The branch, master has been updated via bf52cff s4-kcc: fixed valgrind errors in drs replicaInfo server side via 5e8cb67 s4-provision: fixed eadb automatic and manual setting in provision via cfa7510 wintest: do an initial replication of CN=Configuration to transfer dnsHostname via 23bffff wintest: fixed "rndc command" option in provision via 9409b73 wintest: make IPv6 optional in wintest via eeb29b5 s4-provision: don't try to look for an IPv6 address when not specified from e52ba1f librpc: fix builds without IPv6 suport (HP-UX 11.00)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit bf52cffd2587615243a7101868a9038d9aa1b0c2 Author: Andrew Tridgell <tri...@samba.org> Date: Fri Nov 26 12:38:06 2010 +1100 s4-kcc: fixed valgrind errors in drs replicaInfo server side Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> Autobuild-User: Andrew Tridgell <tri...@samba.org> Autobuild-Date: Fri Nov 26 03:52:30 CET 2010 on sn-devel-104 commit 5e8cb67605367ffd9dd2a8624df90f2ca5e77fc4 Author: Andrew Tridgell <tri...@samba.org> Date: Fri Nov 26 12:10:55 2010 +1100 s4-provision: fixed eadb automatic and manual setting in provision we should not set posix:eadb in lp in the acl native test code Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit cfa7510e19b5e593af8c4da6e89b6a99adfe8b2b Author: Andrew Tridgell <tri...@samba.org> Date: Fri Nov 26 11:36:29 2010 +1100 wintest: do an initial replication of CN=Configuration to transfer dnsHostname this fixes the drs replication in the dcpromo test commit 23bffff98c7d1bd700509bb3fa6eaca3e1524096 Author: Andrew Tridgell <tri...@samba.org> Date: Fri Nov 26 11:33:49 2010 +1100 wintest: fixed "rndc command" option in provision we need to point at the generated rndc.conf Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> commit 9409b73290bdbfc82b75c4af8a22ca1ed6165e2a Author: Andrew Tridgell <tri...@samba.org> Date: Fri Nov 26 11:33:10 2010 +1100 wintest: make IPv6 optional in wintest we need some more work on IPv6 support in s4 before this works commit eeb29b593a671e16f87e64f01abea47ec898ba77 Author: Andrew Tridgell <tri...@samba.org> Date: Fri Nov 26 10:20:03 2010 +1100 s4-provision: don't try to look for an IPv6 address when not specified the getaddrinfo() method of finding an IPv6 address is incorrect. We could do it via the Samba interfaces code, but until we have that it is better to not try to auto-detect IPv6 Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> ----------------------------------------------------------------------- Summary of changes: source4/dsdb/kcc/kcc_drs_replica_info.c | 12 +++----- source4/scripting/python/samba/ntacls.py | 31 ++++++++++----------- source4/scripting/python/samba/provision.py | 13 +-------- source4/setup/provision | 6 +--- wintest/conf/abartlet.conf | 1 - wintest/conf/tridge.conf | 1 - wintest/test-s4-howto.py | 40 ++++++++++++++++++++------- 7 files changed, 53 insertions(+), 51 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dsdb/kcc/kcc_drs_replica_info.c b/source4/dsdb/kcc/kcc_drs_replica_info.c index e2e49b8..1da3ecd 100644 --- a/source4/dsdb/kcc/kcc_drs_replica_info.c +++ b/source4/dsdb/kcc/kcc_drs_replica_info.c @@ -418,13 +418,9 @@ static WERROR get_master_ncs(TALLOC_CTX *mem_ctx, struct ldb_context *samdb, } for (k = 0; k < msg_elem->num_values; k++) { - int len = msg_elem->values[k].length; - /* copy the string on msg_elem->values[k]->data to nc_str */ - nc_str = talloc_array(mem_ctx, char, len); + nc_str = talloc_strndup(mem_ctx, (char *)msg_elem->values[k].data, msg_elem->values[k].length); W_ERROR_HAVE_NO_MEMORY(nc_str); - memcpy(nc_str, msg_elem->values[k].data, len); - nc_str[len] = '\0'; nc_list_elem = talloc_zero(mem_ctx, struct ncList); W_ERROR_HAVE_NO_MEMORY(nc_list_elem); @@ -584,7 +580,6 @@ static WERROR kccdrs_replica_get_info_neighbours(TALLOC_CTX *mem_ctx, struct repsFromTo2 *reps_from = NULL; uint32_t c_reps_from; uint32_t i_rep; - struct drsuapi_DsReplicaNeighbour neigh; struct ncList *nc_list = NULL; status = get_ncs_list(mem_ctx, samdb, service, object_dn_str, &nc_list); @@ -624,6 +619,8 @@ static WERROR kccdrs_replica_get_info_neighbours(TALLOC_CTX *mem_ctx, { if (i >= base_index) { + struct drsuapi_DsReplicaNeighbour neigh; + ZERO_STRUCT(neigh); status = fill_neighbor_from_repsFrom(mem_ctx, samdb, nc_dn, &neigh, reps_from); @@ -702,7 +699,6 @@ static WERROR kccdrs_replica_get_info_repsto(TALLOC_CTX *mem_ctx, struct repsFromTo2 *reps_to; uint32_t c_reps_to; uint32_t i_rep; - struct drsuapi_DsReplicaNeighbour neigh; struct ncList *nc_list = NULL; status = get_ncs_list(mem_ctx, samdb, service, object_dn_str, &nc_list); @@ -726,6 +722,8 @@ static WERROR kccdrs_replica_get_info_repsto(TALLOC_CTX *mem_ctx, /* foreach r in nc!repsTo */ for (i_rep = 0; i_rep < c_reps_to; i_rep++) { + struct drsuapi_DsReplicaNeighbour neigh; + ZERO_STRUCT(neigh); /* put all info on reps_to */ if (reps_to_blob[i_rep].version == 1) { diff --git a/source4/scripting/python/samba/ntacls.py b/source4/scripting/python/samba/ntacls.py index 9bf5cfe..4f1c922 100644 --- a/source4/scripting/python/samba/ntacls.py +++ b/source4/scripting/python/samba/ntacls.py @@ -28,23 +28,23 @@ class XattrBackendError(Exception): def checkset_backend(lp, backend, eadbfile): - # if posix:eadb is set, then force the backend - if backend is not None: - if backend == "native": - lp.set("posix:eadb", "") - elif backend == "tdb": - if eadbfile is not None: - lp.set("posix:eadb", eadbfile) - else: - os.path.abspath(os.path.join(lp.get("private dir"), "eadb.tdb")) + '''return the path to the eadb, or None''' + if backend is None: + return lp.get("posix:eadb") + elif backend == "native": + return None + elif backend == "tdb": + if eadbfile is not None: + return eadbfile else: - raise XattrBackendError("Invalid xattr backend choice %s"%backend) + return os.path.abspath(os.path.join(lp.get("private dir"), "eadb.tdb")) + else: + raise XattrBackendError("Invalid xattr backend choice %s"%backend) def getntacl(lp, file, backend=None, eadbfile=None): - checkset_backend(lp, backend, eadbfile) - eadbname = lp.get("posix:eadb") - if eadbname is not None and eadbname != "": + eadbname = checkset_backend(lp, backend, eadbfile) + if eadbname is not None: try: attribute = samba.xattr_tdb.wrap_getxattr(eadbname, file, xattr.XATTR_NTACL_NAME) @@ -62,14 +62,13 @@ def getntacl(lp, file, backend=None, eadbfile=None): def setntacl(lp, file, sddl, domsid, backend=None, eadbfile=None): - checkset_backend(lp, backend, eadbfile) + eadbname = checkset_backend(lp, backend, eadbfile) ntacl = xattr.NTACL() ntacl.version = 1 sid = security.dom_sid(domsid) sd = security.descriptor.from_sddl(sddl, sid) ntacl.info = sd - eadbname = lp.get("posix:eadb") - if eadbname is not None and eadbname != "": + if eadbname is not None: try: samba.xattr_tdb.wrap_setxattr(eadbname, file, xattr.XATTR_NTACL_NAME, ndr_pack(ntacl)) diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index cb1e8bd..b5f37b5 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -590,7 +590,7 @@ def make_smbconf(smbconf, setup_path, hostname, domain, realm, serverrole, #Load non-existant file if os.path.exists(smbconf): lp.load(smbconf) - if