[SCM] Samba Shared Repository - branch v4-6-test updated
Karolin Seeger
kseeger at samba.org
Wed Oct 25 10:50:03 UTC 2017
The branch, v4-6-test has been updated
via f8da4ab vfs_catia: Fix a potential memleak
via bd4d3fb vfs_catia: Fix a memory leak
via ff9c618 krb5_wrap: ADDRTYPE_INET6 is available in all supported MIT versions
via 60f0e49 krb5_wrap: KRB5_ADDRESS_INET6 is not a define in Heimdal
via c7726ee s4/torture: vfs_fruit: test xattr unpacking
via d61101b s4/torture: vfs_fruit: replace AppleDouble data blob with xattr data
via cbddb21 vfs_fruit: on-access conversion of AppleDouble xattr data
via 5fb403f vfs_fruit: static string fruit_catia_maps
via 8e95870 vfs_fruit: pass path to ad_convert
via f42c878 vfs_fruit: unpack AppleDouble xattr header if present
via 8d03598 vfs_fruit: allocate ad_data buffer up to AD_XATTR_MAX_HDR_SIZE bytes
via 1e4051b vfs_fruit: add AppleDouble xattr structure definitions
via e414f60 vfs_fruit: fix ftruncating resource fork
via b866626 vfs_catia: factor out mapping functions
via afecdce ctdb-common: Ignore event scripts with multiple '.'s
via 595f108 s3: VFS: Protect errno if sys_getwd() fails across free() call.
via 42b064a s3: VFS: Ensure sys_getwd() doesn't leak memory on error on really old systems.
via 9209c35 net: groupmap cleanup should not delete BUILTIN mappings
via c9fa0e9 ctdb-common: Do not queue a packet if queue does not have valid fd
via 65af3ee ctdb-tests: Send broadcast to connected nodes, not configured nodes
via 9de6540 ctdb-daemon: Send broadcast to connected nodes, not configured nodes
via eb47cdd lib: gpo: Put enforced GPOs at the end of the list.
via 07c6394 lib: gpo: Fixes issue with GPOPTIONS_BLOCK_INHERITANCE.
via 322add1 lib: gpo: Changes order to match GPO application order.
via 3cd186f s3/smbd: use correct access in get_file_handle_for_metadata
via 096a3f8 s3/smbd: fix access checks in set_ea_dos_attribute()
via 88dfaf1 s3/smbd: README.Coding fixes in set_ea_dos_attribute
via 18122f0 s3: spoolss: Fix GUID string format on GetPrinter info
via a68f0bc s3/mdssvc: missing assignment in sl_pack_float
via f5b02e3 s4/torture: add a test for rename change notification with inotify enabled
via b5b77ba selftest: run smb2.notify-inotify testsuite against fileserver
via d052058 selftest: enable kernel change notifications in the fileserver environment
via 1dd367a messaging: Remove messaging_handler_send
via 389f2b7 notifyd: Remove notifyd_handler_done
via bb6011f notifyd: Use messaging_register for MSG_SMB_NOTIFY_DB
via ab6743d notifyd: Use messaging_register for MSG_SMB_NOTIFY_GET_DB
via e4dd339 notifyd: Use messaging_register for MSG_SMB_NOTIFY_TRIGGER
via 340cde8 notifyd: Use messaging_register for MSG_SMB_NOTIFY_REC_CHANGE
via 0f63069 messaging: make messaging_rec_create public
via 5549320 notifyd: Avoid an if-expression
via 7cf36b2 notifyd: Consolidate two #ifdef CLUSTER into one
via ab91b0d notifyd: Only ask for messaging_ctdb_conn when clustering
via cbb4750 selftest: prevent interpretation of escape sequences in test_give_owner.sh
via 8c79020 selftest: add some debugging to test_give_owner.sh
via f4c3b87 vfs_fake_acls: deny give-ownership
via ec87dad vfs_acl_common: fix take ownership vs give ownership
via 52de163 vfs_acl_common: factor out a variable declaration
via da807fe s3/smbd/posix_acls: return correct status in try_chown
via 839830f selftest: tests for change ownership on a file
via 49e080c selftest: fix samba3.blackbox.inherit_owner.default test script test_inherit_owner.sh
via 3044852 selftest: fix acl_xattr test script test_acl_xattr.sh
via bc55590 selftest: fix acl_xattr test: sn-devel unreliable gid
via 7b72c6f selftest: fix acl_xattr test: group, not user
via f9f9687 selftest: fix acl_xattr test: changing owner
via da10d811 vfs/nfs4_acls: move special handling of SMB_ACE4_SYNCHRONIZE to vfs_zfsacl
via 38c3352 s3/vfs: move ACE4_ADD_FILE/ACE4_DELETE_CHILD mapping from NFSv4 framework to vfs_zfsacl
via bda469e vfs_zfsacl: ensure zfs_get_nt_acl_common() has access to stat info
via 7657bb6 vfs_zfsacl: pass smb_fname to zfs_get_nt_acl_common
from 96a8f4c torture/ioctl: test set_compression(format_none)
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-6-test
- Log -----------------------------------------------------------------
commit f8da4ab0a0a8f1fb35ecd5b69426b3d86ed8c308
Author: Volker Lendecke <vl at samba.org>
Date: Mon Oct 16 17:43:09 2017 +0200
vfs_catia: Fix a potential memleak
Together with the previous commit this fixes a memleak (twice) that
happens when vfs_catia is loaded with no mappings defined.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13090
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Oct 17 18:53:48 CEST 2017 on sn-devel-144
(cherry picked from commit f6d6af3b2d5efcd160c1e5e09778fb1129530be0)
Autobuild-User(v4-6-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-6-test): Wed Oct 25 12:49:20 CEST 2017 on sn-devel-144
commit bd4d3fba7fedc034d8259d62c6467abb01ba4291
Author: Volker Lendecke <vl at samba.org>
Date: Tue Oct 17 11:28:36 2017 +0200
vfs_catia: Fix a memory leak
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13090
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit e77b7aff86ab1cb603f59961f2f5689e4dc770ea)
commit ff9c618289f11bdfea2f6ff71e77a0fa7e66cdba
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Oct 9 12:50:35 2017 +0200
krb5_wrap: ADDRTYPE_INET6 is available in all supported MIT versions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13079
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
(cherry picked from commit 96e471eecce91e6cd9b92d854a3c6ca10e0634f3)
commit 60f0e49349f5e76812cddc8985552786a85002e9
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Oct 9 12:50:35 2017 +0200
krb5_wrap: KRB5_ADDRESS_INET6 is not a define in Heimdal
All supported versions of Heimal already have KRB5_ADDRESS_INET6,
so there's no need for an explicit check.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13079
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Jacke <bjacke at samba.org>
(cherry picked from commit 70146841272bc87c335bd24b736ba2c62efdfe06)
commit c7726ee0f504c89be45da55e9c091ea394ffeb8d
Author: Ralph Boehme <slow at samba.org>
Date: Wed Oct 11 16:04:58 2017 +0200
s4/torture: vfs_fruit: test xattr unpacking
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Oct 13 21:44:02 CEST 2017 on sn-devel-144
(cherry picked from commit 5f52a0fbe8c9f52c6fed206fd5cd47bd0de867a1)
commit d61101b568511620cd41cd0c1f8b20e9997b5a63
Author: Ralph Boehme <slow at samba.org>
Date: Mon Oct 9 16:18:18 2017 +0200
s4/torture: vfs_fruit: replace AppleDouble data blob with xattr data
The osx_adouble_w_xattr datablob is used to test conversion from sidecar
._ file metdata to Samba compatible ._ file.
