The branch, master has been updated via 8dc7029 Fix bug #8293 - SMB2 doesn't rotate the log files often enough. via eea210e s3:smb2_server: call change_to_root_user() or smbd_smb2_request_check_tcon() from 6db705d libcli: remove duplicate of #define NT_STATUS_NO_SUCH_JOB
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 8dc7029561b4d2e02b1f12583b7b871fd4d2ba14 Author: Jeremy Allison <j...@samba.org> Date: Thu Jul 7 14:59:41 2011 -0700 Fix bug #8293 - SMB2 doesn't rotate the log files often enough. Move the num_requests field out of the smb1 struct into the generic struct smbd_server_connection struct. Use it to count SMB2 requests as well as SMB1 and ensure that check_log_size() is called every 50 SMB2 requests. Autobuild-User: Jeremy Allison <j...@samba.org> Autobuild-Date: Fri Jul 8 01:14:53 CEST 2011 on sn-devel-104 commit eea210eba7c20e6d04b13cf8ccd3011ee7c99157 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 7 16:38:33 2011 +0200 s3:smb2_server: call change_to_root_user() or smbd_smb2_request_check_tcon() For all requests which don't operate on a tcon, we should call change_to_root_user(), to match the SMB1 behavior. For SMB1 we do the following operations without AS_USER: /* 0x70 */ { "SMBtcon",reply_tcon,0}, /* 0x71 */ { "SMBtdis",reply_tdis,DO_CHDIR}, /* 0x72 */ { "SMBnegprot",reply_negprot,0}, /* 0x73 */ { "SMBsesssetupX",reply_sesssetup_and_X,0}, /* 0x74 */ { "SMBulogoffX",reply_ulogoffX, 0}, /* ulogoff doesn't give a valid TID */ /* 0x75 */ { "SMBtconX",reply_tcon_and_X,0}, ... /* 0x2b */ { "SMBecho",reply_echo,0}, ... /* 0xa4 */ { "SMBntcancel",reply_ntcancel, 0 }, For SMB2tdis we still call smbd_smb2_request_check_tcon() as close_cnum() calls change_to_root_user() when needed. metze Signed-off-by: Jeremy Allison <j...@samba.org> ----------------------------------------------------------------------- Summary of changes: source3/smbd/globals.h | 3 +- source3/smbd/process.c | 4 +- source3/smbd/smb2_server.c | 46 +++++++++++++++++++++++++++++++++++++++++-- 3 files changed, 47 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h index 51ea367..a98936a 100644 --- a/source3/smbd/globals.h +++ b/source3/smbd/globals.h @@ -483,6 +483,8 @@ struct smbd_server_connection { int dirhandles_open; } searches; + uint64_t num_requests; + struct { struct fd_event *fde; @@ -510,7 +512,6 @@ struct smbd_server_connection { int ref_count; } echo_handler; - uint64_t num_requests; struct { bool encrypted_passwords; bool spnego; diff --git a/source3/smbd/process.c b/source3/smbd/process.c index ca52626..339d005 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -1621,7 +1621,7 @@ static void process_smb(struct smbd_server_connection *sconn, sconn->trans_num++; done: - sconn->smb1.num_requests++; + sconn->num_requests++; /* The timeout_processing function isn't run nearly often enough to implement 'max log size' without @@ -1630,7 +1630,7 @@ done: level 10. Checking every 50 SMBs is a nice tradeoff of performance vs log file size overrun. */ - if ((sconn->smb1.num_requests % 50) == 0 && + if ((sconn->num_requests % 50) == 0 && need_to_check_log_size()) { change_to_root_user(); check_log_size(); diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index 1bbb108..5882572 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -1139,6 +1139,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) switch (opcode) { case SMB2_OP_NEGPROT: + /* This call needs to be run as root */ + change_to_root_user(); + { START_PROFILE(smb2_negprot); return_value = smbd_smb2_request_process_negprot(req); @@ -1147,6 +1150,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) break; case SMB2_OP_SESSSETUP: + /* This call needs to be run as root */ + change_to_root_user(); + { START_PROFILE(smb2_sesssetup); return_value = smbd_smb2_request_process_sesssetup(req); @@ -1160,6 +1166,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) break; } + /* This call needs to be run as root */ + change_to_root_user(); + { START_PROFILE(smb2_logoff); return_value = smbd_smb2_request_process_logoff(req); @@ -1173,6 +1182,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) break; } + /* This call needs to be run as root */ + change_to_root_user(); + { START_PROFILE(smb2_tcon); return_value = smbd_smb2_request_process_tcon(req); @@ -1190,6 +1202,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) return_value = smbd_smb2_request_error(req, status); break; } + /* This call needs to be run as root */ + change_to_root_user(); + { START_PROFILE(smb2_tdis); @@ -1333,6 +1348,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) break; case SMB2_OP_CANCEL: + /* This call needs to be run as root */ + change_to_root_user(); + { START_PROFILE(smb2_cancel); return_value = smbd_smb2_request_process_cancel(req); @@ -1341,9 +1359,14 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) break; case SMB2_OP_KEEPALIVE: - {START_PROFILE(smb2_keepalive); - return_value = smbd_smb2_request_process_keepalive(req); - END_PROFILE(smb2_keepalive);} + /* This call needs to be run as root */ + change_to_root_user(); + + { + START_PROFILE(smb2_keepalive); + return_value = smbd_smb2_request_process_keepalive(req); + END_PROFILE(smb2_keepalive); + } break; case SMB2_OP_FIND: @@ -2211,6 +2234,8 @@ void smbd_smb2_first_negprot(struct smbd_server_connection *sconn, return; } tevent_req_set_callback(subreq, smbd_smb2_request_incoming, sconn); + + sconn->num_requests++; } static void smbd_smb2_request_incoming(struct tevent_req *subreq) @@ -2267,4 +2292,19 @@ next: return; } tevent_req_set_callback(subreq, smbd_smb2_request_incoming, sconn); + + sconn->num_requests++; + + /* The timeout_processing function isn't run nearly + often enough to implement 'max log size' without + overrunning the size of the file by many megabytes. + This is especially true if we are running at debug + level 10. Checking every 50 SMB2s is a nice + tradeoff of performance vs log file size overrun. */ + + if ((sconn->num_requests % 50) == 0 && + need_to_check_log_size()) { + change_to_root_user(); + check_log_size(); + } } -- Samba Shared Repository