[SCM] Samba Shared Repository - branch v4-7-stable updated
Karolin Seeger
kseeger at samba.org
Sun Sep 17 19:22:14 UTC 2017
The branch, v4-7-stable has been updated
via 33244e5 VERSION: Disable GIT_SNAPSHOT for the 4.7.0rc6 release.
via abb58c4 WHATSNEW: Prepare release notes for Samba 4.7.0rc6.
via d02af0b util_runcmd: Free the fde in event handler.
via 21624ed lib/util: only close the event_fd in tfork if the caller didn't call tfork_event_fd()
via 392d300 util/tfork: Write to the status pipe
via a401725 tests util/tfork: Tests for status and event fd
via 9e8688a ctdb-client: Initialize ctdb_ltdb_header completely for empty record
via aea5af0 ctdb-daemon: Free up record data if a call request is deferred
via 74bbce0 s3: vfs: catia: compression get/set must act only on base file, and must cope with fsp==NULL.
via d955230 s3: VFS: streams_xattr: Compression is only set/get on base filenames.
via 8d52dd3 vfs_streams_xattr: Fix segfault when running with log level 10
via 5c36e9a schema: Rework dsdb_schema_set_indices_and_attributes() db operations
via db16b55 Install dcerpc/__init__.py for all Python environments
via 11048d4 charset: fix str[n]casecmp_m() by comparing lower case values
via 1630838 charset/tests: also tests the system str[n]casecmp()
via c6a4931 charset/tests: add more str[n]casecmp_m() tests to demonstrate the bug
via 7e47230 charset/tests: assert the exact values of str[n]casecmp_m()
via adfca55 WHATSNEW: Prepare changes since 4.7.0rc5.
via 81f31fd libcli: SMB2: NetApps negotiate SMB3_11 but also set the SMB2_CAP_ENCRYPTION flag.
via 668cc39 python: Allow debug classes to be specified on the command line for python tools
via c7f3f20 librpc/dceprc_util.c: Move debug message to DBG_DEBUG()
via 2f2edad libcli/security: Move debug message to DBG_DEBUG()
via f6cadd5 dsdb: Add missing
to debug
via 66de4c1 drs repl: Only print raw DRS replication traffic at level 9
via 5977227 debug: Add new debug class "drs_repl" for DRS replication processing
via 8fbaf15 repl_meta_data: Re-work printing of replicated entries
via 2ea6beb linked_attributes: Use ldb_ldif_message_redacted_string() for consistency
via 11568c8 repl_meta_data: Use ldb_ldif_message_redacted_string() to avoid printing secrets in logs
via dab3dea ldb: version 1.2.2
via 256f485 ldb: Add new ldb_ldif_message_redacted_string() with tests
via 0806c9c ldb_tdb: Refuse to re-index very old database with no DN in the record
via 8f603e7 ldb_tdb: Use braces in ltdb_dn_list_find_val()
via 504d3df ldb_tdb: Check for talloc_strdup() failure in ltdb_index_add1()
via 285efde ldb_tdb: Check for errors during tdb operations in ltdb_reindex()
via 5311eb4 ldb_tdb: Use memcmp rather than strncmp() in ltdb_key_is_record(), re_key() and re_index()
via 0c87159 ldb_tdb: Create a common ltdb_key_is_record() allowing multiple key forms
via e703680 ldb_tdb: Do not trigger the unique index check during a re-index, use another pass
via 7db6c56 ldb_tdb: Use memcmp() to compare TDB keys in re_index()
via 1a2d909 ldb: Add tests for indexed and unindexed search expressions
via e517bc4 ldb: Fix tests to call the parent tearDown(), not setUp in tearDown
via b6fd54b ldb_tdb: Rework ltdb_modify_internal() to use ltdb_search_dn1() internally
via 98a803f ldb: Add LDB_UNPACK_DATA_FLAG_NO_ATTRS
via eabed4d ctdb-daemon: GET_DB_SEQNUM should read database conditionally
via 8c22449 ctdb-daemon: Add a function to check if db access is allowed
via a472eb9 ctdb-tests: Fix ctdb test binary name in path testing
via 17410dc ctdb-tests: Wait up to 30 seconds for process to be registered in ctdbd
via c4599cc ctdb-tests: Fix ctdb process-exist tests
via 104f9ca ctdb-tests: Add a dummy ctdb client for testing
via 551a778 ctdb-tests: Fix the implementation of process-exists in fake daemon
via 3afa1b4 ctdb-daemon: Fix implementation of process_exists control
via 024c1b7 s3/smbd: sticky write time offset miscalculation causes broken timestamps
via 4e64d1f WHATSNEW: Unify usage of "''".
