[SCM] Samba Shared Repository - branch v4-8-test updated

Thu Aug 23 13:40:02 UTC 2018

The branch, v4-8-test has been updated
       via  2ce60d7 torture: Demonstrate the invalid lock order panic
       via  1c0be1f vfs_fruit: Fix a leak of "br_lck"
       via  3cc8f9d s3:winbind: Do not lookup local system accounts in AD
       via  03e73ff selftest: Load time_audit and full_audit modules for all tests
       via  06cf8c4 s3: vfs: time_audit: fix handling of token_blob in smb_time_audit_offload_read_recv()
       via  84b7865 selftest: subunithelper needs to follow the subunit spec more closely
       via  fd137bc unittests.lib_util_modules: test module probe with "skel", not "unix"
       via  6b37dea ldb: Release LDB 1.3.6
       via  e35fd26 ldb: Fix missing NULL terminator in ldb_mod_op_test testsuite
       via  0eaf84a libsmb: Fix CID 1438243 Unchecked return value
       via  b1b882c libsmb: Fix CID 1438244 Unsigned compared against 0
       via  d4e8fd5 smbd: Fix CID 1438245 Dereference before null check
       via  2e28584 smbd: Fix CID 1438246 Unchecked return value
       via  c45fb4b smbd: Align integer types
       via  c57c54e ctdb: add expiry test for ctdb_mutex_ceph_rados_helper
       via  7cebb48 ctdb_mutex_ceph_rados_helper: fix deadlock via lock renewals
       via  c245fdc ctdb_mutex_ceph_rados_helper: rename timer_ev to ppid_timer_ev
       via  af08da4 ctdb_mutex_ceph_rados_helper: use talloc destructor for cleanup
       via  6dc7dc9 ctdb_mutex_ceph_rados_helper: Set SIGINT signal handler
       via  30c37fc ctdb/build: link ctdb_mutex_ceph_rados_helper against ceph-common
       via  0a49817 docs: Add manpage for winbind_krb5_localauth.8
       via  e9e85a1 docs: Move winbind_krb5_locator manpage to volume 8
       via  756feb9 krb5_plugin: Move krb5 locator plugin to krb5_plugin subdir
       via  f9f1102 krb5_plugin: Install plugins to krb5 modules dir
       via  9e3bc4e s3: tests: smbclient. Regression test to ensure we get NT_STATUS_DIRECTORY_NOT_EMPTY on rmdir.
       via  694c890 s4/torture: Add new test for DELETE_ON_CLOSE on non-empty directories
       via  8bf5c11 s3/libsmb: Explicitly set delete_on_close token for rmdir
      from  04c66d8 VERSION: Bump version up to 4.8.5.

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-8-test


- Log -----------------------------------------------------------------
commit 2ce60d72a5887656cfc1beffcff60b35ab6ce8af
Author: Volker Lendecke <vl at samba.org>
Date:   Mon Aug 6 14:35:15 2018 +0200

    torture: Demonstrate the invalid lock order panic
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13584
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Tue Aug 21 02:33:05 CEST 2018 on sn-devel-144
    
    (cherry picked from commit ec3c37ee53f21d8c0e80b1d3b3d7e95a4ac8e0bc)
    
    Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
    Autobuild-Date(v4-8-test): Thu Aug 23 15:39:45 CEST 2018 on sn-devel-144

commit 1c0be1fc41e9f8c3e36e94e470140b178083227b
Author: Volker Lendecke <vl at samba.org>
Date:   Mon Aug 6 14:33:34 2018 +0200

    vfs_fruit: Fix a leak of "br_lck"
    
    Fix a panic if fruit_access_check detects a locking conflict.
    
    do_lock() returns a valid br_lck even in case of a locking conflict.
    Not free'ing it leads to a invalid lock order panic later, because
    "br_lck" corresponds to a dbwrap lock on brlock.tdb.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13584
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    (cherry picked from commit 51d57073798f76ec4f1261945e0ba779b2530009)

commit 3cc8f9d7c7a65a6cf62ac9075803a962ee777d72
Author: Andreas Schneider <asn at samba.org>
Date:   Mon Jul 2 16:38:01 2018 +0200

    s3:winbind: Do not lookup local system accounts in AD
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13503
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit 9f28d30633af721efec02d8816a9fa48f795a01c)

commit 03e73ff65f110ba58250e84c4a3f23efe224653e
Author: Christof Schmitt <cs at samba.org>
Date:   Fri Aug 10 10:38:28 2018 -0700

    selftest: Load time_audit and full_audit modules for all tests
    
    Previously the only test was to load these modules to trigger the
    smb_vfs_assert_all_fns check. As these modules just pass through the
    calls, they can be loaded for all tests to ensure that the codepaths are
    exercised. This would have found the problem in
    smb_time_audit_offload_read_recv.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13568
    
    Signed-off-by: Christof Schmitt <cs at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Mon Aug 13 22:35:20 CEST 2018 on sn-devel-144
    
    (cherry picked from commit a98f09a09db2fc7be85f9171b586e65344a39e92)

commit 06cf8c46842a877d3098aaa4ab4d4014d8ceecee
Author: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
Date:   Wed Aug 8 17:42:18 2018 +0200

    s3: vfs: time_audit: fix handling of token_blob in smb_time_audit_offload_read_recv()
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13568
    
    Signed-off-by: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
    Reviewed-by: Christof Schmitt <cs at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    (cherry picked from commit 4909b966050c921b0a6a32285fee55f5f14dc3ff)

commit 84b786553799c494c77aefc03f44f4e10afb35d0
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date:   Thu Feb 22 12:46:47 2018 +1300

    selftest: subunithelper needs to follow the subunit spec more closely
    
    In particular allow ]\n without \n]\n as used by cmocka
    
    Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    (cherry picked from commit 7d79575de8e47a0ce03e30c3ea84176be696269f)

commit fd137bc1073c4d3110c356e6778c73f5cda884aa
Author: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Date:   Thu Feb 22 11:26:00 2018 +1300

    unittests.lib_util_modules: test module probe with "skel", not "unix"
    
    The unix module is not available as a module on some systems.
    
    Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    (cherry picked from commit cb5f1f3b262467faba59b3b323e240d1351d5fc0)

commit 6b37dea927f4bfc98919282215004def7891687b
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Thu Aug 16 09:22:22 2018 +1200

    ldb: Release LDB 1.3.6
    
     * make test fails on ldb 1.3.4 due to missing NULL terminator in tests (bug 13575)
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>

commit e35fd2687e802d6961118f30670d7f8584337193
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Thu Mar 8 14:01:50 2018 +1300

    ldb: Fix missing NULL terminator in ldb_mod_op_test testsuite
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13575
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Gary Lockyer <gary at catalyst.net.nz>
    (cherry picked from commit f8b368c9f0c2a34b6d15303a9d6facd762e1a517)

commit 0eaf84a4f5c313776c6feab2968f241b5ce55a91
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Aug 8 10:14:26 2018 +0200

    libsmb: Fix CID 1438243 Unchecked return value
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Wed Aug  8 23:10:22 CEST 2018 on sn-devel-144

commit b1b882c2c459b206e2455f53b3926ff9a13f7335
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Aug 8 10:08:38 2018 +0200

    libsmb: Fix CID 1438244 Unsigned compared against 0
    
    ndr_size_dom_sid returns a size_t, so that can't be <0. Also, the only
    case that ndr_size_dom_sid returns 0 is a NULL sid
    pointer. ndr_size_dom_sid can reasonably be assumed to not overflow, the
    number of sub-auths is a uint8. That times 4 plus 8 always fits into a
    size_t.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit d4e8fd5fd246a80e1a13a2bf3965d0335d4dc2c4
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Aug 7 22:50:52 2018 +0200

    smbd: Fix CID 1438245 Dereference before null check
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 2e285845ea03c5505092b8de5f6097e5845b25ec
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Aug 7 22:49:16 2018 +0200

    smbd: Fix CID 1438246 Unchecked return value
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit c45fb4b658890f03a045519f95df160f27f96183
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Aug 7 22:48:58 2018 +0200

    smbd: Align integer types
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit c57c54eb52d6611e67559aec5df5539c0fd2a300
Author: David Disseldorp <ddiss at samba.org>
Date:   Fri Jul 20 17:20:08 2018 +0200

    ctdb: add expiry test for ctdb_mutex_ceph_rados_helper
    
    Kill the ctdb_mutex_ceph_rados_helper with SIGKILL and then confirm
    that the lock is automatically released following expiry.
    
    Signed-off-by: David Disseldorp <ddiss at samba.org>
    Reviewed-by: Samuel Cabrero <scabrero at suse.de>
    Reviewed-by: Amitay Isaacs <amitay at gmail.com>
    
    Autobuild-User(master): David Disseldorp <ddiss at samba.org>
    Autobuild-Date(master): Thu Aug  9 16:26:36 CEST 2018 on sn-devel-144
    
    (cherry picked from commit 4abf348ec4cbb78d3216d5e8c5f3020d4499f10a)

commit 7cebb4897550e2dd8109c4dcc5c9f885dcbefb83
Author: David Disseldorp <ddiss at samba.org>
Date:   Thu Jul 19 11:55:23 2018 +0200

    ctdb_mutex_ceph_rados_helper: fix deadlock via lock renewals
    
    RADOS locks without expiry persist indefinitely. This results in CTDB
    deadlock during failover if the recovery master dies unexpectedly, as
    subsequently elected recovery master nodes can't obtain the recovery
    lock.
    Avoid deadlock by using a lock expiration time (10s by default), and
    renewing it periodically.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=13540
    
    Signed-off-by: David Disseldorp <ddiss at samba.org>
    Reviewed-by: Samuel Cabrero <scabrero at suse.de>
    Reviewed-by: Amitay Isaacs <amitay at gmail.com>
    (cherry picked from commit ce289e89e5c469cf2c5626dc7f2666b945dba3bd)

commit c245fdce393c9c11b52576335802a5fdceeeaf96
Author: David Disseldorp <ddiss at samba.org>
Date:   Tue Jul 17 23:36:36 2018 +0200

    ctdb_mutex_ceph_rados_helper: rename timer_ev to ppid_timer_ev
    
    In preparation for adding a lock refresh timer.
    
    Signed-off-by: David Disseldorp <ddiss at samba.org>
    Reviewed-by: Samuel Cabrero <scabrero at suse.de>
    Reviewed-by: Amitay Isaacs <amitay at gmail.com>
    (cherry picked from commit 91a89c146453ca203a83dc2ba555bb93276c4d7f)

commit af08da45716f713ed1897a23d814cb679f3f24bf
Author: David Disseldorp <ddiss at samba.org>
Date:   Thu Jul 19 18:46:27 2018 +0200

    ctdb_mutex_ceph_rados_helper: use talloc destructor for cleanup
    
    Signed-off-by: David Disseldorp <ddiss at samba.org>
    Reviewed-by: Samuel Cabrero <scabrero at suse.de>
    Reviewed-by: Amitay Isaacs <amitay at gmail.com>
    (cherry picked from commit 8d30fd591600ac17c742cd78c7bc4056bba6b877)

commit 6dc7dc9300014485ec5e6e1e9bfb8eb2d89c4033
Author: Samuel Cabrero <scabrero at suse.de>
Date:   Fri Jun 15 18:15:53 2018 +0200

    ctdb_mutex_ceph_rados_helper: Set SIGINT signal handler
    
    Set a handler for SIGINT to release the lock.
    
