[PATCH] Fix bug 13465
Christof Schmitt
cs at samba.org
Fri Aug 3 23:39:18 UTC 2018
On Thu, Jul 26, 2018 at 03:43:25PM -0700, Christof Schmitt wrote:
> On Thu, Jul 12, 2018 at 04:42:44PM -0700, Christof Schmitt wrote:
> > On Thu, Jul 12, 2018 at 10:10:36AM +0200, Ralph Böhme wrote:
> > > On Wed, Jul 11, 2018 at 02:52:14PM -0700, Christof Schmitt wrote:
> > > >It also works on my cluster.
> > >
> > > Thanks for testing! Which combinations did you test? As I've learnt in this
> >
> > I tested the basic commands as root. You are correct, we need more
> > extensive testing. This also goes back to the old discussion that we
> > need a clustered Samba environment in autobuild...
> >
> > > excersize, we should test all possible combinations, as most things are not
> > > covered by autobuild:
> > >
> > > Cluster (with include=registry):
> > > - all commands as root
> >
> > These commands still failed for me as root:
> >
> > eventlogadm -o write test
> > PANIC: messaging not initialized
> >
> > ntlm_auth --diagnostics
> > PANIC: messaging not initialized
> >
> > smbcontrol winbindd debuglevel
> > PANIC: messaging not initialized
> >
> > > - all commands as user
> >
> > Most fail when run as a user:
>
> I looked through the code and initializing messaging requires root
> permissions. I also went back to a clustered Samba 4.6 build and running
> commands as a user is not possible:
>
> $ sharesec --view-all
> directory_create_or_exist: lstat failed on directory /var/lib/samba/private/msg.sock: Permission denied
> messaging_init failed
> db_open: No ctdb connection
> directory_create_or_exist: lstat failed on directory /var/lib/samba/private/msg.sock: Permission denied
> messaging_init failed
> db_open: No ctdb connection
> regdb_init: Failed to open registry /var/lib/samba/registry.tdb (Input/output error)
> Failed to initialize the registry: WERR_IO_DEVICE
> error initializing registry configuration: SBC_ERR_BADFILE
>
> $ smbclient
> directory_create_or_exist: lstat failed on directory /var/lib/samba/private/msg.sock: Permission denied
> messaging_init failed
> db_open: No ctdb connection
> directory_create_or_exist: lstat failed on directory /var/lib/samba/private/msg.sock: Permission denied
> messaging_init failed
> db_open: No ctdb connection
> regdb_init: Failed to open registry /var/lib/samba/registry.tdb (Input/output error)
> Failed to initialize the registry: WERR_IO_DEVICE
> error initializing registry configuration: SBC_ERR_BADFILE
> /usr/bin/smbclient: Can't load /etc/samba/smb.conf - run testparm to debug it
>
> $ net
> messaging_init failed
> messaging_init failed
> Failed to initialize the registry: WERR_IO_DEVICE
> Can't load /etc/samba/smb.conf - run testparm to debug it
>
> Based on this, a sensible approach would be to present a proper error when
> trying to run as user on a clustered Samba build while ensuring that everything
> works as root. We also have to ensure that non-clustered builds still allow to
> run the commands as normal user.
Here is an updated patch set based on the above observations. A cluster
requires root access and an error message is printed for that case:
$ smbclient
Cluster mode requires running as root.
Also i introduced another access function for the messaging context with
error checking. That way the caller can choose whether to call the
function with the centralized error checking or do complete error
checking in the caller.
Can you take a look at the patches and let me know if you agree with
this approach?
Christof
-------------- next part --------------
From 0f920f39a1f7bedb6bc720576ca63476e3e4fdce Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Mon, 9 Jul 2018 17:11:57 +0200
Subject: [PATCH 01/20] s3: lib/server_contexts: make server_event_ctx and
server_msg_ctx static
server_event_ctx and server_msg_ctx static shouldn't be accessible from
outside this compilation unit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/lib/server_contexts.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/source3/lib/server_contexts.c b/source3/lib/server_contexts.c
index 50072e6..b21cf0a 100644
--- a/source3/lib/server_contexts.c
+++ b/source3/lib/server_contexts.c
@@ -21,7 +21,7 @@
#include "includes.h"
#include "messages.h"
-struct tevent_context *server_event_ctx = NULL;
+static struct tevent_context *server_event_ctx = NULL;
struct tevent_context *server_event_context(void)
{
@@ -44,7 +44,7 @@ void server_event_context_free(void)
TALLOC_FREE(server_event_ctx);
}
-struct messaging_context *server_msg_ctx = NULL;
+static struct messaging_context *server_msg_ctx = NULL;
struct messaging_context *server_messaging_context(void)
{
--
1.8.3.1
From ae1b9b9db10e774418a10aec4104faf78612451d Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 10 Jul 2018 17:22:05 +0200
Subject: [PATCH 02/20] s3: lib/server_contexts: rename server_event_ctx to ev
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/lib/server_contexts.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/source3/lib/server_contexts.c b/source3/lib/server_contexts.c
index b21cf0a..9000126 100644
--- a/source3/lib/server_contexts.c
+++ b/source3/lib/server_contexts.c
@@ -21,27 +21,27 @@
#include "includes.h"
#include "messages.h"
-static struct tevent_context *server_event_ctx = NULL;
+static struct tevent_context *ev = NULL;
struct tevent_context *server_event_context(void)
{
- if (!server_event_ctx) {
+ if (ev == NULL) {
/*
* Note we MUST use the NULL context here, not the
* autofree context, to avoid side effects in forked
* children exiting.