via 9651f4a WHATSNEW: Add Using x86_64 Accelerated AES Crypto Instructions section.
via a1aa3f4 lib: crypto: Add the ability to select Intel AESNI instruction set at configure time.
via 9d193a9 lib: crypto: Plumb in the Intel AES instructions.
via 8e2afc8 lib: crypt: Prepare the existing code to switch to Intel AES hardware instructions.
via ed459e2 third_party: Add build capability to aesni-intel.
via add95df third_party: Add the Intel Add support for AES-NI acceleration.
via 36aa4af messaging: Avoid a socket leak after fork
via f08b212 pthreadpool: Test fork with an active thread
via efcd9ee pthreadpool: Fix fork behaviour
via 4cc6517 WHATSNEW: We generate SHA265 certificates now
via 2ab073a WHATSNEW: warn against using the RODC on older Samba versions
via 4dfa810 WHATSNEW: explain that we may use much more RAM and SWAP with multi-process LDAP
via d6a9f6b WHATSNEW: fix spelling
via eb299c6 s4-drsuapi: Avoid segfault when replicating as a non-admin with GUID_DRS_GET_CHANGES
via 7364965 tests/fake_snap: sanitize paths
via 8619bd1 VERSION: Bump version up to 4.7.0rc6...
from 7d8e33c VERSION: Disable GIT_SNAPSHOTS for the 4.7.0rc5 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-7-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 103 +-
ctdb/client/client_db.c | 6 +-
ctdb/include/ctdb_private.h | 1 +
ctdb/server/ctdb_daemon.c | 17 +-
ctdb/server/ctdb_freeze.c | 18 +
ctdb/server/ctdb_persistent.c | 5 +
ctdb/tests/scripts/test_wrap | 2 +-
ctdb/tests/simple/07_ctdb_process_exists.sh | 34 +-
ctdb/tests/src/dummy_client.c | 148 ++
ctdb/tests/src/fake_ctdbd.c | 81 +-
ctdb/tests/tool/ctdb.process-exists.001.sh | 12 +-
ctdb/wscript | 3 +-
lib/crypto/aes.c | 220 +-
lib/crypto/aes.h | 11 +-
lib/crypto/aesni.h | 66 +
lib/crypto/wscript | 6 +
lib/crypto/wscript_build | 3 +
lib/crypto/wscript_configure | 13 +
lib/ldb/ABI/{ldb-1.2.1.sigs => ldb-1.2.2.sigs} | 1 +
...yldb-util-1.1.10.sigs => pyldb-util-1.2.2.sigs} | 0
...-util-1.1.10.sigs => pyldb-util.py3-1.2.2.sigs} | 0
lib/ldb/common/ldb_ldif.c | 21 +
lib/ldb/common/ldb_pack.c | 5 +
lib/ldb/include/ldb.h | 40 +-
lib/ldb/include/ldb_module.h | 5 +
lib/ldb/ldb_tdb/ldb_index.c | 193 +-
lib/ldb/ldb_tdb/ldb_search.c | 3 +-
lib/ldb/ldb_tdb/ldb_tdb.c | 69 +-
lib/ldb/ldb_tdb/ldb_tdb.h | 5 +
lib/ldb/tests/ldb_mod_op_test.c | 91 +
lib/ldb/tests/python/api.py | 303 ++-
lib/ldb/wscript | 2 +-
lib/pthreadpool/pthreadpool.c | 67 +-
lib/pthreadpool/tests.c | 114 +
lib/util/charset/tests/charset.c | 75 +-
lib/util/charset/util_str.c | 32 +-
lib/util/debug.c | 1 +
lib/util/debug.h | 1 +
lib/util/tests/tfork.c | 251 ++
lib/util/tfork.c | 27 +-
lib/util/tfork.h | 7 +-
lib/util/util_runcmd.c | 1 +
libcli/security/create_descriptor.c | 2 +-
libcli/smb/smbXcli_base.c | 15 +-
librpc/rpc/dcerpc_util.c | 4 +-
python/samba/drs_utils.py | 2 +-
python/samba/getopt.py | 6 +-
python/samba/join.py | 4 +-
python/samba/netcmd/rodc.py | 6 +-
source3/lib/messages_dgm.c | 3 +-
source3/modules/vfs_catia.c | 44 +-