    Signed-off-by: Samuel Cabrero <scabrero at suse.de>
    Reviewed-by: David Disseldorp <ddiss at samba.org>
    Reviewed-by: Amitay Isaacs <amitay at gmail.com>
    (cherry picked from commit 85706bd27535eaa4ec653f99b1910fbd8f2aab88)

commit 30c37fcacc212c9eb38746727a85e250d9448769
Author: David Disseldorp <ddiss at samba.org>
Date:   Mon Jul 9 14:53:00 2018 +0200

    ctdb/build: link ctdb_mutex_ceph_rados_helper against ceph-common
    
    ceph-common linkage is needed with new versions of Ceph.
    Also respect the --libcephfs_dir=<path> parameter when provided.
    
    Signed-off-by: David Disseldorp <ddiss at samba.org>
    Reviewed-by: Amitay Isaacs <amitay at gmail.com>
    (cherry picked from commit bd64af6b8861f892e6ae2840a493f037d1e0a06c)

commit 0a49817dd4216978dc34f7a381a2c35b01cc77f9
Author: Andreas Schneider <asn at samba.org>
Date:   Wed Jun 27 15:06:07 2018 +0200

    docs: Add manpage for winbind_krb5_localauth.8
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Alexander Bokovoy <ab at samba.org>
    
    Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
    Autobuild-Date(master): Wed Jun 27 18:45:56 CEST 2018 on sn-devel-144
    
    (cherry picked from commit e88d68c253b4398eaed701d1a9bcc1b83882e127)

commit e9e85a183c7b4602e89f741bba9e4ed8c63974d4
Author: Andreas Schneider <asn at samba.org>
Date:   Wed Jun 27 15:14:15 2018 +0200

    docs: Move winbind_krb5_locator manpage to volume 8
    
    The vfs and idmap manpages are in volume 8 too.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Alexander Bokovoy <ab at samba.org>
    (cherry picked from commit 6b7fcec01524ea1c4f2d923cc9cc2c17af3c3a21)

commit 756feb9069d35e8cd27b7b4f8b1c9eb079d11bb4
Author: Andreas Schneider <asn at samba.org>
Date:   Wed Jun 27 14:08:56 2018 +0200

    krb5_plugin: Move krb5 locator plugin to krb5_plugin subdir
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Alexander Bokovoy <ab at samba.org>
    (cherry picked from commit 4a7e0f259bb7f1ebce48523767262addda08fe14)

commit f9f1102bb2b8b21b8efa16c7b024855687079005
Author: Andreas Schneider <asn at samba.org>
Date:   Wed Jun 27 14:06:39 2018 +0200

    krb5_plugin: Install plugins to krb5 modules dir
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13489
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Alexander Bokovoy <ab at samba.org>
    (cherry picked from commit eba2eb8a15c7a25b1436907a5339241492c81097)

commit 9e3bc4e5a68adb2fe527680d6f7e5522bd87087f
Author: Jeremy Allison <jra at samba.org>
Date:   Thu Aug 9 10:02:26 2018 -0700

    s3: tests: smbclient. Regression test to ensure we get NT_STATUS_DIRECTORY_NOT_EMPTY on rmdir.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13204
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Fri Aug 10 21:08:14 CEST 2018 on sn-devel-144
    
    (cherry picked from commit bca400847f2fcc3dd1398e166c1964cb88822071)

commit 694c8908b0c595ee4550b05ab6c6c1f51b9e45cf
Author: Anoop C S <anoopcs at redhat.com>
Date:   Thu Aug 9 20:02:05 2018 +0530

    s4/torture: Add new test for DELETE_ON_CLOSE on non-empty directories
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13204
    
    Signed-off-by: Anoop C S <anoopcs at redhat.com>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>
    (cherry picked from commit 6a7f11746c9cc3cdc5307e540bdd1f3f10fed05b)

commit 8bf5c11c892e1f8c1d77fe2efa2acf49c60b1241
Author: Anoop C S <anoopcs at redhat.com>
Date:   Thu Aug 9 12:28:41 2018 +0530

    s3/libsmb: Explicitly set delete_on_close token for rmdir
    
    The current implementation of `rmdir` hopes to get the directory deleted
    on closing last open handle when FILE_DELETE_ON_CLOSE is set on it. But
    for non-empty directories Windows doesn't error out during an open call.
    Following that we internally refuse to set initial delete_on_close while
    opening a non-empty directory. This prevents us from trying to delete
    the directory when last open handle is closed.
    
