[SCM] Samba Shared Repository - branch master updated

Günther Deschner gd at samba.org
Tue Feb 13 21:07:01 UTC 2024


The branch, master has been updated
       via  7a674ee9ffe docs-xml: document "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}"
       via  32b84c5bce0 smb2_tcon: only announce SMB3 related share capabilities if SMB3 is used
       via  d8bfdaaaa73 smb2_tcon: only announce SMB2_SHARE_CAP_CLUSTER if rpcd_witness can run
       via  1d0938d6fe4 docs-xml: add details for 'net witness'
       via  7a23429ed6a s3:utils: fix help string for 'net witness force-response'
       via  f1f68108cc3 ctdb/events: add 47.samba-dcerpcd.script
       via  ff8f778e39a ctdb/events: use 'service "$CTDB_SERVICE_NMB" status' in 48.netbios.script
      from  0e17b9cb19a selftest: Fix code spelling

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 7a674ee9ffeca047ceed7ac046db1b168d4025a6
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Feb 8 15:43:39 2024 +0100

    docs-xml: document "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}"
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>
    
    Autobuild-User(master): Günther Deschner <gd at samba.org>
    Autobuild-Date(master): Tue Feb 13 21:06:24 UTC 2024 on atb-devel-224

commit 32b84c5bce00c4f91191596dc00d9824e82e0f24
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Feb 8 15:31:10 2024 +0100

    smb2_tcon: only announce SMB3 related share capabilities if SMB3 is used
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit d8bfdaaaa737032c6a8623512fcb2cd01850628a
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Feb 8 15:15:28 2024 +0100

    smb2_tcon: only announce SMB2_SHARE_CAP_CLUSTER if rpcd_witness can run
    
    rpcd_witness needs ncacn_ip_tcp support and that's only
    available if samba-dcerpcd is not started on demand.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit 1d0938d6fe46c06432ae5fda9e7491b908a9ac56
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Feb 8 14:25:05 2024 +0100

    docs-xml: add details for 'net witness'
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit 7a23429ed6a04bb14509758492bfaee5db6dbd0d
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Feb 8 15:07:42 2024 +0100

    s3:utils: fix help string for 'net witness force-response'
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit f1f68108cc303b92b8a88728d12c2b699fdfc731
Author: Stefan Metzmacher <metze at samba.org>
Date:   Fri Feb 2 13:54:20 2024 +0100

    ctdb/events: add 47.samba-dcerpcd.script
    
    If someone wants to enable the witness service
    samba-dcerpcd needs to be started as standalone service
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit ff8f778e39af563d97b1d38f89368a3c148532f2
Author: Stefan Metzmacher <metze at samba.org>
Date:   Fri Feb 2 13:54:20 2024 +0100

    ctdb/events: use 'service "$CTDB_SERVICE_NMB" status' in 48.netbios.script
    
    We can easily monitor if the service is running at all,
    that better than no monitoring at all...
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=15577
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 ctdb/config/events/legacy/47.samba-dcerpcd.script |  66 +++
 ctdb/config/events/legacy/48.netbios.script       |  11 +
 docs-xml/manpages/net.8.xml                       | 567 ++++++++++++++++++++++
 docs-xml/smbdotconf/protocol/smb3sharecaps.xml    | 202 ++++++++
 source3/smbd/smb2_tcon.c                          |  20 +-
 source3/utils/net_witness.c                       |   2 +-
 6 files changed, 860 insertions(+), 8 deletions(-)
 create mode 100755 ctdb/config/events/legacy/47.samba-dcerpcd.script
 create mode 100644 docs-xml/smbdotconf/protocol/smb3sharecaps.xml


Changeset truncated at 500 lines:

diff --git a/ctdb/config/events/legacy/47.samba-dcerpcd.script b/ctdb/config/events/legacy/47.samba-dcerpcd.script
new file mode 100755
index 00000000000..9492d553a62
--- /dev/null
+++ b/ctdb/config/events/legacy/47.samba-dcerpcd.script
@@ -0,0 +1,66 @@
+#!/bin/sh
+# ctdb event script for SAMBA DCERPCD Services
+
+[ -n "$CTDB_BASE" ] || \
+	CTDB_BASE=$(d=$(dirname "$0") && cd -P "$d" && dirname "$PWD")
+
+. "${CTDB_BASE}/functions"
+
+detect_init_style
+
+case $CTDB_INIT_STYLE in
+	*)
+		# distributions don't have this yet,
+		# but assume samba-dcerpcd as service name
+		CTDB_SERVICE_SAMBA_DCERPCD=${CTDB_SERVICE_SAMBA_DCERPCD:-samba-dcerpcd}
+		;;
+esac
+
+load_script_options
+
+service_start ()
+{
+    # make sure samba-dcerpcd is not already started
+    service "$CTDB_SERVICE_SAMBA_DCERPCD" stop > /dev/null 2>&1
+    killall -0 -q samba-dcerpcd && {
+	sleep 1
+	# make absolutely sure samba-dcerpcd is dead
+	killall -q -9 samba-dcerpcd
+    }
+
+    # start Samba dcerpcd service. Start it reniced, as under very heavy load
+    # the number of smbd processes will mean that it leaves few cycles
+    # for anything else
+    nice_service "$CTDB_SERVICE_SAMBA_DCERPCD" start || die "Failed to start samba-dcerpcd"
+}
+
+service_stop ()
+{
+    service "$CTDB_SERVICE_SAMBA_DCERPCD" stop
+}
+
+service_status ()
+{
+    service "$CTDB_SERVICE_SAMBA_DCERPCD" status > /dev/null
+    test $? = 0 && return 0
+    service "$CTDB_SERVICE_SAMBA_DCERPCD" status
+}
+
+###########################
+
+case "$1" in
+startup)
+	service_start
+	;;
+
+shutdown)
+	service_stop
+	;;
+
+monitor)
+	service_status
+	;;
+
+esac
+
+exit 0
diff --git a/ctdb/config/events/legacy/48.netbios.script b/ctdb/config/events/legacy/48.netbios.script
index 43204476d6b..1531e4919de 100755
--- a/ctdb/config/events/legacy/48.netbios.script
+++ b/ctdb/config/events/legacy/48.netbios.script
@@ -48,6 +48,13 @@ service_stop ()
     service "$CTDB_SERVICE_NMB" stop
 }
 
+service_status ()
+{
+    service "$CTDB_SERVICE_NMB" status > /dev/null
+    test $? = 0 && return 0
+    service "$CTDB_SERVICE_NMB" status
+}
+
 ###########################
 
 case "$1" in
@@ -59,6 +66,10 @@ shutdown)
 	service_stop
 	;;
 
+monitor)
+	service_status
+	;;
+
 esac
 
 exit 0
diff --git a/docs-xml/manpages/net.8.xml b/docs-xml/manpages/net.8.xml
index 4ff99e238a2..c284cc25b49 100644
--- a/docs-xml/manpages/net.8.xml
+++ b/docs-xml/manpages/net.8.xml
@@ -61,6 +61,16 @@
 		<arg choice="opt">-t|--timeout seconds</arg>
 		<arg choice="opt">--dns-ttl TTL-IN-SECONDS</arg>
 		<arg choice="opt">-i|--stdin</arg>
+		<arg choice="opt">--witness-registration=REGISTRATION_UUID</arg>
+		<arg choice="opt">--witness-net-name=REGEX</arg>
+		<arg choice="opt">--witness-share-name=REGEX</arg>
+		<arg choice="opt">--witness-ip-address=REGEX</arg>
+		<arg choice="opt">--witness-client-computer-name=REGEX</arg>
+		<arg choice="opt">--witness-apply-to-all</arg>
+		<arg choice="opt">--witness-new-node=NODEID</arg>
+		<arg choice="opt">--witness-new-ip=IPADDRESS</arg>
+		<arg choice="opt">--witness-forced-response=JSON</arg>
+
 	</cmdsynopsis>
 </refsynopsisdiv>
 
