[SCM] Samba Shared Repository - branch v4-9-stable updated
Karolin Seeger
kseeger at samba.org
Thu Nov 8 08:27:25 UTC 2018
The branch, v4-9-stable has been updated
via 865cc28 VERSION: Disable GIT_SNAPSHOT for the 4.9.2 release.
via f8c0389 WHATSNEW: Add release notes for Samba 4.9.2.
via 1a3b20d selftest: Run smb2.delete-on-close-perms also with "delete readonly = yes"
via 380badf selftest: Add share to test "delete readonly" option
via 03518d2 smbd: Fix DELETE_ON_CLOSE behaviour on files with READ_ONLY attribute
via 9603a09 smbtorture: Add test for DELETE_ON_CLOSE on files with READ_ONLY attribute
via 2dd3c33 torture: Fix the clang build
via 7354097 vfs_fruit: let fruit_open_meta() with O_CREAT return a fake-fd
via cf43b5d vfs_fruit: don't check for delete-on-close on the FinderInfo stream
via eacbfe9 vfs_fruit: let fruit_pwrite_meta_stream also ftruncate empty FinderInfo
via 27a5a83 vfs_fruit: pass stream size to delete_invalid_meta_stream()
via 029f64f vfs_fruit: let fruit handle all aio on the FinderInfo metadata stream
via d405dc3 vfs_fruit: do ino calculation
via c23f1da vfs_fruit: prepare fruit_pread_meta() for reading on fake-fd
via a5b677d vfs_fruit: prepare fruit_pwrite_meta() for on-demand opening and writing
via 44834da vfs_fruit: prepare struct fio for fake-fd and on-demand opening
via a57e29e vfs_fruit: add fio->created
via c7ce8c8 vfs_fruit: remove resource fork special casing
via c8e1405 vfs_fruit: add some debugging of dev/ino
via 42a5dbd s4:torture/vfs/fruit: add test "empty_stream"
via 5076abb s4:torture/vfs/fruit: add check_stream_list_handle()
via 0a16d4f s4:torture/util: add torture_smb2_open()
via e03f36a vfs_fruit: filter empty streams
via e8f1df0 vfs_fruit: use check on global_fruit_config.nego_aapl for macOS specific behaviour
via 71d8b4a s4:torture/vfs/fruit: enable AAPL extensions in a bunch of tests
via a09f0a8 vfs_fruit: don't unlink 0-byte size truncated streams
via 535abb3 s4:torture/vfs/fruit: write some data to a just created teststream
via e2fe019 s4:torture/vfs/fruit: expand test "setinfo eof stream"
via abfc211 vfs_fruit: update handling of read-only creation of resource fork
via 816651b s4:torture/vfs/fruit: update test "creating rsrc with read-only access" for newer macOS versions
via cc9956e s4:torture/vfs/fruit: expand existing vfs_test "null afpinfo"
via 530c24f s4:torture/vfs/fruit: expand existing test "setinfo delete-on-close AFP_AfpInfo" a little bit
via 756da49 s4:torture/vfs/fruit: update test "read open rsrc after rename" to work with macOS
via 8b5a4c3 s4:torture/vfs/fruit: ensure a directory handle is closed in all code paths
via 1e3f8a6 s4:torture/vfs/fruit: update test "stream names" to work with macOS
via cca8842 s4:torture/vfs/fruit: update test "SMB2/CREATE context AAPL" to work against macOS
via 7717809 s4:torture/vfs/fruit: set share_access to NTCREATEX_SHARE_ACCESS_MASK in check_stream_list
via 718317b s4:torture/vfs/fruit: fix a few error checks in "delete AFP_AfpInfo by writing all 0"
via dd2a1d0 s4:torture/vfs/fruit: skip a few tests when running against a macOS SMB server
via e03bdef vfs_streams_xattr: fix open implementation
via 53104cb ctdb-recovery: Ban a node that causes recovery failure
via d72319d s3:smbd: remove now unused check if fsp is NULL
via c1e441e s3:smbd: fix SMB2 aio cancelling
via a9bb620 s4:torture/smb2/read: add test for cancelling SMB aio
via 6fa0ab1 vfs_delay_inject: implement pread_send and pwrite_send
via 82a7e00 s4:libcli/smb2: reapply request endtime
via 7e99105 libcli: fill endtime if smbXcli_req_create() timeout is non-zero
via 786b6c7 libcli: add smbXcli_req_endtime
via a0a3ce5 dsdb group audit tests: log_membership_changes extra tests
via 1554338 dsdb group audit tests: check_version improve diagnostics
via a29074f dsdb group audit tests: check_timestamp improve diagnostics
via 5d06550 dsdb group audit: align dn_compare with memcmp
via fd43fd8 dsdb group_audit: Test to replicate BUG 13664
via 9b7bd1c dsdb encrypted_secrets: Allow "ldb:// and "mdb://" in file path