    Instead of relying on FILE_DELETE_ON_CLOSE during an open we explicitly
    set delete_on_close token on directory handle once it is available. This
    ensures that NT_STATUS_DIRECTORY_NOT_EMPTY is returned for `rmdir` on
    non-empty directories while closing open directory handle.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13204
    
    Signed-off-by: Anoop C S <anoopcs at redhat.com>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>
    (cherry picked from commit 6b68e3eca631c04d6d57c489daf60f64732fc86d)

-----------------------------------------------------------------------

Summary of changes:
 ctdb/utils/ceph/ctdb_mutex_ceph_rados_helper.c     | 200 +++++++++++++++------
 ctdb/utils/ceph/test_ceph_rados_reclock.sh         |  57 +++++-
 ctdb/wscript                                       |  14 +-
 docs-xml/manpages/winbind_krb5_localauth.8.xml     |  86 +++++++++
 ...b5_locator.7.xml => winbind_krb5_locator.8.xml} |   6 +-
 docs-xml/wscript_build                             |   6 +-
 lib/ldb/ABI/{ldb-1.3.5.sigs => ldb-1.3.6.sigs}     |   0
 ...b-util.py3-1.3.5.sigs => pyldb-util-1.3.6.sigs} |   0
 ...il.py3-1.3.5.sigs => pyldb-util.py3-1.3.6.sigs} |   0
 lib/ldb/tests/ldb_mod_op_test.c                    |   4 +-
 lib/ldb/wscript                                    |   2 +-
 nsswitch/{ => krb5_plugin}/winbind_krb5_locator.c  |   0
 nsswitch/wscript_build                             |  12 +-
 selftest/subunithelper.py                          |   3 +-
 selftest/target/Samba3.pm                          |  12 +-
 source3/libsmb/cli_smb2_fnum.c                     |  13 +-
 source3/libsmb/cliquota.c                          |   9 +-
 source3/modules/vfs_fruit.c                        |  24 ++-
 source3/modules/vfs_time_audit.c                   |  12 +-
 source3/script/tests/test_smbclient_s3.sh          |  42 +++++
 source3/smbd/nttrans.c                             |  15 +-
 source3/winbindd/winbindd_util.c                   |   2 +
 source4/torture/basic/delete.c                     |  87 +++++++++
 source4/torture/vfs/fruit.c                        |  89 +++++++++
 testsuite/unittests/test_lib_util_modules.c        |   2 +-
 25 files changed, 598 insertions(+), 99 deletions(-)
 create mode 100644 docs-xml/manpages/winbind_krb5_localauth.8.xml
 rename docs-xml/manpages/{winbind_krb5_locator.7.xml => winbind_krb5_locator.8.xml} (96%)
 copy lib/ldb/ABI/{ldb-1.3.5.sigs => ldb-1.3.6.sigs} (100%)
 copy lib/ldb/ABI/{pyldb-util.py3-1.3.5.sigs => pyldb-util-1.3.6.sigs} (100%)
 copy lib/ldb/ABI/{pyldb-util.py3-1.3.5.sigs => pyldb-util.py3-1.3.6.sigs} (100%)
 rename nsswitch/{ => krb5_plugin}/winbind_krb5_locator.c (100%)


Changeset truncated at 500 lines:

diff --git a/ctdb/utils/ceph/ctdb_mutex_ceph_rados_helper.c b/ctdb/utils/ceph/ctdb_mutex_ceph_rados_helper.c
index 326a0b0..7ef76c2 100644
--- a/ctdb/utils/ceph/ctdb_mutex_ceph_rados_helper.c
+++ b/ctdb/utils/ceph/ctdb_mutex_ceph_rados_helper.c
@@ -1,7 +1,7 @@
 /*
    CTDB mutex helper using Ceph librados locks
 
-   Copyright (C) David Disseldorp 2016
+   Copyright (C) David Disseldorp 2016-2018
 
    Based on ctdb_mutex_fcntl_helper.c, which is:
    Copyright (C) Martin Schwenke 2015
@@ -29,6 +29,11 @@
 #define CTDB_MUTEX_CEPH_LOCK_NAME	"ctdb_reclock_mutex"
 #define CTDB_MUTEX_CEPH_LOCK_COOKIE	CTDB_MUTEX_CEPH_LOCK_NAME
 #define CTDB_MUTEX_CEPH_LOCK_DESC	"CTDB recovery lock"
+/*
+ * During failover it may take up to <lock duration> seconds before the
+ * newly elected recovery master can obtain the lock.
+ */
+#define CTDB_MUTEX_CEPH_LOCK_DURATION_SECS_DEFAULT	10
 
 #define CTDB_MUTEX_STATUS_HOLDING "0"
 #define CTDB_MUTEX_STATUS_CONTENDED "1"
@@ -88,24 +93,20 @@ static int ctdb_mutex_rados_ctx_create(const char *ceph_cluster_name,
 	return 0;
 }
 
-static void ctdb_mutex_rados_ctx_destroy(rados_t ceph_cluster,
-					 rados_ioctx_t ioctx)
-{
-	rados_ioctx_destroy(ioctx);
-	rados_shutdown(ceph_cluster);
-}
-
 static int ctdb_mutex_rados_lock(rados_ioctx_t *ioctx,
-				 const char *oid)
+				 const char *oid,
+				 uint64_t lock_duration_s,
+				 uint8_t flags)
 {
 	int ret;
+	struct timeval tv = { lock_duration_s, 0 };
 
