[SCM] Samba Shared Repository - branch v4-8-test updated
Karolin Seeger
kseeger at samba.org
Thu Jan 25 19:05:03 UTC 2018
The branch, v4-8-test has been updated
via e981b81 dbcheck: disable fixing duplicate linked attributes until we can recover lost forward links
via d7a312f repl_meta_data: fix linked attribute corruption on databases with unsorted links on expunge
via 666e7f2 testprogs:blackbox: add regression test for unsorted links in tombstones-expunge.sh
via 3c46eef waf: Fix NFS quota support with libtirpc
via 0970c82 wafsamba: Allow passing 'lib' to CHECK_STRUCTURE_MEMBER
via 3bf0387 build: deal with recent glibc sunrpc header removal
via c6c8b8e include: Create system/nis.h in libreplace
via 579985d s3:waf: Move HAVE_NETGROUP to wscript
via 75d1ec2 packaging: fix default systemd-dir path.
via 2d4987b Remove file system sharemode before calling unlink
via 1844f89 s3:rpc_client: Clenup copy_netr_SamInfo3() code
via 197262e s3:winbind: Use a stackframe and cleanup when leaving
via e089bed s3:winbind: Use a goto for cleaning up at the end
via 16f7f9c s3:winbindd: Improve logic so it is easier to understand
from 80a1b2b VERSION: Bump version up to 4.8.0rc2...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-8-test
- Log -----------------------------------------------------------------
commit e981b811a43424f74f71ca91e0d84365bfb5a975
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jan 19 11:50:55 2018 +0100
dbcheck: disable fixing duplicate linked attributes until we can recover lost forward links
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 850a8027f32185e523614231cca76505134bb5e4)
Autobuild-User(v4-8-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-8-test): Thu Jan 25 20:04:53 CET 2018 on sn-devel-144
commit d7a312ffc83e2037635a88f68499169918542b30
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jan 17 08:07:03 2018 +0100
repl_meta_data: fix linked attribute corruption on databases with unsorted links on expunge
This is really critical bug, it removes valid linked attributes.
When a DC was provisioned/joined with a Samba version older than 4.7
is upgraded to 4.7 (or later), it can happen that the garbage collection
(dsdb_garbage_collect_tombstones()), triggered periodically by the 'kcc' task
of 'samba' or my 'samba-tool domain tombstones expunge' corrupt the linked attributes.
This is similar to Bug #13095 - Broken linked attribute handling,
but it's not triggered by an originating change.
The bug happens in replmd_modify_la_delete()
were get_parsed_dns_trusted() generates a sorted array of
struct parsed_dn based on the values in old_el->values.
If the database doesn't support the sortedLinks compatibleFeatures
in the @SAMBA_DSDB record, it's very likely that
the array of old_dns is sorted differently than the values
in old_el->values.
The problem is that struct parsed_dn has just a pointer
'struct ldb_val *v' that points to the corresponding
value in old_el->values.
Now if vanish_links is true the damage happens here:
if (vanish_links) {
unsigned j = 0;
for (i = 0; i < old_el->num_values; i++) {
if (old_dns[i].v != NULL) {
old_el->values[j] = *old_dns[i].v;
j++;
}
}
old_el->num_values = j;
}
old_el->values[0] = *old_dns[0].v;
can change the value old_dns[1].v is pointing at!