eadb: + if eadb and not lp.get("posix:eadb"): if targetdir is not None: privdir = os.path.join(targetdir, "private") else: @@ -1484,17 +1484,6 @@ def provision(setup_dir, logger, session_info, if len(hostips) > 1: logger.warning("More than one IPv4 address found. Using %s.", hostip) - if hostip6 is None: - try: - logger.info("Looking up IPv6 address for %s" % names.hostname) - for ip in socket.getaddrinfo(names.hostname, None, socket.AF_INET6, socket.AI_CANONNAME, socket.IPPROTO_IP): - if hostip6 is None: - hostip6 = ip[-1][0] - if hostip6 == '::1' and ip[-1][0] != '::1': - hostip6 = ip[-1][0] - except socket.gaierror, (socket.EAI_NODATA, msg): - hostip6 = None - if serverrole is None: serverrole = lp.get("server role") diff --git a/source4/setup/provision b/source4/setup/provision index 303fd32..18142ad 100755 --- a/source4/setup/provision +++ b/source4/setup/provision @@ -225,10 +225,8 @@ elif opts.use_xattrs == "auto" and not lp.get("posix:eadb"): "O:S-1-5-32G:S-1-5-32", "S-1-5-32", "native") eadb = False except: - # XXX: Should catch a specific exception here - if lp.get("posix:eadb") is None: - logger.info("You are not root or your system do not support xattr, using tdb backend for attributes. " - "If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.") + logger.info("You are not root or your system do not support xattr, using tdb backend for attributes. " + "If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.") file.close() diff --git a/wintest/conf/abartlet.conf b/wintest/conf/abartlet.conf index 3fa4501..f775c81 100644 --- a/wintest/conf/abartlet.conf +++ b/wintest/conf/abartlet.conf @@ -19,7 +19,6 @@ INTERFACE : virbr0:0 # this is an additional IP that will be used for named to listen # on. It should not be the primary IP of the interface INTERFACE_IP : 192.168.122.2 -INTERFACE_IPV6 : 3ffe:ffff:0:f101::3 INTERFACE_NET : 192.168.122.2/24 # how to run bind9 diff --git a/wintest/conf/tridge.conf b/wintest/conf/tridge.conf index a2bad63..1c7ed0b 100644 --- a/wintest/conf/tridge.conf +++ b/wintest/conf/tridge.conf @@ -19,7 +19,6 @@ INTERFACE : virbr0:0 # this is an additional IP that will be used for named to listen # on. It should not be the primary IP of the interface INTERFACE_IP : 10.0.0.2 -INTERFACE_IPV6 : 3ffe:ffff:0:f101::3 INTERFACE_NET : 10.0.0.2/24 # how to run bind9 diff --git a/wintest/test-s4-howto.py b/wintest/test-s4-howto.py index d12968c..c05d084 100755 --- a/wintest/test-s4-howto.py +++ b/wintest/test-s4-howto.py @@ -13,8 +13,9 @@ def check_prerequesites(t): raise Exception("You must run this script as root") t.putenv("KRB5_CONFIG", '${PREFIX}/private/krb5.conf') t.run_cmd('ifconfig ${INTERFACE} ${INTERFACE_NET} up') - t.run_cmd('ifconfig ${INTERFACE} inet6 del ${INTERFACE_IPV6}/64', checkfail=False) - t.run_cmd('ifconfig ${INTERFACE} inet6 add ${INTERFACE_IPV6}/64 up') + if t.getvar('INTERFACE_IPV6'): + t.run_cmd('ifconfig ${INTERFACE} inet6 del ${INTERFACE_IPV6}/64', checkfail=False) + t.run_cmd('ifconfig ${INTERFACE} inet6 add ${INTERFACE_IPV6}/64 up') def build_s4(t): @@ -34,11 +35,20 @@ def provision_s4(t, func_level="2008"): t.chdir('${PREFIX}') t.del_files(["var", "private"]) t.run_cmd("rm -f etc/smb.conf") - options=' --function-level=%s -d${DEBUGLEVEL}' % func_level - options += ' --option=interfaces="${INTERFACE} ${INTERFACE_IPV6}"' - options += ' --host-ip=${INTERFACE_IP} --host-ip6=${INTERFACE_IPV6}' - options += ' --option=bindinterfacesonly=yes' - t.run_cmd('sbin/provision --realm=${LCREALM} --domain=${DOMAIN} --adminpass=${PASSWORD1} --server-role="domain