The previous data blob didn't contain xattr data, the new one does.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit c5b25d40e1ab3906805538abdb8f07a934c629f7)
commit cbddb21c05423936b6e9aa6f58d4eec5b1201865
Author: Ralph Boehme <slow at samba.org>
Date: Wed Oct 11 12:58:59 2017 +0200
vfs_fruit: on-access conversion of AppleDouble xattr data
This finally adds on-access conversion of xattr data stored in sidecar
AppleDouble files.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(backported from commit d7068324407a9a0b94d992b539631246e97c9098)
commit 5fb403f3b26cf830557bde369a720d97795cdffc
Author: Ralph Boehme <slow at samba.org>
Date: Tue Oct 10 19:13:36 2017 +0200
vfs_fruit: static string fruit_catia_maps
In a later commit these will be used somewhere else too.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit ce516a34972f51eda48c1536858d47dc230ea99a)
commit 8e958708c348023d09767cb5432a0c62d4ebdded
Author: Ralph Boehme <slow at samba.org>
Date: Tue Oct 10 16:15:49 2017 +0200
vfs_fruit: pass path to ad_convert
This will be needed in a later commit when converting xattrs in sidecar
AppleDouble files.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 386249eea3a13303744dbab88480e80790138329)
commit f42c87831373cb7b831cfaa498e776146dfb7623
Author: Ralph Boehme <slow at samba.org>
Date: Tue Oct 10 16:06:33 2017 +0200
vfs_fruit: unpack AppleDouble xattr header if present
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit fb137d6070c8cd872a66a4628b0e392cf40c180e)
commit 8d0359810bbb7180499fad750ae56fcfd5b72a79
Author: Ralph Boehme <slow at samba.org>
Date: Tue Oct 10 16:04:29 2017 +0200
vfs_fruit: allocate ad_data buffer up to AD_XATTR_MAX_HDR_SIZE bytes
This is in preperation of reading potential xattr header data from the
AppleDouble file, not just reading a fixed amount of bytes.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(backported from commit ab8d01959b906d0b2873357f836bff72d209ff98)
commit 1e4051b587d0ce1bbc3dca004509e1bca39a2020
Author: Ralph Boehme <slow at samba.org>
Date: Tue Oct 10 16:03:13 2017 +0200
vfs_fruit: add AppleDouble xattr structure definitions
Reference:
https://opensource.apple.com/source/xnu/xnu-4570.1.46/bsd/vfs/vfs_xattr.c
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit b5a664e2580d8823f4f2d3e7e516b576317eb290)
commit e414f60181af04c9eecb7b33875ffcbb3aafbade
Author: Ralph Boehme <slow at samba.org>
Date: Wed Oct 11 18:11:12 2017 +0200
vfs_fruit: fix ftruncating resource fork
fruit_ftruncate_rsrc_adouble() is called to effectively ftruncate() the
._ AppleDouble file to the requested size.
The VFS function SMB_VFS_NEXT_FTRUNCATE() otoh would attempt to truncate
to fsp *stream* in any way the next VFS module seems fit. As we know
we're stacked with a streams module, the module will attempt to truncate
the stream. So we're not truncating the ._ file.
This went unnoticed as the AppleDouble file header contains the
authorative resource fork size that was updated correctly.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(cherry picked from commit 3d7932a33263514785fa3e95e2d5502bc02b4ea4)
commit b86662654a51baa523896aaafb3a9d9cdc6628a9
Author: Ralph Boehme <slow at samba.org>
Date: Wed Oct 11 11:35:15 2017 +0200
vfs_catia: factor out mapping functions
This moves the core mapping functions to a seperate file and makes them
global.
string_replace_init_map() is called to parse a mapping in string and
produce a mapping object that can then be passed to
string_replace_allocate() to do the actual mapping of a string.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13076
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
(backported from commit f8bd63e19c8b1c063dd6f41b405d6864a9b546ff)
commit afecdce66c5e6fe592d7456ec7cf2334982e9bda
Author: Amitay Isaacs <amitay at gmail.com>
Date: Thu Oct 12 14:42:59 2017 +1100
ctdb-common: Ignore event scripts with multiple '.'s
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13070
This avoids running event script copies left by a package manager.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 7720ca0729b127a93d78401aaf1341d79f9603a4)
commit 595f10815491c6d7c5aab7d00c5d2d12e328e09c
Author: Jeremy Allison <jra at samba.org>
Date: Tue Oct 3 10:58:00 2017 -0700
s3: VFS: Protect errno if sys_getwd() fails across free() call.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13069
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 4800ed3595513ce1e2f4edee36c35daafc63a3d5)
commit 42b064ad759789e3ab13a30e42517982ed172de6
Author: Jeremy Allison <jra at samba.org>
Date: Tue Oct 3 10:37:55 2017 -0700
s3: VFS: Ensure sys_getwd() doesn't leak memory on error on really old systems.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13069
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit fb9ce0685e5d46e3d7abf5fac07b4f626339a413)
commit 9209c3566d0bf180e3eea2dfed7c3fb19d577324
Author: Ralph Boehme <slow at samba.org>
Date: Sat Sep 30 08:45:41 2017 +0200
net: groupmap cleanup should not delete BUILTIN mappings
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13065
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Mon Oct 2 15:17:00 CEST 2017 on sn-devel-144
(cherry picked from commit 064e17c0d6934f685c075abe0cf4913fa20d3a94)
commit c9fa0e9615cc58ee102c1192c4c55fa3f952e15d
Author: Amitay Isaacs <amitay at gmail.com>
Date: Fri Sep 29 14:23:24 2017 +1000
ctdb-common: Do not queue a packet if queue does not have valid fd
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13056
The only time a ctdb_queue is created without valid fd is when CTDB
is trying to establish connections with other nodes in the cluster.
All the other uses always create a ctdb_queue with valid fd.