via 0945b9b dsdb encrypted_secrets tests: Allow "ldb://" in file path
via 19e17ff python tests Blackbox: add random_password
via c20b587 ldb: Bump ldb version to 1.4.3
via 4908da4 lib/ldb: Ensure ldb.Dn can accept utf8 encoded unicode
via 1f7757e lib/ldb/tests: add test for ldb.Dn passed utf8 unicode
via 339a86a lib/ldb: Test correct variable for no mem condition
via d88db0d dsdb: Add comments explaining the limitations of our current backlink behaviour
via 556b2c8 s4:samldb: internally use extended dns while changing the primaryGroupID field
via c9e0e43 s4:repl_meta_data: add support for DSDB_CONTROL_DBCHECK_FIX_LINK_DN_SID
via 6616941 s4:repl_meta_data: pass down struct replmd_replicated_request to replmd_modify_la_replace()
via fcafbe7 s4:repl_meta_data: pass down struct replmd_replicated_request to replmd_modify_la_delete()
via 8095ffe s4:repl_meta_data: add missing
to a DEBUG message in replmd_modify_la_add()
via 98f2319 s4:repl_meta_data: pass down struct replmd_replicated_request to replmd_modify_la_add()
via 9d760fe s4:repl_meta_data: pass down struct replmd_replicated_request to replmd_modify_handle_linked_attribs()
via 2d77e4f blackbox/dbcheck-links: Test broken links with missing <SID=...> on linked attributes
via 4da901d dbchecker: Fix missing <SID=...> on linked attributes
via ea9b694 dbchecker: improve verbose output of do_modify()
via c73aca8 s4:dsdb: add DSDB_CONTROL_DBCHECK_FIX_LINK_DN_SID oid
via 3fb4c68 testprogs/blackbox: add samba4.blackbox.test_primary_group test
via 2d682e4 s4:dsdb: fix comment on DSDB_CONTROL_DBCHECK_FIX_LINK_DN_NAME
via eadd15a schema_samba4.ldif: add allocation of DSDB_CONTROL_DBCHECK_FIX_LINK_DN_NAME
via 69fb6c1 vfs_fruit: optionally delete AppleDouble files without Resourcefork data
via 6a457df vfs_fruit: add option "delete_empty_adfiles"
via 9022021 vfs_fruit: detect empty resource forks in ad_convert()
via 4a56be1 vfs_fruit: add option "wipe_intentionally_left_blank_rfork"
via f8a4f92 s4:torture: add test for AppleDouble ResourceFork conversion
via 66aaa6a s3:selftest: list vfs testssuites one per line
via 7b04e55 docs:vfs_fruit: add "delete_empty_adfiles" option
via e1f09ff docs:vfs_fruit: add "wipe_intentionally_left_blank_rfork" option
via bedb34a s3:winbind: Check return code of initialize_password_db()
via 0103f91 lib:socket: If returning early, set ifaces
via 4b461cd vfs_fruit: remove check for number of xattrs from ad_convert_xattr
via 40533f0 dsdb: Ensure that a DN (now) pointing at a deleted object counts for objectclass-based MUST
via 24a02a3 tests: Add corner-case test: fromServer points to dead server
via 5e4e3da libcli: Add debug message if fail to negoatiate SMB protocol
via 4b42e0e s3/smbd: Server responds incorrectly if no SMB protocol chosen
via d3be8e2 netcmd: Make sure SMB connection is signed when backing up sysvol
via db23314 python: Allow forced signing via smb.SMB()
via 4933bc8 selftest: Change backup testenvs to use non-default site
via dfc0745 netcmd: Re-create default site for backup-restore (if missing)
via c077dfa tests: Add test-case for restore into non-default site
via 1e7520f netcmd: Add --site option when restoring a domain
via 6c44382 ctdb-daemon: Fix valgrind hit in event code
via c3179a1 ctdb-event: Check the return status of sock_daemon_set_startup_fd
via ec028ef ctdb-common: Set close-on-exec for startup fd
via 1616cbd ctdb-daemon: Exit if eventd goes away
via a835e64 ctdb-daemon: Return early when refusing to run an event script
via 0cf64bd winbindd_cache: Fix timeout calculation for sid<->name cache
via 21e3e8b vfs_fruit: move check in ad_convert() to ad_convert_*() subfunctions
via 9304dfa vfs_fruit: make call to ad_convert_truncate() optional
via 01353f6 vfs_fruit: add out arg "converted_xattr" to ad_convert_xattr
via 0807a89 vfs_fruit: add check for OS X filler in FinderInfo conversion
via bee12e2 vfs_fruit: call ad_convert_move_reso() from ad_convert_xattr()
via 5480048 vfs_fruit: let the ad_convert_*() subfunction update the on-disk AppleDoube header as needed
via 655e147 vfs_fruit: let the ad_convert_*() subfunctions mmap as needed
