Handling secrets.tdb in upgrade.py for classicupgrade

Andrew Bartlett abartlet at samba.org
Mon Jul 16 04:00:50 MDT 2012


On Mon, 2012-07-16 at 19:05 +1000, Andrew Bartlett wrote:
> On Mon, 2012-07-16 at 07:57 +0200, Gémes Géza wrote:
> 
> > Hi,
> > 
> > I've attached the patch. Under valgrind the whole samba-tool 
> > classicupgrade gives a lot of memory problems related messages, and even 
> > fails at initializing the ldb connection to the openldap directory. The 
> > output is:
> 
> A few thoughts on the patch.
> 
> Why do you build multiple ldbs?  You should only need one - feel free to
> walk the list of URLs if you think that one of the ldap hosts might be
> down, but you should end up with just one ldb for posix attributes.
> 
> Use creds.set_bind_dn() rather than set_username() to set the simple
> bind DN.
> 
> Also try applying this patch to the pytdb layer to see if we can trace
> where this segfault comes from.

The segfault should be fixed by this patch.

Also, you need to do all your secrets_db access before this line:

    # We must close the direct pytdb database before the C code loads it
    secrets_db.close()

I know it's a bit awkward, but it's a limitation of tdb.  With the patch
attached, at least it will error rather than segfault. 

Thank you very much for your patience with this.  Hopefully after this
the API will be safer for everyone.

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-pytdb-Check-if-the-database-is-closed-before-we-touc.patch
Type: text/x-patch
Size: 9544 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120716/8e23695b/attachment.bin>


More information about the samba-technical mailing list