This avoids queueing up packets for dead nodes or nodes that are not
running in the cluster and stops consuming memory.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit ddd97553f0a8bfaada178ec4a7460d76fa21f079)
commit 65af3eeea5758ab7b786b8501d9d9b765ffc49af
Author: Amitay Isaacs <amitay at gmail.com>
Date: Thu Sep 28 11:47:24 2017 +1000
ctdb-tests: Send broadcast to connected nodes, not configured nodes
https://bugzilla.samba.org/show_bug.cgi?id=13056
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit bf11bea5dbb589186a205fa1d81368cc89a6139b)
commit 9de654079cab93d467da5a7b4414b46da0562c60
Author: Amitay Isaacs <amitay at gmail.com>
Date: Thu Sep 28 11:47:00 2017 +1000
ctdb-daemon: Send broadcast to connected nodes, not configured nodes
https://bugzilla.samba.org/show_bug.cgi?id=13056
Database recovery takes care of attaching missing databases on all the nodes.
Signed-off-by: Amitay Isaacs <amitay at gmail.com>
Reviewed-by: Martin Schwenke <martin at meltin.net>
(cherry picked from commit 70d306373e80eafe3a356c60a823a2577001d7d1)
commit eb47cdd8ee3e49763b928386b514862252bb4b2d
Author: Lutz Justen <ljusten at google.com>
Date: Thu Sep 21 10:32:05 2017 -0700
lib: gpo: Put enforced GPOs at the end of the list.
Enforced GPOs should be applied on top of all non-enforced GPOs,
so that they override policies set in non-enforced GPOs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13046
Signed-off-by: Lutz Justen <ljusten at google.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Sat Sep 23 05:25:19 CEST 2017 on sn-devel-144
(cherry picked from commit 5f2576a9af4f3c33121ad2b27a621b5f3bb34374)
commit 07c6394d0289f0071175fcf9b7af0b604df6e06f
Author: Lutz Justen <ljusten at google.com>
Date: Thu Sep 21 10:11:15 2017 -0700
lib: gpo: Fixes issue with GPOPTIONS_BLOCK_INHERITANCE.
GP links with the GPOPTIONS_BLOCK_INHERITANCE option set
were blocking GPOs from the same link (i.e. an OU with
the flag set would block its own GPOs). This patch makes
sure the GPOs from the link are added to the list.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13046
Signed-off-by: Lutz Justen <ljusten at google.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 69410c0a02f7b4d7d20eadf4b4fda8ea064e4a0e)
commit 322add14771f55c3cc7e5d0cc2fb2f56d32dee51
Author: Lutz Justen <ljusten at google.com>
Date: Thu Sep 21 10:01:58 2017 -0700
lib: gpo: Changes order to match GPO application order.
The order of GPOs in a gpo_list generated by ads_get_gpo_list
did not match the order of application. Since GPOs are pushed
to the FRONT of gpo_list, GPOs have to be pushed in the opposite
order of application. (Pushing to front is useful to get
inheritance blocking right).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13046
Signed-off-by: Lutz Justen <ljusten at google.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
(cherry picked from commit 6a531773b841f6b713226d1166a1e7d4dbc9b282)
commit 3cd186fdd263ae0f7c761f6e0e558f0fad44b17e
Author: Ralph Boehme <slow at samba.org>
Date: Tue Aug 29 16:08:06 2017 +0200
s3/smbd: use correct access in get_file_handle_for_metadata
All we want here is FILE_WRITE_ATTRIBUTES, not FILE_WRITE_DATA.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12995
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Oct 17 11:48:09 CEST 2017 on sn-devel-144
(cherry picked from commit a3cc2fedab37134edd401b88087e20881c4ea18f)
commit 096a3f8fdd76fc045e338da96415ba26820e68f1
Author: Ralph Boehme <slow at samba.org>
Date: Tue Aug 29 15:55:19 2017 +0200
s3/smbd: fix access checks in set_ea_dos_attribute()
We wanted to set the DOS attributes and failed with permission denied
from the VFS/kernel/filesystem. Next thing we wanna do here is override
this if either
- "dos filemode = true" is set and the security descriptor gives the
user write access or if
- the stored security descriptor has FILE_WRITE_ATTRIBUTES
The former was working, but the latter was not implemented at all.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12995
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 143d26283dad8422fba557de311c304f0093d647)
commit 88dfaf1e4be5ac66bf3fd82f953d3fd79a0a309f
Author: Ralph Boehme <slow at samba.org>
Date: Thu Oct 12 15:41:01 2017 +0200
s3/smbd: README.Coding fixes in set_ea_dos_attribute
While I'm at it, some README.Coding fixes in set_ea_dos_attribute.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12995
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit fbad64200e0199acb644d83073234b2f6c200fce)
commit 18122f007271f995c5ca2e167105cea6104abc81
Author: Samuel Cabrero <scabrero at suse.de>
Date: Thu Sep 21 09:53:35 2017 +0200
s3: spoolss: Fix GUID string format on GetPrinter info
Fix regression introduced by commit a4157e7c5d75 which removed the braces
around the printer GUID in the printer info level 7 structure.
MS-RPRN section 2.2 says this protocol uses curly-braced GUIDs so printers
are deleted from the directory by the domain controller's pruning service.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12993
Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Oct 6 05:21:25 CEST 2017 on sn-devel-144
(cherry picked from commit fc03049ca1721c25c6ad3d01cba2501af3f39b93)
commit a68f0bcaca652893ad3542d04ac6e8165ca88bff
Author: Ralph Boehme <slow at samba.org>
Date: Sun Aug 27 19:22:38 2017 +0200
s3/mdssvc: missing assignment in sl_pack_float
Spotted by -Werror=maybe-uninitialized:
../source3/rpc_server/mdssvc/marshalling.c: In function ‘sl_pack_float’:
../source3/rpc_server/mdssvc/marshalling.c:171:11: error:
‘ieee_fp_union.w’ may be used uninitialized in this function
[-Werror=maybe-uninitialized]
offset = sl_push_uint64_val(buf, offset, bufsize, ieee_fp_union.w);
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12991
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 7b58c8f54499f01778bcbfc2ad21521ceed2dd57)
commit f5b02e3e63aacb3729c228244c6179a6d278c0d5
Author: Ralph Boehme <slow at samba.org>
Date: Thu Jul 13 16:05:49 2017 +0200
s4/torture: add a test for rename change notification with inotify enabled
This is already fixed in master by
5eccc2fd0072409f166c63e6876266f926411423~10..5eccc2fd0072409f166c63e6876266f926411423.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Aug 26 05:05:08 CEST 2017 on sn-devel-144
(backported from commit 51f40a0e1d10069f55a5884ff1579e8f15f10a1e)
commit b5b77ba33e3ec1eb42488dbd9d838f36b1059686
Author: Ralph Boehme <slow at samba.org>
Date: Thu Jul 13 16:04:50 2017 +0200
selftest: run smb2.notify-inotify testsuite against fileserver
Next commit adds the suite and a test.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 71a68d22a15d12c4038026dd065c54721ddc6723)
commit d052058b59d92793b4ee5feb60e16af4cda4e155
Author: Ralph Boehme <slow at samba.org>
Date: Thu Jul 13 16:01:53 2017 +0200
selftest: enable kernel change notifications in the fileserver environment
This environment is currently not used for any test in the smb2
testsuite, so this change doesn't affect any existing test.