via 84374fb vfs_fruit: fix error returns in ad_convert_xattr()
via 393a773 vfs_fruit: use ADEDOFF_RFORK_DOT_UND offset macro in ad_convert_move_reso()
via b228d66 vfs_fruit: split out moving of the resource fork
via c651989 vfs_fruit: use ADEDOFF_RFORK_DOT_UND offset macro in ad_convert_truncate()
via d9c79be vfs_fruit: split out truncating from ad_convert()
via 50dfdfa vfs_fruit: move FinderInfo lenght check to ad_convert()
via fb345c2 vfs_fruit: move FinderInfo conversion to helper function and call it from ad_convert()
via 10232d0 vfs_fruit: move storing of modified struct adouble to ad_convert()
via 4679371 vfs_fruit: remove unneeded fd argument from ad_convert()
via f109097 vfs_fruit: do direct return from error checks in ad_convert()
via a942683 vfs_fruit: move setting ADEID_FINDERI length to ad_convert_xattr()
via 6ee5df2 vfs_fruit: store filler bytes from AppleDouble file header in struct adouble
via b275922 vfs_fruit: fix two comments
via 4772ba8 s4:torture: FinderInfo conversion test with AppleDouble without xattr data
via a1a4e54 lib: Avoid the use of open_memstream in tevent_req_profile_string
via 33515c3 smb2_server: set req->do_encryption = true earlier
via 8657e55 s4:torture: split smb2.session.expire{1,2} to run with signing and encryptpion
via 07c9723 ctdb-tests: Drop code for RECEIVE_RECORDS control
via 0147504 ctdb-protocol: Drop marshalling code for RECEIVE_RECORDS control
via a1a6795 ctdb-protocol: Mark RECEIVE_RECORDS control obsolete
via 6294ea4 ctdb-daemon: Drop implementation of RECEIVE_RECORDS control
via e209cfc ctdb-vacuum: Remove unnecessary check for zero records in delete list
via cbfb00b ctdb-vacuum: Fix the incorrect counting of remote errors
via 485fa6b ctdb-vacuum: Simplify the deletion of vacuumed records
via 4e00714 ctdb-tests: Add recovery record resurrection test for volatile databases
via d8087c0 ctdb-daemon: Invalidate records if a node becomes INACTIVE
via 0dffb5c ctdb-daemon: Don't pull any records if records are invalidated
via 75d97d4 ctdb-daemon: Add invalid_records flag to ctdb_db_context
via b81cf01 s3: smbd: Prevent valgrind errors in smbtorture3 POSIX test.
via 1131c14 examples: Fix the smb2mount build
via 2e602d7 s3:smbget: Use cmdline_messaging_context
via 217373b s3:smbcontrol: Use cmdline_messaging_context
via def7d7c s3:dbwrap_tool: Use cmdline_messaging_context
via e399450 s3:eventlogadm: Use cmdline_messaging_context
via 0442b1f s3: ntlm_auth: Use cmdline_messaging_context
via b71c6d2 s3:sharesec: Use cmdline_messaging_context
via 4881ca3 s3:testparm: Use cmdline_messaging_context
via 212a5bc s3:pdbedit: Use cmdline_messaging_context
via 2e78c3a7 s3:messaging: remove unused messaging_init_client()
via 79fe788 s3:net: Use cmdline_messaging_context
via c2dd495 rpcclient: Use cmdline_messaging_context
via 55886f7 s3:smbstatus: Use cmdline_messaging_context
via 49f962f s3:smbpasswd: Use cmdline_messaging_context
via 8251e95 test:doc: Skip 'clustering=yes'
via 9329a28 s3:popt_common: use cmdline_messaging_context() in popt_common_credentials_callback()
via bbdefe8 selftest: pass configfile to pdbedit
via b02c52c s3:loadparm: reinit_globals in lp_load_with_registry_shares()
via b63a200 s3:lib: Introduce cmdline context wrapper
via c247ae0 s3:lib: Move popt_common_credentials to separate file
via 7791f20 s3/lib:popt_common: Move setup_logging to common callback
via 240586b s3:lib/server_contexts: make server_event_ctx and server_msg_ctx static
via 29883c7 waf: Add -fstack-clash-protection
via 7249a4e waf: Check for -fstack-protect-strong support
via 7a39bcd VERSION: Bump version up to 4.9.2...
from 8fb6b0f VERSION: Disable GIT_SNAPSHOT for the 4.9.1 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-9-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 98 +-
buildtools/wafsamba/samba_autoconf.py | 53 +-
ctdb/common/sock_daemon.c | 8 +-
ctdb/common/sock_daemon.h | 3 +-
ctdb/event/event_daemon.c | 7 +-
ctdb/include/ctdb_private.h | 3 +-
ctdb/protocol/protocol.h | 2 +-
ctdb/protocol/protocol_api.h | 6 -
