[SCM] Samba Shared Repository - branch master updated
Ralph Böhme
slow at samba.org
Wed Jul 12 11:26:02 UTC 2017
The branch, master has been updated
via de9d219 dbwrap: Ask CTDB for local tdb open flags
via b2b7e3b ctdbd_conn: pass persistent bool instead of tdb_flags
via 0077296 ctdbd_conn: move CTDB_CONTROL_ENABLE_SEQNUM control to db_open_ctdb
via 6ae063a dbwrap: CTDB ignores tdb_flags passed to db attach controls
via a70be43 dbwrap: enable mutexes by default for volatile TDBs
via 2bce9cb ctdb: enable mutexes for volatile TDBs by default
via fe7020b idmap_ad: Retry query_user exactly once if we get TLDAP_SERVER_DOWN
via b3d14da selftest: add some basic tests for idmap_ad
via 4a7ec5b selftest: add ad_member_idmap_ad server
from 259e170 vfs_fruit: add fruit:model = <modelname> parametric option
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit de9d21957706bd5d811db01b7b5d88a0bb17034b
Author: Ralph Boehme <slow at samba.org>
Date: Tue Jul 11 21:35:17 2017 +0200
dbwrap: Ask CTDB for local tdb open flags
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Wed Jul 12 13:25:11 CEST 2017 on sn-devel-144
commit b2b7e3b9710fa22716f931177265dcd8de74532b
Author: Ralph Boehme <slow at samba.org>
Date: Tue Jul 11 20:41:43 2017 +0200
ctdbd_conn: pass persistent bool instead of tdb_flags
ctdbd_db_attach() only needs to know the ctdb database model, not the
rest of the flags.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
commit 0077296cee1cd54a5adb12fc706cbf99203a8213
Author: Ralph Boehme <slow at samba.org>
Date: Tue Jul 11 20:36:35 2017 +0200
ctdbd_conn: move CTDB_CONTROL_ENABLE_SEQNUM control to db_open_ctdb
No change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
commit 6ae063a109ca88bf815fd1bf5e8865053bea41b9
Author: Amitay Isaacs <amitay at gmail.com>
Date: Tue Jul 11 00:38:59 2017 +1000
dbwrap: CTDB ignores tdb_flags passed to db attach controls
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit a70be43246ab74f0a2bbe245ab31f24460b70547
Author: Ralph Boehme <slow at samba.org>
Date: Sun Jul 9 16:23:20 2017 +0200
dbwrap: enable mutexes by default for volatile TDBs
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
commit 2bce9cb72f3ac7efc2f4f48b0cffa1876364ae8c
Author: Ralph Boehme <slow at samba.org>
Date: Sun Jul 9 16:20:11 2017 +0200
ctdb: enable mutexes for volatile TDBs by default
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12891
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Amitay Isaacs <amitay at gmail.com>
commit fe7020b0d1b6fe1ca9add4815e20c2e2262cb6c9
Author: Dustin L. Howett via samba-technical <samba-technical at lists.samba.org>
Date: Fri Jun 30 16:10:01 2017 -0700
idmap_ad: Retry query_user exactly once if we get TLDAP_SERVER_DOWN
All other ldap-querying methods in idmap_ad make a single retry attempt if they get
TLDAP_SERVER_DOWN. This patch brings idmap_ad_query_user in line with that design.
