[SCM] Samba Shared Repository - branch master updated

Ralph Böhme slow at samba.org
Wed Jul 12 11:26:02 UTC 2017


The branch, master has been updated
       via  de9d219 dbwrap: Ask CTDB for local tdb open flags
       via  b2b7e3b ctdbd_conn: pass persistent bool instead of tdb_flags
       via  0077296 ctdbd_conn: move CTDB_CONTROL_ENABLE_SEQNUM control to db_open_ctdb
       via  6ae063a dbwrap: CTDB ignores tdb_flags passed to db attach controls
       via  a70be43 dbwrap: enable mutexes by default for volatile TDBs
       via  2bce9cb ctdb: enable mutexes for volatile TDBs by default
       via  fe7020b idmap_ad: Retry query_user exactly once if we get TLDAP_SERVER_DOWN
       via  b3d14da selftest: add some basic tests for idmap_ad
       via  4a7ec5b selftest: add ad_member_idmap_ad server
      from  259e170 vfs_fruit: add fruit:model = <modelname> parametric option

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit de9d21957706bd5d811db01b7b5d88a0bb17034b
Author: Ralph Boehme <slow at samba.org>
Date:   Tue Jul 11 21:35:17 2017 +0200

    dbwrap: Ask CTDB for local tdb open flags
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Amitay Isaacs <amitay at gmail.com>
    
    Autobuild-User(master): Ralph Böhme <slow at samba.org>
    Autobuild-Date(master): Wed Jul 12 13:25:11 CEST 2017 on sn-devel-144

commit b2b7e3b9710fa22716f931177265dcd8de74532b
Author: Ralph Boehme <slow at samba.org>
Date:   Tue Jul 11 20:41:43 2017 +0200

    ctdbd_conn: pass persistent bool instead of tdb_flags
    
    ctdbd_db_attach() only needs to know the ctdb database model, not the
    rest of the flags.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Amitay Isaacs <amitay at gmail.com>

commit 0077296cee1cd54a5adb12fc706cbf99203a8213
Author: Ralph Boehme <slow at samba.org>
Date:   Tue Jul 11 20:36:35 2017 +0200

    ctdbd_conn: move CTDB_CONTROL_ENABLE_SEQNUM control to db_open_ctdb
    
    No change in behaviour.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Amitay Isaacs <amitay at gmail.com>

commit 6ae063a109ca88bf815fd1bf5e8865053bea41b9
Author: Amitay Isaacs <amitay at gmail.com>
Date:   Tue Jul 11 00:38:59 2017 +1000

    dbwrap: CTDB ignores tdb_flags passed to db attach controls
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
    
    Signed-off-by: Amitay Isaacs <amitay at gmail.com>
    Reviewed-by: Ralph Boehme <slow at samba.org>

commit a70be43246ab74f0a2bbe245ab31f24460b70547
Author: Ralph Boehme <slow at samba.org>
Date:   Sun Jul 9 16:23:20 2017 +0200

    dbwrap: enable mutexes by default for volatile TDBs
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Amitay Isaacs <amitay at gmail.com>

commit 2bce9cb72f3ac7efc2f4f48b0cffa1876364ae8c
Author: Ralph Boehme <slow at samba.org>
Date:   Sun Jul 9 16:20:11 2017 +0200

    ctdb: enable mutexes for volatile TDBs by default
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Amitay Isaacs <amitay at gmail.com>

commit fe7020b0d1b6fe1ca9add4815e20c2e2262cb6c9
Author: Dustin L. Howett via samba-technical <samba-technical at lists.samba.org>
Date:   Fri Jun 30 16:10:01 2017 -0700

    idmap_ad: Retry query_user exactly once if we get TLDAP_SERVER_DOWN
    
    All other ldap-querying methods in idmap_ad make a single retry attempt if they get
    TLDAP_SERVER_DOWN. This patch brings idmap_ad_query_user in line with that design.
    