ctdb/protocol/protocol_client.c | 29 -
ctdb/protocol/protocol_control.c | 26 -
ctdb/server/ctdb_control.c | 2 +-
ctdb/server/ctdb_freeze.c | 24 +-
ctdb/server/ctdb_recover.c | 211 +---
ctdb/server/ctdb_recovery_helper.c | 46 +-
ctdb/server/ctdb_vacuum.c | 280 +----
ctdb/server/eventscript.c | 12 +-
ctdb/tests/simple/69_recovery_resurrect_deleted.sh | 84 ++
ctdb/tests/src/protocol_common_ctdb.c | 20 -
docs-xml/manpages/vfs_fruit.8.xml | 25 +
examples/fuse/smb2mount.c | 2 +-
examples/fuse/wscript_build | 2 +-
lib/ldb/ABI/{ldb-1.4.2.sigs => ldb-1.4.3.sigs} | 0
...b-util.py3-1.4.2.sigs => pyldb-util-1.4.3.sigs} | 0
...il.py3-1.4.2.sigs => pyldb-util.py3-1.4.3.sigs} | 0
lib/ldb/pyldb.c | 32 +-
lib/ldb/tests/python/api.py | 4 +
lib/ldb/wscript | 2 +-
lib/socket/interfaces.c | 3 +-
lib/tevent/test_req.c | 15 +-
lib/util/tevent_req_profile.c | 85 +-
lib/util/tevent_req_profile.h | 8 +-
libcli/smb/smbXcli_base.c | 23 +-
libcli/smb/smbXcli_base.h | 1 +
python/samba/dbchecker.py | 45 +-
python/samba/netcmd/domain_backup.py | 40 +-
python/samba/tests/__init__.py | 33 +-
python/samba/tests/blackbox/bug13653.py | 212 ++++
python/samba/tests/docs.py | 3 +-
python/samba/tests/domain_backup.py | 33 +
python/samba/tests/samba_tool/base.py | 7 -
python/samba/tests/samba_tool/user.py | 8 +-
.../samba/tests/samba_tool/user_virtualCryptSHA.py | 18 +-
selftest/knownfail.d/encrypted_secrets | 6 +
selftest/knownfail.d/samba3.vfs.fruit | 1 +
selftest/target/Samba3.pm | 28 +
selftest/target/Samba4.pm | 15 +-
source3/client/client.c | 2 +-
source3/include/messages.h | 3 -
source3/include/popt_common.h | 10 -
.../background.h => include/popt_common_cmdline.h} | 46 +-
source3/lib/cmdline_contexts.c | 70 ++
.../unix_match.h => source3/lib/cmdline_contexts.h | 12 +-
source3/lib/messages.c | 9 -
source3/lib/popt_common.c | 216 +---
source3/lib/popt_common_cmdline.c | 249 ++++
source3/lib/server_contexts.c | 4 +-
source3/modules/vfs_delay_inject.c | 262 ++++
source3/modules/vfs_fruit.c | 1070 ++++++++++------
source3/modules/vfs_streams_xattr.c | 64 +-
source3/param/loadparm.c | 2 +-
source3/rpcclient/cmd_spoolss.c | 2 +-
source3/rpcclient/rpcclient.c | 30 +-
source3/rpcclient/wscript_build | 2 +-
source3/selftest/tests.py | 18 +-
source3/smbd/aio.c | 28 +-
source3/smbd/close.c | 4 +
source3/smbd/negprot.c | 9 +-
source3/smbd/open.c | 30 +-
source3/smbd/smb2_server.c | 15 +-
source3/utils/dbwrap_tool.c | 3 +
source3/utils/eventlogadm.c | 4 +
source3/utils/net.c | 31 +-
source3/utils/ntlm_auth.c | 3 +
source3/utils/pdbedit.c | 3 +
source3/utils/regedit.c | 2 +-
source3/utils/sharesec.c | 2 +
source3/utils/smbcacls.c | 2 +-
source3/utils/smbcontrol.c | 19 +-
source3/utils/smbcquotas.c | 2 +-
source3/utils/smbget.c | 5 +-
source3/utils/smbpasswd.c | 17 +-
source3/utils/smbtree.c | 2 +-
source3/utils/status.c | 25 +-
source3/utils/testparm.c | 3 +
source3/utils/wscript_build | 34 +-
source3/winbindd/winbindd.c | 8 +-
source3/winbindd/winbindd_cache.c | 4 +-
source3/wscript_build | 15 +-
source4/dsdb/pydsdb.c | 1 +
source4/dsdb/samdb/ldb_modules/encrypted_secrets.c | 6 +
source4/dsdb/samdb/ldb_modules/extended_dn_store.c | 7 +
source4/dsdb/samdb/ldb_modules/group_audit.c | 31 +-
source4/dsdb/samdb/ldb_modules/linked_attributes.c | 18 +-
source4/dsdb/samdb/ldb_modules/objectclass_attrs.c | 11 +
source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 269 +++-
source4/dsdb/samdb/ldb_modules/samldb.c | 41 +-
.../ldb_modules/tests/test_encrypted_secrets.c | 1 -
.../samdb/ldb_modules/tests/test_group_audit.c | 747 ++++++++++-
source4/dsdb/samdb/ldb_modules/wscript_build | 17 +-
source4/dsdb/samdb/samdb.h | 5 +-
source4/dsdb/tests/python/attr_from_server.py | 150 +++
source4/libcli/pysmb.c | 10 +-
source4/libcli/smb2/transport.c | 17 +
...eck-link-output-missing-link-sid-corruption.txt | 8 +
source4/selftest/tests.py | 29 +-
source4/setup/schema_samba4.ldif | 2 +
source4/torture/smb2/delete-on-close.c | 119 ++
source4/torture/smb2/read.c | 116 ++
source4/torture/smb2/session.c | 50 +-
source4/torture/smb2/smb2.c | 1 +
