A Modest Proposal for Preventing the Event loops of Samba DCs From Being a Burthen to Their Implementers or Users, and for Making Them Beneficial to the Publick

Andrew Bartlett abartlet at samba.org
Wed Apr 16 22:05:16 MDT 2014


I have a modest proposal that I think might just reduce the instances of
DRS corruption and replication deadlocks we have been seeing recently,
and move us one step closer the goal of not using nested event loops in
Samba.

In debugging a recent case of a DRS deadlock, we found the DC running
and looping while in a transaction.  Indeed, it isn't at all clear that
the memory context it was using are valid, as it enters code that should
be skipped due to having 'relax' set.

In any case, running other arbitrary things under a transaction can lead
to quite strange errors, such as claiming the successful write of data
that is then discarded when the transaction is cancelled.

(Transactions are rarely cancelled in Samba, which is why we got away
with this for so long).

Anyway, what I propose is that when we we are in a transaction, that a
new event context is created, and that this operates until the
transaction is over.  That way, only internal ldb events should fire.
(We never did define how non-nested transactions and async ldb would
work in any case.) 

Other than LDB, the only other things using events at this point would
be the irpc handler, which needs to be able to send messages to other
parts of Samba.  Currently this uses it's own event context (an issue
that will need to be fixed as we work to make that code common anyway),
so this isn't affected/protected.

We could, and perhaps should, totally remove the use of an external
event loop in Samba's invocation of LDB, but this step would make it
harder to implement an async LDAP server is that was desired, but I see
this as a useful first step.

It does make ldb less 'async' as far as the caller is concerned, but we
simply don't use ldb in an async way in Samba.  (It is very unfortunate
we carry the great complexity and risk of an async ldb without any
significant use). 

I have this under a private autobuild, and I would appreciate your
thoughts. 

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba



-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-dsdb-Rename-private_data-to-rootdse_private_data-in-.patch
Type: text/x-patch
Size: 4079 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140417/28651cde/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-dsdb-Do-not-permit-nested-event-loops-when-in-a-tran.patch
Type: text/x-patch
Size: 4254 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140417/28651cde/attachment-0001.bin>


More information about the samba-technical mailing list