*/
- server_event_ctx = samba_tevent_context_init(NULL);
+ ev = samba_tevent_context_init(NULL);
}
- if (!server_event_ctx) {
+ if (ev == NULL) {
smb_panic("Could not init server's event context");
}
- return server_event_ctx;
+ return ev;
}
void server_event_context_free(void)
{
- TALLOC_FREE(server_event_ctx);
+ TALLOC_FREE(ev);
}
static struct messaging_context *server_msg_ctx = NULL;
--
1.8.3.1
From 3c9fadd72acf346a7dc6abc3299aa6234bfeb66e Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 10 Jul 2018 17:25:27 +0200
Subject: [PATCH 03/20] s3: lib/server_contexts: rename server_msg_ctx to
msg_ctx
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/lib/server_contexts.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/source3/lib/server_contexts.c b/source3/lib/server_contexts.c
index 9000126..ce9b0ed 100644
--- a/source3/lib/server_contexts.c
+++ b/source3/lib/server_contexts.c
@@ -44,23 +44,22 @@ void server_event_context_free(void)
TALLOC_FREE(ev);
}
-static struct messaging_context *server_msg_ctx = NULL;
+static struct messaging_context *msg_ctx = NULL;
struct messaging_context *server_messaging_context(void)
{
- if (server_msg_ctx == NULL) {
+ if (msg_ctx == NULL) {
/*
* Note we MUST use the NULL context here, not the
* autofree context, to avoid side effects in forked
* children exiting.
*/
- server_msg_ctx = messaging_init(NULL,
- server_event_context());
+ msg_ctx = messaging_init(NULL, server_event_context());
}
- return server_msg_ctx;
+ return msg_ctx;
}
void server_messaging_context_free(void)
{
- TALLOC_FREE(server_msg_ctx);
+ TALLOC_FREE(msg_ctx);
}
--
1.8.3.1
From 4eb6cbfbdd42033c8b4070d25a8265f3e78bbfff Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Mon, 9 Jul 2018 17:13:28 +0200
Subject: [PATCH 04/20] s3: lib/server_contexts: add client event and messaging
context
This is similar to the existing server_contexts, but for clients like
smbpasswd, testparm asf.
client_messaging_context() calls lp_load_initial_only() which is needed
to initialize messaging when checking and creating the directories used
for the messaging sockets and lockfiles.
Note that internally client and server event and messaging context must
be the same, as low level in db_open() we call
server_messaging_context().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/include/proto.h | 5 +++++
source3/lib/server_contexts.c | 48 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 53 insertions(+)
diff --git a/source3/include/proto.h b/source3/include/proto.h
index fea4ba5..d5f8c71 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -893,6 +893,11 @@ void server_event_context_free(void);
struct messaging_context *server_messaging_context(void);
void server_messaging_context_free(void);
+struct tevent_context *client_event_context(void);
+void client_event_context_free(void);
+struct messaging_context *client_messaging_context(const char *config_file);
+void client_messaging_context_free(void);
+
/* The following definitions come from lib/sessionid_tdb.c */
struct sessionid;
NTSTATUS sessionid_traverse_read(int (*fn)(const char *key,
diff --git a/source3/lib/server_contexts.c b/source3/lib/server_contexts.c
index ce9b0ed..1586a65 100644
--- a/source3/lib/server_contexts.c
+++ b/source3/lib/server_contexts.c
@@ -63,3 +63,51 @@ void server_messaging_context_free(void)
{
TALLOC_FREE(msg_ctx);
}
+
+struct tevent_context *client_event_context(void)
+{
+ if (ev != NULL) {
+ return ev;
+ }
+
+ /*
+ * Note we MUST use the NULL context here, not the
+ * autofree context, to avoid side effects in forked
+ * children exiting.
+ */
+ ev = samba_tevent_context_init(NULL);
+ if (ev == NULL) {
+ smb_panic("Could not init client's event context");
+ }
+ return ev;
+}
+
+void client_event_context_free(void)
+{
+ TALLOC_FREE(ev);
+}
+
+struct messaging_context *client_messaging_context(const char *config_file)
+{
+ if (msg_ctx != NULL) {
+ return msg_ctx;
+ }
+
+ if (!lp_load_initial_only(config_file)) {
+ return NULL;
+ }
+
+ /*
+ * Note we MUST use the NULL context here, not the
+ * autofree context, to avoid side effects in forked
+ * children exiting.