source4/torture/smb2/util.c | 30 +
source4/torture/vfs/fruit.c | 1325 +++++++++++++++++++-
source4/torture/vfs/vfs.c | 1 +
testprogs/blackbox/dbcheck-links.sh | 110 ++
testprogs/blackbox/ldapcmp_restoredc.sh | 3 +
testprogs/blackbox/test_pdbtest.sh | 8 +-
testprogs/blackbox/test_primary_group.sh | 90 ++
118 files changed, 5379 insertions(+), 1752 deletions(-)
create mode 100755 ctdb/tests/simple/69_recovery_resurrect_deleted.sh
copy lib/ldb/ABI/{ldb-1.4.2.sigs => ldb-1.4.3.sigs} (100%)
copy lib/ldb/ABI/{pyldb-util.py3-1.4.2.sigs => pyldb-util-1.4.3.sigs} (100%)
copy lib/ldb/ABI/{pyldb-util.py3-1.4.2.sigs => pyldb-util.py3-1.4.3.sigs} (100%)
create mode 100644 python/samba/tests/blackbox/bug13653.py
copy source3/{lib/background.h => include/popt_common_cmdline.h} (50%)
create mode 100644 source3/lib/cmdline_contexts.c
copy lib/util/unix_match.h => source3/lib/cmdline_contexts.h (72%)
create mode 100644 source3/lib/popt_common_cmdline.c
create mode 100644 source4/dsdb/tests/python/attr_from_server.py
create mode 100644 source4/selftest/provisions/release-4-5-0-pre1/expected-dbcheck-link-output-missing-link-sid-corruption.txt
create mode 100755 testprogs/blackbox/test_primary_group.sh
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 406f63d..79eda3f 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=9
-SAMBA_VERSION_RELEASE=1
+SAMBA_VERSION_RELEASE=2
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 0742d7d..978502e 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,98 @@
=============================
+ Release Notes for Samba 4.9.2
+ November 08, 2018
+ =============================
+
+
+This is the latest stable release of the Samba 4.9 release series.
+
+
+Changes since 4.9.1:
+--------------------
+
+o Andrew Bartlett <abartlet at samba.org>
+ * BUG 13418: dsdb: Add comments explaining the limitations of our current
+ backlink behaviour.
+ * BUG 13621: Fix problems running domain backups (handling SMBv2, sites).
+
+o Tim Beale <timbeale at catalyst.net.nz>
+ * BUG 13621: Fix problems running domain backups (handling SMBv2, sites).
+
+o Ralph Boehme <slow at samba.org>
+ * BUG 13465: testparm: Fix crashes with PANIC: Messaging not initialized on
+ SLES 12 SP3.
+ * BUG 13642: Make vfs_fruit able to cleanup AppleDouble files.
+ * BUG 13646: File saving issues with vfs_fruit on samba >= 4.8.5.
+ * BUG 13649: Enabling vfs_fruit looses FinderInfo.
+ * BUG 13667: Cancelling of SMB2 aio reads and writes returns wrong error
+ NT_STATUS_INTERNAL_ERROR.
+
+o Amitay Isaacs <amitay at gmail.com>
+ * BUG 13641: Fix CTDB recovery record resurrection from inactive nodes and
+ simplify vacuuming.
+
+o Volker Lendecke <vl at samba.org>
+ * BUG 13465: examples: Fix the smb2mount build.
+ * BUG 13629: libtevent: Fix build due to missing open_memstream on Illiumos.
+ * BUG 13662: winbindd_cache: Fix timeout calculation for sid<->name cache.
+
+o Gary Lockyer <gary at catalyst.net.nz>
+ * BUG 13653: dsdb encrypted_secrets: Allow "ldb:// and "mdb://" in file path.
+
+o Stefan Metzmacher <metze at samba.org>
+ * BUG 13418: Extended DN SID component missing for member after switching
+ group membership.
+ * BUG 13624: Return STATUS_SESSION_EXPIRED error encrypted, if the request
+ was encrypted.
+
+o David Mulder <dmulder at suse.com>
+ * BUG 13621: python: Allow forced signing via smb.SMB().
+ * BUG 13665: lib:socket: If returning early, set ifaces.
+
+o Noel Power <noel.power at suse.com>
+ * BUG 13616: ldb: Bump ldb version to 1.4.3, Python: Ensure ldb.Dn can accept
+ utf8 encoded unicode.
+
+o Christof Schmitt <cs at samba.org>
+ * BUG 13465: testparm: Fix crashes with PANIC: Messaging not initialized on
+ SLES 12 SP3.
+ * BUG 13673: smbd: Fix DELETE_ON_CLOSE behaviour on files with READ_ONLY
+ attribute.
+
+o Andreas Schneider <asn at samba.org>
+ * BUG 13601: waf: Add -fstack-clash-protection.
+ * BUG 13668: winbind: Fix segfault if an invalid passdb backend is
+ configured.
+
+o Martin Schwenke <martin at meltin.net>
+ * BUG 13659: Fix bugs in CTDB event handling.
