7ec46ea8fb6642554d
Author: Ralph Boehme <slow at samba.org>
Date: Mon Jul 3 18:36:29 2017 +0200
s3/tests: add a net cache samlogon test
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12875
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit ee93e652ba537bffecd7adb02fed6794f647b473
Author: Ralph Boehme <slow at samba.org>
Date: Tue Jul 4 09:38:07 2017 +0200
net: fix net cache samlogon list output
Don't print the table header for every entry.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12875
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 252 +-----------------------
ctdb/server/ctdb_daemon.c | 10 +-
ctdb/server/ctdb_recover.c | 12 +-
ctdb/server/ctdb_server.c | 4 +-
source3/script/tests/test_net_cache_samlogon.sh | 43 ++++
source3/selftest/tests.py | 4 +
source3/utils/net_cache.c | 9 +-
8 files changed, 70 insertions(+), 266 deletions(-)
create mode 100755 source3/script/tests/test_net_cache_samlogon.sh
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 74fa2cf..b60d783 100644
--- a/VERSION
+++ b/VERSION
@@ -24,7 +24,7 @@
# -> "3.0.0" #
########################################################
SAMBA_VERSION_MAJOR=4
-SAMBA_VERSION_MINOR=7
+SAMBA_VERSION_MINOR=8
SAMBA_VERSION_RELEASE=0
########################################################
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 09b3cbb..52cca7d 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,279 +1,33 @@
Release Announcements
=====================
-This is the first preview release of Samba 4.7. This is *not*
+This is the first preview release of Samba 4.8. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
-Samba 4.7 will be the next version of the Samba suite.
+Samba 4.8 will be the next version of the Samba suite.
UPGRADING
=========
-smbclient changes
------------------
-
-smbclient no longer prints a 'Domain=[...] OS=[Windows 6.1] Server=[...]'
-banner when connecting to the first server. With SMB2 and Kerberos
-there's no way to print this information reliable. Now we avoid it at all
-consistently. In interactive session the following banner is now presented
-to the user: 'Try "help" do get a list of possible commands.'.
-
-The default for "client max protocol" has changed to "SMB3_11",
-which means that smbclient (and related commands) will work against
-servers without SMB1 support.
-
-It's possible to use the '-m/--max-protocol' option to overwrite
-the "client max protocol" option temporary.
-
-Note that the '-e/--encrypt' option also works with most SMB3 servers
-(e.g. Windows >= 2012 and Samba >= 4.0.0), so the SMB1 unix extensions
-are not required for encryption.
-
-The change to SMB3_11 as default also means smbclient no longer
-negotiates SMB1 unix extensions by default, when talking to a Samba server with
-"unix extensions = yes". As a result some commands are not available, e.g.
-posix_encrypt, posix_open, posix_mkdir, posix_rmdir, posix_unlink, posix_whoami,
-getfacl and symlink. Using "-mNT1" reenabled them, if the server supports SMB1.
-
-Note the default ("CORE") for "client min protocol" hasn't changed,
-so it's still possible to connect to SMB1-only servers by default.
-
NEW FEATURES/CHANGES
====================
-Whole DB read locks: Improved LDAP and replication consistency
---------------------------------------------------------------
-
-Prior to Samba 4.7 and ldb 1.2.0, the LDB database layer used by Samba
-erronously did not take whole-DB read locks to protect search
-and DRS replication operations.
-
-While each object returned remained subject to a record-level lock (so
-would remain consistent to itself), under a race condition with a
-rename or delete, it and any links (like the member attribute) to it
-would not be returned.
-
-The symptoms of this issue include:
-
-Replication failures with this error showing in the client side logs:
- error during DRS repl ADD: No objectClass found in replPropertyMetaData for
- Failed to commit objects:
- WERR_GEN_FAILURE/NT_STATUS_INVALID_NETWORK_RESPONSE
-
-A crash of the server, in particular the rpc_server process with
- INTERNAL ERROR: Signal 11
-
-LDAP read inconsistency
- A DN subject to a search at the same time as it is being renamed
- may not appear under either the old or new name, but will re-appear
- for a subsequent search.
-
-See https://bugzilla.samba.org/show_bug.cgi?id=12858 for more details
-and updated advise on database recovery for affected installations.
-
-
-Samba AD with MIT Kerberos
---------------------------
-
-After four years of development, Samba finally supports compiling and
-running Samba AD with MIT Kerberos. You can enable it with:
-
- ./configure --with-system-mitkrb5
-
-Samba requires version 1.15.1 of MIT Kerberos to build with AD DC support.