+ */
+ msg_ctx = messaging_init(NULL, client_event_context());
+
+ return msg_ctx;
+}
+
+void client_messaging_context_free(void)
+{
+ TALLOC_FREE(msg_ctx);
+}
--
1.8.3.1
From 953b6564e7251fbfec782660b620a423c085c94a Mon Sep 17 00:00:00 2001
From: Christof Schmitt <cs at samba.org>
Date: Fri, 27 Jul 2018 10:22:34 -0700
Subject: [PATCH 05/20] s3: lib/server_contexts: add
client_messaging_context_check_error
Add helper function to initialize messaging context for clients utils
with error checking. Most client utils use the same error checking
pattern, so this function should be used. The cases to check for:
- ctdb cluster require running as root; exit with error message when
not running as root.
- messaging initialization failure as root: exit with error, as this
points to a serious problem
- messaging initialization failure as non-root: log even, but let
caller decide how to proceed.
Signed-off-by: Christof Schmitt <cs at samba.org>
---
source3/include/proto.h | 2 ++
source3/lib/server_contexts.c | 48 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 50 insertions(+)
diff --git a/source3/include/proto.h b/source3/include/proto.h
index d5f8c71..8c44325 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -896,6 +896,8 @@ void server_messaging_context_free(void);
struct tevent_context *client_event_context(void);
void client_event_context_free(void);
struct messaging_context *client_messaging_context(const char *config_file);
+struct messaging_context *client_messaging_context_check_error(
+ const char *config_file);
void client_messaging_context_free(void);
/* The following definitions come from lib/sessionid_tdb.c */
diff --git a/source3/lib/server_contexts.c b/source3/lib/server_contexts.c
index 1586a65..618cbbb 100644
--- a/source3/lib/server_contexts.c
+++ b/source3/lib/server_contexts.c
@@ -107,6 +107,54 @@ struct messaging_context *client_messaging_context(const char *config_file)
return msg_ctx;
}
+struct messaging_context *client_messaging_context_check_error(
+ const char *config_file)
+{
+
+ if (msg_ctx != NULL) {
+ return msg_ctx;
+ }
+
+ if (!lp_load_initial_only(config_file)) {
+ return NULL;
+ }
+
+ /*
+ * Clustered Samba can only work as root due to required
+ * access to the registry and ctdb, which in turn requires
+ * messaging access as root.
+ */
+ if (lp_clustering() && geteuid() != 0) {
+ fprintf(stderr, "Cluster mode requires running as root.\n");
+ exit(1);
+ }
+
+ /*
+ * Note we MUST use the NULL context here, not the
+ * autofree context, to avoid side effects in forked
+ * children exiting.
+ */
+ msg_ctx = messaging_init(NULL, client_event_context());
+
+ if (msg_ctx == NULL) {
+ if (geteuid() == 0) {
+ fprintf(stderr,
+ "Unable to initialize the "
+ "messaging context!\n");
+ exit(1);
+ } else {
+ /*
+ * Non-cluster, non-root: Log error, but leave
+ * it up to the caller how to proceed.
+ */
+ DBG_NOTICE("Unable to initialize messaging context. "
+ "Must be root to do that.\n");
+ }
+ }
+
+ return msg_ctx;
+}
+
void client_messaging_context_free(void)
{
TALLOC_FREE(msg_ctx);
--
1.8.3.1
From 36650a4bcb15c7130eb2b84c4ea116f31b3abbd9 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 10 Jul 2018 08:11:31 +0200
Subject: [PATCH 06/20] s3: loadparm: reinit_globals in
lp_load_with_registry_shares()
This was set to false in 0e0d77519c27038b30fec92d542198e97be767d9 based
on the assumption that callers would have no need to call
lp_load_initial_only() with a later call to lp_load_something().