A subsequent commit will add a test for change notifications with kernel
change notify enabled. It verifies a bug (this one) that only crops up
in such a setup and causes rename events to get lost.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(backported from commit fb8e0343ebebac322d545b54c33b3c1e7bcda393)
commit 1dd367ad2ae2c3405509fe4ec344711f514476c5
Author: Volker Lendecke <vl at samba.org>
Date: Sat Jun 24 09:01:46 2017 +0200
messaging: Remove messaging_handler_send
This did not really take off, notifyd was the only user
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jul 7 05:11:48 CEST 2017 on sn-devel-144
(cherry picked from commit 5eccc2fd0072409f166c63e6876266f926411423)
commit 389f2b770b54ad589a0d1c886f494a5aaaa03787
Author: Volker Lendecke <vl at samba.org>
Date: Sat Jun 24 08:57:18 2017 +0200
notifyd: Remove notifyd_handler_done
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 197186a1fcc2c190fac9a16893234c337e6ec01c)
commit bb6011fac798f85f9860055b91e0347608867ac0
Author: Volker Lendecke <vl at samba.org>
Date: Sat Jun 24 08:56:35 2017 +0200
notifyd: Use messaging_register for MSG_SMB_NOTIFY_DB
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 9430fab61cb746e590db307af37219f8f29b7fd8)
commit ab6743d9e82b89d267ec6db4bbde9fccc6c34b07
Author: Volker Lendecke <vl at samba.org>
Date: Sat Jun 24 08:48:45 2017 +0200
notifyd: Use messaging_register for MSG_SMB_NOTIFY_GET_DB
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit dc39bb45624f8d6859dadc3c9a9a85793a5a7d0d)
commit e4dd339ee070fe315d44d4c9db76c53a80cd3785
Author: Volker Lendecke <vl at samba.org>
Date: Sat Jun 24 08:45:17 2017 +0200
notifyd: Use messaging_register for MSG_SMB_NOTIFY_TRIGGER
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit db15feb162326cb03fb06df24bcdafa5d5cb3087)
commit 340cde826e46564a6900feeb29a2b8a2f8d482c8
Author: Volker Lendecke <vl at samba.org>
Date: Sat Jun 24 08:38:53 2017 +0200
notifyd: Use messaging_register for MSG_SMB_NOTIFY_REC_CHANGE
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit b6079af1c41481714ac981fdd19f89ee197b4200)
commit 0f63069d3b393b87c58d75b43c400731b33a73a3
Author: Volker Lendecke <vl at samba.org>
Date: Sat Jun 24 08:38:19 2017 +0200
messaging: make messaging_rec_create public
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 0c1e08b5901e54c70cf72c74837a8ed8cc77f0b8)
commit 5549320e2a18b54b9ae6ebcf6f21558921574945
Author: Volker Lendecke <vl at samba.org>
Date: Wed Jul 5 09:37:14 2017 +0200
notifyd: Avoid an if-expression
Best reviewed with "git show -b -U10"
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit b8dccd11ea3d43b9ee51811c1ce7d81b91a549ca)
commit 7cf36b273d3cde3bb32bb336576af5ca178e2af1
Author: Volker Lendecke <vl at samba.org>
Date: Wed Jul 5 09:34:51 2017 +0200
notifyd: Consolidate two #ifdef CLUSTER into one
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit d0a7bccae9856aba44a057c09499aa0de6b21862)
commit ab91b0da007250b515ccbca7078fb793f2da31e5
Author: Volker Lendecke <vl at samba.org>
Date: Fri Jun 16 15:20:22 2017 +0200
notifyd: Only ask for messaging_ctdb_conn when clustering
Without clustering, messaging_ctdb_conn will fail anyway.
Review with "git show -b".
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12903
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 939576d968d1e0159456baf6dd1e3c454b98995a)
commit cbb47506e22d1bd5c9d855fa5705dee2597d9868
Author: Ralph Boehme <slow at samba.org>
Date: Fri Oct 13 14:32:58 2017 +0200
selftest: prevent interpretation of escape sequences in test_give_owner.sh
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Sat Oct 14 06:02:50 CEST 2017 on sn-devel-144
(cherry picked from commit 7abf0acef48cb585fa8e5666fd4c27692b9c8ae3)
commit 8c7902015947c4b1e678938e6fa953751229ddae
Author: Ralph Boehme <slow at samba.org>
Date: Thu Oct 12 17:07:15 2017 +0200
selftest: add some debugging to test_give_owner.sh
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Oct 13 01:22:05 CEST 2017 on sn-devel-144
(cherry picked from commit 156015aed0b5a72b2f7150beb5cdaffa32b554e5)
commit f4c3b8719f6d604fb46b034c92c77014ddc5f6c8
Author: Ralph Boehme <slow at samba.org>
Date: Fri Oct 6 15:25:54 2017 +0200
vfs_fake_acls: deny give-ownership
Windows doesn't allow giving ownership away unless the user has
SEC_PRIV_RESTORE privilege.
This follows from MS-FSA 2.1.5.1, so it's a property of the filesystem
layer, not the SMB layer. By implementing this restriction here, we can
now have test for this restriction.