That means that some values can get lost while others
are stored twice, because the LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK
allows it to be stored.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit a25c99c9f1fd1814c56c21848c748cd0e038eed7)
commit 666e7f2cbfd2b04360fcefce6d58f302c054aabc
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jan 18 14:54:04 2018 +0100
testprogs:blackbox: add regression test for unsorted links in tombstones-expunge.sh
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13228
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit c34c2dd55545b99fba46cf374a1653bad96cea9e)
commit 3c46eef8f1ea1f43a80aec4ab94f17530f38ca76
Author: Andreas Schneider <asn at samba.org>
Date: Fri Jan 19 14:30:20 2018 +0100
waf: Fix NFS quota support with libtirpc
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Jan 22 17:26:52 CET 2018 on sn-devel-144
(cherry picked from commit 39a6ea766dfe55d84ab2284b8d5ed01d66da11dd)
commit 0970c824c61b9c89051b347609611833d239ee00
Author: Andreas Schneider <asn at samba.org>
Date: Fri Jan 19 15:34:32 2018 +0100
wafsamba: Allow passing 'lib' to CHECK_STRUCTURE_MEMBER
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
We need to be able to point it to the right header location, so we need
to be able to pass the 'lib' that it gets set.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit 87f105d76ce074bff08fd507d72568be88d48d00)
commit 3bf03879e16763033b4bbb1f939f717093707d79
Author: Günther Deschner <gd at samba.org>
Date: Tue Jan 16 17:48:10 2018 +0100
build: deal with recent glibc sunrpc header removal
We need to rely on libtirpc or libntirpc to be around in that case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10976
Guenther
Pair-Programmed-With: Andreas Schneider <asn at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit ee0be7eb723be1420fd601ea1abe0af748562953)
commit c6c8b8e8bc5d7cf5053bb83772427b867e2a45ce
Author: Andreas Schneider <asn at samba.org>
Date: Fri Jan 19 09:33:21 2018 +0100
include: Create system/nis.h in libreplace
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
Pair-Programmed-With: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit c29d087e1ea4c92717ef86e372fe80f410580fdc)
commit 579985dc6b0a3b6c2612dd85de09b203c4b15c9a
Author: Andreas Schneider <asn at samba.org>
Date: Fri Jan 19 09:32:49 2018 +0100
s3:waf: Move HAVE_NETGROUP to wscript
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13238
Pair-Programmed-With: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Alexander Bokovoy <ab at samba.org>
(cherry picked from commit ca5eaf0cdcf8257ac52786aa7439c8f081a2fe0d)
commit 75d1ec2340ef44683b272411eab70960e2d28767
Author: Günther Deschner <gd at samba.org>
Date: Tue Jan 16 16:25:01 2018 +0100
packaging: fix default systemd-dir path.
https://bugzilla.samba.org/show_bug.cgi?id=13227
By default we should not end up with a
/usr/usr/lib/systemd/system path.
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Tue Jan 16 21:02:28 CET 2018 on sn-devel-144
commit 2d4987b24210044287c91289a0f67618bacd7335
Author: Christof Schmitt <cs at samba.org>
Date: Wed Jan 10 15:56:08 2018 -0700
Remove file system sharemode before calling unlink
GPFS implements the DENY_DELETE sharemode, which prevents unlink() from
deleting the file.. This causes the problem that deleting a file through
"delete on close" fails, as the code in close.c first calls unlink() and
only later removes the file system sharemode.
Fix this by removing the file system sharemode before calling unlink().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13217
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Wed Jan 17 01:31:53 CET 2018 on sn-devel-144
(cherry picked from commit e77f8e4628ba868f09cbcf2970caac6c69fe080c)
commit 1844f8906e8a273a6a9c77b21a4edee9c1fb18af
Author: Andreas Schneider <asn at samba.org>
Date: Thu Jan 11 09:06:31 2018 +0100
s3:rpc_client: Clenup copy_netr_SamInfo3() code
This gets rid of some strange macro and makes sure we clenaup at the
end.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 05ebafd91ee2dd511372ce63d656e9fc6735ee28)
commit 197262e4b9442f524dba520b3e1477a4565ffe8d
Author: Andreas Schneider <asn at samba.org>
Date: Thu Jan 11 09:37:22 2018 +0100
s3:winbind: Use a stackframe and cleanup when leaving
