libcli/auth: avoid using transactions a chainlock is enough

Andrew Bartlett abartlet at
Mon Apr 1 15:48:27 MDT 2013

On Thu, 2013-03-28 at 14:53 +0100, Volker Lendecke wrote:
> The branch, master has been updated
>        via  adbe6cb libcli/auth: avoid using transactions a chainlock is enough
>       from  40d783c Call smb_panic when we try to exit the server uncleanly. This gives us the normal traceback and memory dump, but also runs the normal panic action.
> - Log -----------------------------------------------------------------
> commit adbe6cba005a2060b0f641e91b500574f4637a36
> Author: Stefan Metzmacher <metze at>
> Date:   Wed Mar 27 08:43:18 2013 +0100
>     libcli/auth: avoid using transactions a chainlock is enough
>     We're just writting a single record into a CLEAR_IF_FIRST|TDB_NOSYNC
>     tdb.
>     We just need to make sure we lock the record between reading and writting.
>     Signed-off-by: Stefan Metzmacher <metze at>
>     Reviewed-by: Volker Lendecke <vl at>
>     Autobuild-User(master): Volker Lendecke <vl at>
>     Autobuild-Date(master): Thu Mar 28 14:52:14 CET 2013 on sn-devel-104

I've been thinking about how we got here, and so thought I would note
down what I recall of the history.

This code started using schannel.ldb, and ldb does not have per-record
locks, just transactions, and was persistent at that stage.

As we moved the netlogon secure channel code in common, a tdb
re-implementation was developed, and then became the sole
implementation.  It was a direct translation, so was transaction-based

It therefore seems reasonable that we move to just using chainlocks,
just as we do for any other database (many far more critical than this

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 

More information about the samba-technical mailing list