    This fixes the symptom described in 12720 at the cost of an additional reconnect per
    failed lookup.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12720
    
    Signed-off-by: Dustin L. Howett <dustin at howett.net>
    Reviewed-by: Ralph Boehme <slow at samba.org>

commit b3d14dae18593f21fb0d16f5404326bcb15905d9
Author: Ralph Boehme <slow at samba.org>
Date:   Mon Jul 10 16:20:23 2017 +0200

    selftest: add some basic tests for idmap_ad
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>

commit 4a7ec5b7604495bee174f9c83b62f55604c6efbc
Author: Ralph Boehme <slow at samba.org>
Date:   Mon Jul 10 16:19:18 2017 +0200

    selftest: add ad_member_idmap_ad server
    
    Add a member server that uses idmap_ad. Gets used in the next commit.
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 ctdb/common/tunable.c                |  2 +-
 ctdb/config/ctdbd.conf               |  2 +-
 ctdb/doc/ctdb-tunables.7.xml         |  2 +-
 ctdb/doc/ctdb.1.xml                  |  2 +-
 ctdb/tests/tool/ctdb.listvars.001.sh |  2 +-
 nsswitch/tests/test_idmap_ad.sh      | 99 ++++++++++++++++++++++++++++++++++++
 selftest/target/Samba.pm             |  1 +
 selftest/target/Samba3.pm            | 89 ++++++++++++++++++++++++++++++++
 selftest/target/Samba4.pm            |  6 +++
 source3/include/ctdbd_conn.h         |  2 +-
 source3/lib/ctdbd_conn.c             | 20 +-------
 source3/lib/dbwrap/dbwrap_ctdb.c     | 43 ++++++++++++++--
 source3/lib/dbwrap/dbwrap_open.c     |  2 +-
 source3/selftest/tests.py            |  4 +-
 source3/winbindd/idmap_ad.c          | 19 ++++++-
 15 files changed, 263 insertions(+), 32 deletions(-)
 create mode 100755 nsswitch/tests/test_idmap_ad.sh


Changeset truncated at 500 lines:

diff --git a/ctdb/common/tunable.c b/ctdb/common/tunable.c
index ed7a52d..14f6828 100644
--- a/ctdb/common/tunable.c
+++ b/ctdb/common/tunable.c
@@ -145,7 +145,7 @@ static struct {
 		offsetof(struct ctdb_tunable_list, no_ip_host_on_all_disabled) },
 	{ "Samba3AvoidDeadlocks", 0, true,
 		offsetof(struct ctdb_tunable_list, samba3_hack) },
-	{ "TDBMutexEnabled", 0, false,
+	{ "TDBMutexEnabled", 1, false,
 		offsetof(struct ctdb_tunable_list, mutex_enabled) },
 	{ "LockProcessesPerDB", 200, false,
 		offsetof(struct ctdb_tunable_list, lock_processes_per_db) },
diff --git a/ctdb/config/ctdbd.conf b/ctdb/config/ctdbd.conf
index e75c65c..2d525c5 100644
--- a/ctdb/config/ctdbd.conf
+++ b/ctdb/config/ctdbd.conf
@@ -29,4 +29,4 @@
 # CTDB_DEBUGLEVEL=ERR
 
 # Set some CTDB tunable variables during CTDB startup?
-# CTDB_SET_TDBMutexEnabled=1
+# CTDB_SET_TDBMutexEnabled=0
diff --git a/ctdb/doc/ctdb-tunables.7.xml b/ctdb/doc/ctdb-tunables.7.xml
index d0bb450..7b059b7 100644
--- a/ctdb/doc/ctdb-tunables.7.xml
+++ b/ctdb/doc/ctdb-tunables.7.xml
@@ -658,7 +658,7 @@
 