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit bfc727f0b2d837a97fc9eb94a8811f23a656c4e4)
commit e089bed11620264cd98727dfec087024d84a5813
Author: Andreas Schneider <asn at samba.org>
Date: Thu Jan 11 09:27:50 2018 +0100
s3:winbind: Use a goto for cleaning up at the end
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 00d176c6c592af59cc14271de4af1614578090a3)
commit 16f7f9ccfa154f1fe5c88237082a2a898e990dfd
Author: Andreas Schneider <asn at samba.org>
Date: Thu Jan 11 09:23:05 2018 +0100
s3:winbindd: Improve logic so it is easier to understand
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 264249db0f5515d8333d16218f1553ae9f0e7193)
-----------------------------------------------------------------------
Summary of changes:
buildtools/wafsamba/samba_autoconf.py | 4 +-
ctdb/wscript | 2 +-
lib/replace/system/nis.h | 83 ++++++++++++++++++++
lib/replace/wscript | 38 +++++++--
lib/util/access.c | 10 ++-
lib/util/wscript_build | 2 +-
packaging/wscript | 4 +-
python/samba/dbchecker.py | 22 +++++-
selftest/knownfail.d/dbcheck_duplicate_member | 5 ++
source3/auth/auth_util.c | 14 ++--
source3/auth/server_info.c | 45 +++++++----
source3/auth/user_util.c | 13 ++++
source3/auth/wscript_build | 2 +-
source3/include/includes.h | 49 ------------
source3/lib/sysquotas_nfs.c | 11 ++-
source3/lib/util.c | 11 +++
source3/modules/nfs4acl_xattr_xdr.c | 9 +++
source3/rpc_client/util_netlogon.c | 80 +++++++++++--------
source3/rpc_client/util_netlogon.h | 5 +-
source3/smbd/close.c | 16 ++++
source3/winbindd/winbindd_pam.c | 90 +++++++++++-----------
source3/wscript | 35 +++++----
source3/wscript_build | 2 +-
source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 18 ++++-
.../add-unsorted-links-step1.ldif | 72 +++++++++++++++++
.../add-unsorted-links-step2.ldif | 12 +++
.../release-4-5-0-pre1/expected-expunge-output.txt | 2 +-
.../expected-unsorted-links-after-expunge.ldif | 23 ++++++
testprogs/blackbox/tombstones-expunge.sh | 24 ++++++
29 files changed, 516 insertions(+), 187 deletions(-)
create mode 100644 lib/replace/system/nis.h
create mode 100644 selftest/knownfail.d/dbcheck_duplicate_member
create mode 100644 source4/selftest/provisions/release-4-5-0-pre1/add-unsorted-links-step1.ldif
create mode 100644 source4/selftest/provisions/release-4-5-0-pre1/add-unsorted-links-step2.ldif
create mode 100644 source4/selftest/provisions/release-4-5-0-pre1/expected-unsorted-links-after-expunge.ldif
Changeset truncated at 500 lines:
diff --git a/buildtools/wafsamba/samba_autoconf.py b/buildtools/wafsamba/samba_autoconf.py
index 7940a7d..cc08e0d 100644
--- a/buildtools/wafsamba/samba_autoconf.py
+++ b/buildtools/wafsamba/samba_autoconf.py
@@ -454,7 +454,8 @@ def CHECK_CODE(conf, code, define,
@conf
def CHECK_STRUCTURE_MEMBER(conf, structname, member,
- always=False, define=None, headers=None):
+ always=False, define=None, headers=None,
+ lib=None):
'''check for a structure member'''
if define is None:
define = 'HAVE_%s' % member.upper()
@@ -463,6 +464,7 @@ def CHECK_STRUCTURE_MEMBER(conf, structname, member,
define,
execute=False,
link=False,
+ lib=lib,
always=always,
headers=headers,
local_include=False,
diff --git a/ctdb/wscript b/ctdb/wscript
index 8774b99..715ecb1 100644
--- a/ctdb/wscript
+++ b/ctdb/wscript
@@ -559,7 +559,7 @@ def build(bld):
bld.SAMBA_BINARY('smnotify',
source=bld.SUBDIR('utils/smnotify',
'smnotify.c gen_smnotify.c gen_xdr.c'),
- deps='ctdb-smnotify-h ctdb-smnotify-c ctdb-smnotify-x popt',
+ deps='ctdb-smnotify-h ctdb-smnotify-c ctdb-smnotify-x popt tirpc',
includes='utils utils/smnotify',
install_path='${CTDB_HELPER_BINDIR}')
diff --git a/lib/replace/system/nis.h b/lib/replace/system/nis.h
new file mode 100644
index 0000000..068595a
--- /dev/null
+++ b/lib/replace/system/nis.h
@@ -0,0 +1,83 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ nis system include wrappers
+
+ Copyright (C) Andrew Tridgell 2004
+
+ ** NOTE! The following LGPL license applies to the replace
+ ** library. This does NOT imply that all of Samba is released
+ ** under the LGPL
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 3 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _nis_passwd_h
+#define _nis_passwd_h
+
+#if defined(HAVE_RPC_RPC_H)
+/*
+ * Check for AUTH_ERROR define conflict with rpc/rpc.h in prot.h.