-The krb5-devel and krb5-server packages are required.
-The feature set is not on par with with the Heimdal build but the most important
-things, like forest and external trusts, are working. Samba uses the KDC binary
-provided by MIT Kerberos.
-
-Missing features, compared to Heimdal, are:
- * PKINIT support
- * S4U2SELF/S4U2PROXY support
- * RODC support (not fully working with Heimdal either)
-
-The Samba AD process will take care of starting the MIT KDC and it will load a
-KDB (Kerberos Database) driver to access the Samba AD database. When
-provisioning an AD DC using 'samba-tool' it will take care of creating a correct
-kdc.conf file for the MIT KDC. Note that 'samba-tool' will overwrite the system
-kdc.conf by default. It is possible to use a different location during
-provision. You should consult the 'samba-tool' help and smb.conf manpage for
-details.
-
-Dynamic RPC port range
-----------------------
-
-The dynamic port range for RPC services has been changed from the old default
-value 1024-1300 to 49152-65535. This port range is not only used by a
-Samba AD DC but also applies to all other server roles including NT4-style
-domain controllers. The new value has been defined by Microsoft in Windows
-Server 2008 and newer versions. To make it easier for Administrators to control
-those port ranges we use the same default and make it configurable with the
-option: 'rpc server dynamic port range'.
-
-The 'rpc server port' option sets the first available port from the new
-'rpc server dynamic port range' option. The option 'rpc server port' only
-applies to Samba provisioned as an AD DC.
-
-Authentication and Authorization audit support
-----------------------------------------------
-
-Detailed authentication and authorization audit information is now
-logged to Samba's debug logs under the "auth_audit" debug class,
-including in particular the client IP address triggering the audit
-line. Additionally, if Samba is compiled against the jansson JSON
-library, a JSON representation is logged under the "auth_json_audit"
-debug class.
-
-Audit support is comprehensive for all authentication and
-authorisation of user accounts in the Samba Active Directory Domain
-Controller, as well as the implicit authentication in password
-changes. In the file server and classic/NT4 domain controller, NTLM
-authentication, SMB and RPC authorization is covered, however password
-changes are not at this stage, and this support is not currently
-backed by a testsuite.
-
-Multi-process LDAP Server
--------------------------
-
-The LDAP server in the AD DC now honours the process model used for
-the rest of the samba process, rather than being forced into a single
-process. This aids in Samba's ability to scale to larger numbers of AD
-clients and the AD DC's overall resiliency, but will mean that there is a
-fork()ed child for every LDAP client, which may be more resource
-intensive in some situations.
-
-Improved Read-Only Domain Controller (RODC) Support
----------------------------------------------------
-
-Support for RODCs in Samba AD until now has been experimental. With this latest
-version, many of the critical bugs have been fixed and the RODC can be used in
-DC environments requiring no writable behaviour. RODCs now correctly support
-bad password lockouts and password disclosure auditing through the
-msDS-RevealedUsers attribute.
-
-The fixes made to the RWDC will also allow Windows RODC to function more
-correctly and to avoid strange data omissions such as failures to replicate
-groups or updated passwords. Password changes are currently rejected at the
-RODC, although referrals should be given over LDAP. While any bad passwords can
-trigger domain-wide lockout, good passwords which have not been replicated yet
-for a password change can only be used via NTLM on the RODC (and not Kerberos).
-
-The reliability of RODCs locating a writable partner still requires some
-improvements and so the 'password server' configuration option is generally
-recommended on the RODC.
-
-Additional password hashes stored in supplementalCredentials
-------------------------------------------------------------
-
-A new config option 'password hash userPassword schemes' has been added to
-enable generation of SHA-256 and SHA-512 hashes (without storing the plaintext
-password with reversible encryption). This builds upon previous work to improve
-password sync for the AD DC (originally using GPG).
-
-The user command of 'samba-tool' has been updated in order to be able to
-extract these additional hashes, as well as extracting the (HTTP) WDigest
-hashes that we had also been storing in supplementalCredentials.
-
-Improvements to DNS during Active Directory domain join
--------------------------------------------------------
-
-The 'samba-tool' domain join command will now add the A and GUID DNS records
-(on both the local and remote servers) during a join if possible via RPC. This
-should allow replication to proceed more smoothly post-join.