This fixes the symptom described in 12720 at the cost of an additional reconnect per
failed lookup.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12720
Signed-off-by: Dustin L. Howett <dustin at howett.net>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit b3d14dae18593f21fb0d16f5404326bcb15905d9
Author: Ralph Boehme <slow at samba.org>
Date: Mon Jul 10 16:20:23 2017 +0200
selftest: add some basic tests for idmap_ad
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 4a7ec5b7604495bee174f9c83b62f55604c6efbc
Author: Ralph Boehme <slow at samba.org>
Date: Mon Jul 10 16:19:18 2017 +0200
selftest: add ad_member_idmap_ad server
Add a member server that uses idmap_ad. Gets used in the next commit.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
ctdb/common/tunable.c | 2 +-
ctdb/config/ctdbd.conf | 2 +-
ctdb/doc/ctdb-tunables.7.xml | 2 +-
ctdb/doc/ctdb.1.xml | 2 +-
ctdb/tests/tool/ctdb.listvars.001.sh | 2 +-
nsswitch/tests/test_idmap_ad.sh | 99 ++++++++++++++++++++++++++++++++++++
selftest/target/Samba.pm | 1 +
selftest/target/Samba3.pm | 89 ++++++++++++++++++++++++++++++++
selftest/target/Samba4.pm | 6 +++
source3/include/ctdbd_conn.h | 2 +-
source3/lib/ctdbd_conn.c | 20 +-------
source3/lib/dbwrap/dbwrap_ctdb.c | 43 ++++++++++++++--
source3/lib/dbwrap/dbwrap_open.c | 2 +-
source3/selftest/tests.py | 4 +-
source3/winbindd/idmap_ad.c | 19 ++++++-
15 files changed, 263 insertions(+), 32 deletions(-)
create mode 100755 nsswitch/tests/test_idmap_ad.sh
Changeset truncated at 500 lines:
diff --git a/ctdb/common/tunable.c b/ctdb/common/tunable.c
index ed7a52d..14f6828 100644
--- a/ctdb/common/tunable.c
+++ b/ctdb/common/tunable.c
@@ -145,7 +145,7 @@ static struct {
offsetof(struct ctdb_tunable_list, no_ip_host_on_all_disabled) },
{ "Samba3AvoidDeadlocks", 0, true,
offsetof(struct ctdb_tunable_list, samba3_hack) },
- { "TDBMutexEnabled", 0, false,
+ { "TDBMutexEnabled", 1, false,
offsetof(struct ctdb_tunable_list, mutex_enabled) },
{ "LockProcessesPerDB", 200, false,
offsetof(struct ctdb_tunable_list, lock_processes_per_db) },
diff --git a/ctdb/config/ctdbd.conf b/ctdb/config/ctdbd.conf
index e75c65c..2d525c5 100644
--- a/ctdb/config/ctdbd.conf
+++ b/ctdb/config/ctdbd.conf
@@ -29,4 +29,4 @@
# CTDB_DEBUGLEVEL=ERR
# Set some CTDB tunable variables during CTDB startup?
-# CTDB_SET_TDBMutexEnabled=1
+# CTDB_SET_TDBMutexEnabled=0
diff --git a/ctdb/doc/ctdb-tunables.7.xml b/ctdb/doc/ctdb-tunables.7.xml
index d0bb450..7b059b7 100644
--- a/ctdb/doc/ctdb-tunables.7.xml
+++ b/ctdb/doc/ctdb-tunables.7.xml
@@ -658,7 +658,7 @@
<refsect2>
<title>TDBMutexEnabled</title>
- <para>Default: 0</para>
+ <para>Default: 1</para>
<para>
This parameter enables TDB_MUTEX_LOCKING feature on volatile
databases if the robust mutexes are supported. This optimizes the
diff --git a/ctdb/doc/ctdb.1.xml b/ctdb/doc/ctdb.1.xml
index 1af1f50..3aceb73 100644
--- a/ctdb/doc/ctdb.1.xml
+++ b/ctdb/doc/ctdb.1.xml
@@ -843,7 +843,7 @@ DBRecordSizeWarn = 10000000
DBSizeWarn = 100000000
PullDBPreallocation = 10485760
NoIPHostOnAllDisabled = 0
-TDBMutexEnabled = 0
+TDBMutexEnabled = 1
LockProcessesPerDB = 200
RecBufferSizeLimit = 1000000
QueueBufferSize = 1024
diff --git a/ctdb/tests/tool/ctdb.listvars.001.sh b/ctdb/tests/tool/ctdb.listvars.001.sh
index f6010a4..fc8f42c 100755
--- a/ctdb/tests/tool/ctdb.listvars.001.sh
+++ b/ctdb/tests/tool/ctdb.listvars.001.sh