+ */
+#if defined(HAVE_SYS_SECURITY_H) && defined(HAVE_RPC_AUTH_ERROR_CONFLICT)
+#undef AUTH_ERROR
+#endif /* HAVE_SYS_SECURITY_H && HAVE_RPC_AUTH_ERROR_CONFLICT */
+/*
+ * HP-UX 11.X has TCP_NODELAY and TCP_MAXSEG defined in <netinet/tcp.h> which
+ * was included above. However <rpc/rpc.h> includes <sys/xti.h> which defines
+ * them again without checking if they already exsist. This generates
+ * two "Redefinition of macro" warnings for every single .c file that is
+ * compiled.
+ */
+#if defined(HPUX) && defined(TCP_NODELAY)
+#undef TCP_NODELAY
+#endif /* HPUX && TCP_NODELAY */
+
+#if defined(HPUX) && defined(TCP_MAXSEG)
+#undef TCP_MAXSEG
+#endif /* HPUX && TCP_MAXSEG */
+
+#include <rpc/rpc.h>
+#endif /* HAVE_RPC_RPC_H */
+
+
+#if defined (HAVE_NETGROUP)
+
+#if defined(HAVE_RPCSVC_YP_PROT_H)
+/*
+ * HP-UX 11.X has TCP_NODELAY and TCP_MAXSEG defined in <netinet/tcp.h> which
+ * was included above. However <rpc/rpc.h> includes <sys/xti.h> which defines
+ * them again without checking if they already exsist. This generates
+ * two "Redefinition of macro" warnings for every single .c file that is
+ * compiled.
+ */
+#if defined(HPUX) && defined(TCP_NODELAY)
+#undef TCP_NODELAY
+#endif /* HPUX && TCP_MAXSEG */
+
+#if defined(HPUX) && defined(TCP_MAXSEG)
+#undef TCP_MAXSEG
+#endif /* HPUX && TCP_MAXSEG */
+
+#include <rpcsvc/yp_prot.h>
+
+#endif /* HAVE_RPCSVC_YP_PROT_H */
+
+#if defined(HAVE_RPCSVC_YPCLNT_H)
+#include <rpcsvc/ypclnt.h>
+#endif /* HAVE_RPCSVC_YPCLNT_H */
+
+#endif /* HAVE_NETGROUP */
+
+#endif /* _nis_passwd_h */
diff --git a/lib/replace/wscript b/lib/replace/wscript
index 2f94d49..2c638b7 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -5,7 +5,7 @@ VERSION = '1.2.1'
blddir = 'bin'
-import sys, os
+import Logs, sys, os
# find the buildtools directory
srcdir = '.'