Other filesystems may want to deliberately allow this behaviour --
although I'm not aware of any that does -- therefor I'm putting in this
restriction in the implementation of the chmod VFS function and not into
the caller.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 0666093cb0d820cc27a265c1f0a87bc76cd3c167)
commit ec87dadac0a2e9f4dd6de6333afbeb5113c27e13
Author: Ralph Boehme <slow at samba.org>
Date: Wed Oct 4 22:27:24 2017 +0200
vfs_acl_common: fix take ownership vs give ownership
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 7e7afef819b4a858e6de48389c6f4fa7510cf5c6)
commit 52de1638198b76e9d253dbed2e3327049c96344d
Author: Ralph Boehme <slow at samba.org>
Date: Wed Oct 4 12:51:29 2017 +0200
vfs_acl_common: factor out a variable declaration
Just some refactoring, no change in behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit e62f90a6d15626a2e20ba92f5cd552101ec4afe0)
commit da807feee7f83551f85b9b5d74a6337d9d39f891
Author: Ralph Boehme <slow at samba.org>
Date: Wed Oct 4 15:45:54 2017 +0200
s3/smbd/posix_acls: return correct status in try_chown
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit cc555be4d01c4140445bd30e16be3fe8343d3872)
commit 839830ff7bbb4c4d7f8078622fb6c32fb319527a
Author: Ralph Boehme <slow at samba.org>
Date: Fri Oct 6 15:31:20 2017 +0200
selftest: tests for change ownership on a file
This test verifies that SEC_STD_WRITE_OWNER only effectively grants
take-ownership permissions but NOT give-ownership. The latter requires
SeRestorePrivilege privilege.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(backported from commit 4b2e171e6b90f9c3594ebb705a28c66b981c2bf5)
commit 49e080c32e085020c04a47eda3d6537359f5e081
Author: Ralph Boehme <slow at samba.org>
Date: Sat Oct 7 09:11:56 2017 +0200
selftest: fix samba3.blackbox.inherit_owner.default test script test_inherit_owner.sh
Grant the test-user SeRestorePrivilege, this is needed for
give-ownership operations. And then granting SeRestorePrivilege requires
`net`, so add that as an additional argument to the script.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(backported from commit ff199d8e3ea7bd1ed12de8c39340ba640a2b83ca)
commit 3044852f02f48a962844fbb483569568d0431208
Author: Ralph Boehme <slow at samba.org>
Date: Sun Oct 8 11:17:12 2017 +0200
selftest: fix acl_xattr test script test_acl_xattr.sh
The two "nt_affects_chgrp" tests called the wrong function so the
function nt_affects_chgrp() was never run.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 3aff6315097cc9db0216bc18aa793a996930b0f4)
commit bc555905652e1d8079576def238ce6ffabb95951
Author: Ralph Boehme <slow at samba.org>
Date: Sun Oct 8 08:51:05 2017 +0200
selftest: fix acl_xattr test: sn-devel unreliable gid
The "nt_affects_chgrp" kept failing in a full autobuild on sn-devel
because the actual gid of the created file as returned by smbclient -c
getfacl was reliably the unix gid of my account. It should have been the
mapped domusers group for the primary users "Domain Users"
group. Running the test individually or even the full set of
"samba3.blackbox" tests didn't trigger the error.
Looks like an issue with vfs_fake_acls and vfs_xattr_tdb, but I wasn't
able to track it down. As the test only really want to ensure that
smbcacls -G set the gid to the requested value, just remove the check
for the actual initial gid.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit ea0ea829f5af63ab9638e758631c3002cbb6b4ce)
commit 7b72c6f9064b6f610f5c692e899eb55b446f1428
Author: Ralph Boehme <slow at samba.org>
Date: Sun Oct 8 11:13:46 2017 +0200
selftest: fix acl_xattr test: group, not user
In nt_affects_chgrp() check for domadmins *group*, not user. This didn't
trigger an error as nt_affects_chgrp() isn't actually called, see next
commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 71a2d06a1e41a1c412c82e58b3966e14c29c6159)
commit f9f96877e55640dce4a858757abfa8b9dafffc0f
Author: Ralph Boehme <slow at samba.org>
Date: Sun Oct 8 11:12:48 2017 +0200
selftest: fix acl_xattr test: changing owner
Don't give ownership to user "force_user" as user "$USERNAME", this
would fail with NT_STATUS_INVALID_OWNER, instead just take ownership as
user "force_user". Adding a corresponding ACE for "force_user" with FULL
rights ensures this works.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 0f8de2dee5451c9791f96050f85e4f007bec2819)
commit da10d81167a82c7f98796755958f7cebfdde2217
Author: Ralph Boehme <slow at samba.org>
Date: Wed Sep 6 16:28:10 2017 +0200
vfs/nfs4_acls: move special handling of SMB_ACE4_SYNCHRONIZE to vfs_zfsacl
Commit 99a74ff5e6a9f87ad7a650cb44e0f925f834b3a1 added special handling
of SMB_ACE4_SYNCHRONIZE, always setting it in the access_mask when
fabricating an ACL. While at the same time removing it from the
access_mask when setting an ACL, but this is done direclty in
vfs_zfsacl, not it the common code.
Forcing SMB_ACE4_SYNCHRONIZE to be always set is only needed on ZFS, the
other VFS modules using the common NFSv4 infrastructure should not be
made victims of the special ZFS behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=7909
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 4591a91c4aa9e631fb8696ed8f6e53343e773895)
commit 38c33525db560b3ecc07ce6b3f19dc18fa872c7c
Author: Ralph Boehme <slow at samba.org>
Date: Wed Sep 6 16:56:47 2017 +0200
s3/vfs: move ACE4_ADD_FILE/ACE4_DELETE_CHILD mapping from NFSv4 framework to vfs_zfsacl
This was added in e6a5f11865a55e9644292ae92e4a4b5ec0662ccd to adopt the
NFSv4 framework to follow ZFS permission rules. But this is the wrong
place, other filesystems like GPFS do not allow deletion when the user
has SEC_DIR_ADD_FILE.
This patch therefor moves the change from the NFS4 framework into the
ZFS module.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=6133
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Sep 9 04:59:51 CEST 2017 on sn-devel-144
(cherry picked from commit 4102697503691f3b2eadfcb98834bb66c669f3ab)
commit bda469eeb665534fd19653ea4fa61bca93a1d900
Author: Ralph Boehme <slow at samba.org>
Date: Wed Sep 6 16:53:23 2017 +0200
vfs_zfsacl: ensure zfs_get_nt_acl_common() has access to stat info
We'll need this in the next commit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=6133
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit bdc7fc62011cb1744f0246aea358b93e98caef38)
commit 7657bb6a4848a7d3aa2a9bf1b357beace54f0c6c
Author: Ralph Boehme <slow at samba.org>
Date: Wed Sep 6 16:44:12 2017 +0200
vfs_zfsacl: pass smb_fname to zfs_get_nt_acl_common
This is in preperation of moving SMB_ACE4_ADD_FILE /
SMB_ACE4_DELETE_CHILD mapping from the common NFSv4 framework into this