source3/modules/vfs_streams_xattr.c | 41 +-
source3/script/tests/fake_snap.pl | 19 +-
source3/smbd/smb2_query_directory.c | 3 +-
source4/dsdb/common/util.c | 2 +-
source4/dsdb/repl/drepl_extended.c | 3 +
source4/dsdb/repl/drepl_fsmo.c | 3 +
source4/dsdb/repl/drepl_notify.c | 3 +
source4/dsdb/repl/drepl_out_helpers.c | 3 +
source4/dsdb/repl/drepl_out_pull.c | 3 +
source4/dsdb/repl/drepl_partitions.c | 3 +
source4/dsdb/repl/drepl_periodic.c | 3 +
source4/dsdb/repl/drepl_replica.c | 3 +
source4/dsdb/repl/drepl_ridalloc.c | 3 +
source4/dsdb/repl/drepl_secret.c | 3 +
source4/dsdb/repl/drepl_service.c | 3 +
source4/dsdb/repl/replicated_objects.c | 3 +
source4/dsdb/samdb/ldb_modules/linked_attributes.c | 8 +-
source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 60 +-
source4/dsdb/schema/schema_set.c | 17 +-
source4/libnet/libnet_vampire.c | 3 +
source4/librpc/wscript_build | 11 +-
source4/rpc_server/drsuapi/addentry.c | 3 +
source4/rpc_server/drsuapi/dcesrv_drsuapi.c | 3 +
source4/rpc_server/drsuapi/drsutil.c | 3 +
source4/rpc_server/drsuapi/getncchanges.c | 5 +-
source4/rpc_server/drsuapi/updaterefs.c | 3 +
source4/rpc_server/drsuapi/writespn.c | 3 +
source4/selftest/tests.py | 5 +
source4/torture/drs/python/getnc_unpriv.py | 116 +
third_party/aesni-intel/aesni-intel_asm.c | 2812 ++++++++++++++++++++
third_party/aesni-intel/inst-intel.h | 306 +++
third_party/aesni-intel/wscript | 23 +
third_party/wscript | 2 +
wscript | 1 +
86 files changed, 5385 insertions(+), 251 deletions(-)
create mode 100644 ctdb/tests/src/dummy_client.c
create mode 100644 lib/crypto/aesni.h
create mode 100644 lib/crypto/wscript
copy lib/ldb/ABI/{ldb-1.2.1.sigs => ldb-1.2.2.sigs} (99%)
copy lib/ldb/ABI/{pyldb-util-1.1.10.sigs => pyldb-util-1.2.2.sigs} (100%)
copy lib/ldb/ABI/{pyldb-util-1.1.10.sigs => pyldb-util.py3-1.2.2.sigs} (100%)
create mode 100644 source4/torture/drs/python/getnc_unpriv.py
create mode 100644 third_party/aesni-intel/aesni-intel_asm.c
create mode 100644 third_party/aesni-intel/inst-intel.h
create mode 100644 third_party/aesni-intel/wscript
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 72ddcea..63c185e 100644
--- a/VERSION
+++ b/VERSION
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=
# e.g. SAMBA_VERSION_RC_RELEASE=1 #
# -> "3.0.0rc1" #
########################################################
-SAMBA_VERSION_RC_RELEASE=5
+SAMBA_VERSION_RC_RELEASE=6
########################################################
# To mark SVN snapshots this should be set to 'yes' #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index c58c297..4da5ae3 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,7 +1,7 @@
Release Announcements
=====================
-This is the fifth release candidate of Samba 4.7. This is *not*
+This is the sixth release candidate of Samba 4.7. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
@@ -22,7 +22,7 @@ consistently. In interactive sessions the following banner is now presented
to the user: 'Try "help" do get a list of possible commands.'.