@@ -59,7 +59,7 @@ DBRecordSizeWarn = 10000000
DBSizeWarn = 100000000
PullDBPreallocation = 10485760
NoIPHostOnAllDisabled = 0
-TDBMutexEnabled = 0
+TDBMutexEnabled = 1
LockProcessesPerDB = 200
RecBufferSizeLimit = 1000000
QueueBufferSize = 1024
diff --git a/nsswitch/tests/test_idmap_ad.sh b/nsswitch/tests/test_idmap_ad.sh
new file mode 100755
index 0000000..2f4ee32
--- /dev/null
+++ b/nsswitch/tests/test_idmap_ad.sh
@@ -0,0 +1,99 @@
+#!/bin/sh
+#
+# Basic testing of id mapping with idmap_ad
+#
+
+if [ $# -ne 3 ]; then
+ echo Usage: $0 DOMAIN DC_SERVER DC_PASSWORD
+ exit 1
+fi
+
+DOMAIN="$1"
+DC_SERVER="$2"
+DC_PASSWORD="$3"
+
+wbinfo="$VALGRIND $BINDIR/wbinfo"
+ldbmodify="$VALGRIND $BINDIR/ldbmodify"
+ldbsearch="$VALGRIND $BINDIR/ldbsearch"
+
+failed=0
+
+. `dirname $0`/../../testprogs/blackbox/subunit.sh
+
+DOMAIN_SID=$($wbinfo -n "@$DOMAIN" | cut -f 1 -d " ")
+if [ $? -ne 0 ] ; then
+ echo "Could not find domain SID" | subunit_fail_test "test_idmap_ad"
+ exit 1
+fi
+
+BASE_DN=$($ldbsearch -H ldap://$DC_SERVER -b "" -s base defaultNamingContext | awk '/^defaultNamingContext/ {print $2}')
+if [ $? -ne 0 ] ; then
+ echo "Could not find base DB" | subunit_fail_test "test_idmap_ad"
+ exit 1
+fi
+
+#
+# Add POSIX ids to AD
+#
+cat <<EOF | $ldbmodify -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
+dn: CN=Administrator,CN=Users,$BASE_DN
+changetype: modify
+add: uidNumber
+uidNumber: 2000000
+EOF
+
+cat <<EOF | $ldbmodify -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
+dn: CN=Domain Users,CN=Users,$BASE_DN
+changetype: modify
+add: gidNumber
+gidNumber: 2000001
+EOF
+
+#
+# Test 1: Test uid of Administrator, should be 2000000
+#
+
+out="$($wbinfo -S $DOMAIN_SID-500)"
+echo "wbinfo returned: \"$out\", expecting \"2000000\""
+test "$out" = "2000000"
+ret=$?
+testit "Test uid of Administrator is 2000000" test $ret -eq 0 || failed=$(expr $failed + 1)
+
+#
+# Test 2: Test gid of Domain Users, should be 2000001
+#
+
+out="$($wbinfo -Y $DOMAIN_SID-513)"
+echo "wbinfo returned: \"$out\", expecting \"2000001\""
+test "$out" = "2000001"
+ret=$?
+testit "Test uid of Domain Users is 2000001" test $ret -eq 0 || failed=$(expr $failed + 1)
+
+#
+# Test 3: Test get userinfo for Administrator works
+#
+
+out="$($wbinfo -i $DOMAIN/Administrator)"
+echo "wbinfo returned: \"$out\", expecting \"$DOMAIN/administrator:*:2000000:2000001::/home/$DOMAIN/administrator:/bin/false\""
+test "$out" = "$DOMAIN/administrator:*:2000000:2000001::/home/$DOMAIN/administrator:/bin/false"
+ret=$?
+testit "Test get userinfo for Administrator works" test $ret -eq 0 || failed=$(expr $failed + 1)
+
+#
+# Remove POSIX ids from AD
+#
+cat <<EOF | $ldbmodify -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
+dn: CN=Administrator,CN=Users,$BASE_DN
+changetype: modify
+delete: uidNumber
+uidNumber: 2000000
+EOF
+
+cat <<EOF | $ldbmodify -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
+dn: CN=Domain Users,CN=Users,$BASE_DN
+changetype: modify
+delete: gidNumber
+gidNumber: 2000001
+EOF
+
+exit $failed
diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm
index 1600ed8..5968772 100644
--- a/selftest/target/Samba.pm
+++ b/selftest/target/Samba.pm
@@ -346,6 +346,7 @@ sub get_interface($)
# 11-16 used by selftest.pl for client interfaces
+ $interfaces{"idmapadmember"} = 19;
$interfaces{"idmapridmember"} = 20;
$interfaces{"localdc"} = 21;