 	ret = rados_lock_exclusive(ioctx, oid,
-                                   CTDB_MUTEX_CEPH_LOCK_NAME,
+				   CTDB_MUTEX_CEPH_LOCK_NAME,
 				   CTDB_MUTEX_CEPH_LOCK_COOKIE,
 				   CTDB_MUTEX_CEPH_LOCK_DESC,
-                                   NULL, /* infinite duration */
-                                   0);
+				   lock_duration_s == 0 ? NULL : &tv,
+				   flags);
 	if ((ret == -EEXIST) || (ret == -EBUSY)) {
 		/* lock contention */
 		return ret;
@@ -145,10 +146,13 @@ struct ctdb_mutex_rados_state {
 	const char *ceph_auth_name;
 	const char *pool_name;
 	const char *object;
+	uint64_t lock_duration_s;
 	int ppid;
 	struct tevent_context *ev;
-	struct tevent_signal *sig_ev;
-	struct tevent_timer *timer_ev;
+	struct tevent_signal *sigterm_ev;
+	struct tevent_signal *sigint_ev;
+	struct tevent_timer *ppid_timer_ev;
+	struct tevent_timer *renew_timer_ev;
 	rados_t ceph_cluster;
 	rados_ioctx_t ioctx;
 };
@@ -161,29 +165,24 @@ static void ctdb_mutex_rados_sigterm_cb(struct tevent_context *ev,
 					void *private_data)
 {
 	struct ctdb_mutex_rados_state *cmr_state = private_data;
-	int ret;
+	int ret = 0;
 
 	if (!cmr_state->holding_mutex) {
 		fprintf(stderr, "Sigterm callback invoked without mutex!\n");
 		ret = -EINVAL;
-		goto err_ctx_cleanup;
 	}
 
-	ret = ctdb_mutex_rados_unlock(cmr_state->ioctx, cmr_state->object);
-err_ctx_cleanup:
-	ctdb_mutex_rados_ctx_destroy(cmr_state->ceph_cluster,
-				     cmr_state->ioctx);
 	talloc_free(cmr_state);
 	exit(ret ? 1 : 0);
 }
 
-static void ctdb_mutex_rados_timer_cb(struct tevent_context *ev,
-				      struct tevent_timer *te,
-				      struct timeval current_time,
-				      void *private_data)
+static void ctdb_mutex_rados_ppid_timer_cb(struct tevent_context *ev,
+					   struct tevent_timer *te,
+					   struct timeval current_time,
+					   void *private_data)
 {
 	struct ctdb_mutex_rados_state *cmr_state = private_data;
-	int ret;
+	int ret = 0;
 
 	if (!cmr_state->holding_mutex) {
 		fprintf(stderr, "Timer callback invoked without mutex!\n");
@@ -193,26 +192,81 @@ static void ctdb_mutex_rados_timer_cb(struct tevent_context *ev,
 
 	if ((kill(cmr_state->ppid, 0) == 0) || (errno != ESRCH)) {
 		/* parent still around, keep waiting */
-		cmr_state->timer_ev = tevent_add_timer(cmr_state->ev, cmr_state,
+		cmr_state->ppid_timer_ev = tevent_add_timer(cmr_state->ev,
+							    cmr_state,
 					       tevent_timeval_current_ofs(5, 0),
-						      ctdb_mutex_rados_timer_cb,
-						       cmr_state);
-		if (cmr_state->timer_ev == NULL) {
+						ctdb_mutex_rados_ppid_timer_cb,
+							    cmr_state);
+		if (cmr_state->ppid_timer_ev == NULL) {
 			fprintf(stderr, "Failed to create timer event\n");
 			/* rely on signal cb */
 		}
 		return;
 	}
 
-	/* parent ended, drop lock and exit */
-	ret = ctdb_mutex_rados_unlock(cmr_state->ioctx, cmr_state->object);
+	/* parent ended, drop lock (via destructor) and exit */
 err_ctx_cleanup:
-	ctdb_mutex_rados_ctx_destroy(cmr_state->ceph_cluster,
-				     cmr_state->ioctx);
 	talloc_free(cmr_state);
 	exit(ret ? 1 : 0);
 }
 
+#define USECS_IN_SEC 1000000
+
+static void ctdb_mutex_rados_lock_renew_timer_cb(struct tevent_context *ev,
+						 struct tevent_timer *te,
+						 struct timeval current_time,
+						 void *private_data)
+{
+	struct ctdb_mutex_rados_state *cmr_state = private_data;
+	struct timeval tv;
+	int ret;
+
+	ret = ctdb_mutex_rados_lock(cmr_state->ioctx, cmr_state->object,
+				    cmr_state->lock_duration_s,
+				    LIBRADOS_LOCK_FLAG_RENEW);
+	if (ret == -EBUSY) {
+		/* should never get -EEXIST on renewal */
+		fprintf(stderr, "Lock contention during renew: %d\n", ret);
+		goto err_ctx_cleanup;
+	} else if (ret < 0) {
+		fprintf(stderr, "Lock renew failed\n");
+		goto err_ctx_cleanup;
+	}
+
+	tv = tevent_timeval_current_ofs(0,
+			    cmr_state->lock_duration_s * (USECS_IN_SEC / 2));
+	cmr_state->renew_timer_ev = tevent_add_timer(cmr_state->ev,
+						       cmr_state,
+						       tv,
+					ctdb_mutex_rados_lock_renew_timer_cb,
+						       cmr_state);
+	if (cmr_state->renew_timer_ev == NULL) {
+		fprintf(stderr, "Failed to create timer event\n");
+		goto err_ctx_cleanup;
+	}
+
+	return;
+
+err_ctx_cleanup:
+	/* drop lock (via destructor) and exit */
+	talloc_free(cmr_state);
+	exit(1);
+}
+
+static int ctdb_mutex_rados_state_destroy(struct ctdb_mutex_rados_state *cmr_state)
+{
+	if (cmr_state->holding_mutex) {
+		ctdb_mutex_rados_unlock(cmr_state->ioctx, cmr_state->object);
+	}
+	if (cmr_state->ioctx != NULL) {
+		rados_ioctx_destroy(cmr_state->ioctx);
+	}
+	if (cmr_state->ceph_cluster != NULL) {
+		rados_shutdown(cmr_state->ceph_cluster);
+	}
+	return 0;
+}
+
 int main(int argc, char *argv[])
 {
 	int ret;
@@ -220,9 +274,10 @@ int main(int argc, char *argv[])
 
 	progname = argv[0];
 
