[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Tue May 28 08:33:02 UTC 2019
The branch, master has been updated
via 2ef79a4c1d6 dbcheck: fallback to the default tombstoneLifetime of 180 days
via 15032ec6df1 python/ntacls: we only need security.SEC_STD_READ_CONTROL in order to get the ACL
via 706aba5bf62 dsdb:audit_log: avoid printing "... remote host [Unknown] SID [(NULL SID)] ..."
via 0da12ff93d2 lib/util: set current_msg_{level,class} also during a DEBUGADD[C]() call
via d98a9712474 lib/util: remove unused prototypes in debug.h
via bb0ffbf38cb lib/util: fix call to dbghdrclass() for DEBUGC()
from e09053faf45 registry: add a missing include
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 2ef79a4c1d695a3e498b142810a1317d85b9b6da
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Apr 29 11:59:50 2019 +0200
dbcheck: fallback to the default tombstoneLifetime of 180 days
If a domain was provisioned by Windows 2000 this value is missing in the
database.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13967
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue May 28 08:32:10 UTC 2019 on sn-devel-184
commit 15032ec6df1abbb53f1b1d5377aab369f83ae707
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Apr 26 17:07:20 2019 +0200
python/ntacls: we only need security.SEC_STD_READ_CONTROL in order to get the ACL
We should avoid security.SEC_FLAG_MAXIMUM_ALLOWED otherwise
we may get NT_STATUS_SHARING_VIOLATION when we run
'samba-tool domain backup online' against a Windows DC.
Windows DCs have hidden folders for the NtFrs or Dfsr services,
which are locked by the running service.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13917
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 706aba5bf62e674ae12786f6ab275752b8714464
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Apr 26 14:31:46 2019 +0000
dsdb:audit_log: avoid printing "... remote host [Unknown] SID [(NULL SID)] ..."
We better print "... remote host [Unknown] SID [S-1-5-18] ..."
in 'dsdb_audit' message, this matches what we print for
'dsdb_json_audit'.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13916
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 0da12ff93d213ac742eeb865bfa5697ca8a2280a
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Apr 26 13:40:58 2019 +0200
lib/util: set current_msg_{level,class} also during a DEBUGADD[C]() call
In some situations we use DEBUGADDC() in order to print out content
without a related debug header line.
This is important with the new per class logfile with:
log level = 1 dsdb_json_audit:10@/var/log/samba/log.dsdb_json_audit
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13915
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit d98a971247450d494c581c5454e6c270ad1b6880
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Apr 26 13:32:43 2019 +0200
lib/util: remove unused prototypes in debug.h
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13915
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit bb0ffbf38cb1955c9e400003add680eabcf706a6
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Apr 26 13:21:15 2019 +0200
lib/util: fix call to dbghdrclass() for DEBUGC()
dbghdrclass() sets the global 'current_msg_class' and for that
DEBUGC() should pass the given dbgc_class instead of the per file
DBGC_CLASS.
This is important with the new per class logfile with:
log level = 1 dsdb_audit:10@/var/log/samba/log.dsdb_audit
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13915
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/util/debug.c | 17 ++++++++++++-----
lib/util/debug.h | 11 ++++++-----
python/samba/dbchecker.py | 5 ++++-
python/samba/ntacls.py | 2 +-
source4/dsdb/samdb/ldb_modules/audit_log.c | 4 +++-
5 files changed, 26 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/util/debug.c b/lib/util/debug.c
index 23c78ae19c9..d2fbab12414 100644
--- a/lib/util/debug.c
+++ b/lib/util/debug.c
@@ -1479,6 +1479,17 @@ void dbgflush( void )
bufr_print();
}
+bool dbgsetclass(int level, int cls)
+{
+ /* Set current_msg_level. */
+ current_msg_level = level;
+
+ /* Set current message class */
+ current_msg_class = cls;
+
+ return true;
+}
+
/***************************************************************************
Print a Debug Header.