@@ -65,14 +65,42 @@ def configure(conf):
headers='sys/inotify.h')
conf.CHECK_HEADERS('security/pam_appl.h zlib.h asm/unistd.h')
- conf.CHECK_HEADERS('aio.h sys/unistd.h rpc/rpc.h rpc/nettype.h alloca.h float.h')
+ conf.CHECK_HEADERS('aio.h sys/unistd.h alloca.h float.h')
+
+ conf.SET_TARGET_TYPE('tirpc', 'EMPTY')
+ conf.CHECK_HEADERS('rpc/rpc.h rpc/nettype.h')
+ if not conf.CONFIG_SET('HAVE_RPC_RPC_H'):
+ if conf.CHECK_CFG(package='libtirpc', args='--cflags --libs',
+ msg='Checking for libtirpc headers',
+ uselib_store='TIRPC'):
+ conf.CHECK_HEADERS('rpc/rpc.h rpc/nettype.h', lib='tirpc', together=True)
+ conf.SET_TARGET_TYPE('tirpc', 'SYSLIB')
+ if not conf.CONFIG_SET('HAVE_RPC_RPC_H'):
+ if conf.CHECK_CFG(package='libntirpc', args='--cflags',
+ msg='Checking for libntirpc headers',
+ uselib_store='TIRPC'):
+ conf.CHECK_HEADERS('rpc/rpc.h rpc/nettype.h', lib='tirpc', together=True)
+ conf.SET_TARGET_TYPE('tirpc', 'SYSLIB')
+ if not conf.CONFIG_SET('HAVE_RPC_RPC_H'):
+ Logs.error('ERROR: No rpc/rpc.h header found, tirpc or libntirpc missing?')
+ sys.exit(1)
+
+ conf.SET_TARGET_TYPE('nsl', 'EMPTY')
+ conf.CHECK_HEADERS('rpc/rpc.h rpcsvc/yp_prot.h', lib='tirpc')
+ if not conf.CONFIG_SET('HAVE_RPCSVC_YP_PROT_H'):
+ if conf.CHECK_CFG(package='libnsl', args='--cflags --libs',
+ msg='Checking for libnsl',
+ uselib_store='NSL'):
+ conf.SET_TARGET_TYPE('nsl', 'SYSLIB')
+ conf.CHECK_HEADERS('rpc/rpc.h rpcsvc/yp_prot.h', lib='tirpc nsl')
+ else:
+ conf.SET_TARGET_TYPE('nsl', 'SYSLIB')
+ conf.CHECK_HEADERS('rpcsvc/nis.h rpcsvc/ypclnt.h', lib='tirpc nsl')
- conf.CHECK_HEADERS('rpcsvc/nis.h rpcsvc/ypclnt.h sys/sysctl.h')
+ conf.CHECK_HEADERS('sys/sysctl.h')
conf.CHECK_HEADERS('sys/fileio.h sys/filesys.h sys/dustat.h sys/sysmacros.h')
conf.CHECK_HEADERS('xfs/libxfs.h netgroup.h')
- conf.CHECK_CODE('', headers='rpc/rpc.h rpcsvc/yp_prot.h', define='HAVE_RPCSVC_YP_PROT_H')
-
conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h')
conf.CHECK_HEADERS('nss_common.h nsswitch.h ns_api.h')
conf.CHECK_HEADERS('sys/extattr.h sys/ea.h sys/proplist.h sys/cdefs.h')
diff --git a/lib/util/access.c b/lib/util/access.c
index 6d04a5f..7da0573 100644
--- a/lib/util/access.c
+++ b/lib/util/access.c
@@ -22,6 +22,10 @@
#include "lib/util/access.h"
#include "lib/util/unix_match.h"
+#if defined(HAVE_NETGROUP)
+#include "system/nis.h"
+#endif
+
#define NAME_INDEX 0
#define ADDR_INDEX 1
@@ -143,11 +147,11 @@ static bool string_match(const char *tok,const char *s)
netgroup_ok = innetgr(tok + 1, hostname, (char *) 0, mydomain);
- DEBUG(5,("looking for %s of domain %s in netgroup %s gave %s\n",
+ DBG_INFO("%s %s of domain %s in netgroup %s\n",
+ netgroup_ok ? "Found" : "Could not find",
hostname,
mydomain?mydomain:"(ANY)",
- tok+1,
- BOOLSTR(netgroup_ok)));
+ tok+1);
SAFE_FREE(hostname);
diff --git a/lib/util/wscript_build b/lib/util/wscript_build
index 0b16b6f..30face3 100644
--- a/lib/util/wscript_build
+++ b/lib/util/wscript_build
@@ -204,7 +204,7 @@ else:
bld.SAMBA_SUBSYSTEM('access',
source='access.c',
- deps='interfaces samba-util',
+ deps='interfaces samba-util tirpc nsl',
local_include=False)
bld.SAMBA_SUBSYSTEM('util_str_escape',
diff --git a/packaging/wscript b/packaging/wscript
index 76158e9..6cee6b9 100644
--- a/packaging/wscript
+++ b/packaging/wscript