This is not quite correct, since for accessing registry config on a
cluster with include=registry, we need messaging up and running which
*itself* requires loadparm to be initialized to get the statedir,
lockdir asf. directories.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/param/loadparm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 291ba57..322934c 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -4120,7 +4120,7 @@ bool lp_load_with_registry_shares(const char *pszFname)
false, /* global_only */
true, /* save_defaults */
false, /* add_ipc */
- false, /* reinit_globals */
+ true, /* reinit_globals */
true, /* allow_include_registry */
true); /* load_all_shares*/
}
--
1.8.3.1
From 823d87808d706de2baa2b06b57efbc0de43fe7fc Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 10 Jul 2018 10:38:10 +0200
Subject: [PATCH 07/20] selftest: pass configfile to pdbedit
This is needed otherwise pdbedit fails to initialize messaging in
autobuild.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
testprogs/blackbox/test_pdbtest.sh | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/testprogs/blackbox/test_pdbtest.sh b/testprogs/blackbox/test_pdbtest.sh
index 2ffded9..0261509 100755
--- a/testprogs/blackbox/test_pdbtest.sh
+++ b/testprogs/blackbox/test_pdbtest.sh
@@ -44,12 +44,12 @@ expect retype new password:
send ${NEWUSERPASS}\n
EOF
-testit "create user with pdbedit" $texpect ./tmpsmbpasswdscript $VALGRIND $pdbedit -a $USER --account-desc="pdbedit-test-user" $@ || failed=`expr $failed + 1`
+testit "create user with pdbedit" $texpect ./tmpsmbpasswdscript $VALGRIND $pdbedit -s $SMB_CONF -a $USER --account-desc="pdbedit-test-user" $@ || failed=`expr $failed + 1`
USERPASS=$NEWUSERPASS
test_smbclient "Test login with user (ntlm)" 'ls' "$unc" -k no -U$USER%$NEWUSERPASS $@ || failed=`expr $failed + 1`
-testit "modify user" $VALGRIND $pdbedit --modify $USER --drive="D:" $@ || failed=`expr $failed + 1`
+testit "modify user" $VALGRIND $pdbedit -s $SMB_CONF --modify $USER --drive="D:" $@ || failed=`expr $failed + 1`
test_smbclient "Test login with user (ntlm)" 'ls' "$unc" -k no -U$USER%$NEWUSERPASS $@|| failed=`expr $failed + 1`
@@ -87,11 +87,11 @@ test_smbclient "Test login with no expiry (ntlm)" 'ls' "$unc" -k no -U$USER%$NEW
NEWUSERPASS=testPaSS at 03%
NEWUSERHASH=062519096c45739c1938800f80906731
-testit "Set user password with password hash" $VALGRIND $pdbedit -u $USER --set-nt-hash $NEWUSERHASH $@ || failed=`expr $failed + 1`
+testit "Set user password with password hash" $VALGRIND $pdbedit -s $SMB_CONF -u $USER --set-nt-hash $NEWUSERHASH $@ || failed=`expr $failed + 1`
test_smbclient "Test login with new password (from hash)" 'ls' "$unc" -k no -U$USER%$NEWUSERPASS || failed=`expr $failed + 1`
-testit "del user" $VALGRIND $pdbedit -x $USER $@ || failed=`expr $failed + 1`
+testit "del user" $VALGRIND $pdbedit -s $SMB_CONF -x $USER $@ || failed=`expr $failed + 1`
rm ./tmpsmbpasswdscript
--
1.8.3.1
From 4221f042d162575dc59054870a996dc73e082121 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 10 Jul 2018 15:26:40 +0200
Subject: [PATCH 08/20] s3: popt_common: use client_messaging_context() in
popt_common_credentials_callback()
This adds a call to client_messaging_context() to the popt
popt_common_credentials_callback() hook and ensures that any client tool
that uses POPT_COMMON_CREDENTIALS gets an implicit messaging context,
ensuring it doesn't crash in the subsequent lp_load_client() with
include=registry in a cluster.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/lib/popt_common.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/source3/lib/popt_common.c b/source3/lib/popt_common.c
index cc93a75..a3e15e3 100644
--- a/source3/lib/popt_common.c
+++ b/source3/lib/popt_common.c
@@ -292,6 +292,12 @@ static void popt_common_credentials_callback(poptContext con,
setup_logging(lp_logfile(talloc_tos()), DEBUG_FILE );
}
+ /*
+ * Initialize messaging in case this is required for
+ * access to the registry config in a cluster.
+ */
+ client_messaging_context_check_error(get_dyn_CONFIGFILE());
+
ok = lp_load_client(get_dyn_CONFIGFILE());
if (!ok) {
const char *pname = poptGetInvocationName(con);
--
1.8.3.1
From ab9eda7da27ac3897df9842632158ed7afe2ca9c Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Mon, 9 Jul 2018 16:25:02 +0200
Subject: [PATCH 09/20] s3: smbpasswd: use client_messaging_context
process_options() doesn't use getopt(), not popt with its
autoinitialisation of a messaging context, so we have to call
client_messaging_context() by hand.