@@ -1523,11 +1534,7 @@ bool dbghdrclass(int level, int cls, const char *location, const char *func)
return( true );
}
- /* Set current_msg_level. */
- current_msg_level = level;
-
- /* Set current message class */
- current_msg_class = cls;
+ dbgsetclass(level, cls);
/* Don't print a header if we're logging to stdout. */
if ( state.logtype != DEBUG_FILE ) {
diff --git a/lib/util/debug.h b/lib/util/debug.h
index e6f54a7657f..67dbf3357e3 100644
--- a/lib/util/debug.h
+++ b/lib/util/debug.h
@@ -45,7 +45,7 @@
bool dbgtext_va(const char *, va_list ap) PRINTF_ATTRIBUTE(1,0);
bool dbgtext( const char *, ... ) PRINTF_ATTRIBUTE(1,2);
bool dbghdrclass( int level, int cls, const char *location, const char *func);
-bool dbghdr( int level, const char *location, const char *func);
+bool dbgsetclass(int level, int cls);
/*
* Define all new debug classes here. A class is represented by an entry in
@@ -201,17 +201,19 @@ void debuglevel_set_class(size_t idx, int level);
#define DEBUGC( dbgc_class, level, body ) \
(void)( ((level) <= MAX_DEBUG_LEVEL) && \
unlikely(debuglevel_get_class(dbgc_class) >= (level)) \
- && (dbghdrclass( level, DBGC_CLASS, __location__, __FUNCTION__ )) \
+ && (dbghdrclass( level, dbgc_class, __location__, __FUNCTION__ )) \
&& (dbgtext body) )
#define DEBUGADD( level, body ) \
(void)( ((level) <= MAX_DEBUG_LEVEL) && \
- unlikely(debuglevel_get_class(DBGC_CLASS) >= (level)) \
+ unlikely(debuglevel_get_class(DBGC_CLASS) >= (level)) \
+ && (dbgsetclass(level, DBGC_CLASS)) \
&& (dbgtext body) )
#define DEBUGADDC( dbgc_class, level, body ) \
(void)( ((level) <= MAX_DEBUG_LEVEL) && \
- unlikely((debuglevel_get_class(dbgc_class) >= (level))) \
+ unlikely((debuglevel_get_class(dbgc_class) >= (level))) \
+ && (dbgsetclass(level, dbgc_class)) \
&& (dbgtext body) )
/* Print a separator to the debug log. */
@@ -318,7 +320,6 @@ void force_check_log_size( void );
bool need_to_check_log_size( void );
void check_log_size( void );
void dbgflush( void );
-bool dbghdrclass(int level, int cls, const char *location, const char *func);
bool debug_get_output_is_stderr(void);
bool debug_get_output_is_stdout(void);
void debug_schedule_reopen_logs(void);
diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py
index a0500c6c578..04304b0b0dc 100644
--- a/python/samba/dbchecker.py
+++ b/python/samba/dbchecker.py
@@ -220,7 +220,10 @@ class dbcheck(object):
scope=ldb.SCOPE_BASE,
expression="(objectClass=nTDSService)",
attrs=["tombstoneLifetime"])
- self.tombstoneLifetime = int(res[0]["tombstoneLifetime"][0])
+ if "tombstoneLifetime" in res[0]:
+ self.tombstoneLifetime = int(res[0]["tombstoneLifetime"][0])
+ else:
+ self.tombstoneLifetime = 180
self.compatibleFeatures = []
self.requiredFeatures = []
diff --git a/python/samba/ntacls.py b/python/samba/ntacls.py
index 5bf646caf9f..82d950fbbc9 100644
--- a/python/samba/ntacls.py
+++ b/python/samba/ntacls.py
@@ -49,7 +49,7 @@ SECURITY_SECINFO_FLAGS = security.SECINFO_OWNER | \
# SEC_FLAG_SYSTEM_SECURITY is required otherwise get Access Denied
SECURITY_SEC_FLAGS = security.SEC_FLAG_SYSTEM_SECURITY | \
- security.SEC_FLAG_MAXIMUM_ALLOWED
+ security.SEC_STD_READ_CONTROL
class XattrBackendError(Exception):
diff --git a/source4/dsdb/samdb/ldb_modules/audit_log.c b/source4/dsdb/samdb/ldb_modules/audit_log.c
index 931147efc72..ef674950100 100644
--- a/source4/dsdb/samdb/ldb_modules/audit_log.c
+++ b/source4/dsdb/samdb/ldb_modules/audit_log.c
@@ -928,6 +928,7 @@ static char *operation_human_readable(
{
struct ldb_context *ldb = NULL;
const char *remote_host = NULL;
+ const struct tsocket_address *remote = NULL;
const struct dom_sid *sid = NULL;
struct dom_sid_buf user_sid;
const char *timestamp = NULL;
@@ -942,7 +943,8 @@ static char *operation_human_readable(
ldb = ldb_module_get_ctx(module);
remote_host = dsdb_audit_get_remote_host(ldb, ctx);
- if (remote_host != NULL && dsdb_audit_is_system_session(module)) {
+ remote = dsdb_audit_get_remote_address(ldb);
+ if (remote != NULL && dsdb_audit_is_system_session(module)) {
sid = dsdb_audit_get_actual_sid(ldb);
} else {
sid = dsdb_audit_get_user_sid(module);
--
Samba Shared Repository
More information about the samba-cvs
mailing list