[PATCH] Prevent partial object replication by ensuring admin can not remove tombstones easily
Andrew Bartlett
abartlet at samba.org
Thu Apr 3 15:51:03 MDT 2014
On Thu, 2014-04-03 at 18:00 +0200, Stefan (metze) Metzmacher wrote:
> Am 03.04.2014 04:30, schrieb Andrew Bartlett:
> > Arvid sent me off-list a test case that was able to provoke partial
> > object replication, the major issue we have been chasing for the past
> > few weeks.
> >
> > That test worked by removing the object not only as a normal object, but
> > also as a tombstone.
> >
> > I've modified his test, and attached is below in a form that can be run
> > in 'make test' (for easier reproduction). I've been unable to make it
> > reliably do partial replication, but I've saved the instances where that
> > has happened. It does reliably create a conflict record.
> >
> > To run, use:
> > SELFTEST_TESTENV=promoted_dc make testenv
> > on a Samba 4.1 tree.
> >
> > To close of this possible source of corruption, this patch prevents
> > ldbdel from deleting tombstones, even if used directly on the database,
> > unless --relax is used or the dbcheck control is specified.
> >
> > Please review.
>
> looks good, please push it.
I've corrected the patch after adding a test. Can you please review my
drs-object-corruption branch, as that has the test (a new stored
provision to run dbcheck against).
http://git.samba.org/?p=abartlet/samba.git/.git;a=shortlog;h=refs/heads/drs-object-corruption
Thanks!
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-dsdb-Make-it-harder-to-corrupt-the-database-by-requi.patch
Type: text/x-patch
Size: 4011 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140404/c5dab70a/attachment-0001.bin>
More information about the samba-technical
mailing list