$interfaces{"localvampiredc"} = 22;
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 79b1a53..54da52b 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -689,6 +689,95 @@ sub setup_ad_member_idmap_rid($$$$)
return $ret;
}
+sub setup_ad_member_idmap_ad($$$$)
+{
+ my ($self, $prefix, $dcvars) = @_;
+
+ # If we didn't build with ADS, pretend this env was never available
+ if (not $self->have_ads()) {
+ return "UNKNOWN";
+ }
+
+ print "PROVISIONING S3 AD MEMBER WITH idmap_ad config...";
+
+ my $member_options = "
+ security = ads
+ workgroup = $dcvars->{DOMAIN}
+ realm = $dcvars->{REALM}
+ password server = $dcvars->{SERVER}
+ idmap config * : backend = tdb
+ idmap config * : range = 1000000-1999999
+ idmap config $dcvars->{DOMAIN} : backend = ad
+ idmap config $dcvars->{DOMAIN} : range = 2000000-2999999
+";
+
+ my $ret = $self->provision($prefix, $dcvars->{DOMAIN},
+ "IDMAPADMEMBER",
+ "loCalMemberPass",
+ $member_options,
+ $dcvars->{SERVER_IP},
+ $dcvars->{SERVER_IPV6});
+
+ $ret or return undef;
+
+ close(USERMAP);
+ $ret->{DOMAIN} = $dcvars->{DOMAIN};
+ $ret->{REALM} = $dcvars->{REALM};
+
+ my $ctx;
+ my $prefix_abs = abs_path($prefix);
+ $ctx = {};
+ $ctx->{krb5_conf} = "$prefix_abs/lib/krb5.conf";
+ $ctx->{domain} = $dcvars->{DOMAIN};
+ $ctx->{realm} = $dcvars->{REALM};
+ $ctx->{dnsname} = lc($dcvars->{REALM});
+ $ctx->{kdc_ipv4} = $dcvars->{SERVER_IP};
+ $ctx->{kdc_ipv6} = $dcvars->{SERVER_IPV6};
+ $ctx->{krb5_ccname} = "$prefix_abs/krb5cc_%{uid}";
+ Samba::mk_krb5_conf($ctx, "");
+
+ $ret->{KRB5_CONFIG} = $ctx->{krb5_conf};
+
+ my $net = Samba::bindir_path($self, "net");
+ my $cmd = "";
+ $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
+ if (defined($ret->{RESOLV_WRAPPER_CONF})) {
+ $cmd .= "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" ";
+ } else {
+ $cmd .= "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" ";
+ }
+ $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
+ $cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" ";
+ $cmd .= "$net join $ret->{CONFIGURATION}";
+ $cmd .= " -U$dcvars->{USERNAME}\%$dcvars->{PASSWORD}";
+
+ if (system($cmd) != 0) {
+ warn("Join failed\n$cmd");
+ return undef;
+ }
+
+ # We need world access to this share, as otherwise the domain
+ # administrator from the AD domain provided by Samba4 can't
+ # access the share for tests.
+ chmod 0777, "$prefix/share";
+
+ if (not $self->check_or_start($ret, "yes", "yes", "yes")) {
+ return undef;
+ }
+
+ $ret->{DC_SERVER} = $dcvars->{SERVER};
+ $ret->{DC_SERVER_IP} = $dcvars->{SERVER_IP};
+ $ret->{DC_SERVER_IPV6} = $dcvars->{SERVER_IPV6};
+ $ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME};
+ $ret->{DC_USERNAME} = $dcvars->{USERNAME};
+ $ret->{DC_PASSWORD} = $dcvars->{PASSWORD};
+
+ # Special case, this is called from Samba4.pm but needs to use the Samba3 check_env and get_log_env
+ $ret->{target} = $self;
+
+ return $ret;
+}
+
sub setup_simpleserver($$)
{
my ($self, $path) = @_;
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 772f982..205e281 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -2130,6 +2130,12 @@ sub setup_env($$$)
}
return $target3->setup_ad_member_idmap_rid("$path/ad_member_idmap_rid",
$self->{vars}->{ad_dc});
+ } elsif ($envname eq "ad_member_idmap_ad") {
+ if (not defined($self->{vars}->{ad_dc})) {
+ $self->setup_ad_dc("$path/ad_dc");
+ }
