[PATCH] Finally run bind9_dlz spnego test, fix drs delete behaviour
Andrew Bartlett
abartlet at samba.org
Mon Jun 10 00:42:04 MDT 2013
On Sun, 2013-06-09 at 20:28 +1000, Andrew Bartlett wrote:
> On Sat, 2013-06-08 at 22:20 +1000, Andrew Bartlett wrote:
> > On Tue, 2013-06-04 at 22:03 +1000, Andrew Bartlett wrote:
> > > On Tue, 2013-06-04 at 16:39 +1000, Andrew Bartlett wrote:
> > > > On Mon, 2013-06-03 at 22:27 +1000, Andrew Bartlett wrote:
> > > > > On Sun, 2013-06-02 at 23:05 +1000, Andrew Bartlett wrote:
> > > > > > I've been frustrated for over 6 months by why adding some 'simple' tests
> > > > > > to confirm that some of the crypto in the bind9_dlz code works because
> > > > > > it suddenly broke make test, particularly dbcheck.
> > > > > >
> > > > > > The attached patches just passed a private autobuild. They add the
> > > > > > 'problem' tests, but first we fix the behaviour of DRS-initiated object
> > > > > > deletes.
> > > > > >
> > > > > > Please review/push/comment (this patch series includes the usnChanged
> > > > > > series I posted a few days ago).
> > > > > >
> > > > > > >From here, I would like to continue to improve the tests - the tests in
> > > > > > source4/torture/drs/python/delete_object.py could be trivially extended
> > > > > > to add a 'description' and 'memberOf' element that we should ensure gets
> > > > > > deleted on both hosts, for example. We could also watch usnChanged
> > > > > > values to ensure we delete the right stuff, but for now I'm simply
> > > > > > stunned that this could ever have worked with this incorrect!
> > > > >
> > > > > Just as a heads-up I'm continuing to work on these patches. The point
> > > > > tests I added (rather than just waiting for the dbcheck) show the issue
> > > > > isn't totally resolved, but is better. (I somehow found a
> > > > > member/memberOf link left over...).
> > > > >
> > > > > Review of this much would be helpful, but expect additional changes as
> > > > > we finally start to get this right.
> > > >
> > > > I've not finished the patch yet, but what seems clear is that the issue
> > > > comes from processing (rather that dropping/ignoring, as we should)
> > > > linked attributes and to deleted objects.
> > >
> > > I'm almost shocked to finally have this finished, given how long this
> > > problem has dogged me. The patches are in my fix-drs-testing-14 branch,
> > > and attached.
> > >
> > > Not only does this open up the chance to do more DRS testing, and more
> > > unrelated fixes to DRS replication (now that adding tests does not
> > > suddenly cause 'unrelated' breakages), it also allows us to resume
> > > adding tests of the bind9 DLZ module, which stalled out when adding
> > > bind9 tests broke stuff.
> > >
> > > The patches handle both normal and linked attributes, following all the
> > > special rules for deleted objects.
> >
> > I've worked with metze on this, and I'm up to patch set #19...
> >
> > fix-drs-testing-19 is the patch set I'm happy with. It passed an
> > autobuild for me except for the unexpected success of a dbcheck test.
> > I've now squashed in the knownfail removal, and am doing two autobuilds
> > to see how it goes.
>
> These failed, but I think it's again 'in a good way'. That is, the
> failure is because we now replicate more things properly, and so we have
> a repsFrom that points to a deleted DC. The server code gives an error
> in this case, as it can't find a non-deleted DN for the GUID. We should
> either return success with a NULL DN, or show the deleted DN, I'll try
> and induce the same behaviour and check with windows.
G'Day Metze,
I've fixed that issue, and I've got one successful private autobuild.
I'm running a second one now.
The branch that I think finally is ready for master if
fix-drs-testing-19. It is naturally based on the branch we were working
together on and which you were running your own private builds on.
Please review/comment/push!
Thanks,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list