@@ -10,9 +10,9 @@ def set_options(opt):
action="store_true", dest="systemd_install_services", default=False)
gr.add_option('--with-systemddir',
- help=("systemd service directory [PREFIX/usr/lib/systemd/system]"),
+ help=("systemd service directory [PREFIX/lib/systemd/system]"),
action="store", dest="SYSTEMDDIR",
- default="${PREFIX}/usr/lib/systemd/system")
+ default="${PREFIX}/lib/systemd/system")
#
# extra service directives
#
diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py
index 1933740..6e4c440 100644
--- a/python/samba/dbchecker.py
+++ b/python/samba/dbchecker.py
@@ -708,9 +708,15 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base)))
"Failed to fix incorrect RMD_FLAGS %u" % rmd_flags):
self.report("Fixed incorrect RMD_FLAGS %u" % (rmd_flags))
- def err_orphaned_backlink(self, obj, attrname, val, link_name, target_dn):
+ def err_orphaned_backlink(self, obj, attrname, val, link_name, target_dn, duplicate_links):
'''handle a orphaned backlink value'''
self.report("ERROR: orphaned backlink attribute '%s' in %s for link %s in %s" % (attrname, obj.dn, link_name, target_dn))
+ if duplicate_links:
+ self.report("ERROR: FATAL! Most likely the corresponding forward link got lost!")
+ self.report("ERROR: FATAL! See https://bugzilla.samba.org/show_bug.cgi?id=13228")
+ self.report("Recovery handling will be implemented in a future version")
+ self.report("Not removing orphaned backlink %s" % attrname)
+ return
if not self.confirm_all('Remove orphaned backlink %s' % attrname, 'fix_all_orphaned_backlinks'):
self.report("Not removing orphaned backlink %s" % attrname)
return
@@ -724,6 +730,11 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base)))
def err_duplicate_links(self, obj, attrname, vals):
'''handle a duplicate links value'''
+ self.report("ERROR: FATAL! Most likely some forward link values for attribute '%s' in '%s' got lost!" % (attrname, obj.dn))
+ self.report("ERROR: FATAL! See https://bugzilla.samba.org/show_bug.cgi?id=13228")
+ self.report("Recovery handling will be implemented in a future version")
+ self.report("Not removing duplicate links in attribute '%s'" % attrname)
+ return
if not self.confirm_all("Remove duplicate links in attribute '%s'" % attrname, 'fix_all_duplicate_links'):
self.report("Not removing duplicate links in attribute '%s'" % attrname)
return
@@ -896,6 +907,7 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base)))
else:
reverse_syntax_oid = None
+ duplicate_links = False
duplicate_dict = dict()
duplicate_list = list()
unique_dict = dict()
@@ -950,6 +962,10 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base)))
unique_dict[keystr] = dsdb_dn
if len(duplicate_list) != 0:
+ duplicate_links = True
+ self.report("ERROR: FATAL! Most likely some forward link values for attribute '%s' in '%s' got lost!" % (attrname, obj.dn))
+ self.report("ERROR: FATAL! See https://bugzilla.samba.org/show_bug.cgi?id=13228")
+
self.report("ERROR: Duplicate link values for attribute '%s' in '%s'" % (attrname, obj.dn))
for keystr in duplicate_list:
d = duplicate_dict[keystr]
@@ -1148,7 +1164,7 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base)))
error_count += 1
self.err_orphaned_backlink(obj, attrname,
val, reverse_link_name,
- dsdb_dn.dn)
+ dsdb_dn.dn, duplicate_links)