     <refsect2>
       <title>TDBMutexEnabled</title>
-      <para>Default: 0</para>
+      <para>Default: 1</para>
       <para>
 	This parameter enables TDB_MUTEX_LOCKING feature on volatile
 	databases if the robust mutexes are supported. This optimizes the
diff --git a/ctdb/doc/ctdb.1.xml b/ctdb/doc/ctdb.1.xml
index 1af1f50..3aceb73 100644
--- a/ctdb/doc/ctdb.1.xml
+++ b/ctdb/doc/ctdb.1.xml
@@ -843,7 +843,7 @@ DBRecordSizeWarn        = 10000000
 DBSizeWarn              = 100000000
 PullDBPreallocation     = 10485760
 NoIPHostOnAllDisabled   = 0
-TDBMutexEnabled         = 0
+TDBMutexEnabled         = 1
 LockProcessesPerDB      = 200
 RecBufferSizeLimit      = 1000000
 QueueBufferSize         = 1024
diff --git a/ctdb/tests/tool/ctdb.listvars.001.sh b/ctdb/tests/tool/ctdb.listvars.001.sh
index f6010a4..fc8f42c 100755
--- a/ctdb/tests/tool/ctdb.listvars.001.sh
+++ b/ctdb/tests/tool/ctdb.listvars.001.sh
@@ -59,7 +59,7 @@ DBRecordSizeWarn           = 10000000
 DBSizeWarn                 = 100000000
 PullDBPreallocation        = 10485760
 NoIPHostOnAllDisabled      = 0
-TDBMutexEnabled            = 0
+TDBMutexEnabled            = 1
 LockProcessesPerDB         = 200
 RecBufferSizeLimit         = 1000000
 QueueBufferSize            = 1024
diff --git a/nsswitch/tests/test_idmap_ad.sh b/nsswitch/tests/test_idmap_ad.sh
new file mode 100755
index 0000000..2f4ee32
--- /dev/null
+++ b/nsswitch/tests/test_idmap_ad.sh
@@ -0,0 +1,99 @@
+#!/bin/sh
+#
+# Basic testing of id mapping with idmap_ad
+#
+
+if [ $# -ne 3 ]; then
+	echo Usage: $0 DOMAIN DC_SERVER DC_PASSWORD
+	exit 1
+fi
+
+DOMAIN="$1"
+DC_SERVER="$2"
+DC_PASSWORD="$3"
+
+wbinfo="$VALGRIND $BINDIR/wbinfo"
+ldbmodify="$VALGRIND $BINDIR/ldbmodify"
+ldbsearch="$VALGRIND $BINDIR/ldbsearch"
+
+failed=0
+
+. `dirname $0`/../../testprogs/blackbox/subunit.sh
+
+DOMAIN_SID=$($wbinfo -n "@$DOMAIN" | cut -f 1 -d " ")
+if [ $? -ne 0 ] ; then
+    echo "Could not find domain SID" | subunit_fail_test "test_idmap_ad"
+    exit 1
+fi
+
+BASE_DN=$($ldbsearch -H ldap://$DC_SERVER -b "" -s base defaultNamingContext | awk '/^defaultNamingContext/ {print $2}')
+if [ $? -ne 0 ] ; then
+    echo "Could not find base DB" | subunit_fail_test "test_idmap_ad"
+    exit 1
+fi
+
+#
+# Add POSIX ids to AD
+#
+cat <<EOF | $ldbmodify -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
+dn: CN=Administrator,CN=Users,$BASE_DN
+changetype: modify
+add: uidNumber
+uidNumber: 2000000
+EOF
+
+cat <<EOF | $ldbmodify -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
+dn: CN=Domain Users,CN=Users,$BASE_DN
+changetype: modify
+add: gidNumber
+gidNumber: 2000001
+EOF
+
+#
+# Test 1: Test uid of Administrator, should be 2000000
+#
+
+out="$($wbinfo -S $DOMAIN_SID-500)"
+echo "wbinfo returned: \"$out\", expecting \"2000000\""
+test "$out" = "2000000"
+ret=$?
+testit "Test uid of Administrator is 2000000" test $ret -eq 0 || failed=$(expr $failed + 1)
+
+#
+# Test 2: Test gid of Domain Users, should be 2000001
+#
+
+out="$($wbinfo -Y $DOMAIN_SID-513)"
+echo "wbinfo returned: \"$out\", expecting \"2000001\""
+test "$out" = "2000001"
+ret=$?
+testit "Test uid of Domain Users is 2000001" test $ret -eq 0 || failed=$(expr $failed + 1)
+
+#
+# Test 3: Test get userinfo for Administrator works
+#
+
+out="$($wbinfo -i $DOMAIN/Administrator)"
+echo "wbinfo returned: \"$out\", expecting \"$DOMAIN/administrator:*:2000000:2000001::/home/$DOMAIN/administrator:/bin/false\""
+test "$out" = "$DOMAIN/administrator:*:2000000:2000001::/home/$DOMAIN/administrator:/bin/false"
+ret=$?
+testit "Test get userinfo for Administrator works" test $ret -eq 0 || failed=$(expr $failed + 1)
+
+#
+# Remove POSIX ids from AD
+#
+cat <<EOF | $ldbmodify -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
+dn: CN=Administrator,CN=Users,$BASE_DN
+changetype: modify
+delete: uidNumber
+uidNumber: 2000000
+EOF
+
+cat <<EOF | $ldbmodify -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
+dn: CN=Domain Users,CN=Users,$BASE_DN
+changetype: modify
+delete: gidNumber
+gidNumber: 2000001
+EOF
+
+exit $failed
diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm
index 1600ed8..5968772 100644
--- a/selftest/target/Samba.pm
+++ b/selftest/target/Samba.pm
@@ -346,6 +346,7 @@ sub get_interface($)
 