The commit uses the correct new client_messaging_context() and moves the
call the right place *after* popt processing which may set smb.conf from
the cmdline parameter.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/utils/smbpasswd.c | 16 ++--------------
1 file changed, 2 insertions(+), 14 deletions(-)
diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
index 04f34aa..6c71337 100644
--- a/source3/utils/smbpasswd.c
+++ b/source3/utils/smbpasswd.c
@@ -196,6 +196,8 @@ static int process_options(int argc, char **argv, int local_flags)
usage();
}
+ client_messaging_context_check_error(configfile);
+
if (!lp_load_global(configfile)) {
fprintf(stderr, "Can't load %s - run testparm to debug it\n",
configfile);
@@ -614,7 +616,6 @@ static int process_nonroot(int local_flags)
int main(int argc, char **argv)
{
TALLOC_CTX *frame = talloc_stackframe();
- struct messaging_context *msg_ctx = NULL;
int local_flags = 0;
int ret;
@@ -632,19 +633,6 @@ int main(int argc, char **argv)
setup_logging("smbpasswd", DEBUG_STDERR);
- msg_ctx = server_messaging_context();
- if (msg_ctx == NULL) {
- if (geteuid() != 0) {
- DBG_NOTICE("Unable to initialize messaging context. "
- "Must be root to do that.\n");
- } else {
- fprintf(stderr,
- "smbpasswd is not able to initialize the "
- "messaging context!\n");
- return 1;
- }
- }
-
/*
* Set the machine NETBIOS name if not already
* set from the config file.
--
1.8.3.1
From 189c7ccb32d9486d041aa375c790b886021a119f Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Mon, 9 Jul 2018 17:32:36 +0200
Subject: [PATCH 10/20] s3: smbstatus: use client_messaging_context()
Use the global client_messaging_context. smbstatus only runs as root, so
failing client_messaging_context() we just throw an error.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/utils/status.c | 24 ++----------------------
1 file changed, 2 insertions(+), 22 deletions(-)
diff --git a/source3/utils/status.c b/source3/utils/status.c
index 811eb7b..be3623a 100644
--- a/source3/utils/status.c
+++ b/source3/utils/status.c
@@ -527,7 +527,6 @@ int main(int argc, const char *argv[])
};
TALLOC_CTX *frame = talloc_stackframe();
int ret = 0;
- struct tevent_context *ev;
struct messaging_context *msg_ctx = NULL;
char *db_path;
bool ok;
@@ -606,28 +605,9 @@ int main(int argc, const char *argv[])
d_printf("using configfile = %s\n", get_dyn_CONFIGFILE());
}
- if (!lp_load_initial_only(get_dyn_CONFIGFILE())) {
- fprintf(stderr, "Can't load %s - run testparm to debug it\n",
- get_dyn_CONFIGFILE());
- ret = -1;
- goto done;
- }
-
-
- /*
- * This implicitly initializes the global ctdbd connection,
- * usable by the db_open() calls further down.
- */
- ev = samba_tevent_context_init(NULL);
- if (ev == NULL) {
- fprintf(stderr, "samba_tevent_context_init failed\n");
- ret = -1;
- goto done;
- }
-
- msg_ctx = messaging_init(NULL, ev);
+ msg_ctx = client_messaging_context(get_dyn_CONFIGFILE());
if (msg_ctx == NULL) {
- fprintf(stderr, "messaging_init failed\n");
+ fprintf(stderr, "client_messaging_context failed, not root?\n");
ret = -1;
goto done;
}
--
1.8.3.1
From d6e3f73a9daf8b342022b889a8743476b73be484 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 10 Jul 2018 13:47:33 +0200
Subject: [PATCH 11/20] s3: rpcclient: use client_messaging_context
Remove global rpcclient_msg_ctx and use the new
client_messaging_context() instead.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/rpcclient/cmd_netlogon.c | 8 ++++++-
source3/rpcclient/rpcclient.c | 45 ++++++++++------------------------------
source3/rpcclient/rpcclient.h | 1 -
3 files changed, 18 insertions(+), 36 deletions(-)
diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c
index 8d62ef7..cff47fe 100644
--- a/source3/rpcclient/cmd_netlogon.c
+++ b/source3/rpcclient/cmd_netlogon.c
@@ -564,6 +564,7 @@ static NTSTATUS cmd_netlogon_change_trust_pw(struct rpc_pipe_client *cli,
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *dcname = cli->desthost;
+ struct messaging_context *msg_ctx = NULL;
/* Check arguments */
@@ -572,8 +573,13 @@ static NTSTATUS cmd_netlogon_change_trust_pw(struct rpc_pipe_client *cli,
return NT_STATUS_OK;
}
+ msg_ctx = client_messaging_context(get_dyn_CONFIGFILE());
+ if (msg_ctx == NULL) {
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+
result = trust_pw_change(rpcclient_netlogon_creds,
- rpcclient_msg_ctx,
+ msg_ctx,
cli->binding_handle,
lp_workgroup(),
dcname,
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index b4e25e6..a3b554b 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -50,7 +50,6 @@ static enum dcerpc_AuthLevel pipe_default_auth_level = DCERPC_AUTH_LEVEL_NONE;