The default for "client max protocol" has changed to "SMB3_11",
-which means that smbclient (and related commands) will work against
+which means that 'smbclient' (and related commands) will work against
servers without SMB1 support.
It's possible to use the '-m/--max-protocol' option to overwrite
@@ -32,7 +32,7 @@ Note that the '-e/--encrypt' option also works with most SMB3 servers
(e.g. Windows >= 2012 and Samba >= 4.0.0), so the SMB1 unix extensions
are not required for encryption.
-The change to SMB3_11 as default also means smbclient no longer
+The change to SMB3_11 as default also means 'smbclient' no longer
negotiates SMB1 unix extensions by default, when talking to a Samba server with
"unix extensions = yes". As a result, some commands are not available, e.g.
'posix_encrypt', 'posix_open', 'posix_mkdir', 'posix_rmdir', 'posix_unlink',
@@ -42,7 +42,7 @@ server supports SMB1.
Note the default ("CORE") for "client min protocol" hasn't changed,
so it's still possible to connect to SMB1-only servers by default.
-'smbclient' learned a new command "deltree" that is able to do
+'smbclient' learned a new command 'deltree' that is able to do
a recursive deletion of a directory tree.
@@ -53,7 +53,7 @@ Whole DB read locks: Improved LDAP and replication consistency
--------------------------------------------------------------
Prior to Samba 4.7 and ldb 1.2.0, the LDB database layer used by Samba
-erronously did not take whole-DB read locks to protect search
+erroneously did not take whole-DB read locks to protect search
and DRS replication operations.
While each object returned remained subject to a record-level lock (so
@@ -150,7 +150,8 @@ the rest of the 'samba' process, rather than being forced into a single
process. This aids in Samba's ability to scale to larger numbers of AD
clients and the AD DC's overall resiliency, but will mean that there is a
fork()ed child for every LDAP client, which may be more resource
-intensive in some situations.
+intensive in some situations. If you run Samba in a
+resource-constrained VM, consider allocating more RAM and swap space.
Improved Read-Only Domain Controller (RODC) Support
---------------------------------------------------
@@ -172,6 +173,14 @@ The reliability of RODCs locating a writable partner still requires some
improvements and so the 'password server' configuration option is generally
recommended on the RODC.
+Samba 4.7 is the first Samba release to be secure as an RODC or when
+hosting an RODC. If you have been using earlier Samba versions to
+host or be an RODC, please upgrade.
+
+In particular see https://bugzilla.samba.org/show_bug.cgi?id=12977 for
+details on the security implications for password disclosure to an
+RODC using earlier versions.
+
Additional password hashes stored in supplementalCredentials
------------------------------------------------------------
@@ -247,6 +256,15 @@ the talloc_autofree_context() (which is inherently thread-unsafe)
and still be valgrind-clean on exit. Modules that don't need to
free long-lived data on exit should use the NULL talloc context.