+ return $target3->setup_ad_member_idmap_ad("$path/ad_member_idmap_ad",
+ $self->{vars}->{ad_dc});
} elsif ($envname eq "none") {
return $self->setup_none("$path/none");
} else {
diff --git a/source3/include/ctdbd_conn.h b/source3/include/ctdbd_conn.h
index 06fbcc3..38477d3 100644
--- a/source3/include/ctdbd_conn.h
+++ b/source3/include/ctdbd_conn.h
@@ -55,7 +55,7 @@ char *ctdbd_dbpath(struct ctdbd_connection *conn,
TALLOC_CTX *mem_ctx, uint32_t db_id);
int ctdbd_db_attach(struct ctdbd_connection *conn, const char *name,
- uint32_t *db_id, int tdb_flags);
+ uint32_t *db_id, bool persistent);
int ctdbd_migrate(struct ctdbd_connection *conn, uint32_t db_id, TDB_DATA key);
diff --git a/source3/lib/ctdbd_conn.c b/source3/lib/ctdbd_conn.c
index 3adb57d..b81feca 100644
--- a/source3/lib/ctdbd_conn.c
+++ b/source3/lib/ctdbd_conn.c
@@ -819,12 +819,11 @@ char *ctdbd_dbpath(struct ctdbd_connection *conn,
* attach to a ctdb database
*/
int ctdbd_db_attach(struct ctdbd_connection *conn,
- const char *name, uint32_t *db_id, int tdb_flags)
+ const char *name, uint32_t *db_id, bool persistent)
{
int ret;
TDB_DATA data;
int32_t cstatus;
- bool persistent = (tdb_flags & TDB_CLEAR_IF_FIRST) == 0;
data = string_term_tdb_data(name);
@@ -832,7 +831,7 @@ int ctdbd_db_attach(struct ctdbd_connection *conn,
persistent
? CTDB_CONTROL_DB_ATTACH_PERSISTENT
: CTDB_CONTROL_DB_ATTACH,
- tdb_flags, 0, data, NULL, &data, &cstatus);
+ 0, 0, data, NULL, &data, &cstatus);
if (ret != 0) {
DEBUG(0, (__location__ " ctdb_control for db_attach "
"failed: %s\n", strerror(ret)));
@@ -847,21 +846,6 @@ int ctdbd_db_attach(struct ctdbd_connection *conn,
*db_id = *(uint32_t *)data.dptr;
talloc_free(data.dptr);
- if (!(tdb_flags & TDB_SEQNUM)) {
- return 0;
- }
-
- data.dptr = (uint8_t *)db_id;
- data.dsize = sizeof(*db_id);
-
- ret = ctdbd_control_local(conn, CTDB_CONTROL_ENABLE_SEQNUM, 0, 0, data,
- NULL, NULL, &cstatus);
- if ((ret != 0) || cstatus != 0) {
- DEBUG(0, (__location__ " ctdb_control for enable seqnum "
- "failed: %s\n", strerror(ret)));
- return (ret == 0) ? EIO : ret;
- }
-
return 0;
}
diff --git a/source3/lib/dbwrap/dbwrap_ctdb.c b/source3/lib/dbwrap/dbwrap_ctdb.c
index 8e303e6..6bdaab0 100644
--- a/source3/lib/dbwrap/dbwrap_ctdb.c
+++ b/source3/lib/dbwrap/dbwrap_ctdb.c
@@ -1779,6 +1779,8 @@ struct db_context *db_open_ctdb(TALLOC_CTX *mem_ctx,
struct db_ctdb_ctx *db_ctdb;
char *db_path;
struct loadparm_context *lp_ctx;
+ TDB_DATA data;
+ bool persistent = (tdb_flags & TDB_CLEAR_IF_FIRST);
int32_t cstatus;
int ret;
@@ -1810,7 +1812,7 @@ struct db_context *db_open_ctdb(TALLOC_CTX *mem_ctx,
db_ctdb->db = result;
db_ctdb->conn = conn;
- ret = ctdbd_db_attach(db_ctdb->conn, name, &db_ctdb->db_id, tdb_flags);
+ ret = ctdbd_db_attach(db_ctdb->conn, name, &db_ctdb->db_id, persistent);
if (ret != 0) {
DEBUG(0, ("ctdbd_db_attach failed for %s: %s\n", name,
strerror(ret)));
@@ -1818,14 +1820,45 @@ struct db_context *db_open_ctdb(TALLOC_CTX *mem_ctx,
return NULL;
}
+ if (tdb_flags & TDB_SEQNUM) {
+ data.dptr = (uint8_t *)&db_ctdb->db_id;
+ data.dsize = sizeof(db_ctdb->db_id);
+
+ ret = ctdbd_control_local(conn, CTDB_CONTROL_ENABLE_SEQNUM,
+ 0, 0, data,
+ NULL, NULL, &cstatus);
+ if ((ret != 0) || cstatus != 0) {
+ DBG_ERR("ctdb_control for enable seqnum "
+ "failed: %s\n", strerror(ret));
+ TALLOC_FREE(result);
+ return NULL;
+ }
+ }
+