static unsigned int timeout = 0;
static enum dcerpc_transport_t default_transport = NCACN_NP;
-struct messaging_context *rpcclient_msg_ctx;
struct cli_state *rpcclient_cli_state;
struct netlogon_creds_cli_context *rpcclient_netlogon_creds;
static const char *rpcclient_netlogon_domain;
@@ -711,9 +710,13 @@ static NTSTATUS do_cmd(struct cli_state *cli,
{
NTSTATUS ntresult;
WERROR wresult;
+ struct messaging_context *msg_ctx = NULL;
+ TALLOC_CTX *mem_ctx = NULL;
- TALLOC_CTX *mem_ctx;
-
+ msg_ctx = client_messaging_context(get_dyn_CONFIGFILE());
+ if (msg_ctx == NULL) {
+ return NT_STATUS_INTERNAL_ERROR;
+ }
/* Create mem_ctx */
if (!(mem_ctx = talloc_stackframe())) {
@@ -762,12 +765,12 @@ static NTSTATUS do_cmd(struct cli_state *cli,
case DCERPC_AUTH_TYPE_SCHANNEL:
TALLOC_FREE(rpcclient_netlogon_creds);
ntresult = cli_rpc_pipe_open_schannel(
- cli, rpcclient_msg_ctx,
+ cli, msg_ctx,
cmd_entry->table,
default_transport,
rpcclient_netlogon_domain,
&cmd_entry->rpc_pipe,
- rpcclient_msg_ctx,
+ msg_ctx,
&rpcclient_netlogon_creds);
break;
default:
@@ -805,8 +808,8 @@ static NTSTATUS do_cmd(struct cli_state *cli,
ntresult = rpccli_create_netlogon_creds_ctx(creds,
dc_name,
- rpcclient_msg_ctx,
- rpcclient_msg_ctx,
+ msg_ctx,
+ msg_ctx,
&rpcclient_netlogon_creds);
if (!NT_STATUS_IS_OK(ntresult)) {
DEBUG(0, ("Could not initialise credentials for %s.\n",
@@ -950,7 +953,6 @@ out_free:
const char *binding_string = NULL;
const char *host;
int signing_state = SMB_SIGNING_IPC_DEFAULT;
- struct tevent_context *ev_ctx = NULL;
/* make sure the vars that get altered (4th field) are in
a fixed location or certain compilers complain */
@@ -1016,30 +1018,7 @@ out_free:
poptFreeContext(pc);
popt_burn_cmdline_password(argc, argv);
- ev_ctx = samba_tevent_context_init(frame);
- if (ev_ctx == NULL) {
- fprintf(stderr, "Could not init event context\n");
- result = 1;
- goto done;
- }
-
- nt_status = messaging_init_client(ev_ctx,
- ev_ctx,
- &rpcclient_msg_ctx);
- if (geteuid() != 0 &&
- NT_STATUS_EQUAL(nt_status, NT_STATUS_ACCESS_DENIED)) {
- /*
- * Normal to fail to initialize messaging context
- * if we're not root as we don't have ability to
- * read lock directory.
- */
- DBG_NOTICE("Unable to initialize messaging context. "
- "Must be root to do that.\n");
- } else if (!NT_STATUS_IS_OK(nt_status)) {
- fprintf(stderr, "Could not init messaging context\n");
- result = 1;
- goto done;
- }
+ client_messaging_context_check_error(get_dyn_CONFIGFILE());
if (!init_names()) {
result = 1;
@@ -1257,8 +1236,6 @@ done:
}
popt_free_cmdline_auth_info();
netlogon_creds_cli_close_global_db();
- TALLOC_FREE(rpcclient_msg_ctx);
- TALLOC_FREE(ev_ctx);
TALLOC_FREE(frame);
return result;
}
diff --git a/source3/rpcclient/rpcclient.h b/source3/rpcclient/rpcclient.h
index 7697d3d..16febf6 100644
--- a/source3/rpcclient/rpcclient.h
+++ b/source3/rpcclient/rpcclient.h
@@ -42,7 +42,6 @@ struct cmd_set {
bool use_netlogon_creds;
};
-extern struct messaging_context *rpcclient_msg_ctx;
extern struct cli_state *rpcclient_cli_state;
extern struct netlogon_creds_cli_context *rpcclient_netlogon_creds;
--
1.8.3.1
From 1e40d3a2ba00c812e43c27e4f4164c363d5d875b Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 10 Jul 2018 16:28:11 +0200
Subject: [PATCH 12/20] s3: net: use client_messaging_context()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/utils/net.c | 28 +---------------------------
1 file changed, 1 insertion(+), 27 deletions(-)
diff --git a/source3/utils/net.c b/source3/utils/net.c
index 69564f6..c43e6b5 100644
--- a/source3/utils/net.c
+++ b/source3/utils/net.c
@@ -915,9 +915,7 @@ static struct functable net_func[] = {
const char **argv_const = discard_const_p(const char *, argv);
poptContext pc;
TALLOC_CTX *frame = talloc_stackframe();
- struct tevent_context *ev;
struct net_context *c = talloc_zero(frame, struct net_context);
- NTSTATUS status;
struct poptOption long_options[] = {
{"help", 'h', POPT_ARG_NONE, 0, 'h'},
@@ -1032,31 +1030,7 @@ static struct functable net_func[] = {
}
}
- if (!lp_load_initial_only(get_dyn_CONFIGFILE())) {
- d_fprintf(stderr, "Can't load %s - run testparm to debug it\n",
- get_dyn_CONFIGFILE());
- exit(1);
- }
-
- ev = samba_tevent_context_init(c);
- if (ev == NULL) {
- d_fprintf(stderr, "samba_tevent_context_init failed\n");
- exit(1);
- }
- status = messaging_init_client(c, ev, &c->msg_ctx);
- if (geteuid() != 0 &&
- NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
- /*
- * Normal to fail to initialize messaging context
- * if we're not root as we don't have ability to
- * read lock directory.