@@ -402,6 +412,86 @@
 		</para></listitem>
 		</varlistentry>
 
+		<!-- Options for net witness subcommands -->
+
+		<varlistentry>
+		<term>--witness-registration=REGISTRATION_UUID</term>
+		<listitem><para>
+		This does a direct lookup for REGISTRATION_UUID
+		instead of doing a database traversal.
+		</para></listitem>
+		</varlistentry>
+
+		<varlistentry>
+		<term>--witness-net-name=REGEX</term>
+		<listitem><para>
+		This specifies the 'server name' the client
+		registered for monitoring.
+		</para></listitem>
+		</varlistentry>
+
+		<varlistentry>
+		<term>--witness-share-name=REGEX</term>
+		<listitem><para>
+		This specifies the 'share name' the client
+		registered for monitoring.
+		Note that the share name is optional in the
+		registration, otherwise an empty string is
+		matched.
+		</para></listitem>
+		</varlistentry>
+
+		<varlistentry>
+		<term>--witness-ip-address=REGEX</term>
+		<listitem><para>
+		This specifies the ip address the client
+		registered for monitoring.
+		</para></listitem>
+		</varlistentry>
+
+		<varlistentry>
+		<term>--witness-client-computer-name=REGEX</term>
+		<listitem><para>
+		This specifies the client computer name the client
+		specified in the registration.
+		Note it is just a string chosen by the client itself.
+		</para></listitem>
+		</varlistentry>
+
+		<varlistentry>
+		<term>--witness-apply-to-all</term>
+		<listitem><para>
+		This selects all registrations.
+		</para></listitem>
+		</varlistentry>
+
+		<varlistentry>
+		<term>--witness-new-node=NODEID</term>
+		<listitem><para>
+		By specifying a NODEID all ip addresses
+		currently available on the given node are
+		included in the response.
+		By specifying '-1' as NODEID all ip addresses
+		of the cluster are included in the response.
+		</para></listitem>
+		</varlistentry>
+
+		<varlistentry>
+		<term>--witness-new-ip=IPADDRESS</term>
+		<listitem><para>
+		By specifying an IPADDRESS only the specified
+		ip address is included in the response.
+		</para></listitem>
+		</varlistentry>
+
+		<varlistentry>
+		<term>--witness-forced-response=JSON</term>
+		<listitem><para>
+		This allows the generation of very complex
+		witness_notifyResponse structures.
+		</para></listitem>
+		</varlistentry>
+
 		&cmdline.common.samba.client;
 		&cmdline.common.connection;
 		&cmdline.common.credentials;
@@ -3096,6 +3186,483 @@ Requests an offline domain join by providing file-based provisioning data. This
 
