pseudobacklink / one_way_link: corruption ahead
Matthieu Patou
mat at samba.org
Wed Oct 5 12:25:42 MDT 2011
Hello Andrew and Tridge,
I made a couple of tests with the site handling today and discovered
some nasty things.
In order to reproduce them: just create a site and put it in the
DEFAULTIPSITELINK, then remove the site.
In theory the site should be removed from the siteList attribute, but
it's not !
I found first a bug, attribute that have only forward link were not
covered correctly by your patches, I made this fix: http://bit.ly/oJnYo0.
That was an easy one.
But if you look at the attribute, you will see an attribute that is
pointing to a deleted object, in most cases you expect in fact the
object not to be here, your implementation of backlink handle well the
renaming but not so well the deleting.
I think it should be quite easy to mask the attribute if the pointed dn
is the DN of a deleted object.
But then what would happen when replicating, I think a search with the
--reveal show it quite clearly:
sudo ./bin/ldbsearch -H ~/workspace/samba/home.matws.net/private/sam.ldb
-k 1 --cross-ncs '(sitelist=*)' sitelist --reveal --extended-dn
# record 1
dn:
<GUID=f872b9fc-cedc-4949-bd51-fc8ecfb9d211>;CN=DEFAULTIPSITELINK,CN=IP,CN=Inter-Site
Transports,CN=Sites,CN=Configuration,DC=home,DC=matws,DC=net
siteList:
<GUID=c9b85202-4f5a-43cb-ac7b-a6f6cd9a8e30>;<RMD_ADDTIME=12962226990
0000000>;<RMD_CHANGETIME=129622269900000000>;<RMD_FLAGS=0>;<RMD_INVOCID=00b57
015-57c4-4baf-828a-c93c12ac7e3a>;<RMD_LOCAL_USN=1983>;<RMD_ORIGINATING_USN=19
83>;<RMD_VERSION=0>;CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=h
ome,DC=matws,DC=net
siteList:
<GUID=c75d75fc-2521-475f-ade4-5c233a286338>;<RMD_ADDTIME=12962304242
0000000>;<RMD_CHANGETIME=129623042420000000>;<RMD_FLAGS=0>;<RMD_INVOCID=00b57
015-57c4-4baf-828a-c93c12ac7e3a>;<RMD_LOCAL_USN=8531>;<RMD_ORIGINATING_USN=85
31>;<RMD_VERSION=0>;CN=test\0ADEL:c75d75fc-2521-475f-ade4-5c233a286338,CN=Sit
es,CN=Configuration,DC=home,DC=matws,DC=net
The attribute is not removed, if we are running a samba only domain it's
mostly ok but in mixed domain it must be fun !
I'm also fearing some weird effect if a DC is promoted after the site
has been removed and deleted as we will return a link on a non existing
object.
Please tell me how you think this could be solved, the best I can see is
a kind of garbage collector.
Thanks.
Matthieu.
--
Matthieu Patou
Samba Team
http://samba.org
More information about the samba-technical
mailing list