- */
- DBG_NOTICE("Unable to initialize messaging context. "
- "Must be root to do that.\n");
- } else if (!NT_STATUS_IS_OK(status)) {
- d_fprintf(stderr, "Failed to init messaging context\n");
- exit(1);
- }
+ c->msg_ctx = client_messaging_context_check_error(get_dyn_CONFIGFILE());
if (!lp_load_global(get_dyn_CONFIGFILE())) {
d_fprintf(stderr, "Can't load %s - run testparm to debug it\n",
--
1.8.3.1
From 29074ec7e9a16199136fa3a0e681b3a56f6de2dd Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 10 Jul 2018 16:29:46 +0200
Subject: [PATCH 13/20] s3: messaging: remove unused messaging_init_client()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/include/messages.h | 3 ---
source3/lib/messages.c | 9 ---------
2 files changed, 12 deletions(-)
diff --git a/source3/include/messages.h b/source3/include/messages.h
index 29c394a..f7b4066 100644
--- a/source3/include/messages.h
+++ b/source3/include/messages.h
@@ -46,9 +46,6 @@ struct messaging_rec;
struct messaging_context *messaging_init(TALLOC_CTX *mem_ctx,
struct tevent_context *ev);
-NTSTATUS messaging_init_client(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct messaging_context **pmsg_ctx);
struct server_id messaging_server_id(const struct messaging_context *msg_ctx);
struct tevent_context *messaging_tevent_context(
diff --git a/source3/lib/messages.c b/source3/lib/messages.c
index dab53f1..90fffa2 100644
--- a/source3/lib/messages.c
+++ b/source3/lib/messages.c
@@ -635,15 +635,6 @@ struct messaging_context *messaging_init(TALLOC_CTX *mem_ctx,
return ctx;
}
-NTSTATUS messaging_init_client(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct messaging_context **pmsg_ctx)
-{
- return messaging_init_internal(mem_ctx,
- ev,
- pmsg_ctx);
-}
-
struct server_id messaging_server_id(const struct messaging_context *msg_ctx)
{
return msg_ctx->id;
--
1.8.3.1
From a23a6fc7e740a0925eca42973fe115d18a851213 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Mon, 9 Jul 2018 16:27:11 +0200
Subject: [PATCH 14/20] s3: pdbedit: use client_messaging_context()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/utils/pdbedit.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c
index a353bae..1871ed0 100644
--- a/source3/utils/pdbedit.c
+++ b/source3/utils/pdbedit.c
@@ -1053,6 +1053,7 @@ int main(int argc, const char **argv)
struct pdb_methods *bin, *bout;
static char *kickoff_time = NULL;
static char *str_hex_pwd = NULL;
+ const char *configfile = NULL;
TALLOC_CTX *frame = talloc_stackframe();
NTSTATUS status;
poptContext pc;
@@ -1117,7 +1118,12 @@ int main(int argc, const char **argv)
if (user_name == NULL)
user_name = poptGetArg(pc);
- if (!lp_load_global(get_dyn_CONFIGFILE())) {
+ configfile = get_dyn_CONFIGFILE();
+ printf("Using configfile: %s\n", configfile);
+
+ client_messaging_context_check_error(configfile);
+
+ if (!lp_load_global(configfile)) {
fprintf(stderr, "Can't load %s - run testparm to debug it\n", get_dyn_CONFIGFILE());
exit(1);
}
--
1.8.3.1
From 4119b24dc4e2e09609c7d1c9bc4fc7f3dec49fe8 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Thu, 5 Jul 2018 14:38:59 +0200
Subject: [PATCH 15/20] s3: testparm: use client_messaging_context()
This initializes messaging which is needed for registry config and fixes
a crash triggered by running testparm with registry config enabled in
smb.conf, eg by "include = registry".