     # 11-16 used by selftest.pl for client interfaces
 
+    $interfaces{"idmapadmember"} = 19;
     $interfaces{"idmapridmember"} = 20;
     $interfaces{"localdc"} = 21;
     $interfaces{"localvampiredc"} = 22;
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 79b1a53..54da52b 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -689,6 +689,95 @@ sub setup_ad_member_idmap_rid($$$$)
 	return $ret;
 }
 
+sub setup_ad_member_idmap_ad($$$$)
+{
+	my ($self, $prefix, $dcvars) = @_;
+
+	# If we didn't build with ADS, pretend this env was never available
+	if (not $self->have_ads()) {
+	        return "UNKNOWN";
+	}
+
+	print "PROVISIONING S3 AD MEMBER WITH idmap_ad config...";
+
+	my $member_options = "
+	security = ads
+	workgroup = $dcvars->{DOMAIN}
+	realm = $dcvars->{REALM}
+	password server = $dcvars->{SERVER}
+	idmap config * : backend = tdb
+	idmap config * : range = 1000000-1999999
+	idmap config $dcvars->{DOMAIN} : backend = ad
+	idmap config $dcvars->{DOMAIN} : range = 2000000-2999999
+";
+
+	my $ret = $self->provision($prefix, $dcvars->{DOMAIN},
+				   "IDMAPADMEMBER",
+				   "loCalMemberPass",
+				   $member_options,
+				   $dcvars->{SERVER_IP},
+				   $dcvars->{SERVER_IPV6});
+
+	$ret or return undef;
+
+	close(USERMAP);
+	$ret->{DOMAIN} = $dcvars->{DOMAIN};
+	$ret->{REALM} = $dcvars->{REALM};
+
+	my $ctx;
+	my $prefix_abs = abs_path($prefix);
+	$ctx = {};
+	$ctx->{krb5_conf} = "$prefix_abs/lib/krb5.conf";
+	$ctx->{domain} = $dcvars->{DOMAIN};
+	$ctx->{realm} = $dcvars->{REALM};
+	$ctx->{dnsname} = lc($dcvars->{REALM});
+	$ctx->{kdc_ipv4} = $dcvars->{SERVER_IP};
+	$ctx->{kdc_ipv6} = $dcvars->{SERVER_IPV6};
+	$ctx->{krb5_ccname} = "$prefix_abs/krb5cc_%{uid}";
+	Samba::mk_krb5_conf($ctx, "");
+
+	$ret->{KRB5_CONFIG} = $ctx->{krb5_conf};
+
+	my $net = Samba::bindir_path($self, "net");
+	my $cmd = "";
+	$cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
+	if (defined($ret->{RESOLV_WRAPPER_CONF})) {
+		$cmd .= "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" ";
+	} else {
+		$cmd .= "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" ";
+	}
+	$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
+	$cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" ";
+	$cmd .= "$net join $ret->{CONFIGURATION}";
+	$cmd .= " -U$dcvars->{USERNAME}\%$dcvars->{PASSWORD}";
+
+	if (system($cmd) != 0) {
+	    warn("Join failed\n$cmd");
+	    return undef;
+	}
+
+	# We need world access to this share, as otherwise the domain