module excusively.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=6133
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit a66572851b6163e56a80463316cc0a6879ffd3e5)
-----------------------------------------------------------------------
Summary of changes:
ctdb/common/ctdb_io.c | 5 +
ctdb/config/events.d/README | 4 +-
ctdb/server/ctdb_eventd.c | 6 +
ctdb/server/ctdb_ltdb_server.c | 5 +-
ctdb/tests/src/cluster_wait.c | 2 +-
lib/krb5_wrap/krb5_samba.c | 4 +-
libgpo/gpo_ldap.c | 221 +++++++-----
selftest/target/Samba3.pm | 2 +
source3/include/messages.h | 13 +-
source3/lib/messages.c | 83 +----
source3/lib/system.c | 11 +-
source3/modules/nfs4_acls.c | 11 -
source3/modules/string_replace.c | 178 ++++++++++
.../passwd_proto.h => modules/string_replace.h} | 26 +-
source3/modules/vfs_acl_common.c | 18 +-
source3/modules/vfs_catia.c | 170 ++-------
source3/modules/vfs_fake_acls.c | 18 +
source3/modules/vfs_fruit.c | 381 +++++++++++++++++++--
source3/modules/vfs_zfsacl.c | 54 ++-
source3/modules/wscript_build | 7 +-
source3/rpc_server/mdssvc/marshalling.c | 2 +
source3/rpc_server/spoolss/srv_spoolss_nt.c | 16 +-
source3/script/tests/test_acl_xattr.sh | 13 +-
source3/script/tests/test_give_owner.sh | 141 ++++++++
source3/script/tests/test_inherit_owner.sh | 17 +-
source3/selftest/tests.py | 11 +-
source3/smbd/dosmode.c | 33 +-
source3/smbd/notifyd/notifyd.c | 244 +++++++------
source3/smbd/posix_acls.c | 2 +-
source3/smbd/server.c | 8 +-
source3/utils/net_groupmap.c | 4 +-
source4/torture/smb2/notify.c | 158 +++++++++
source4/torture/smb2/smb2.c | 1 +
source4/torture/vfs/fruit.c | 171 +++++++--
34 files changed, 1462 insertions(+), 578 deletions(-)
create mode 100644 source3/modules/string_replace.c
copy source3/{utils/passwd_proto.h => modules/string_replace.h} (54%)
create mode 100755 source3/script/tests/test_give_owner.sh
Changeset truncated at 500 lines:
diff --git a/ctdb/common/ctdb_io.c b/ctdb/common/ctdb_io.c
index 152d535..3e732e8 100644
--- a/ctdb/common/ctdb_io.c
+++ b/ctdb/common/ctdb_io.c
@@ -300,6 +300,11 @@ int ctdb_queue_send(struct ctdb_queue *queue, uint8_t *data, uint32_t length)
struct ctdb_queue_pkt *pkt;
uint32_t length2, full_length;
+ /* If the queue does not have valid fd, no point queueing a packet */
+ if (queue->fd == -1) {
+ return 0;
+ }
+
if (queue->alignment) {
/* enforce the length and alignment rules from the tcp packet allocator */
length2 = (length+(queue->alignment-1)) & ~(queue->alignment-1);
diff --git a/ctdb/config/events.d/README b/ctdb/config/events.d/README
index 11da702..69f5904 100644
--- a/ctdb/config/events.d/README
+++ b/ctdb/config/events.d/README
@@ -11,7 +11,9 @@ alphanumeric sort order.
As a special case, any eventscript that ends with a '~' character will be
ignored since this is a common postfix that some editors will append to
-older versions of a file.
+older versions of a file. Similarly, any eventscript with multiple '.'s
+will be ignored as package managers can create copies with additional
+suffix starting with '.' (e.g. .rpmnew, .dpkg-dist).
Only executable event scripts are run by CTDB. Any event script that
does not have execute permission is ignored.
diff --git a/ctdb/server/ctdb_eventd.c b/ctdb/server/ctdb_eventd.c
index 232711c..c9a9bf6 100644
--- a/ctdb/server/ctdb_eventd.c
+++ b/ctdb/server/ctdb_eventd.c
@@ -425,6 +425,12 @@ static int script_filter(const struct dirent *de)
return 0;
}
+ /* Ignore filenames with multiple '.'s */
+ ptr = index(&de->d_name[3], '.');
+ if (ptr != NULL) {
+ return 0;
+ }
+
return 1;
}
diff --git a/ctdb/server/ctdb_ltdb_server.c b/ctdb/server/ctdb_ltdb_server.c
index 8ff9634..22a1ee8 100644
--- a/ctdb/server/ctdb_ltdb_server.c
+++ b/ctdb/server/ctdb_ltdb_server.c
@@ -1208,7 +1208,7 @@ int32_t ctdb_control_db_attach(struct ctdb_context *ctdb, TDB_DATA indata,
lockdown_memory(ctdb->valgrinding);
/* tell all the other nodes about this database */
- ctdb_daemon_send_control(ctdb, CTDB_BROADCAST_ALL, tdb_flags,
+ ctdb_daemon_send_control(ctdb, CTDB_BROADCAST_CONNECTED, tdb_flags,
persistent?CTDB_CONTROL_DB_ATTACH_PERSISTENT:
CTDB_CONTROL_DB_ATTACH,
0, CTDB_CTRL_FLAG_NOREPLY,
@@ -1263,7 +1263,8 @@ int32_t ctdb_control_db_detach(struct ctdb_context *ctdb, TDB_DATA indata,
client = reqid_find(ctdb->idr, client_id, struct ctdb_client);
if (client != NULL) {
/* forward the control to all the nodes */
- ctdb_daemon_send_control(ctdb, CTDB_BROADCAST_ALL, 0,
+ ctdb_daemon_send_control(ctdb,
+ CTDB_BROADCAST_CONNECTED, 0,
CTDB_CONTROL_DB_DETACH, 0,
CTDB_CTRL_FLAG_NOREPLY,
indata, NULL, NULL);
diff --git a/ctdb/tests/src/cluster_wait.c b/ctdb/tests/src/cluster_wait.c
index 1405738..ecd2efd 100644
--- a/ctdb/tests/src/cluster_wait.c
+++ b/ctdb/tests/src/cluster_wait.c
@@ -264,7 +264,7 @@ static void cluster_wait_join_unregistered(struct tevent_req *subreq)
msg.data.data = tdb_null;
subreq = ctdb_client_message_send(state, state->ev, state->client,
- CTDB_BROADCAST_ALL, &msg);
+ CTDB_BROADCAST_CONNECTED, &msg);
if (tevent_req_nomem(subreq, req)) {
return;
}
diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 6a863bd..6b92f59 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -150,7 +150,7 @@ bool smb_krb5_sockaddr_to_kaddr(struct sockaddr_storage *paddr,
krb5_address *pkaddr)
{
memset(pkaddr, '\0', sizeof(krb5_address));
-#if defined(HAVE_IPV6) && defined(KRB5_ADDRESS_INET6)
+#ifdef HAVE_IPV6
if (paddr->ss_family == AF_INET6) {
pkaddr->addr_type = KRB5_ADDRESS_INET6;
pkaddr->address.length = sizeof(((struct sockaddr_in6 *)paddr)->sin6_addr);
@@ -183,7 +183,7 @@ bool smb_krb5_sockaddr_to_kaddr(struct sockaddr_storage *paddr,
krb5_address *pkaddr)
{
memset(pkaddr, '\0', sizeof(krb5_address));
-#if defined(HAVE_IPV6) && defined(ADDRTYPE_INET6)
+#ifdef HAVE_IPV6
if (paddr->ss_family == AF_INET6) {
pkaddr->addrtype = ADDRTYPE_INET6;
pkaddr->length = sizeof(((struct sockaddr_in6 *)paddr)->sin6_addr);
diff --git a/libgpo/gpo_ldap.c b/libgpo/gpo_ldap.c
index 4533d61..fec0005 100644
--- a/libgpo/gpo_ldap.c
+++ b/libgpo/gpo_ldap.c
@@ -554,6 +554,7 @@ ADS_STATUS ads_get_gpo(ADS_STRUCT *ads,
static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
struct GROUP_POLICY_OBJECT **gpo_list,
+ struct GROUP_POLICY_OBJECT **forced_gpo_list,
const char *link_dn,
struct GP_LINK *gp_link,
enum GPO_LINK_TYPE link_type,
@@ -561,11 +562,20 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads,
const struct security_token *token)
{
ADS_STATUS status;
- int i;
-
- for (i = 0; i < gp_link->num_links; i++) {
-
+ uint32_t count;
+
+ /*
+ * Note: DLIST_ADD pushes to the front,
+ * so loop from last to first to get the
+ * order right.