 </refsect2>
 
+<refsect2>
+<title>WITNESS</title>
+
+<para>Starting with version 4.20 Samba has support for the SMB Witness service in a cluster.
+</para>
+
+<para>The following witness commands are implemented:
+<simplelist>
+<member>
+net witness list             List witness registrations from rpcd_witness_registration.tdb.
+</member>
+<member>
+net witness client-move      Generate client move notifications for witness registrations to a new ip or node.
+</member>
+<member>
+net witness share-move       Generate share move notifications for witness registrations to a new ip or node.
+</member>
+<member>
+net witness force-unregister Force unregistrations for witness registrations.
+</member>
+<member>
+net witness force-response   Force an AsyncNotify response based on json input (mostly for testing).
+</member>
+
+</simplelist>
+</para>
+
+<refsect3>
+<title>WITNESS LIST</title>
+<para>
+    List witness registrations from rpcd_witness_registration.tdb
+</para>
+<para>
+    Note: Only supported with clustering=yes!
+</para>
+<para>
+    Machine readable output can be generated with the following option:
+</para>
+<para>
+        --json
+</para>
+<para>
+    The selection of registrations can be limited by the following options:
+</para>
+<para>
+        --witness-registration=REGISTRATION_UUID
+</para>
+<para>
+          This does a direct lookup for REGISTRATION_UUID
+          instead of doing a database traversal.
+</para>
+<para>
+    The following options all take a POSIX Extended Regular Expression,
+    which can further filter the selection of registrations.
+    These options are applied as logical AND, but each REGEX
+    allows specifying multiple strings using the pipe symbol.
+</para>
+<para>
+        --witness-net-name=REGEX
+</para>
+<para>
+          This specifies the 'server name' the client
+          registered for monitoring.
+</para>
+<para>
+        --witness-share-name=REGEX
+</para>
+<para>
+          This specifies the 'share name' the client
+          registered for monitoring.
+          Note that the share name is optional in the
+          registration, otherwise an empty string is
+          matched.
+</para>
+<para>
+        --witness-ip-address=REGEX
+</para>
+<para>
+          This specifies the ip address the client
+          registered for monitoring.
+</para>
+<para>
+        --witness-client-computer-name=REGEX
+</para>
+<para>
+          This specifies the client computer name the client
+          specified in the registration.
+          Note it is just a string chosen by the client itself.
+</para>
+
+</refsect3>
+
+<refsect3>
+<title>WITNESS CLIENT-MOVE</title>
+<para>
+    Generate client move notifications for witness registrations to a new ip or node
+</para>
+<para>
+    Note: Only supported with clustering=yes!
+</para>
+<para>
+    Machine readable output can be generated with the following option:
+</para>
+<para>
+        --json
+</para>
+<para>
+    The selection of registrations can be limited by the following options:
+</para>
+<para>
+        --witness-registration=REGISTRATION_UUID
+</para>
+<para>
+          This does a direct lookup for REGISTRATION_UUID
+          instead of doing a database traversal.
+</para>
+<para>
+    The following options all take a POSIX Extended Regular Expression,
+    which can further filter the selection of registrations.
+    These options are applied as logical AND, but each REGEX
+    allows specifying multiple strings using the pipe symbol.
+</para>
+<para>
+        --witness-net-name=REGEX
+</para>
+<para>
+          This specifies the 'server name' the client
+          registered for monitoring.
+</para>
+<para>
+        --witness-share-name=REGEX
+</para>
+<para>
+          This specifies the 'share name' the client
+          registered for monitoring.
+          Note that the share name is optional in the
+          registration, otherwise an empty string is
+          matched.
+</para>
+<para>
+        --witness-ip-address=REGEX
+</para>
+<para>
+          This specifies the ip address the client
+          registered for monitoring.
+</para>
+<para>
+        --witness-client-computer-name=REGEX
+</para>
+<para>
+          This specifies the client computer name the client
+          specified in the registration.
+          Note it is just a string chosen by the client itself.
+</para>
+<para>
+    If the update should be applied to all registrations
+    it needs to be explicitly specified:
+</para>
+<para>
+        --witness-apply-to-all
+</para>
+<para>
+          This selects all registrations.
+          Note: This is mutual exclusive to the above options.
+</para>
+<para>
+    The content of the CLIENT_MOVE notification contains ip addresses
+    specified by (exactly one) of the following options:
+</para>
+<para>
+        --witness-new-node=NODEID
+</para>
+<para>
+          By specifying a NODEID all ip addresses
+          currently available on the given node are
+          included in the response.
+          By specifying '-1' as NODEID all ip addresses
+          of the cluster are included in the response.
+</para>
+<para>
+        --witness-new-ip=IPADDRESS
+</para>
+<para>
+          By specifying an IPADDRESS only the specified
+          ip address is included in the response.
+</para>
+
+</refsect3>
+
+<refsect3>
+<title>WITNESS SHARE-MOVE</title>
+<para>
+    Generate share move notifications for witness registrations to a new ip or node
+</para>
+<para>
+    Note: Only supported with clustering=yes!
+</para>
+<para>
+    Machine readable output can be generated with the following option:
+</para>
+<para>
+        --json
+</para>
+<para>
+    The selection of registrations can be limited by the following options:
+</para>
+<para>
+        --witness-registration=REGISTRATION_UUID
+</para>
+<para>
+          This does a direct lookup for REGISTRATION_UUID
+          instead of doing a database traversal.
+</para>
+<para>
+    The following options all take a POSIX Extended Regular Expression,
+    which can further filter the selection of registrations.
+    These options are applied as logical AND, but each REGEX
+    allows specifying multiple strings using the pipe symbol.
+</para>
+<para>
+        --witness-net-name=REGEX
+</para>
+<para>
+          This specifies the 'server name' the client
+          registered for monitoring.
+</para>
+<para>
+        --witness-share-name=REGEX
+</para>
+<para>
+          This specifies the 'share name' the client
+          registered for monitoring.
+          Note that the share name is optional in the
+          registration, otherwise an empty string is
+          matched.
+</para>
+<para>
+        --witness-ip-address=REGEX
+</para>
+<para>
+          This specifies the ip address the client
+          registered for monitoring.
+</para>
+<para>
+        --witness-client-computer-name=REGEX
+</para>
+<para>
+          This specifies the client computer name the client
+          specified in the registration.
+          Note it is just a string chosen by the client itself.
+</para>
+<para>
+    If the update should be applied to all registrations
+    it needs to be explicitly specified:
+</para>
+<para>
+        --witness-apply-to-all
+</para>
+<para>
+          This selects all registrations.
+          Note: This is mutual exclusive to the above options.
+</para>
+<para>
+    Note: This only applies to registrations with a non empty share name!
+</para>
+<para>
+    The content of the SHARE_MOVE notification contains ip addresses
+    specified by (exactly one) of the following options:
+</para>
+<para>
+        --witness-new-node=NODEID
+</para>
+<para>
+          By specifying a NODEID all ip addresses
+          currently available on the given node are
+          included in the response.
+          By specifying '-1' as NODEID all ip addresses
+          of the cluster are included in the response.
+</para>
+<para>
+        --witness-new-ip=IPADDRESS
+</para>
+<para>
+          By specifying an IPADDRESS only the specified
+          ip address is included in the response.
+</para>
+


-- 
Samba Shared Repository



More information about the samba-cvs mailing list