+	# administrator from the AD domain provided by Samba4 can't
+	# access the share for tests.
+	chmod 0777, "$prefix/share";
+
+	if (not $self->check_or_start($ret, "yes", "yes", "yes")) {
+		return undef;
+	}
+
+	$ret->{DC_SERVER} = $dcvars->{SERVER};
+	$ret->{DC_SERVER_IP} = $dcvars->{SERVER_IP};
+	$ret->{DC_SERVER_IPV6} = $dcvars->{SERVER_IPV6};
+	$ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME};
+	$ret->{DC_USERNAME} = $dcvars->{USERNAME};
+	$ret->{DC_PASSWORD} = $dcvars->{PASSWORD};
+
+	# Special case, this is called from Samba4.pm but needs to use the Samba3 check_env and get_log_env
+	$ret->{target} = $self;
+
+	return $ret;
+}
+
 sub setup_simpleserver($$)
 {
 	my ($self, $path) = @_;
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 772f982..205e281 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -2130,6 +2130,12 @@ sub setup_env($$$)
 		}
 		return $target3->setup_ad_member_idmap_rid("$path/ad_member_idmap_rid",
 							   $self->{vars}->{ad_dc});
+	} elsif ($envname eq "ad_member_idmap_ad") {
+		if (not defined($self->{vars}->{ad_dc})) {
+			$self->setup_ad_dc("$path/ad_dc");
+		}
+		return $target3->setup_ad_member_idmap_ad("$path/ad_member_idmap_ad",
+							  $self->{vars}->{ad_dc});
 	} elsif ($envname eq "none") {
 		return $self->setup_none("$path/none");
 	} else {
diff --git a/source3/include/ctdbd_conn.h b/source3/include/ctdbd_conn.h
index 06fbcc3..38477d3 100644
--- a/source3/include/ctdbd_conn.h
+++ b/source3/include/ctdbd_conn.h
@@ -55,7 +55,7 @@ char *ctdbd_dbpath(struct ctdbd_connection *conn,
 		   TALLOC_CTX *mem_ctx, uint32_t db_id);
 
 int ctdbd_db_attach(struct ctdbd_connection *conn, const char *name,
-		    uint32_t *db_id, int tdb_flags);
+		    uint32_t *db_id, bool persistent);
 
 int ctdbd_migrate(struct ctdbd_connection *conn, uint32_t db_id, TDB_DATA key);
 
diff --git a/source3/lib/ctdbd_conn.c b/source3/lib/ctdbd_conn.c
index 3adb57d..b81feca 100644
--- a/source3/lib/ctdbd_conn.c
+++ b/source3/lib/ctdbd_conn.c
@@ -819,12 +819,11 @@ char *ctdbd_dbpath(struct ctdbd_connection *conn,
  * attach to a ctdb database
  */
 int ctdbd_db_attach(struct ctdbd_connection *conn,
-		    const char *name, uint32_t *db_id, int tdb_flags)
+		    const char *name, uint32_t *db_id, bool persistent)
 {
 	int ret;
 	TDB_DATA data;
 	int32_t cstatus;
-	bool persistent = (tdb_flags & TDB_CLEAR_IF_FIRST) == 0;
 
 	data = string_term_tdb_data(name);
 