-	if (argc != 5) {
+	if ((argc != 5) && (argc != 6)) {
 		fprintf(stderr, "Usage: %s <Ceph Cluster> <Ceph user> "
-				"<RADOS pool> <RADOS object>\n",
+				"<RADOS pool> <RADOS object> "
+				"[lock duration secs]\n",
 			progname);
 		ret = -EINVAL;
 		goto err_out;
@@ -240,10 +295,24 @@ int main(int argc, char *argv[])
 		goto err_out;
 	}
 
+	talloc_set_destructor(cmr_state, ctdb_mutex_rados_state_destroy);
 	cmr_state->ceph_cluster_name = argv[1];
 	cmr_state->ceph_auth_name = argv[2];
 	cmr_state->pool_name = argv[3];
 	cmr_state->object = argv[4];
+	if (argc == 6) {
+		/* optional lock duration provided */
+		char *endptr = NULL;
+		cmr_state->lock_duration_s = strtoull(argv[5], &endptr, 0);
+		if ((endptr == argv[5]) || (*endptr != '\0')) {
+			fprintf(stdout, CTDB_MUTEX_STATUS_ERROR);
+			ret = -EINVAL;
+			goto err_ctx_cleanup;
+		}
+	} else {
+		cmr_state->lock_duration_s
+			= CTDB_MUTEX_CEPH_LOCK_DURATION_SECS_DEFAULT;
+	}
 
 	cmr_state->ppid = getppid();
 	if (cmr_state->ppid == 1) {
@@ -257,7 +326,7 @@ int main(int argc, char *argv[])
 		 */
 		fprintf(stderr, "%s: PPID == 1\n", progname);
 		ret = -EPIPE;
-		goto err_state_free;
+		goto err_ctx_cleanup;
 	}
 
 	cmr_state->ev = tevent_context_init(cmr_state);
@@ -265,30 +334,40 @@ int main(int argc, char *argv[])
 		fprintf(stderr, "tevent_context_init failed\n");
 		fprintf(stdout, CTDB_MUTEX_STATUS_ERROR);
 		ret = -ENOMEM;
-		goto err_state_free;
+		goto err_ctx_cleanup;
 	}
 
 	/* wait for sigterm */
-	cmr_state->sig_ev = tevent_add_signal(cmr_state->ev, cmr_state, SIGTERM, 0,
+	cmr_state->sigterm_ev = tevent_add_signal(cmr_state->ev, cmr_state, SIGTERM, 0,
 					      ctdb_mutex_rados_sigterm_cb,
 					      cmr_state);
-	if (cmr_state->sig_ev == NULL) {
-		fprintf(stderr, "Failed to create signal event\n");
+	if (cmr_state->sigterm_ev == NULL) {
+		fprintf(stderr, "Failed to create term signal event\n");
 		fprintf(stdout, CTDB_MUTEX_STATUS_ERROR);
 		ret = -ENOMEM;
-		goto err_state_free;
+		goto err_ctx_cleanup;
+	}
+
+	cmr_state->sigint_ev = tevent_add_signal(cmr_state->ev, cmr_state, SIGINT, 0,
+					      ctdb_mutex_rados_sigterm_cb,
+					      cmr_state);
+	if (cmr_state->sigint_ev == NULL) {
+		fprintf(stderr, "Failed to create int signal event\n");
+		fprintf(stdout, CTDB_MUTEX_STATUS_ERROR);
+		ret = -ENOMEM;
+		goto err_ctx_cleanup;
 	}
 
 	/* periodically check parent */
-	cmr_state->timer_ev = tevent_add_timer(cmr_state->ev, cmr_state,
+	cmr_state->ppid_timer_ev = tevent_add_timer(cmr_state->ev, cmr_state,
 					       tevent_timeval_current_ofs(5, 0),
-					       ctdb_mutex_rados_timer_cb,
+					       ctdb_mutex_rados_ppid_timer_cb,
 					       cmr_state);
-	if (cmr_state->timer_ev == NULL) {
+	if (cmr_state->ppid_timer_ev == NULL) {
 		fprintf(stderr, "Failed to create timer event\n");
 		fprintf(stdout, CTDB_MUTEX_STATUS_ERROR);
 		ret = -ENOMEM;
-		goto err_state_free;
+		goto err_ctx_cleanup;
 	}
 
 	ret = ctdb_mutex_rados_ctx_create(cmr_state->ceph_cluster_name,
@@ -298,10 +377,12 @@ int main(int argc, char *argv[])
 					  &cmr_state->ioctx);
 	if (ret < 0) {
 		fprintf(stdout, CTDB_MUTEX_STATUS_ERROR);
-		goto err_state_free;
+		goto err_ctx_cleanup;
 	}
 