continue
# Only warn here and let the forward link logic fix it.
self.report("WARNING: Link (back) mismatch for '%s' (%d) on '%s' to '%s' (%d) on '%s'" % (
@@ -1180,7 +1196,7 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base)))
else:
self.err_orphaned_backlink(res[0], reverse_link_name,
obj.dn.extended_str(), attrname,
- obj.dn)
+ obj.dn, duplicate_links)
diff_count += 1
diff --git a/selftest/knownfail.d/dbcheck_duplicate_member b/selftest/knownfail.d/dbcheck_duplicate_member
new file mode 100644
index 0000000..7ebb82b
--- /dev/null
+++ b/selftest/knownfail.d/dbcheck_duplicate_member
@@ -0,0 +1,5 @@
+^samba4.blackbox.dbcheck-links.release-4-5-0-pre1.dbcheck_duplicate_member
+^samba4.blackbox.dbcheck-links.release-4-5-0-pre1.check_expected_after_duplicate_links
+^samba4.blackbox.dbcheck-links.release-4-5-0-pre1.duplicate_clean
+^samba4.blackbox.dbcheck-links.release-4-5-0-pre1.dbcheck_clean2
+^samba4.blackbox.dbcheck-links.release-4-5-0-pre1.dbcheck_clean3
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 5bb5a69..f543b33 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1008,6 +1008,7 @@ static struct auth_serversupplied_info *copy_session_info_serverinfo_guest(TALLO
struct auth_serversupplied_info *server_info)
{
struct auth_serversupplied_info *dst;
+ NTSTATUS status;
dst = make_server_info(mem_ctx);
if (dst == NULL) {
@@ -1055,8 +1056,10 @@ static struct auth_serversupplied_info *copy_session_info_serverinfo_guest(TALLO
dst->lm_session_key = data_blob_talloc(dst, src->session_key.data,
src->session_key.length);
- dst->info3 = copy_netr_SamInfo3(dst, server_info->info3);
- if (!dst->info3) {
+ status = copy_netr_SamInfo3(dst,
+ server_info->info3,
+ &dst->info3);
+ if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(dst);
return NULL;
}
@@ -1433,9 +1436,10 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
result->unix_name = talloc_strdup(result, found_username);
/* copy in the info3 */
- result->info3 = copy_netr_SamInfo3(result, info3);
- if (result->info3 == NULL) {
- nt_status = NT_STATUS_NO_MEMORY;
+ nt_status = copy_netr_SamInfo3(result,
+ info3,
+ &result->info3);
+ if (!NT_STATUS_IS_OK(nt_status)) {
goto out;
}
diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c
index 20d43d2..7898175 100644
--- a/source3/auth/server_info.c
+++ b/source3/auth/server_info.c
@@ -63,11 +63,14 @@ struct auth_serversupplied_info *make_server_info(TALLOC_CTX *mem_ctx)
NTSTATUS serverinfo_to_SamInfo2(struct auth_serversupplied_info *server_info,
struct netr_SamInfo2 *sam2)
{
- struct netr_SamInfo3 *info3;
+ struct netr_SamInfo3 *info3 = NULL;
+ NTSTATUS status;
- info3 = copy_netr_SamInfo3(sam2, server_info->info3);
- if (!info3) {
- return NT_STATUS_NO_MEMORY;
+ status = copy_netr_SamInfo3(sam2,
+ server_info->info3,
+ &info3);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
if (server_info->session_key.length) {
@@ -96,11 +99,14 @@ NTSTATUS serverinfo_to_SamInfo2(struct auth_serversupplied_info *server_info,
NTSTATUS serverinfo_to_SamInfo3(const struct auth_serversupplied_info *server_info,
struct netr_SamInfo3 *sam3)