controller"' + options) + provision=['sbin/provision', + '--realm=${LCREALM}', + '--domain=${DOMAIN}', + '--adminpass=${PASSWORD1}', + '--server-role=domain controller', + '--function-level=%s' % func_level, + '-d${DEBUGLEVEL}', + '--option=interfaces=${INTERFACE}', + '--host-ip=${INTERFACE_IP}', + '--option=bind interfaces only=yes', + '--option=rndc command=${RNDC} -c${PREFIX}/etc/rndc.conf'] + if t.getvar('INTERFACE_IPV6'): + provision.append('--host-ip6=${INTERFACE_IPV6}') + t.run_cmd(provision) t.run_cmd('bin/samba-tool newuser testallowed ${PASSWORD1}') t.run_cmd('bin/samba-tool newuser testdenied ${PASSWORD1}') t.run_cmd('bin/samba-tool group addmembers "Allowed RODC Password Replication Group" testallowed') @@ -133,10 +143,16 @@ def restart_bind(t): raise RuntimeError("old /etc/resolv.conf must not contain %s as a nameserver, this will create loops with the generated dns configuration" % nameserver) t.setvar('DNSSERVER', nameserver) + if t.getvar('INTERFACE_IPV6'): + ipv6_listen = 'listen-on-v6 port 53 { ${INTERFACE_IPV6}; };' + else: + ipv6_listen = '' + t.setvar('BIND_LISTEN_IPV6', ipv6_listen) + t.write_file("etc/named.conf", ''' options { listen-on port 53 { ${INTERFACE_IP}; }; - listen-on-v6 port 53 { ${INTERFACE_IPV6}; }; + ${BIND_LISTEN_IPV6} directory "${PREFIX}/var/named"; dump-file "${PREFIX}/var/named/data/cache_dump.db"; pid-file "${PREFIX}/var/named/named.pid"; @@ -320,6 +336,10 @@ def test_dcpromo(t, vm): t.cmd_contains("bin/samba-tool drs kcc ${WIN_HOSTNAME}.${LCREALM} -uadministra...@${lcrealm}%${password1}", ['Consistency check', 'successful']) t.kinit("administra...@${realm}", "${PASSWORD1}") + + # the first replication will transfer the dnsHostname attribute + t.cmd_contains("bin/samba-tool drs replicate ${HOSTNAME}.${LCREALM} ${WIN_HOSTNAME} CN=Configuration,${BASEDN} -k yes", ["was successful"]) + for nc in [ '${BASEDN}', 'CN=Configuration,${BASEDN}', 'CN=Schema,CN=Configuration,${BASEDN}' ]: t.cmd_contains("bin/samba-tool drs replicate ${HOSTNAME}.${LCREALM} ${WIN_HOSTNAME}.${LCREALM} %s -k yes" % nc, ["was successful"]) t.cmd_contains("bin/samba-tool drs replicate ${WIN_HOSTNAME}.${LCREALM} ${HOSTNAME}.${LCREALM} %s -k yes" % nc, ["was successful"]) @@ -494,7 +514,7 @@ def join_as_dc(t, vm): child = t.open_telnet("${WIN_HOSTNAME}", "${WIN_DOMAIN}\\administrator", "${WIN_PASS}", set_time=True) t.get_ipconfig(child) t.retry_cmd("bin/samba-tool drs showrepl ${WIN_HOSTNAME}.${WIN_REALM} -Uadministrator%${WIN_PASS}", ['INBOUND NEIGHBORS'] ) - t.run_cmd('bin/samba-tool join ${WIN_REALM} DC -Uadministrator%${WIN_PASS} -d${DEBUGLEVEL} --option=interfaces="${INTERFACE} ${INTERFACE_IPV6"') + t.run_cmd('bin/samba-tool join ${WIN_REALM} DC -Uadministrator%${WIN_PASS} -d${DEBUGLEVEL} --option=interfaces=${INTERFACE}') t.run_cmd('bin/samba-tool drs kcc ${WIN_HOSTNAME}.${WIN_REALM} -uadministra...@${win_realm}%${win_pass}') @@ -563,7 +583,7 @@ def join_as_rodc(t, vm): child = t.open_telnet("${WIN_HOSTNAME}", "${WIN_DOMAIN}\\administrator", "${WIN_PASS}", set_time=True) t.get_ipconfig(child) t.retry_cmd("bin/samba-tool drs showrepl ${WIN_HOSTNAME}.${WIN_REALM} -Uadministrator%${WIN_PASS}", ['INBOUND NEIGHBORS'] ) - t.run_cmd('bin/samba-tool join ${WIN_REALM} RODC -Uadministrator%${WIN_PASS} -d${DEBUGLEVEL} --option=interfaces="${INTERFACE} ${INTERFACE_IPV6}"') + t.run_cmd('bin/samba-tool join ${WIN_REALM} RODC -Uadministrator%${WIN_PASS} -d${DEBUGLEVEL} --option=interfaces=${INTERFACE}') t.run_cmd('bin/samba-tool drs kcc ${WIN_HOSTNAME}.${WIN_REALM} -uadministra...@${win_realm}%${win_pass}') -- Samba Shared Repository