-	ret = ctdb_mutex_rados_lock(cmr_state->ioctx, cmr_state->object);
+	ret = ctdb_mutex_rados_lock(cmr_state->ioctx, cmr_state->object,
+				    cmr_state->lock_duration_s,
+				    0);
 	if ((ret == -EEXIST) || (ret == -EBUSY)) {
 		fprintf(stdout, CTDB_MUTEX_STATUS_CONTENDED);
 		goto err_ctx_cleanup;
@@ -309,8 +390,28 @@ int main(int argc, char *argv[])
 		fprintf(stdout, CTDB_MUTEX_STATUS_ERROR);
 		goto err_ctx_cleanup;
 	}
-
 	cmr_state->holding_mutex = true;
+
+	if (cmr_state->lock_duration_s != 0) {
+		/*
+		 * renew (reobtain) the lock, using a period of half the lock
+		 * duration. Convert to usecs to avoid rounding.
+		 */
+		struct timeval tv = tevent_timeval_current_ofs(0,
+			       cmr_state->lock_duration_s * (USECS_IN_SEC / 2));
+		cmr_state->renew_timer_ev = tevent_add_timer(cmr_state->ev,
+							       cmr_state,
+							       tv,
+					ctdb_mutex_rados_lock_renew_timer_cb,
+							       cmr_state);
+		if (cmr_state->renew_timer_ev == NULL) {
+			fprintf(stderr, "Failed to create timer event\n");
+			fprintf(stdout, CTDB_MUTEX_STATUS_ERROR);
+			ret = -ENOMEM;
+			goto err_ctx_cleanup;
+		}
+	}
+
 	fprintf(stdout, CTDB_MUTEX_STATUS_HOLDING);
 
 	/* wait for the signal / timer events to do their work */
@@ -319,9 +420,6 @@ int main(int argc, char *argv[])
 		goto err_ctx_cleanup;
 	}
 err_ctx_cleanup:
-	ctdb_mutex_rados_ctx_destroy(cmr_state->ceph_cluster,
-				     cmr_state->ioctx);
-err_state_free:
 	talloc_free(cmr_state);
 err_out:
 	return ret ? 1 : 0;
diff --git a/ctdb/utils/ceph/test_ceph_rados_reclock.sh b/ctdb/utils/ceph/test_ceph_rados_reclock.sh
index 1adacf6..68b44ff 100755
--- a/ctdb/utils/ceph/test_ceph_rados_reclock.sh
+++ b/ctdb/utils/ceph/test_ceph_rados_reclock.sh
@@ -46,7 +46,9 @@ which ctdb_mutex_ceph_rados_helper || exit 1
 TMP_DIR="$(mktemp --directory)" || exit 1
 rados -p "$POOL" rm "$OBJECT"
 
-(ctdb_mutex_ceph_rados_helper "$CLUSTER" "$USER" "$POOL" "$OBJECT" \
+# explicitly disable lock expiry (duration=0), to ensure that we don't get
+# intermittent failures (due to renewal) from the lock state diff further down
+(ctdb_mutex_ceph_rados_helper "$CLUSTER" "$USER" "$POOL" "$OBJECT" 0 \
 							> ${TMP_DIR}/first) &
 locker_pid=$!
 
@@ -78,6 +80,9 @@ LOCKER_COOKIE="$(jq -r '.lockers[0].cookie' ${TMP_DIR}/lock_state_first)"
 LOCKER_DESC="$(jq -r '.lockers[0].description' ${TMP_DIR}/lock_state_first)"
 [ "$LOCKER_DESC" == "CTDB recovery lock" ] \
 	|| _fail "unexpected locker description: $LOCKER_DESC"
+LOCKER_EXP="$(jq -r '.lockers[0].expiration' ${TMP_DIR}/lock_state_first)"
+[ "$LOCKER_EXP" == "0.000000" ] \
+	|| _fail "unexpected locker expiration: $LOCKER_EXP"
 
 # second attempt while first is still holding the lock - expect failure
 ctdb_mutex_ceph_rados_helper "$CLUSTER" "$USER" "$POOL" "$OBJECT" \
@@ -145,6 +150,56 @@ third_out=$(cat ${TMP_DIR}/third)
 [ "$third_out" == "0" ] \
 	|| _fail "expected lock acquisition (0), but got $third_out"
 