+ * BUG 13670: Misbehaving nodes are sometimes not banned.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
+ =============================
Release Notes for Samba 4.9.1
September 24, 2018
=============================
@@ -53,8 +147,8 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
+
=============================
Release Notes for Samba 4.9.0
diff --git a/buildtools/wafsamba/samba_autoconf.py b/buildtools/wafsamba/samba_autoconf.py
index c4391d0..f2b3ec8 100644
--- a/buildtools/wafsamba/samba_autoconf.py
+++ b/buildtools/wafsamba/samba_autoconf.py
@@ -674,23 +674,42 @@ def SAMBA_CONFIG_H(conf, path=None):
return
# we need to build real code that can't be optimized away to test
- if conf.check(fragment='''
- #include <stdio.h>
-
- int main(void)
- {
- char t[100000];
- while (fgets(t, sizeof(t), stdin));
- return 0;
- }
- ''',
- execute=0,
- ccflags='-fstack-protector',
- ldflags='-fstack-protector',
- mandatory=False,
- msg='Checking if toolchain accepts -fstack-protector'):
- conf.ADD_CFLAGS('-fstack-protector')
- conf.ADD_LDFLAGS('-fstack-protector')
+ stack_protect_list = ['-fstack-protector-strong', '-fstack-protector']
+ for stack_protect_flag in stack_protect_list:
+ flag_supported = conf.check(fragment='''
+ #include <stdio.h>
+
+ int main(void)
+ {
+ char t[100000];
+ while (fgets(t, sizeof(t), stdin));
+ return 0;
+ }
+ ''',
+ execute=0,
+ ccflags=[ '-Werror', '-Wp,-D_FORTIFY_SOURCE=2', stack_protect_flag],
+ mandatory=False,
+ msg='Checking if compiler accepts %s' % (stack_protect_flag))
+ if flag_supported:
+ conf.ADD_CFLAGS('-Wp,-D_FORTIFY_SOURCE=2 %s' % (stack_protect_flag))
+ break
+
+ flag_supported = conf.check(fragment='''
+ #include <stdio.h>
+
+ int main(void)
+ {
+ char t[100000];
+ while (fgets(t, sizeof(t), stdin));
+ return 0;
+ }
+ ''',
+ execute=0,
+ ccflags=[ '-Werror', '-fstack-clash-protection'],
+ mandatory=False,
+ msg='Checking if compiler accepts -fstack-clash-protection')
+ if flag_supported:
+ conf.ADD_CFLAGS('-fstack-clash-protection')
if Options.options.debug:
conf.ADD_CFLAGS('-g', testflags=True)
diff --git a/ctdb/common/sock_daemon.c b/ctdb/common/sock_daemon.c
index 90f6bce..e5e16f8 100644
--- a/ctdb/common/sock_daemon.c
+++ b/ctdb/common/sock_daemon.c
@@ -523,9 +523,15 @@ int sock_daemon_add_unix(struct sock_daemon_context *sockd,
return 0;
}
-void sock_daemon_set_startup_fd(struct sock_daemon_context *sockd, int fd)
+bool sock_daemon_set_startup_fd(struct sock_daemon_context *sockd, int fd)
{
+ if (! set_close_on_exec(fd)) {
+ D_ERR("Failed to set close-on-exec on startup fd\n");
+ return false;
+ }
+
sockd->startup_fd = fd;
+ return true;
}
/*
diff --git a/ctdb/common/sock_daemon.h b/ctdb/common/sock_daemon.h
index 972245a..7aa9d5d 100644
--- a/ctdb/common/sock_daemon.h
+++ b/ctdb/common/sock_daemon.h
@@ -216,8 +216,9 @@ int sock_daemon_add_unix(struct sock_daemon_context *sockd,
*
* @param[in] sockd Socket daemon context
* @param[in] fd File descriptor
+ * @return true on success, false on error
*/
-void sock_daemon_set_startup_fd(struct sock_daemon_context *sockd, int fd);
+bool sock_daemon_set_startup_fd(struct sock_daemon_context *sockd, int fd);
/**
* @brief Async computation start to run a socket daemon
diff --git a/ctdb/event/event_daemon.c b/ctdb/event/event_daemon.c
index c1c6852..3cab330 100644
--- a/ctdb/event/event_daemon.c
+++ b/ctdb/event/event_daemon.c
@@ -244,6 +244,7 @@ int main(int argc, const char **argv)
const char *t;
int interactive = 0;
int opt, ret;
+ bool ok;
pc = poptGetContext(argv[0],
argc,
@@ -343,7 +344,11 @@ int main(int argc, const char **argv)
}
if (options.startup_fd != -1) {
- sock_daemon_set_startup_fd(e_state->sockd, options.startup_fd);
+ ok = sock_daemon_set_startup_fd(e_state->sockd,
+ options.startup_fd);
+ if (!ok) {
+ goto fail;
+ }
}
ret = sock_daemon_run(e_state->ev,
diff --git a/ctdb/include/ctdb_private.h b/ctdb/include/ctdb_private.h
index b3d2e14..ea00bb1 100644
--- a/ctdb/include/ctdb_private.h
