samba-tool domain backup and xattrs
Andrew Bartlett
abartlet at samba.org
Mon Apr 9 11:13:23 UTC 2018
On Mon, 2018-04-09 at 12:01 +0100, Rowland Penny wrote:
>
> The fix, change:
>
> up_from_private = os.path.abspath(os.path.join(p.private_dir, '..'))
> backup_dirs = [p.private_dir, p.state_dir, p.sysvol,
> os.path.join(up_from_private, 'etc')]
>
> To:
>
> backup_dirs = [p.private_dir, p.state_dir, p.sysvol,
> os.path.dirname(p.smbconf)]
Thanks. This is really helpful to have picked up!
> >
> > To be clear, the locking on the sh script is unsafe. It was written
> > before we understood the need for global locking of the sam.ldb, so
> > needs to be replaced.
> >
> > Unsafe locking, particularly of the type seen here (because the per-db
> > and per-record locks are still respected) is dangerous because it
> > appears to work most of the time, but can be subtly corrupt.
>
> Then get the tdbbackup changes into Samba and backport them, there are
> people running variants of the 'sh' script and you have now admitted
> they are not safe.
To be clear, tdbbackup -r isn't enough. It just allows the locking of
the full database tree. That is done in the python script using
transactions from the ldb python bindings.
Thank you for your feedback above and I hope this clarifies why it
isn't possible to implement this safely in sh.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list