@@ -832,7 +831,7 @@ int ctdbd_db_attach(struct ctdbd_connection *conn,
 				  persistent
 				  ? CTDB_CONTROL_DB_ATTACH_PERSISTENT
 				  : CTDB_CONTROL_DB_ATTACH,
-				  tdb_flags, 0, data, NULL, &data, &cstatus);
+				  0, 0, data, NULL, &data, &cstatus);
 	if (ret != 0) {
 		DEBUG(0, (__location__ " ctdb_control for db_attach "
 			  "failed: %s\n", strerror(ret)));
@@ -847,21 +846,6 @@ int ctdbd_db_attach(struct ctdbd_connection *conn,
 	*db_id = *(uint32_t *)data.dptr;
 	talloc_free(data.dptr);
 
-	if (!(tdb_flags & TDB_SEQNUM)) {
-		return 0;
-	}
-
-	data.dptr = (uint8_t *)db_id;
-	data.dsize = sizeof(*db_id);
-
-	ret = ctdbd_control_local(conn, CTDB_CONTROL_ENABLE_SEQNUM, 0, 0, data,
-				  NULL, NULL, &cstatus);
-	if ((ret != 0) || cstatus != 0) {
-		DEBUG(0, (__location__ " ctdb_control for enable seqnum "
-			  "failed: %s\n", strerror(ret)));
-		return (ret == 0) ? EIO : ret;
-	}
-
 	return 0;
 }
 
diff --git a/source3/lib/dbwrap/dbwrap_ctdb.c b/source3/lib/dbwrap/dbwrap_ctdb.c
index 8e303e6..6bdaab0 100644
--- a/source3/lib/dbwrap/dbwrap_ctdb.c
+++ b/source3/lib/dbwrap/dbwrap_ctdb.c
@@ -1779,6 +1779,8 @@ struct db_context *db_open_ctdb(TALLOC_CTX *mem_ctx,
 	struct db_ctdb_ctx *db_ctdb;
 	char *db_path;
 	struct loadparm_context *lp_ctx;
+	TDB_DATA data;
+	bool persistent = (tdb_flags & TDB_CLEAR_IF_FIRST);
 	int32_t cstatus;
 	int ret;
 
@@ -1810,7 +1812,7 @@ struct db_context *db_open_ctdb(TALLOC_CTX *mem_ctx,
 	db_ctdb->db = result;
 	db_ctdb->conn = conn;
 
-	ret = ctdbd_db_attach(db_ctdb->conn, name, &db_ctdb->db_id, tdb_flags);
+	ret = ctdbd_db_attach(db_ctdb->conn, name, &db_ctdb->db_id, persistent);
 	if (ret != 0) {
 		DEBUG(0, ("ctdbd_db_attach failed for %s: %s\n", name,
 			  strerror(ret)));
@@ -1818,14 +1820,45 @@ struct db_context *db_open_ctdb(TALLOC_CTX *mem_ctx,
 		return NULL;
 	}
 
+	if (tdb_flags & TDB_SEQNUM) {
+		data.dptr = (uint8_t *)&db_ctdb->db_id;
+		data.dsize = sizeof(db_ctdb->db_id);
+
+		ret = ctdbd_control_local(conn, CTDB_CONTROL_ENABLE_SEQNUM,
+					  0, 0, data,
+					  NULL, NULL, &cstatus);
+		if ((ret != 0) || cstatus != 0) {
+			DBG_ERR("ctdb_control for enable seqnum "
+				"failed: %s\n", strerror(ret));
+			TALLOC_FREE(result);
+			return NULL;
+		}
+	}
+
 	db_path = ctdbd_dbpath(db_ctdb->conn, db_ctdb, db_ctdb->db_id);
 
-	result->persistent = ((tdb_flags & TDB_CLEAR_IF_FIRST) == 0);
+	result->persistent = persistent;
 	result->lock_order = lock_order;
 