+++ b/ctdb/include/ctdb_private.h
@@ -386,6 +386,7 @@ struct ctdb_db_context {
uint32_t freeze_transaction_id;
uint32_t generation;
+ bool invalid_records;
bool push_started;
void *push_state;
@@ -820,8 +821,6 @@ int32_t ctdb_control_start_recovery(struct ctdb_context *ctdb,
int32_t ctdb_control_try_delete_records(struct ctdb_context *ctdb,
TDB_DATA indata, TDB_DATA *outdata);
-int32_t ctdb_control_receive_records(struct ctdb_context *ctdb,
- TDB_DATA indata, TDB_DATA *outdata);
int32_t ctdb_control_get_capabilities(struct ctdb_context *ctdb,
TDB_DATA *outdata);
diff --git a/ctdb/protocol/protocol.h b/ctdb/protocol/protocol.h
index 6abd015..b868553 100644
--- a/ctdb/protocol/protocol.h
+++ b/ctdb/protocol/protocol.h
@@ -355,7 +355,7 @@ enum ctdb_controls {CTDB_CONTROL_PROCESS_EXISTS = 0,
CTDB_CONTROL_SET_DB_STICKY = 133,
CTDB_CONTROL_RELOAD_PUBLIC_IPS = 134,
CTDB_CONTROL_TRAVERSE_ALL_EXT = 135,
- CTDB_CONTROL_RECEIVE_RECORDS = 136,
+ CTDB_CONTROL_RECEIVE_RECORDS = 136, /* obsolete */
CTDB_CONTROL_IPREALLOCATED = 137,
CTDB_CONTROL_GET_RUNSTATE = 138,
CTDB_CONTROL_DB_DETACH = 139,
diff --git a/ctdb/protocol/protocol_api.h b/ctdb/protocol/protocol_api.h
index 1cd5d7d..6104c10 100644
--- a/ctdb/protocol/protocol_api.h
+++ b/ctdb/protocol/protocol_api.h
@@ -530,12 +530,6 @@ int ctdb_reply_control_set_db_sticky(struct ctdb_reply_control *reply);
void ctdb_req_control_reload_public_ips(struct ctdb_req_control *request);
int ctdb_reply_control_reload_public_ips(struct ctdb_reply_control *reply);
-void ctdb_req_control_receive_records(struct ctdb_req_control *request,
- struct ctdb_rec_buffer *recbuf);
-int ctdb_reply_control_receive_records(struct ctdb_reply_control *reply,
- TALLOC_CTX *mem_ctx,
- struct ctdb_rec_buffer **recbuf);
-
void ctdb_req_control_ipreallocated(struct ctdb_req_control *request);
int ctdb_reply_control_ipreallocated(struct ctdb_reply_control *reply);
diff --git a/ctdb/protocol/protocol_client.c b/ctdb/protocol/protocol_client.c
index a18af08..9aa32a9 100644
--- a/ctdb/protocol/protocol_client.c
+++ b/ctdb/protocol/protocol_client.c
@@ -1948,35 +1948,6 @@ int ctdb_reply_control_reload_public_ips(struct ctdb_reply_control *reply)
/* CTDB_CONTROL_TRAVERSE_ALL_EXT */
-/* CTDB_CONTROL_RECEIVE_RECORDS */
-
-void ctdb_req_control_receive_records(struct ctdb_req_control *request,
- struct ctdb_rec_buffer *recbuf)
-{
- request->opcode = CTDB_CONTROL_RECEIVE_RECORDS;
- request->pad = 0;
- request->srvid = 0;
- request->client_id = 0;
- request->flags = 0;
-
- request->rdata.opcode = CTDB_CONTROL_RECEIVE_RECORDS;
- request->rdata.data.recbuf = recbuf;
-}
-
-int ctdb_reply_control_receive_records(struct ctdb_reply_control *reply,
- TALLOC_CTX *mem_ctx,
- struct ctdb_rec_buffer **recbuf)
-{
- if (reply->rdata.opcode != CTDB_CONTROL_RECEIVE_RECORDS) {
- return EPROTO;
- }
-
- if (reply->status == 0) {
- *recbuf = talloc_steal(mem_ctx, reply->rdata.data.recbuf);
- }
- return reply->status;
-}
-
/* CTDB_CONTROL_IPREALLOCATED */
void ctdb_req_control_ipreallocated(struct ctdb_req_control *request)
diff --git a/ctdb/protocol/protocol_control.c b/ctdb/protocol/protocol_control.c
index 12a78e1..0b88b5c 100644
--- a/ctdb/protocol/protocol_control.c
+++ b/ctdb/protocol/protocol_control.c
@@ -360,10 +360,6 @@ static size_t ctdb_req_control_data_len(struct ctdb_req_control_data *cd)
len = ctdb_traverse_all_ext_len(cd->data.traverse_all_ext);
break;
- case CTDB_CONTROL_RECEIVE_RECORDS:
- len = ctdb_rec_buffer_len(cd->data.recbuf);
- break;
-
case CTDB_CONTROL_IPREALLOCATED:
break;
@@ -660,10 +656,6 @@ static void ctdb_req_control_data_push(struct ctdb_req_control_data *cd,
&np);
break;
- case CTDB_CONTROL_RECEIVE_RECORDS:
- ctdb_rec_buffer_push(cd->data.recbuf, buf, &np);
- break;
-
case CTDB_CONTROL_DB_DETACH:
ctdb_uint32_push(&cd->data.db_id, buf, &np);
break;
@@ -988,11 +980,6 @@ static int ctdb_req_control_data_pull(uint8_t *buf, size_t buflen,
&np);
break;
- case CTDB_CONTROL_RECEIVE_RECORDS:
