[PATCH] Prevent partial object replication by ensuring admin can not remove tombstones easily
Andrew Bartlett
abartlet at samba.org
Wed Apr 2 20:30:14 MDT 2014
Arvid sent me off-list a test case that was able to provoke partial
object replication, the major issue we have been chasing for the past
few weeks.
That test worked by removing the object not only as a normal object, but
also as a tombstone.
I've modified his test, and attached is below in a form that can be run
in 'make test' (for easier reproduction). I've been unable to make it
reliably do partial replication, but I've saved the instances where that
has happened. It does reliably create a conflict record.
To run, use:
SELFTEST_TESTENV=promoted_dc make testenv
on a Samba 4.1 tree.
To close of this possible source of corruption, this patch prevents
ldbdel from deleting tombstones, even if used directly on the database,
unless --relax is used or the dbcheck control is specified.
Please review.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
-------------- next part --------------
A non-text attachment was scrubbed...
Name: univention-selftest-testcase3.sh
Type: application/x-shellscript
Size: 2534 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140403/b2e2c6d1/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-dsdb-Make-it-harder-to-corrupt-the-database-by-requi.patch
Type: text/x-patch
Size: 3145 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140403/b2e2c6d1/attachment-0003.bin>
More information about the samba-technical
mailing list