-	/* only pass through specific flags */
-	tdb_flags &= TDB_SEQNUM|TDB_VOLATILE|
-		TDB_MUTEX_LOCKING|TDB_CLEAR_IF_FIRST;
+	data.dptr = (uint8_t *)&db_ctdb->db_id;
+	data.dsize = sizeof(db_ctdb->db_id);
+
+	ret = ctdbd_control_local(conn, CTDB_CONTROL_DB_OPEN_FLAGS,
+				  0, 0, data, NULL, &data, &cstatus);
+	if (ret != 0) {
+		DBG_ERR(" ctdb control for db_open_flags "
+			 "failed: %s\n", strerror(ret));
+		TALLOC_FREE(result);
+		return NULL;
+	}
+
+	if (cstatus != 0 || data.dsize != sizeof(int)) {
+		DBG_ERR("ctdb_control for db_open_flags failed\n");
+		TALLOC_FREE(result);
+		return NULL;
+	}
+
+	tdb_flags = *(int *)data.dptr;
 
 	if (!result->persistent) {
 		ret = ctdb_async_ctx_init(NULL, messaging_tevent_context(msg_ctx));
diff --git a/source3/lib/dbwrap/dbwrap_open.c b/source3/lib/dbwrap/dbwrap_open.c
index 55e0adb..801ebcb 100644
--- a/source3/lib/dbwrap/dbwrap_open.c
+++ b/source3/lib/dbwrap/dbwrap_open.c
@@ -98,7 +98,7 @@ struct db_context *db_open(TALLOC_CTX *mem_ctx,
 
 	if (tdb_flags & TDB_CLEAR_IF_FIRST) {
 		const char *base;
-		bool try_mutex = false;
+		bool try_mutex = true;
 		bool require_mutex = false;
 
 		base = strrchr_m(name, '/');
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index d459ede..d352c14 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -367,7 +367,7 @@ rpc = ["rpc.authcontext", "rpc.samba3.bind", "rpc.samba3.srvsvc", "rpc.samba3.sh
 
 local = ["local.nss"]
 
-idmap = ["idmap.rfc2307", "idmap.alloc", "idmap.rid"]
+idmap = ["idmap.rfc2307", "idmap.alloc", "idmap.rid", "idmap.ad"]
 
 rap = ["rap.basic", "rap.rpc", "rap.printing", "rap.sam"]
 
@@ -449,6 +449,8 @@ for t in tests:
         plantestsuite(t, "ad_member_rfc2307", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_nss.sh"), '$DOMAIN'])
     elif t == "idmap.rid":
         plantestsuite(t, "ad_member_idmap_rid", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_rid.sh"), '$DOMAIN', '2000000'])
+    elif t == "idmap.ad":
+        plantestsuite(t, "ad_member_idmap_ad", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_ad.sh"), '$DOMAIN', '$DC_SERVER', '$DC_PASSWORD'])
     elif t == "raw.acls":
         plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD')
         plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/nfs4acl_simple -U$USERNAME%$PASSWORD', description='nfs4acl_xattr-simple')
diff --git a/source3/winbindd/idmap_ad.c b/source3/winbindd/idmap_ad.c
index 8c9e97b..315a944 100644
--- a/source3/winbindd/idmap_ad.c
+++ b/source3/winbindd/idmap_ad.c
@@ -502,9 +502,26 @@ static NTSTATUS idmap_ad_query_user(struct idmap_domain *domain,
 	return NT_STATUS_OK;
 }
 
+static NTSTATUS idmap_ad_query_user_retry(struct idmap_domain *domain,
+				          struct wbint_userinfo *info)
+{
+	const NTSTATUS status_server_down =
+		NT_STATUS_LDAP(TLDAP_RC_V(TLDAP_SERVER_DOWN));
+	NTSTATUS status;
+
+	status = idmap_ad_query_user(domain, info);
+
+	if (NT_STATUS_EQUAL(status, status_server_down)) {
+		TALLOC_FREE(domain->private_data);
+		status = idmap_ad_query_user(domain, info);
+	}
+
+	return status;
+}
+
 static NTSTATUS idmap_ad_initialize(struct idmap_domain *dom)
 {
-	dom->query_user = idmap_ad_query_user;
+	dom->query_user = idmap_ad_query_user_retry;
 	dom->private_data = NULL;
 	return NT_STATUS_OK;
 }


-- 
Samba Shared Repository



More information about the samba-cvs mailing list