- ret = ctdb_rec_buffer_pull(buf, buflen, mem_ctx,
- &cd->data.recbuf, &np);
- break;
-
case CTDB_CONTROL_DB_DETACH:
ret = ctdb_uint32_pull(buf, buflen, &cd->data.db_id, &np);
break;
@@ -1368,10 +1355,6 @@ static size_t ctdb_reply_control_data_len(struct ctdb_reply_control_data *cd)
case CTDB_CONTROL_TRAVERSE_ALL_EXT:
break;
- case CTDB_CONTROL_RECEIVE_RECORDS:
- len = ctdb_rec_buffer_len(cd->data.recbuf);
- break;
-
case CTDB_CONTROL_IPREALLOCATED:
break;
@@ -1562,10 +1545,6 @@ static void ctdb_reply_control_data_push(struct ctdb_reply_control_data *cd,
ctdb_db_statistics_push(cd->data.dbstats, buf, &np);
break;
- case CTDB_CONTROL_RECEIVE_RECORDS:
- ctdb_rec_buffer_push(cd->data.recbuf, buf, &np);
- break;
-
case CTDB_CONTROL_GET_RUNSTATE:
ctdb_uint32_push(&cd->data.runstate, buf, &np);
break;
@@ -1753,11 +1732,6 @@ static int ctdb_reply_control_data_pull(uint8_t *buf, size_t buflen,
&cd->data.dbstats, &np);
break;
- case CTDB_CONTROL_RECEIVE_RECORDS:
- ret = ctdb_rec_buffer_pull(buf, buflen, mem_ctx,
- &cd->data.recbuf, &np);
- break;
-
case CTDB_CONTROL_GET_RUNSTATE:
ret = ctdb_uint32_pull(buf, buflen, &cd->data.runstate, &np);
break;
diff --git a/ctdb/server/ctdb_control.c b/ctdb/server/ctdb_control.c
index 848010e..c260b92 100644
--- a/ctdb/server/ctdb_control.c
+++ b/ctdb/server/ctdb_control.c
@@ -650,7 +650,7 @@ static int32_t ctdb_control_dispatch(struct ctdb_context *ctdb,
return ctdb_control_reload_public_ips(ctdb, c, async_reply);
case CTDB_CONTROL_RECEIVE_RECORDS:
- return ctdb_control_receive_records(ctdb, indata, outdata);
+ return control_not_implemented("RECEIVE_RECORDS", NULL);
case CTDB_CONTROL_DB_DETACH:
return ctdb_control_db_detach(ctdb, indata, client_id);
diff --git a/ctdb/server/ctdb_freeze.c b/ctdb/server/ctdb_freeze.c
index c41fc7d..10841ef 100644
--- a/ctdb/server/ctdb_freeze.c
+++ b/ctdb/server/ctdb_freeze.c
@@ -140,6 +140,9 @@ static int ctdb_db_freeze_handle_destructor(struct ctdb_db_freeze_handle *h)
ctdb_db->freeze_mode = CTDB_FREEZE_NONE;
ctdb_db->freeze_handle = NULL;
+ /* Clear invalid records flag */
+ ctdb_db->invalid_records = false;
+
talloc_free(h->lreq);
return 0;
}
@@ -394,6 +397,19 @@ static int db_freeze_waiter_destructor(struct ctdb_db_freeze_waiter *w)
}
/**
+ * Invalidate the records in the database.
+ * This only applies to volatile databases.
+ */
+static int db_invalidate(struct ctdb_db_context *ctdb_db, void *private_data)
+{
+ if (ctdb_db_volatile(ctdb_db)) {
+ ctdb_db->invalid_records = true;
+ }
+
+ return 0;
+}
+
+/**
* Count the number of databases
*/
static int db_count(struct ctdb_db_context *ctdb_db, void *private_data)
@@ -436,13 +452,17 @@ static int db_freeze(struct ctdb_db_context *ctdb_db, void *private_data)
}
/*
- start the freeze process for a certain priority
+ start the freeze process for all databases
+ This is only called from ctdb_control_freeze(), which is called
+ only on node becoming INACTIVE. So mark the records invalid.
*/
static void ctdb_start_freeze(struct ctdb_context *ctdb)
{
struct ctdb_freeze_handle *h;
int ret;
+ ctdb_db_iterator(ctdb, db_invalidate, NULL);
+
if (ctdb->freeze_mode == CTDB_FREEZE_FROZEN) {
int count = 0;
@@ -534,6 +554,8 @@ static int ctdb_freeze_waiter_destructor(struct ctdb_freeze_waiter *w)
/*
freeze all the databases
+ This control is only used when freezing database on node becoming INACTIVE.
+ So mark the records invalid in ctdb_start_freeze().
*/
int32_t ctdb_control_freeze(struct ctdb_context *ctdb,
struct ctdb_req_control_old *c, bool *async_reply)
diff --git a/ctdb/server/ctdb_recover.c b/ctdb/server/ctdb_recover.c
index fc64037b..f05052e 100644
--- a/ctdb/server/ctdb_recover.c
+++ b/ctdb/server/ctdb_recover.c
@@ -279,6 +279,11 @@ int32_t ctdb_control_pull_db(struct ctdb_context *ctdb, TDB_DATA indata, TDB_DAT
ctdb_db->db_name, ctdb_db->unhealthy_reason));
}
+ /* If the records are invalid, we are done */
+ if (ctdb_db->invalid_records) {
--
Samba Shared Repository
More information about the samba-cvs
mailing list