+ */
+ for (count = gp_link->num_links; count > 0; count--) {
+ /* NB. Index into arrays is one less than counter. */
+ uint32_t i = count - 1;
+ struct GROUP_POLICY_OBJECT **target_list = NULL;
struct GROUP_POLICY_OBJECT *new_gpo = NULL;
+ bool is_forced =
+ (gp_link->link_opts[i] & GPO_LINK_OPT_ENFORCED) != 0;
if (gp_link->link_opts[i] & GPO_LINK_OPT_DISABLED) {
DEBUG(10,("skipping disabled GPO\n"));
@@ -574,7 +584,7 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads,
if (only_add_forced_gpos) {
- if (!(gp_link->link_opts[i] & GPO_LINK_OPT_ENFORCED)) {
+ if (!is_forced) {
DEBUG(10,("skipping nonenforced GPO link "
"because GPOPTIONS_BLOCK_INHERITANCE "
"has been set\n"));
@@ -617,7 +627,8 @@ static ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads,
new_gpo->link = link_dn;
new_gpo->link_type = link_type;
- DLIST_ADD(*gpo_list, new_gpo);
+ target_list = is_forced ? forced_gpo_list : gpo_list;
+ DLIST_ADD(*target_list, new_gpo);
DEBUG(10,("add_gplink_to_gplist: added GPLINK #%d %s "
"to GPO list\n", i, gp_link->link_names[i]));
@@ -716,17 +727,28 @@ static ADS_STATUS add_local_policy_to_gpo_list(TALLOC_CTX *mem_ctx,
}
/****************************************************************
- get the full list of GROUP_POLICY_OBJECTs for a given dn
+ Get the full list of GROUP_POLICY_OBJECTs for a given dn.
****************************************************************/
-ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
+static ADS_STATUS ads_get_gpo_list_internal(ADS_STRUCT *ads,
TALLOC_CTX *mem_ctx,
const char *dn,
uint32_t flags,
const struct security_token *token,
- struct GROUP_POLICY_OBJECT **gpo_list)
+ struct GROUP_POLICY_OBJECT **gpo_list,
+ struct GROUP_POLICY_OBJECT **forced_gpo_list)
{
- /* (L)ocal (S)ite (D)omain (O)rganizational(U)nit */
+ /*
+ * Push GPOs to gpo_list so that the traversal order of the list matches
+ * the order of application:
+ * (L)ocal (S)ite (D)omain (O)rganizational(U)nit
+ * For different domains and OUs: parent-to-child.
+ * Within same level of domains and OUs: Link order.
+ * Since GPOs are pushed to the front of gpo_list, GPOs have to be
+ * pushed in the opposite order of application (OUs first, local last,
+ * child-to-parent).
+ * Forced GPOs are appended in the end since they override all others.
+ */
ADS_STATUS status;
struct GP_LINK gp_link;
@@ -734,6 +756,7 @@ ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
bool add_only_forced_gpos = false;
ZERO_STRUCTP(gpo_list);
+ ZERO_STRUCTP(forced_gpo_list);
if (!dn) {
return ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
@@ -745,52 +768,54 @@ ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
DEBUG(10,("ads_get_gpo_list: getting GPO list for [%s]\n", dn));
- /* (L)ocal */
- status = add_local_policy_to_gpo_list(mem_ctx, gpo_list,
- GP_LINK_LOCAL);
- if (!ADS_ERR_OK(status)) {
- return status;
- }
+ tmp_dn = dn;
- /* (S)ite */
+ while ((parent_dn = ads_parent_dn(tmp_dn)) &&
+ (!strequal(parent_dn, ads_parent_dn(ads->config.bind_path)))) {
- /* are site GPOs valid for users as well ??? */
- if (flags & GPO_LIST_FLAG_MACHINE) {
- status = ads_site_dn_for_machine(ads, mem_ctx,
- ads->config.ldap_server_name,
- &site_dn);
- if (!ADS_ERR_OK(status)) {
- return status;
- }
+ /* (O)rganizational(U)nit */
- DEBUG(10,("ads_get_gpo_list: query SITE: [%s] for GPOs\n",
- site_dn));
+ /* An account can be a member of more OUs */
+ if (strncmp(parent_dn, "OU=", strlen("OU=")) == 0) {
- status = ads_get_gpo_link(ads, mem_ctx, site_dn, &gp_link);
- if (ADS_ERR_OK(status)) {
+ DEBUG(10,("ads_get_gpo_list: query OU: [%s] for GPOs\n",
+ parent_dn));
- if (DEBUGLEVEL >= 100) {
- dump_gplink(&gp_link);
- }
+ status = ads_get_gpo_link(ads, mem_ctx, parent_dn,
+ &gp_link);
+ if (ADS_ERR_OK(status)) {
- status = add_gplink_to_gpo_list(ads, mem_ctx, gpo_list,
- site_dn, &gp_link,
- GP_LINK_SITE,
+ if (DEBUGLEVEL >= 100) {
+ dump_gplink(&gp_link);
+ }
+
+ status = add_gplink_to_gpo_list(ads,
+ mem_ctx,
+ gpo_list,
+ forced_gpo_list,
+ parent_dn,
+ &gp_link,
+ GP_LINK_OU,
add_only_forced_gpos,
token);
- if (!ADS_ERR_OK(status)) {
- return status;
- }
+ if (!ADS_ERR_OK(status)) {
+ return status;
+ }
- if (flags & GPO_LIST_FLAG_SITEONLY) {
- return ADS_ERROR(LDAP_SUCCESS);
+ /* block inheritance from now on */
+ if (gp_link.gp_opts &
+ GPOPTIONS_BLOCK_INHERITANCE) {
+ add_only_forced_gpos = true;
+ }
}
-
- /* inheritance can't be blocked at the site level */
}
+
+ tmp_dn = parent_dn;
+
}
+ /* reset dn again */
tmp_dn = dn;
while ((parent_dn = ads_parent_dn(tmp_dn)) &&
@@ -812,15 +837,10 @@ ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
dump_gplink(&gp_link);
}
- /* block inheritance from now on */
- if (gp_link.gp_opts &
- GPOPTIONS_BLOCK_INHERITANCE) {
- add_only_forced_gpos = true;
- }
-
status = add_gplink_to_gpo_list(ads,
mem_ctx,
gpo_list,
+ forced_gpo_list,
parent_dn,
&gp_link,
GP_LINK_DOMAIN,
@@ -829,58 +849,101 @@ ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
if (!ADS_ERR_OK(status)) {
return status;
}
+
