samba as AD DC - can the single process mode "-M single" atm still been used ?
Andrew Bartlett
abartlet at samba.org
Mon Jun 2 15:01:12 MDT 2014
On Mon, 2014-06-02 at 13:07 +0200, Kai Blin wrote:
> On 2014-05-29 00:00, Andrew Bartlett wrote:
> >
> > However, it isn't likely to work with the internal DNS server if there
> > is ever a blocking DNS lookup. We shouldn't do that (we should always
> > us the async code), but this is the main concern I would have.
>
> As far as I'm aware, external DNS lookups always go via tevent_req async
> calls. Any particular pieces of code that you have in mind?
Just any getaddrinfo() call anywhere in the Samba, Heimdal or libc
codebase. git grep seems to suggest we are not rid of them, sadly.
(When I was first working on make test, we had more of these, and that
has been our best defence so far, because until nss_wrapper, such names
wouldn't work, and so we got rid of many of them. )
> > (When the single mode server was first done, the DNS was always
> > external, so it didn't matter previously).
> >
> > We could either find the code that needs to be fixed, or force the dns
> > task to operate as a separate task.
>
> I've pretty much done all my testing in single mode, so I'm a bit
> surprised by your assertion that single mode won't work with the
> internal DNS.
I'm only asserting that *if* there is a ever a blocking DNS lookup, and
to explain what I thought kukks was seeing. Perhaps I read more into
this thread than was actually there.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list