{
- struct netr_SamInfo3 *info3;
+ struct netr_SamInfo3 *info3 = NULL;
+ NTSTATUS status;
- info3 = copy_netr_SamInfo3(sam3, server_info->info3);
- if (!info3) {
- return NT_STATUS_NO_MEMORY;
+ status = copy_netr_SamInfo3(sam3,
+ server_info->info3,
+ &info3);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
if (server_info->session_key.length) {
@@ -133,7 +139,8 @@ NTSTATUS serverinfo_to_SamInfo6(struct auth_serversupplied_info *server_info,
struct netr_SamInfo6 *sam6)
{
struct pdb_domain_info *dominfo;
- struct netr_SamInfo3 *info3;
+ struct netr_SamInfo3 *info3 = NULL;
+ NTSTATUS status;
if ((pdb_capabilities() & PDB_CAP_ADS) == 0) {
DEBUG(10,("Not adding validation info level 6 "
@@ -146,9 +153,11 @@ NTSTATUS serverinfo_to_SamInfo6(struct auth_serversupplied_info *server_info,
return NT_STATUS_NO_MEMORY;
}
- info3 = copy_netr_SamInfo3(sam6, server_info->info3);
- if (!info3) {
- return NT_STATUS_NO_MEMORY;
+ status = copy_netr_SamInfo3(sam6,
+ server_info->info3,
+ &info3);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
if (server_info->session_key.length) {
@@ -335,11 +344,15 @@ NTSTATUS create_info3_from_pac_logon_info(TALLOC_CTX *mem_ctx,
struct netr_SamInfo3 **pp_info3)
{
NTSTATUS status;
- struct netr_SamInfo3 *info3 = copy_netr_SamInfo3(mem_ctx,
- &logon_info->info3);
- if (info3 == NULL) {
- return NT_STATUS_NO_MEMORY;
+ struct netr_SamInfo3 *info3 = NULL;
+
+ status = copy_netr_SamInfo3(mem_ctx,
+ &logon_info->info3,
+ &info3);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
+
status = merge_resource_sids(logon_info, info3);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(info3);
diff --git a/source3/auth/user_util.c b/source3/auth/user_util.c
index 1ddb738..63841a1 100644
--- a/source3/auth/user_util.c
+++ b/source3/auth/user_util.c
@@ -23,6 +23,19 @@
#include "system/filesys.h"
#include "auth.h"
+#ifdef HAVE_NETGROUP
+/* rpc/xdr.h uses TRUE and FALSE */
+#ifdef TRUE
+#undef TRUE
+#endif
+
+#ifdef FALSE
+#undef FALSE
+#endif
+
+#include "system/nis.h"
+#endif
+
/*******************************************************************
Map a username from a dos name to a unix name by looking in the username
map. Note that this modifies the name in place.
diff --git a/source3/auth/wscript_build b/source3/auth/wscript_build
index 83b5ad1..8fd7dcd 100644
--- a/source3/auth/wscript_build
+++ b/source3/auth/wscript_build
@@ -6,7 +6,7 @@ bld.SAMBA3_SUBSYSTEM('TOKEN_UTIL',
bld.SAMBA3_SUBSYSTEM('USER_UTIL',
source='user_util.c',
- deps='TOKEN_UTIL')
+ deps='TOKEN_UTIL tirpc nsl')
bld.SAMBA3_SUBSYSTEM('AUTH_COMMON',
source='''auth_util.c
diff --git a/source3/include/includes.h b/source3/include/includes.h
index e82bfad..d822c3f 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -68,55 +68,6 @@
#include "system/time.h"
#include "system/wait.h"
-#if defined(HAVE_RPC_RPC_H)
-/*
- * Check for AUTH_ERROR define conflict with rpc/rpc.h in prot.h.
- */
-#if defined(HAVE_SYS_SECURITY_H) && defined(HAVE_RPC_AUTH_ERROR_CONFLICT)
--
Samba Shared Repository
More information about the samba-cvs
mailing list