Registry config calls db_open() and that requires messaging to be up and
running on a cluster.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/utils/testparm.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c
index 8113eea..3af9d77 100644
--- a/source3/utils/testparm.c
+++ b/source3/utils/testparm.c
@@ -698,6 +698,8 @@ static void do_per_share_checks(int s)
goto done;
}
+ client_messaging_context_check_error(config_file);
+
fprintf(stderr,"Load smb config files from %s\n",config_file);
if (!lp_load_with_registry_shares(config_file)) {
--
1.8.3.1
From 6fe89eaf669835b02ff5827ccee9741356a4cd04 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 10 Jul 2018 13:47:05 +0200
Subject: [PATCH 16/20] s3: sharesec: use client_messaging_context
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Ralph Boehme <slow at samba.org>
---
source3/utils/sharesec.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/source3/utils/sharesec.c b/source3/utils/sharesec.c
index d9f8158..571ac2d 100644
--- a/source3/utils/sharesec.c
+++ b/source3/utils/sharesec.c
@@ -420,6 +420,7 @@ int main(int argc, const char *argv[])
setlinebuf(stdout);
+ client_messaging_context_check_error(get_dyn_CONFIGFILE());
lp_load_with_registry_shares(get_dyn_CONFIGFILE());
/* check for initializing secrets.tdb first */
--
1.8.3.1
From 3d229a319c82d8a8f7a552f598eae92055fdbd40 Mon Sep 17 00:00:00 2001
From: Christof Schmitt <cs at samba.org>
Date: Tue, 31 Jul 2018 12:54:12 -0700
Subject: [PATCH 17/20] s3: ntlm_auth: use client_messaging_context_check_error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs at samba.org>
---
source3/utils/ntlm_auth.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 2409ef8..b78724e 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -2378,6 +2378,8 @@ enum {
poptFreeContext(pc);
+ client_messaging_context_check_error(get_dyn_CONFIGFILE());
+
if (!lp_load_global(get_dyn_CONFIGFILE())) {
d_fprintf(stderr, "ntlm_auth: error opening config file %s. Error was %s\n",
get_dyn_CONFIGFILE(), strerror(errno));
--
1.8.3.1
From 88e134ae058c72cbf067bca328124fabe1f69862 Mon Sep 17 00:00:00 2001
From: Christof Schmitt <cs at samba.org>
Date: Tue, 31 Jul 2018 12:55:03 -0700
Subject: [PATCH 18/20] s3: eventlogadm: use
client_messaging_context_check_error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs at samba.org>
---
source3/utils/eventlogadm.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/source3/utils/eventlogadm.c b/source3/utils/eventlogadm.c
index 5ef091a..2c0b361 100644
--- a/source3/utils/eventlogadm.c
+++ b/source3/utils/eventlogadm.c
@@ -472,6 +472,10 @@ int main( int argc, char *argv[] )
exit( 1 );
}
+ client_messaging_context_check_error(configfile == NULL ?
+ get_dyn_CONFIGFILE() :
+ configfile);
+
if ( configfile == NULL ) {
lp_load_global(get_dyn_CONFIGFILE());
} else if (!lp_load_global(configfile)) {
--
1.8.3.1
From 0b68887684aba1b9ad05b0e8803133811cc59ed3 Mon Sep 17 00:00:00 2001
From: Christof Schmitt <cs at samba.org>
Date: Tue, 31 Jul 2018 15:07:50 -0700
Subject: [PATCH 19/20] s3: dbwrap_tool: use
client_messaging_context_check_error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs at samba.org>
---
source3/utils/dbwrap_tool.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/source3/utils/dbwrap_tool.c b/source3/utils/dbwrap_tool.c
index 94aacd8..e890bd1 100644
--- a/source3/utils/dbwrap_tool.c
+++ b/source3/utils/dbwrap_tool.c
@@ -428,6 +428,8 @@ int main(int argc, const char **argv)
while (extra_argv[extra_argc]) extra_argc++;
}
+ client_messaging_context_check_error(get_dyn_CONFIGFILE());
+
lp_load_global(get_dyn_CONFIGFILE());
if ((extra_argc < 2) || (extra_argc > 5)) {
--
1.8.3.1
From e7f4f28665b5cd67a2de8f82d515917711388ac5 Mon Sep 17 00:00:00 2001
From: Christof Schmitt <cs at samba.org>
Date: Tue, 31 Jul 2018 15:07:58 -0700
Subject: [PATCH 20/20] s3: smbcontrol: use
client_messaging_context_check_error
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs at samba.org>
---
source3/utils/smbcontrol.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/source3/utils/smbcontrol.c b/source3/utils/smbcontrol.c
index bd89b9e..f6a3331 100644
--- a/source3/utils/smbcontrol.c
+++ b/source3/utils/smbcontrol.c
@@ -1609,6 +1609,7 @@ int main(int argc, const char **argv)
if (argc <= 1)
usage(pc);
+ client_messaging_context_check_error(get_dyn_CONFIGFILE());
lp_load_global(get_dyn_CONFIGFILE());
/* Need to invert sense of return code -- samba
--
1.8.3.1
More information about the samba-technical
mailing list