db_path = ctdbd_dbpath(db_ctdb->conn, db_ctdb, db_ctdb->db_id);
- result->persistent = ((tdb_flags & TDB_CLEAR_IF_FIRST) == 0);
+ result->persistent = persistent;
result->lock_order = lock_order;
- /* only pass through specific flags */
- tdb_flags &= TDB_SEQNUM|TDB_VOLATILE|
- TDB_MUTEX_LOCKING|TDB_CLEAR_IF_FIRST;
+ data.dptr = (uint8_t *)&db_ctdb->db_id;
+ data.dsize = sizeof(db_ctdb->db_id);
+
+ ret = ctdbd_control_local(conn, CTDB_CONTROL_DB_OPEN_FLAGS,
+ 0, 0, data, NULL, &data, &cstatus);
+ if (ret != 0) {
+ DBG_ERR(" ctdb control for db_open_flags "
+ "failed: %s\n", strerror(ret));
+ TALLOC_FREE(result);
+ return NULL;
+ }
+
+ if (cstatus != 0 || data.dsize != sizeof(int)) {
+ DBG_ERR("ctdb_control for db_open_flags failed\n");
+ TALLOC_FREE(result);
+ return NULL;
+ }
+
+ tdb_flags = *(int *)data.dptr;
if (!result->persistent) {
ret = ctdb_async_ctx_init(NULL, messaging_tevent_context(msg_ctx));
diff --git a/source3/lib/dbwrap/dbwrap_open.c b/source3/lib/dbwrap/dbwrap_open.c
index 55e0adb..801ebcb 100644
--- a/source3/lib/dbwrap/dbwrap_open.c
+++ b/source3/lib/dbwrap/dbwrap_open.c
@@ -98,7 +98,7 @@ struct db_context *db_open(TALLOC_CTX *mem_ctx,
if (tdb_flags & TDB_CLEAR_IF_FIRST) {
const char *base;
- bool try_mutex = false;
+ bool try_mutex = true;
bool require_mutex = false;
base = strrchr_m(name, '/');
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index d459ede..d352c14 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -367,7 +367,7 @@ rpc = ["rpc.authcontext", "rpc.samba3.bind", "rpc.samba3.srvsvc", "rpc.samba3.sh
local = ["local.nss"]
-idmap = ["idmap.rfc2307", "idmap.alloc", "idmap.rid"]
+idmap = ["idmap.rfc2307", "idmap.alloc", "idmap.rid", "idmap.ad"]
rap = ["rap.basic", "rap.rpc", "rap.printing", "rap.sam"]
@@ -449,6 +449,8 @@ for t in tests:
plantestsuite(t, "ad_member_rfc2307", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_nss.sh"), '$DOMAIN'])
elif t == "idmap.rid":
plantestsuite(t, "ad_member_idmap_rid", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_rid.sh"), '$DOMAIN', '2000000'])
+ elif t == "idmap.ad":
+ plantestsuite(t, "ad_member_idmap_ad", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_ad.sh"), '$DOMAIN', '$DC_SERVER', '$DC_PASSWORD'])
elif t == "raw.acls":
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD')
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/nfs4acl_simple -U$USERNAME%$PASSWORD', description='nfs4acl_xattr-simple')
diff --git a/source3/winbindd/idmap_ad.c b/source3/winbindd/idmap_ad.c
index 8c9e97b..315a944 100644
--- a/source3/winbindd/idmap_ad.c
+++ b/source3/winbindd/idmap_ad.c
@@ -502,9 +502,26 @@ static NTSTATUS idmap_ad_query_user(struct idmap_domain *domain,
return NT_STATUS_OK;
}
+static NTSTATUS idmap_ad_query_user_retry(struct idmap_domain *domain,
+ struct wbint_userinfo *info)
+{
+ const NTSTATUS status_server_down =
+ NT_STATUS_LDAP(TLDAP_RC_V(TLDAP_SERVER_DOWN));
+ NTSTATUS status;
+
+ status = idmap_ad_query_user(domain, info);
+
+ if (NT_STATUS_EQUAL(status, status_server_down)) {
+ TALLOC_FREE(domain->private_data);
+ status = idmap_ad_query_user(domain, info);
+ }
+
+ return status;
+}
+
static NTSTATUS idmap_ad_initialize(struct idmap_domain *dom)
{
- dom->query_user = idmap_ad_query_user;
+ dom->query_user = idmap_ad_query_user_retry;
dom->private_data = NULL;
return NT_STATUS_OK;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list