+SHA256 LDAPS Certificates
+-------------------------
+
+The self-signed certificate generated for use on LDAPS will now be
+generated with a SHA256 self-signature, not a SHA1 self-signature.
+
+Replacing this certificate with a certificate signed by a trusted
+CA is still highly recommended.
+
CTDB changes
------------
@@ -291,6 +309,25 @@ CTDB changes
uses. The data in replicated databases is valid for the lifetime of
CTDB and cleared on first attach.
+Using x86_64 Accelerated AES Crypto Instructions
+------------------------------------------------
+
+Samba on x86_64 can now be configured to use the Intel accelerated AES
+instruction set, which has the potential to make SMB3 signing and
+encryption much faster on client and server. To enable this, configure
+Samba using the new option --accel-aes=intelaesni.
+
+This is a temporary solution that is being included to allow users
+to enjoy the benefits of Intel accelerated AES on the x86_64 platform,
+but the longer-term solution will be to move Samba to a fully supported
+external crypto library.
+
+The third_party/aesni-intel code will be removed from Samba as soon as
+external crypto library performance reaches parity.
+
+The default is to build without setting --accel-aes, which uses the
+existing Samba software AES implementation.
+
Parameter changes
-----------------
@@ -306,7 +343,6 @@ the previous behaviour. Two new values have been provided,
and 'disabled', totally disabling NTLM authentication and password
changes.
-
smb.conf changes
================
@@ -331,7 +367,58 @@ smb.conf changes
KNOWN ISSUES
============
-https://wiki.samba.org/index.php/Release_Planning_for_Samba_4.7#Release_blocking_bugs
+https://wiki.samba.org/inFdex.php/Release_Planning_for_Samba_4.7#Release_blocking_bugs
+
+
+CHANGES SINCE 4.7.0rc5
+======================
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 13003: s3: vfs: catia: compression get/set must act only on base file, and
+ must cope with fsp==NULL.
+ * BUG 13008: lib: crypto: Make smbd use the Intel AES instruction set for signing
+ and encryption.
+
+o Andrew Bartlett <abartlet at samba.org>
+ * BUG 12946: s4-drsuapi: Avoid segfault when replicating as a non-admin with
+ GUID_DRS_GET_CHANGES.
+ * BUG 13015: Allow re-index of newer databases with binary GUID TDB keys
+ (this officially removes support for re-index of the original pack format 0,
+ rather than simply segfaulting).
+ * BUG 13017: Add ldb_ldif_message_redacted_string() to allow debug of redacted
+ log messages, avoiding showing secret values.
+ * BUG 13023: ldb: version 1.2.2.
+ * BUG 13025: schema: Rework dsdb_schema_set_indices_and_attributes() db
+ operations.
+
+o Alexander Bokovoy <ab at samba.org>
+ * BUG 13030: Install dcerpc/__init__.py for all Python environments.
+
+o Ralph Boehme <slow at samba.org>
+ * BUG 13024: s3/smbd: Sticky write time offset miscalculation causes broken
+ timestamps
+ * BUG 13037: lib/util: Only close the event_fd in tfork if the caller didn't
+ call tfork_event_fd().
+
+o Volker Lendecke <vl at samba.org>
+ * BUG 13006: messaging: Avoid a socket leak after fork.
+
+o Stefan Metzmacher <metze at samba.org>
+ * BUG 13018: charset: Fix str[n]casecmp_m() by comparing lower case values.
+
+o Gary Lockyer <gary at catalyst.net.nz>
+ * BUG 13037: util_runcmd: Free the fde in event handler.
+
+o Amitay Isaacs <amitay at gmail.com>
+ * BUG 13012: ctdb-daemon: Fix implementation of process_exists control.
+ * BUG 13021: GET_DB_SEQNUM control can cause ctdb to deadlock when databases
+ are frozen.
+ * BUG 13029: ctdb-daemon: Free up record data if a call request is deferred.
+ * BUG 13036: ctdb-client: Initialize ctdb_ltdb_header completely for empty
+ record.