+# test renew / expire behaviour using a 1s expiry (update period = 500ms)
+exec >${TMP_DIR}/forth -- ctdb_mutex_ceph_rados_helper "$CLUSTER" "$USER" \
+							"$POOL" "$OBJECT" 1 &
+locker_pid=$!
+
+sleep 1
+
+rados -p "$POOL" lock info "$OBJECT" ctdb_reclock_mutex \
+						> ${TMP_DIR}/lock_state_fifth_a
+#echo "with lock fifth: `cat ${TMP_DIR}/lock_state_fifth_a`"
+
+LOCK_NAME="$(jq -r '.name' ${TMP_DIR}/lock_state_fifth_a)"
+[ "$LOCK_NAME" == "ctdb_reclock_mutex" ] \
+	|| _fail "unexpected lock name: $LOCK_NAME"
+LOCK_TYPE="$(jq -r '.type' ${TMP_DIR}/lock_state_fifth_a)"
+[ "$LOCK_TYPE" == "exclusive" ] \
+	|| _fail "unexpected lock type: $LOCK_TYPE"
+LOCK_COUNT="$(jq -r '.lockers | length' ${TMP_DIR}/lock_state_fifth_a)"
+[ $LOCK_COUNT -eq 1 ] || _fail "expected 1 lock in rados state, got $LOCK_COUNT"
+LOCKER_EXP_A="$(jq -r '.lockers[0].expiration' ${TMP_DIR}/lock_state_fifth_a)"
+[ "$LOCKER_EXP_A" != "0.000000" ] \
+	|| _fail "unexpected locker expiration: $LOCKER_EXP_A"
+sleep 1 # sleep until renewal
+rados -p "$POOL" lock info "$OBJECT" ctdb_reclock_mutex \
+						> ${TMP_DIR}/lock_state_fifth_b
+LOCKER_EXP_B="$(jq -r '.lockers[0].expiration' ${TMP_DIR}/lock_state_fifth_b)"
+[ "$LOCKER_EXP_B" != "0.000000" ] \
+	|| _fail "unexpected locker expiration: $LOCKER_EXP_B"
+#echo "lock expiration before renewal $LOCKER_EXP_A, after renewal $LOCKER_EXP_B"
+[ "$LOCKER_EXP_B" != "$LOCKER_EXP_A" ] \
+	|| _fail "locker expiration matches: $LOCKER_EXP_B"
+
+# no chance to drop the lock, rely on expiry
+kill -KILL $locker_pid || exit 1
+wait $locker_pid &> /dev/null
+sleep 1	# sleep until lock expiry
+
+rados -p "$POOL" lock info "$OBJECT" ctdb_reclock_mutex \
+						> ${TMP_DIR}/lock_state_sixth
+#echo "lock expiry sixth: `cat ${TMP_DIR}/lock_state_sixth`"
+
+LOCK_NAME="$(jq -r '.name' ${TMP_DIR}/lock_state_sixth)"
+[ "$LOCK_NAME" == "ctdb_reclock_mutex" ] \
+	|| _fail "unexpected lock name: $LOCK_NAME"
+LOCK_TYPE="$(jq -r '.type' ${TMP_DIR}/lock_state_sixth)"
+[ "$LOCK_TYPE" == "exclusive" ] \
+	|| _fail "unexpected lock type: $LOCK_TYPE"
+LOCK_COUNT="$(jq -r '.lockers | length' ${TMP_DIR}/lock_state_sixth)"
+[ $LOCK_COUNT -eq 0 ] || _fail "expected 0 locks in rados state, got $LOCK_COUNT"
+
 rm ${TMP_DIR}/*
 rmdir $TMP_DIR
 
diff --git a/ctdb/wscript b/ctdb/wscript
index 1ca90a4..f8259c7 100644
--- a/ctdb/wscript
+++ b/ctdb/wscript
@@ -83,6 +83,10 @@ def set_options(opt):
     opt.add_option('--enable-etcd-reclock',
                    help=("Enable etcd recovery lock helper (default=no)"),
                    action="store_true", dest='ctdb_etcd_reclock', default=False)
+
+    opt.add_option('--with-libcephfs',
+                   help=("Directory under which libcephfs is installed"),
+                   action="store", dest='libcephfs_dir', default=None)
     opt.add_option('--enable-ceph-reclock',
                    help=("Enable Ceph CTDB recovery lock helper (default=no)"),
                    action="store_true", dest='ctdb_ceph_reclock', default=False)
@@ -219,8 +223,16 @@ def configure(conf):
     conf.env.etcd_reclock = have_etcd_reclock
 
     if Options.options.ctdb_ceph_reclock:
+        # Use custom libcephfs library path if provided. XXX The top level build
+        # explicitly sets LIBPATH_CEPH-COMMON when libcephfs_dir isn't provided.
+        if Options.options.libcephfs_dir:
+            conf.env['CPPPATH_RADOS'] = Options.options.libcephfs_dir + '/include'
+            conf.env['LIBPATH_RADOS'] = Options.options.libcephfs_dir + '/lib'
+            conf.env['LIBPATH_CEPH-COMMON'] = conf.env['LIBPATH_RADOS'] + '/ceph'
+
         if (conf.CHECK_HEADERS('rados/librados.h', False, False, 'rados') and
 					conf.CHECK_LIB('rados', shlib=True)):
+            conf.CHECK_LIB('ceph-common', shlib=True)
             Logs.info('Building with Ceph librados recovery lock support')
             conf.define('HAVE_LIBRADOS', 1)
         else:
@@ -593,7 +605,7 @@ def build(bld):
     if bld.env.HAVE_LIBRADOS:
         bld.SAMBA_BINARY('ctdb_mutex_ceph_rados_helper',
                          source='utils/ceph/ctdb_mutex_ceph_rados_helper.c',
-			 deps='talloc tevent rados',
+			 deps='talloc tevent rados ceph-common',
 			 includes='include',
 			 install_path='${CTDB_HELPER_BINDIR}')
 
diff --git a/docs-xml/manpages/winbind_krb5_localauth.8.xml b/docs-xml/manpages/winbind_krb5_localauth.8.xml
new file mode 100644
index 0000000..a382e71
--- /dev/null
+++ b/docs-xml/manpages/winbind_krb5_localauth.8.xml
@@ -0,0 +1,86 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
+<refentry id="winbind_krb5_localauth.8">
+
+<refmeta>
+	<refentrytitle>winbind_krb5_localauth</refentrytitle>
+	<manvolnum>8</manvolnum>
+	<refmiscinfo class="source">Samba</refmiscinfo>
+	<refmiscinfo class="manual">8</refmiscinfo>
+	<refmiscinfo class="version">&doc.version;</refmiscinfo>
+</refmeta>
+
+
+<refnamediv>
+	<refname>winbind_krb5_localauth</refname>
+	<refpurpose>A plugin for MIT Kerberos for mapping user accounts.</refpurpose>
+</refnamediv>
+
+
+<refsect1>


-- 
Samba Shared Repository