-
-The mname element of the SOA record will now also be dynamically generated to
-point to the local read-write server. 'samba_dnsupdate' should now be more
-reliable as it will now find the appropriate name server even when resolv.conf
-points to a forwarder.
-
-Significant AD performance and replication improvements
--------------------------------------------------------
-
-Previously, replication of group memberships was been an incredibly expensive
-process for the AD DC. This was mostly due to unnecessary CPU time being spent
-parsing member linked attributes. The database now stores these linked
-attributes in sorted form to perform efficient searches for existing members.
-In domains with a large number of group memberships, a join can now be
-completed in half the time compared with Samba 4.6.
-
-LDAP search performance has also improved, particularly in the unindexed search
-case. Parsing and processing of security descriptors should now be more
-efficient, improving replication but also overall performance.
-
-Query record for open file or directory
----------------------------------------
-
-The record attached to an open file or directory in Samba can be
-queried through the 'net tdb locking' command. In clustered Samba this
-can be useful to determine the file or directory triggering
-corresponding "hot" record warnings in ctdb.
-
-Removal of lpcfg_register_defaults_hook()
------------------------------------------
-
-The undocumented and unsupported function lpcfg_register_defaults_hook()
-that was used by external projects to call into Samba and modify
-smb.conf default parameter settings has been removed. If your project
-was using this call please raise the issue on
-samba-technical at lists.samba.org in order to design a supported
-way of obtaining the same functionality.
-
-Change of loadable module interface
------------------------------------
-
-The _init function of all loadable modules in Samba has changed
-from:
-
-NTSTATUS _init(void);
-
-to:
-
-NTSTATUS _init(TALLOC_CTX *);
-
-This allows a program loading a module to pass in a long-lived
-talloc context (which must be guaranteed to be alive for the
-lifetime of the module). This allows modules to avoid use of
-the talloc_autofree_context() (which is inherently thread-unsafe)
-and still be valgrind-clean on exit. Modules that don't need to
-free long-lived data on exist should use the NULL talloc context.
-
-Parameter changes
------------------
-
-The "strict sync" global parameter has been changed from
-a default of "no" to "yes". This means smbd will by default
-obey client requests to synchronize unwritten data in operating
-system buffers safely onto disk. This is a safer default setting
-for modern SMB1/2/3 clients.
smb.conf changes
================
Parameter Name Description Default
-------------- ----------- -------
- allow unsafe cluster upgrade New parameter no
- auth event notification New parameter no
- auth methods Deprecated
- client max protocol Effective SMB3_11
- default changed
- map untrusted to domain New value/ auto
- Default changed/
- Deprecated
- mit kdc command New parameter
- profile acls Deprecated
- rpc server dynamic port range New parameter 49152-65535
- strict sync Default changed yes
- password hash userPassword schemes New parameter
KNOWN ISSUES
============
-https://wiki.samba.org/index.php/Release_Planning_for_Samba_4.7#Release_blocking_bugs
+https://wiki.samba.org/index.php/Release_Planning_for_Samba_4.8#Release_blocking_bugs
#######################################
diff --git a/ctdb/server/ctdb_daemon.c b/ctdb/server/ctdb_daemon.c
index 591729b..b5cee61 100644
--- a/ctdb/server/ctdb_daemon.c
+++ b/ctdb/server/ctdb_daemon.c
@@ -1060,12 +1060,14 @@ static void initialise_node_flags (struct ctdb_context *ctdb)
/* do we start out in DISABLED mode? */
if (ctdb->start_as_disabled != 0) {
- DEBUG(DEBUG_NOTICE, ("This node is configured to start in DISABLED state\n"));
+ DEBUG(DEBUG_ERR,
+ ("This node is configured to start in DISABLED state\n"));