+
+o Christof Schmitt <cs at samba.org>
+ * BUG 13032: vfs_streams_xattr: Fix segfault when running with log level 10.
CHANGES SINCE 4.7.0rc4
diff --git a/ctdb/client/client_db.c b/ctdb/client/client_db.c
index 05645f5..2378067 100644
--- a/ctdb/client/client_db.c
+++ b/ctdb/client/client_db.c
@@ -1114,9 +1114,9 @@ int ctdb_ltdb_fetch(struct ctdb_db_context *db, TDB_DATA key,
return EIO;
}
- header->rsn = 0;
- header->dmaster = CTDB_UNKNOWN_PNN;
- header->flags = 0;
+ *header = (struct ctdb_ltdb_header) {
+ .dmaster = CTDB_UNKNOWN_PNN,
+ };
if (data != NULL) {
*data = tdb_null;
diff --git a/ctdb/include/ctdb_private.h b/ctdb/include/ctdb_private.h
index 067777a..043149e 100644
--- a/ctdb/include/ctdb_private.h
+++ b/ctdb/include/ctdb_private.h
@@ -629,6 +629,7 @@ int32_t ctdb_control_wipe_database(struct ctdb_context *ctdb, TDB_DATA indata);
bool ctdb_db_frozen(struct ctdb_db_context *ctdb_db);
bool ctdb_db_all_frozen(struct ctdb_context *ctdb);
+bool ctdb_db_allow_access(struct ctdb_db_context *ctdb_db);
/* from server/ctdb_keepalive.c */
diff --git a/ctdb/server/ctdb_daemon.c b/ctdb/server/ctdb_daemon.c
index b5cee61..90f0e54 100644
--- a/ctdb/server/ctdb_daemon.c
+++ b/ctdb/server/ctdb_daemon.c
@@ -676,6 +676,7 @@ static void daemon_request_call_from_client(struct ctdb_client *client,
DEBUG(DEBUG_ERR,(__location__ " ctdb_ltdb_unlock() failed with error %d\n", ret));
}
CTDB_DECREMENT_STAT(ctdb, pending_calls);
+ talloc_free(data.dptr);
return;
}
}
@@ -1796,12 +1797,16 @@ int32_t ctdb_control_process_exists(struct ctdb_context *ctdb, pid_t pid)
{
struct ctdb_client *client;
- if (ctdb->nodes[ctdb->pnn]->flags & (NODE_FLAGS_BANNED|NODE_FLAGS_STOPPED)) {
- client = ctdb_find_client_by_pid(ctdb, pid);
- if (client != NULL) {
- DEBUG(DEBUG_NOTICE,(__location__ " Killing client with pid:%d on banned/stopped node\n", (int)pid));
- talloc_free(client);
- }
+ client = ctdb_find_client_by_pid(ctdb, pid);
+ if (client == NULL) {
+ return -1;
+ }
+
+ if (ctdb->nodes[ctdb->pnn]->flags & NODE_FLAGS_INACTIVE) {
+ DEBUG(DEBUG_NOTICE,
+ ("Killing client with pid:%d on banned/stopped node\n",
+ (int)pid));
+ talloc_free(client);
return -1;
}
diff --git a/ctdb/server/ctdb_freeze.c b/ctdb/server/ctdb_freeze.c
index d92f707..c41fc7d 100644
--- a/ctdb/server/ctdb_freeze.c
+++ b/ctdb/server/ctdb_freeze.c
@@ -874,3 +874,21 @@ bool ctdb_db_all_frozen(struct ctdb_context *ctdb)
}
return true;
}
+
+bool ctdb_db_allow_access(struct ctdb_db_context *ctdb_db)
+{
+ if (ctdb_db->freeze_mode == CTDB_FREEZE_NONE) {
+ /* If database is not frozen, then allow access. */
+ return true;
+ } else if (ctdb_db->freeze_transaction_started) {
+ /* If database is frozen, allow access only if the
+ * transaction is started. This is required during
+ * recovery.