+ /* block inheritance from now on */
+ if (gp_link.gp_opts &
+ GPOPTIONS_BLOCK_INHERITANCE) {
+ add_only_forced_gpos = true;
+ }
}
}
tmp_dn = parent_dn;
}
- /* reset dn again */
- tmp_dn = dn;
-
- while ((parent_dn = ads_parent_dn(tmp_dn)) &&
- (!strequal(parent_dn, ads_parent_dn(ads->config.bind_path)))) {
-
-
- /* (O)rganizational(U)nit */
+ /* (S)ite */
- /* An account can be a member of more OUs */
- if (strncmp(parent_dn, "OU=", strlen("OU=")) == 0) {
+ /* are site GPOs valid for users as well ??? */
+ if (flags & GPO_LIST_FLAG_MACHINE) {
- DEBUG(10,("ads_get_gpo_list: query OU: [%s] for GPOs\n",
- parent_dn));
+ status = ads_site_dn_for_machine(ads, mem_ctx,
+ ads->config.ldap_server_name,
+ &site_dn);
+ if (!ADS_ERR_OK(status)) {
+ return status;
+ }
- status = ads_get_gpo_link(ads, mem_ctx, parent_dn,
- &gp_link);
- if (ADS_ERR_OK(status)) {
+ DEBUG(10,("ads_get_gpo_list: query SITE: [%s] for GPOs\n",
+ site_dn));
- if (DEBUGLEVEL >= 100) {
- dump_gplink(&gp_link);
- }
+ status = ads_get_gpo_link(ads, mem_ctx, site_dn, &gp_link);
+ if (ADS_ERR_OK(status)) {
- /* block inheritance from now on */
- if (gp_link.gp_opts &
- GPOPTIONS_BLOCK_INHERITANCE) {
- add_only_forced_gpos = true;
- }
+ if (DEBUGLEVEL >= 100) {
+ dump_gplink(&gp_link);
+ }
- status = add_gplink_to_gpo_list(ads,
+ status = add_gplink_to_gpo_list(ads,
mem_ctx,
gpo_list,
- parent_dn,
+ forced_gpo_list,
+ site_dn,
&gp_link,
- GP_LINK_OU,
+ GP_LINK_SITE,
add_only_forced_gpos,
token);
- if (!ADS_ERR_OK(status)) {
- return status;
- }
+ if (!ADS_ERR_OK(status)) {
+ return status;
+ }
+
+ if (flags & GPO_LIST_FLAG_SITEONLY) {
+ return ADS_ERROR(LDAP_SUCCESS);
}
+
+ /* inheritance can't be blocked at the site level */
}
+ }
- tmp_dn = parent_dn;
+ /* (L)ocal */
+ status = add_local_policy_to_gpo_list(mem_ctx, gpo_list,
+ GP_LINK_LOCAL);
+ if (!ADS_ERR_OK(status)) {
+ return status;
+ }
+
+ return ADS_ERROR(LDAP_SUCCESS);
+}
+
+/****************************************************************
+ Get the full list of GROUP_POLICY_OBJECTs for a given dn, wrapper
+ around ads_get_gpo_list_internal() that ensures correct ordering.
+****************************************************************/
+
+ADS_STATUS ads_get_gpo_list(ADS_STRUCT *ads,
+ TALLOC_CTX *mem_ctx,
+ const char *dn,
+ uint32_t flags,
+ const struct security_token *token,
+ struct GROUP_POLICY_OBJECT **gpo_list)
+{
+ struct GROUP_POLICY_OBJECT *forced_gpo_list = NULL;
+ ADS_STATUS status;
- };
+ status = ads_get_gpo_list_internal(ads,
+ mem_ctx,
+ dn,
+ flags,
+ token,
+ gpo_list,
+ &forced_gpo_list);
+ if (!ADS_ERR_OK(status)) {
+ return status;
+ }
+ /*
+ * Append |forced_gpo_list| at the end of |gpo_list|,
+ * so that forced GPOs are applied on top of non enforced GPOs.
+ */
+ DLIST_CONCATENATE(*gpo_list, forced_gpo_list);
return ADS_ERROR(LDAP_SUCCESS);
}
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index b3bcc8a..66ac1e1 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -781,6 +781,8 @@ sub setup_fileserver($$)
push(@dirs,$tarmode_sharedir);
my $fileserver_options = "
+ kernel change notify = yes
+
[lowercase]
path = $lower_case_share_dir
comment = smb username is [%U]
diff --git a/source3/include/messages.h b/source3/include/messages.h
index ea89383..0d98d21 100644
--- a/source3/include/messages.h
+++ b/source3/include/messages.h
@@ -141,18 +141,15 @@ struct tevent_req *messaging_read_send(TALLOC_CTX *mem_ctx,
int messaging_read_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
struct messaging_rec **presult);
-struct tevent_req *messaging_handler_send(
- TALLOC_CTX *mem_ctx, struct tevent_context *ev,
- struct messaging_context *msg_ctx, uint32_t msg_type,
- bool (*handler)(struct messaging_context *msg_ctx,
- struct messaging_rec **rec, void *private_data),
- void *private_data);
-int messaging_handler_recv(struct tevent_req *req);
-
int messaging_cleanup(struct messaging_context *msg_ctx, pid_t pid);
bool messaging_parent_dgm_cleanup_init(struct messaging_context *msg);
+struct messaging_rec *messaging_rec_create(
+ TALLOC_CTX *mem_ctx, struct server_id src, struct server_id dst,
+ uint32_t msg_type, const struct iovec *iov, int iovlen,
+ const int *fds, size_t num_fds);
+
#include "librpc/gen_ndr/ndr_messaging.h"
#endif
diff --git a/source3/lib/messages.c b/source3/lib/messages.c
index 69dfbf3..c70fb81 100644
--- a/source3/lib/messages.c
+++ b/source3/lib/messages.c
@@ -108,7 +108,7 @@ static void ping_message(struct messaging_context *msg_ctx,
messaging_send(msg_ctx, src, MSG_PONG, data);
}
-static struct messaging_rec *messaging_rec_create(
+struct messaging_rec *messaging_rec_create(
TALLOC_CTX *mem_ctx, struct server_id src, struct server_id dst,
uint32_t msg_type, const struct iovec *iov, int iovlen,
const int *fds, size_t num_fds)
@@ -904,87 +904,6 @@ int messaging_read_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx,
return 0;
}
-struct messaging_handler_state {
- struct tevent_context *ev;
--
Samba Shared Repository
More information about the samba-cvs
mailing list