ctdb->nodes[ctdb->pnn]->flags |= NODE_FLAGS_DISABLED;
}
/* do we start out in STOPPED mode? */
if (ctdb->start_as_stopped != 0) {
- DEBUG(DEBUG_NOTICE, ("This node is configured to start in STOPPED state\n"));
+ DEBUG(DEBUG_ERR,
+ ("This node is configured to start in STOPPED state\n"));
ctdb->nodes[ctdb->pnn]->flags |= NODE_FLAGS_STOPPED;
}
}
@@ -1831,7 +1833,7 @@ void ctdb_shutdown_sequence(struct ctdb_context *ctdb, int exit_code)
return;
}
- DEBUG(DEBUG_NOTICE,("Shutdown sequence commencing.\n"));
+ DEBUG(DEBUG_ERR,("Shutdown sequence commencing.\n"));
ctdb_set_runstate(ctdb, CTDB_RUNSTATE_SHUTDOWN);
ctdb_stop_recoverd(ctdb);
ctdb_stop_keepalive(ctdb);
@@ -1843,7 +1845,7 @@ void ctdb_shutdown_sequence(struct ctdb_context *ctdb, int exit_code)
ctdb->methods->shutdown(ctdb);
}
- DEBUG(DEBUG_NOTICE,("Shutdown sequence complete, exiting.\n"));
+ DEBUG(DEBUG_ERR,("Shutdown sequence complete, exiting.\n"));
exit(exit_code);
}
diff --git a/ctdb/server/ctdb_recover.c b/ctdb/server/ctdb_recover.c
index 9c8bf6b..0601ef3 100644
--- a/ctdb/server/ctdb_recover.c
+++ b/ctdb/server/ctdb_recover.c
@@ -1074,7 +1074,7 @@ int32_t ctdb_control_end_recovery(struct ctdb_context *ctdb,
int ret;
struct recovery_callback_state *state;
- DEBUG(DEBUG_NOTICE,("Recovery has finished\n"));
+ DEBUG(DEBUG_ERR,("Recovery has finished\n"));
ctdb_persistent_finish_trans3_commits(ctdb);
@@ -1200,7 +1200,7 @@ int32_t ctdb_control_start_recovery(struct ctdb_context *ctdb,
struct recovery_callback_state *state;
uint32_t recmaster = c->hdr.srcnode;
- DEBUG(DEBUG_NOTICE, ("Recovery has started\n"));
+ DEBUG(DEBUG_ERR, ("Recovery has started\n"));
gettimeofday(&ctdb->last_recovery_started, NULL);
state = talloc(ctdb, struct recovery_callback_state);
@@ -1594,13 +1594,13 @@ int32_t ctdb_control_set_recmaster(struct ctdb_context *ctdb, uint32_t opcode, T
new_recmaster = ((uint32_t *)(&indata.dptr[0]))[0];
if (ctdb->pnn != new_recmaster && ctdb->recovery_master == ctdb->pnn) {
- DEBUG(DEBUG_NOTICE,
+ DEBUG(DEBUG_ERR,
("Remote node (%u) is now the recovery master\n",
new_recmaster));
}
if (ctdb->pnn == new_recmaster && ctdb->recovery_master != new_recmaster) {
- DEBUG(DEBUG_NOTICE,
+ DEBUG(DEBUG_ERR,
("This node (%u) is now the recovery master\n",
ctdb->pnn));
}
@@ -1612,7 +1612,7 @@ int32_t ctdb_control_set_recmaster(struct ctdb_context *ctdb, uint32_t opcode, T
int32_t ctdb_control_stop_node(struct ctdb_context *ctdb)
{
- DEBUG(DEBUG_NOTICE, ("Stopping node\n"));
+ DEBUG(DEBUG_ERR, ("Stopping node\n"));
ctdb_disable_monitoring(ctdb);
ctdb->nodes[ctdb->pnn]->flags |= NODE_FLAGS_STOPPED;
@@ -1621,7 +1621,7 @@ int32_t ctdb_control_stop_node(struct ctdb_context *ctdb)
int32_t ctdb_control_continue_node(struct ctdb_context *ctdb)
{
- DEBUG(DEBUG_NOTICE, ("Continue node\n"));
+ DEBUG(DEBUG_ERR, ("Continue node\n"));
ctdb->nodes[ctdb->pnn]->flags &= ~NODE_FLAGS_STOPPED;
return 0;
diff --git a/ctdb/server/ctdb_server.c b/ctdb/server/ctdb_server.c
index c3d38c4..9006741 100644
--- a/ctdb/server/ctdb_server.c
+++ b/ctdb/server/ctdb_server.c
@@ -295,7 +295,7 @@ void ctdb_node_dead(struct ctdb_node *node)
node->rx_cnt = 0;
node->dead_count = 0;
- DEBUG(DEBUG_NOTICE,("%s: node %s is dead: %u connected\n",
+ DEBUG(DEBUG_ERR,("%s: node %s is dead: %u connected\n",
node->ctdb->name, node->name, node->ctdb->num_connected));
ctdb_daemon_cancel_controls(node->ctdb, node);
@@ -322,7 +322,7 @@ void ctdb_node_connected(struct ctdb_node *node)
node->dead_count = 0;
node->flags &= ~NODE_FLAGS_DISCONNECTED;
node->flags |= NODE_FLAGS_UNHEALTHY;
- DEBUG(DEBUG_NOTICE,
+ DEBUG(DEBUG_ERR,
("%s: connected to %s - %u connected\n",
node->ctdb->name, node->name, node->ctdb->num_connected));
}
diff --git a/source3/script/tests/test_net_cache_samlogon.sh b/source3/script/tests/test_net_cache_samlogon.sh
new file mode 100755
index 0000000..4114c89
--- /dev/null
+++ b/source3/script/tests/test_net_cache_samlogon.sh
@@ -0,0 +1,43 @@
+#!/bin/sh
+#
+# Test 'net cache samlogon' command.