+ *
+ * If a node is inactive, then transaction is not started.
+ */
+ return true;
+ }
+
+ return false;
+}
diff --git a/ctdb/server/ctdb_persistent.c b/ctdb/server/ctdb_persistent.c
index 1811ae8..fc28655 100644
--- a/ctdb/server/ctdb_persistent.c
+++ b/ctdb/server/ctdb_persistent.c
@@ -344,6 +344,11 @@ static int32_t ctdb_get_db_seqnum(struct ctdb_context *ctdb,
goto done;
}
+ if (! ctdb_db_allow_access(ctdb_db)) {
+ ret = -1;
+ goto done;
+ }
+
key.dptr = (uint8_t *)discard_const(keyname);
key.dsize = strlen(keyname) + 1;
diff --git a/ctdb/tests/scripts/test_wrap b/ctdb/tests/scripts/test_wrap
index 176310e..3db3180 100755
--- a/ctdb/tests/scripts/test_wrap
+++ b/ctdb/tests/scripts/test_wrap
@@ -10,7 +10,7 @@ TEST_SCRIPTS_DIR=$(dirname $0)
# We need the test binaries (i.e. tests/bin/) to be in $PATH. If they
# aren't already in $PATH then we know that tests/bin/ sits alongside
# tests/scripts/.
-f="ctdb_bench"
+f="fetch_ring"
if [ ! $(which $f >/dev/null 2>&1) ] ; then
d=$(dirname "$TEST_SCRIPTS_DIR")/bin
[ -x "$d/$f" ] && PATH="$d:$PATH"
diff --git a/ctdb/tests/simple/07_ctdb_process_exists.sh b/ctdb/tests/simple/07_ctdb_process_exists.sh
index b7492a8..f24e93a 100755
--- a/ctdb/tests/simple/07_ctdb_process_exists.sh
+++ b/ctdb/tests/simple/07_ctdb_process_exists.sh
@@ -15,11 +15,10 @@ Prerequisites:
Steps:
1. Verify that the status on all of the ctdb nodes is 'OK'.
-2. On one of the cluster nodes, get the PID of an existing process
- (using ps wax).
+2. On one of the cluster nodes, get the PID of a ctdb client.
3. Run 'ctdb process-exists <pid>' on the node and verify that the
correct output is shown.
-4. Run 'ctdb process-exists <pid>' with a pid of a non-existent
+4. Run 'ctdb process-exists <pid>' with a pid of ctdb daemon
process and verify that the correct output is shown.
Expected results:
@@ -38,15 +37,25 @@ cluster_is_healthy
test_node=1
-# Create a background process on $test_node that will last for 60 seconds.
+# Execute a ctdb client on $test_node that will last for 60 seconds.
# It should still be there when we check.
-try_command_on_node $test_node 'sleep 60 >/dev/null 2>&1 & echo $!'
-pid="$out"
+try_command_on_node -v $test_node \
+ "$CTDB_TEST_WRAPPER exec dummy_client >/dev/null 2>&1 & echo \$!"
+client_pid="$out"
-echo "Checking for PID $pid on node $test_node"
-# set -e is good, but avoid it here
+cleanup ()
+{
+ if [ -n "$client_pid" ] ; then
+ onnode $test_node kill -9 "$client_pid"
+ fi
+}
+
+ctdb_test_exit_hook_add cleanup
+
+echo "Waiting until PID $client_pid is registered on node $test_node"
status=0
-try_command_on_node $test_node "$CTDB process-exists ${pid}" || status=$?
+wait_until 30 try_command_on_node $test_node \
+ "$CTDB process-exists ${client_pid}" || status=$?
echo "$out"
if [ $status -eq 0 ] ; then
@@ -56,10 +65,9 @@ else
testfailures=1
fi
-# Now just echo the PID of the shell from the onnode process on node
-# 2. This PID will disappear and PIDs shouldn't roll around fast
-# enough to trick the test... but there is a chance that will happen!