+#
+
+if [ $# -lt 4 ]; then
+cat <<EOF
+Usage: $0 SERVER SHARE USER PASS
+EOF
+exit 1;
+fi
+
+SERVER=$1
+SHARE=$2
+USER=$3
+PASS=$4
+smbclient=$BINDIR/smbclient
+
+failed=0
+
+incdir=`dirname $0`/../../../testprogs/blackbox
+. $incdir/subunit.sh
+. $incdir/common_test_fns.inc
+
+# Ensure the samlogon cache is primed
+test_smbclient "Prime samlogon cache" 'exit' //$SERVER/$SHARE -U$USER%$PASS || failed=$(expr $failed + 1)
+
+# Ensure list works and remember the sid and name of the first entry
+testit "net cache samlogon list" $BINDIR/net cache samlogon list || failed=$(expr $failed + 1)
+usersid=$($BINDIR/net cache samlogon list | awk '/^S-/ { print $1 ; exit }')
+username=$($BINDIR/net cache samlogon list | awk '/^S-/ { print $2 ; exit }')
+
+# Test the show command with the sid from the previous list command
+testit "net cache samlogon show $usersid" $BINDIR/net cache samlogon show $usersid || failed=$(expr $failed + 1)
+tmp=$($BINDIR/net cache samlogon show $usersid | awk '/^Name:/ {print $2}')
+testit "net cache samlogon show SID name matches name from list command" test x"$tmp" = x"$username" || failed=$(expr $failed + 1)
+
+testit "net cache samlogon ndrdump $usersid" $BINDIR/net cache samlogon ndrdump $usersid || failed=$(expr $failed + 1)
+tmp=$($BINDIR/net cache samlogon ndrdump $usersid | head -n 1 | grep "netr_SamInfo3: struct netr_SamInfo3")
+retval=$?
+testit "net cache samlogon ndrdump returns netr_SamInfo3 structure" test $retval -eq 0 || failed=$(expr $failed + 1)
+
+testok $0 $failed
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index f07084f..d459ede 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -556,6 +556,10 @@ plantestsuite("samba3.blackbox.net_tdb", "simpleserver:local",
smbclient3, '$SERVER', 'tmp', '$USERNAME', '$PASSWORD',
configuration, '$LOCAL_PATH', '$LOCK_DIR' ])
+plantestsuite("samba3.blackbox.net_cache_samlogon", "ad_member:local",
+ [ os.path.join(samba3srcdir, "script/tests/test_net_cache_samlogon.sh"),
+ '$SERVER', 'tmp', '$DC_USERNAME', '$DC_PASSWORD'])
+
plantestsuite("samba3.blackbox.net_dom_join_fail_dc", "nt4_dc",
[os.path.join(samba3srcdir, "script/tests/test_net_dom_join_fail_dc.sh"),
"$USERNAME", "$PASSWORD", "$SERVER", "$PREFIX/net_dom_join_fail_dc",
diff --git a/source3/utils/net_cache.c b/source3/utils/net_cache.c
index d3ba2ed..f43eb0e 100644
--- a/source3/utils/net_cache.c
+++ b/source3/utils/net_cache.c
@@ -360,10 +360,6 @@ static int netsamlog_cache_for_all_cb(const char *sid_str,
return -1;
}
- d_printf("%-50s %-40s When cached\n", "SID", "Name");
- d_printf("------------------------------------------------------------"
- "------------------------------------------------------------"
- "----\n");
d_printf("%-50s %-40s %s\n",
sid_str,
name,
@@ -378,6 +374,11 @@ static int net_cache_samlogon_list(struct net_context *c,
{
int ret;
--
Samba Shared Repository
More information about the samba-cvs
mailing list