-try_command_on_node $test_node 'echo $$'
+# Now just echo the PID of the ctdb daemon on test node.
+# This is not a ctdb client and process-exists should return error.
+try_command_on_node $test_node "ctdb getpid"
pid="$out"
echo "Checking for PID $pid on node $test_node"
diff --git a/ctdb/tests/src/dummy_client.c b/ctdb/tests/src/dummy_client.c
new file mode 100644
index 0000000..6af41f3
--- /dev/null
+++ b/ctdb/tests/src/dummy_client.c
@@ -0,0 +1,148 @@
+/*
+ Dummy CTDB client for testing
+
+ Copyright (C) Amitay Isaacs 2017
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "replace.h"
+#include "system/network.h"
+
+#include <popt.h>
+#include <talloc.h>
+#include <tevent.h>
+
+#include "common/logging.h"
+
+#include "client/client.h"
+
+static struct {
+ const char *sockpath;
+ const char *debuglevel;
+ int timelimit;
+ const char *srvidstr;
+} options;
+
+static struct poptOption cmdline_options[] = {
+ POPT_AUTOHELP
+ { "socket", 's', POPT_ARG_STRING, &options.sockpath, 0,
+ "Unix domain socket path", "filename" },
+ { "debug", 'd', POPT_ARG_STRING, &options.debuglevel, 0,
+ "debug level", "ERR|WARNING|NOTICE|INFO|DEBUG" } ,
+ { "timelimit", 't', POPT_ARG_INT, &options.timelimit, 0,
+ "time limit", "seconds" },
+ { "srvid", 'S', POPT_ARG_STRING, &options.srvidstr, 0,
+ "srvid to register", "srvid" },
+ POPT_TABLEEND
+};
+
+static void dummy_handler(uint64_t srvid, TDB_DATA data, void *private_data)
+{
+ bool *done = (bool *)private_data;
+
+ *done = true;
+}
+
+int main(int argc, const char *argv[])
+{
+ TALLOC_CTX *mem_ctx;
+ struct tevent_context *ev;
+ struct ctdb_client_context *client;
+ const char *ctdb_socket;
+ poptContext pc;
+ int opt, ret;
+ int log_level;
+ bool status, done;
+
+ /* Set default options */
+ options.sockpath = CTDB_SOCKET;
+ options.debuglevel = "ERR";
+ options.timelimit = 60;
+ options.srvidstr = NULL;
+
+ ctdb_socket = getenv("CTDB_SOCKET");
+ if (ctdb_socket != NULL) {
+ options.sockpath = ctdb_socket;
+ }
+
+ pc = poptGetContext(argv[0], argc, argv, cmdline_options,
+ POPT_CONTEXT_KEEP_FIRST);
+ while ((opt = poptGetNextOpt(pc)) != -1) {
+ fprintf(stderr, "Invalid option %s\n", poptBadOption(pc, 0));
+ exit(1);
+ }
+
+ if (options.sockpath == NULL) {
+ fprintf(stderr, "Please specify socket path\n");
+ poptPrintHelp(pc, stdout, 0);
+ exit(1);
+ }
+
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ fprintf(stderr, "Memory allocation error\n");
+ exit(1);
+ }
+
+ ev = tevent_context_init(mem_ctx);
+ if (ev == NULL) {
+ fprintf(stderr, "Memory allocation error\n");
+ exit(1);
+ }
+
+ status = debug_level_parse(options.debuglevel, &log_level);
+ if (! status) {
+ fprintf(stderr, "Invalid debug level\n");
+ poptPrintHelp(pc, stdout, 0);
+ exit(1);
+ }
+
+ setup_logging("dummy_client", DEBUG_STDERR);
+ DEBUGLEVEL = log_level;
+
--
Samba Shared Repository
More information about the samba-cvs
mailing list