The branch, master has been updated via a2daa66 ldb/tools: only use LDB_FLG_SHOW_BINARY for 'ldbsearch' via fcf5e5a s3:wscript_build: remove unused bld.RECURSE('lib/pthreadpool') via 0a7c6b5 dbchecker: Stop ignoring linked cases where both objects are alive via 6f2deb0 tests/dbcheck: Add a test for two live objects, with a dangling forward link via 86f10ea tests/dbcheck: Add a test for two live objects, with a dangling backlink from 2e09407 s3:winbind: work around coverity false positive.
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit a2daa664ccd284b8894e67ed307a0bd761eb82db Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 19 04:29:13 2017 +0100 ldb/tools: only use LDB_FLG_SHOW_BINARY for 'ldbsearch' --show-binary is only useful for ldbseach in all other cases it will destroy data. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Fri Feb 24 03:59:01 CET 2017 on sn-devel-144 commit fcf5e5a9b80fe6bbe912fb114cc0ea58db8e55b3 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Feb 22 07:26:33 2017 +0100 s3:wscript_build: remove unused bld.RECURSE('lib/pthreadpool') Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 0a7c6b56563faeafd61a620cb330349671bc9f3b Author: Garming Sam <garm...@catalyst.net.nz> Date: Wed Feb 22 15:42:46 2017 +1300 dbchecker: Stop ignoring linked cases where both objects are alive Previously, this did nothing and the code was both untested and unused. Removes the knownfail entry for dbcheck. Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12600 commit 6f2deb01fa1c6e81f101df49990dadcbc9c31226 Author: Garming Sam <garm...@catalyst.net.nz> Date: Wed Feb 22 17:43:21 2017 +1300 tests/dbcheck: Add a test for two live objects, with a dangling forward link Handling backlinks appears to be rather non-deterministic, so the forward link hangs off of the RODC replication group (which has no other valid forward links). In other situations, it either won't delete the memberOf, or the expected output order will vary. Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12600 commit 86f10eaecd4ed9fd9db83d711cbf1f823528d6e5 Author: Garming Sam <garm...@catalyst.net.nz> Date: Wed Feb 22 15:43:34 2017 +1300 tests/dbcheck: Add a test for two live objects, with a dangling backlink Adds dbcheck 4.5.0pre1 to the knownfail, to be removed later. Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12600 ----------------------------------------------------------------------- Summary of changes: lib/ldb/tools/cmdline.c | 30 +++++++++++++++--- lib/ldb/tools/cmdline.h | 3 ++ lib/ldb/tools/ldbsearch.c | 2 +- python/samba/dbchecker.py | 23 ++++++++------ source3/wscript_build | 1 - .../add-dangling-backlink-user.ldif | 3 ++ .../release-4-5-0-pre1/add-dangling-backlink.ldif | 4 +++ .../add-dangling-forwardlink-user.ldif | 3 ++ .../add-initially-normal-link.ldif | 4 +++ .../release-4-5-0-pre1/delete-only-backlink.ldif | 4 +++ .../expected-dbcheck-link-output.txt | 10 ++++-- testprogs/blackbox/dbcheck-links.sh | 37 ++++++++++++++++++++++ 12 files changed, 106 insertions(+), 18 deletions(-) create mode 100644 source4/selftest/provisions/release-4-5-0-pre1/add-dangling-backlink-user.ldif create mode 100644 source4/selftest/provisions/release-4-5-0-pre1/add-dangling-backlink.ldif create mode 100644 source4/selftest/provisions/release-4-5-0-pre1/add-dangling-forwardlink-user.ldif create mode 100644 source4/selftest/provisions/release-4-5-0-pre1/add-initially-normal-link.ldif create mode 100644 source4/selftest/provisions/release-4-5-0-pre1/delete-only-backlink.ldif Changeset truncated at 500 lines: diff --git a/lib/ldb/tools/cmdline.c b/lib/ldb/tools/cmdline.c index 6d0a406..8baa120 100644 --- a/lib/ldb/tools/cmdline.c +++ b/lib/ldb/tools/cmdline.c @@ -93,9 +93,10 @@ static bool add_control(TALLOC_CTX *mem_ctx, const char *control) /** process command line options */ -struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, +static struct ldb_cmdline *ldb_cmdline_process_internal(struct ldb_context *ldb, int argc, const char **argv, - void (*usage)(struct ldb_context *)) + void (*usage)(struct ldb_context *), + bool search) { struct ldb_cmdline *ret=NULL; poptContext pc; @@ -278,8 +279,15 @@ struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, flags |= LDB_FLG_NOSYNC; } - if (options.show_binary) { - flags |= LDB_FLG_SHOW_BINARY; + if (search) { + /* + * For now we're not adding LDB_FLG_RDONLY, + * as that would result in no tdb locking. + */ + + if (options.show_binary) { + flags |= LDB_FLG_SHOW_BINARY; + } } if (options.tracing) { @@ -317,6 +325,20 @@ failed: return NULL; } +struct ldb_cmdline *ldb_cmdline_process_search(struct ldb_context *ldb, + int argc, const char **argv, + void (*usage)(struct ldb_context *)) +{ + return ldb_cmdline_process_internal(ldb, argc, argv, usage, true); +} + +struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, + int argc, const char **argv, + void (*usage)(struct ldb_context *)) +{ + return ldb_cmdline_process_internal(ldb, argc, argv, usage, false); +} + /* this function check controls reply and determines if more * processing is needed setting up the request controls correctly * diff --git a/lib/ldb/tools/cmdline.h b/lib/ldb/tools/cmdline.h index 416bf51..9af0ea1 100644 --- a/lib/ldb/tools/cmdline.h +++ b/lib/ldb/tools/cmdline.h @@ -46,6 +46,9 @@ struct ldb_cmdline { int tracing; }; +struct ldb_cmdline *ldb_cmdline_process_search(struct ldb_context *ldb, + int argc, const char **argv, + void (*usage)(struct ldb_context *)); struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, int argc, const char **argv, void (*usage)(struct ldb_context *)); diff --git a/lib/ldb/tools/ldbsearch.c b/lib/ldb/tools/ldbsearch.c index a030a5a..5eae624 100644 --- a/lib/ldb/tools/ldbsearch.c +++ b/lib/ldb/tools/ldbsearch.c @@ -300,7 +300,7 @@ int main(int argc, const char **argv) return LDB_ERR_OPERATIONS_ERROR; } - options = ldb_cmdline_process(ldb, argc, argv, usage); + options = ldb_cmdline_process_search(ldb, argc, argv, usage); /* the check for '=' is for compatibility with ldapsearch */ if (!options->interactive && diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py index 22819de..032c0e7 100644 --- a/python/samba/dbchecker.py +++ b/python/samba/dbchecker.py @@ -645,10 +645,9 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base))) self.report("Not fixing missing backlink %s" % backlink_name) return m = ldb.Message() - m.dn = obj.dn - m['old_value'] = ldb.MessageElement(val, ldb.FLAG_MOD_DELETE, attrname) - m['new_value'] = ldb.MessageElement(val, ldb.FLAG_MOD_ADD, attrname) - if self.do_modify(m, ["show_recycled:1"], + m.dn = target_dn + m['new_value'] = ldb.MessageElement(val, ldb.FLAG_MOD_ADD, backlink_name) + if self.do_modify(m, ["show_recycled:1", "relax:0"], "Failed to fix missing backlink %s" % backlink_name): self.report("Fixed missing backlink %s" % (backlink_name)) @@ -974,12 +973,16 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base))) if v_guid == obj_guid: match_count += 1 if match_count != 1: - if target_is_deleted: - error_count += 1 - if linkID & 1: - self.err_missing_backlink(obj, attrname, val, reverse_link_name, dsdb_dn.dn) - else: - self.err_orphaned_backlink(obj, attrname, val, reverse_link_name, dsdb_dn.dn) + error_count += 1 + if linkID & 1: + # Backlink exists, but forward link does not + # Delete the hanging backlink + self.err_orphaned_backlink(obj, attrname, val, reverse_link_name, dsdb_dn.dn) + else: + # Forward link exists, but backlink does not + # Add the missing backlink (if the target object is not Deleted Objects?) + if not target_is_deleted: + self.err_missing_backlink(obj, attrname, obj.dn.extended_str(), reverse_link_name, dsdb_dn.dn) continue diff --git a/source3/wscript_build b/source3/wscript_build index 9903624..74f87bb 100644 --- a/source3/wscript_build +++ b/source3/wscript_build @@ -1341,7 +1341,6 @@ bld.SAMBA3_BINARY('spotlight2sparql', bld.RECURSE('auth') bld.RECURSE('libgpo/gpext') -bld.RECURSE('lib/pthreadpool') bld.RECURSE('librpc') bld.RECURSE('librpc/idl') bld.RECURSE('libsmb') diff --git a/source4/selftest/provisions/release-4-5-0-pre1/add-dangling-backlink-user.ldif b/source4/selftest/provisions/release-4-5-0-pre1/add-dangling-backlink-user.ldif new file mode 100644 index 0000000..c35905d --- /dev/null +++ b/source4/selftest/provisions/release-4-5-0-pre1/add-dangling-backlink-user.ldif @@ -0,0 +1,3 @@ +dn: CN=dangling-back,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp +objectclass: user +samaccountname: dangling-back diff --git a/source4/selftest/provisions/release-4-5-0-pre1/add-dangling-backlink.ldif b/source4/selftest/provisions/release-4-5-0-pre1/add-dangling-backlink.ldif new file mode 100644 index 0000000..6d8468e --- /dev/null +++ b/source4/selftest/provisions/release-4-5-0-pre1/add-dangling-backlink.ldif @@ -0,0 +1,4 @@ +dn: CN=dangling-back,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp +changetype: modify +add: memberOf +memberOf: <GUID=a5b834bf-e4ca-4e1b-9c9f-0f01c9656f3b>;<SID=S-1-5-21-4177067393-1453636373-93818738-571>;CN=Allowed RODC Password Replication Group,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp diff --git a/source4/selftest/provisions/release-4-5-0-pre1/add-dangling-forwardlink-user.ldif b/source4/selftest/provisions/release-4-5-0-pre1/add-dangling-forwardlink-user.ldif new file mode 100644 index 0000000..db4a68c --- /dev/null +++ b/source4/selftest/provisions/release-4-5-0-pre1/add-dangling-forwardlink-user.ldif @@ -0,0 +1,3 @@ +dn: CN=dangling-forward,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp +objectclass: user +samaccountname: dangling-forward diff --git a/source4/selftest/provisions/release-4-5-0-pre1/add-initially-normal-link.ldif b/source4/selftest/provisions/release-4-5-0-pre1/add-initially-normal-link.ldif new file mode 100644 index 0000000..35b282b --- /dev/null +++ b/source4/selftest/provisions/release-4-5-0-pre1/add-initially-normal-link.ldif @@ -0,0 +1,4 @@ +dn: CN=Allowed RODC Password Replication Group,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp +changetype: modify +add: member +member: cn=dangling-forward,cn=users,DC=release-4-5-0-pre1,DC=samba,DC=corp diff --git a/source4/selftest/provisions/release-4-5-0-pre1/delete-only-backlink.ldif b/source4/selftest/provisions/release-4-5-0-pre1/delete-only-backlink.ldif new file mode 100644 index 0000000..d97550c --- /dev/null +++ b/source4/selftest/provisions/release-4-5-0-pre1/delete-only-backlink.ldif @@ -0,0 +1,4 @@ +dn: CN=dangling-forward,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp +changetype: modify +delete: memberOf +memberOf: <GUID=a5b834bf-e4ca-4e1b-9c9f-0f01c9656f3b>;<SID=S-1-5-21-4177067393-1453636373-93818738-571>;CN=Allowed RODC Password Replication Group,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp diff --git a/source4/selftest/provisions/release-4-5-0-pre1/expected-dbcheck-link-output.txt b/source4/selftest/provisions/release-4-5-0-pre1/expected-dbcheck-link-output.txt index ccbe0e2..ea2ef23 100644 --- a/source4/selftest/provisions/release-4-5-0-pre1/expected-dbcheck-link-output.txt +++ b/source4/selftest/provisions/release-4-5-0-pre1/expected-dbcheck-link-output.txt @@ -1,4 +1,4 @@ -Checking 221 objects +Checking 223 objects ERROR: linked attribute 'member' to '<GUID=118943ce-41c2-48cb-a511-b68c6feaa8aa>;<RMD_ADDTIME=131116484670000000>;<RMD_CHANGETIME=131116484700000000>;<RMD_FLAGS=1>;<RMD_INVOCID=4e4496a3-7fb8-4f97-8a33-d238db8b5e2d>;<RMD_LOCAL_USN=3729>;<RMD_ORIGINATING_USN=3729>;<RMD_VERSION=1>;<SID=S-1-5-21-4177067393-1453636373-93818738-1103>;CN=User UT. Tester,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp' is present on deleted object CN=gsg\0ADEL:91aa85cc-fc19-4b8c-9fc7-aaba425439c7,CN=Deleted Objects,DC=release-4-5-0-pre1,DC=samba,DC=corp Remove linked attribute member [YES] Fixed undead forward link member @@ -11,6 +11,9 @@ Fixed undead forward link member ERROR: linked attribute 'member' to '<GUID=50d78122-17c8-4352-acf0-8f549b5b5b3c>;<RMD_ADDTIME=131116484690000000>;<RMD_CHANGETIME=131116484720000000>;<RMD_FLAGS=1>;<RMD_INVOCID=4e4496a3-7fb8-4f97-8a33-d238db8b5e2d>;<RMD_LOCAL_USN=3733>;<RMD_ORIGINATING_USN=3733>;<RMD_VERSION=1>;<SID=S-1-5-21-4177067393-1453636373-93818738-1104>;CN=User1 UT. Tester,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp' is present on deleted object CN=udg\0ADEL:7cff5537-51b1-4d26-a295-0225dbea8525,CN=Deleted Objects,DC=release-4-5-0-pre1,DC=samba,DC=corp Remove linked attribute member [YES] Fixed undead forward link member +ERROR: missing backlink attribute 'memberOf' in CN=dangling-forward,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp for link member in CN=Allowed RODC Password Replication Group,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp +Fix missing backlink memberOf [YES] +Fixed missing backlink memberOf ERROR: target DN is deleted for member in object CN=swimmers,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp - <GUID=2301a64c-5b42-4ca8-851e-12d4a711cfb4>;<RMD_ADDTIME=131116485990000000>;<RMD_CHANGETIME=131116485990000000>;<RMD_FLAGS=1>;<RMD_INVOCID=4e4496a3-7fb8-4f97-8a33-d238db8b5e2d>;<RMD_LOCAL_USN=3745>;<RMD_ORIGINATING_USN=3745>;<RMD_VERSION=1>;<SID=S-1-5-21-4177067393-1453636373-93818738-1111>;CN=fred,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp Target GUID points at deleted DN 'CN=fred\\0ADEL:2301a64c-5b42-4ca8-851e-12d4a711cfb4,CN=Deleted Objects,DC=release-4-5-0-pre1,DC=samba,DC=corp' Remove stale DN link? [YES] @@ -27,6 +30,9 @@ Fixed undead forward link member ERROR: linked attribute 'member' to '<GUID=50d78122-17c8-4352-acf0-8f549b5b5b3c>;<RMD_ADDTIME=131116484670000000>;<RMD_CHANGETIME=131116484700000000>;<RMD_FLAGS=1>;<RMD_INVOCID=4e4496a3-7fb8-4f97-8a33-d238db8b5e2d>;<RMD_LOCAL_USN=3728>;<RMD_ORIGINATING_USN=3728>;<RMD_VERSION=1>;<SID=S-1-5-21-4177067393-1453636373-93818738-1104>;CN=User1 UT. Tester,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp' is present on deleted object CN=dsg\0ADEL:6d66d0ef-cad7-4e5d-b1b6-4a233a21c269,CN=Deleted Objects,DC=release-4-5-0-pre1,DC=samba,DC=corp Remove linked attribute member [YES] Fixed undead forward link member +ERROR: orphaned backlink attribute 'memberOf' in CN=dangling-back,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp for link member in CN=Allowed RODC Password Replication Group,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp +Remove orphaned backlink memberOf [YES] +Fixed orphaned backlink memberOf ERROR: linked attribute 'member' to '<GUID=118943ce-41c2-48cb-a511-b68c6feaa8aa>;<RMD_ADDTIME=131116484680000000>;<RMD_CHANGETIME=131116484700000000>;<RMD_FLAGS=1>;<RMD_INVOCID=4e4496a3-7fb8-4f97-8a33-d238db8b5e2d>;<RMD_LOCAL_USN=3730>;<RMD_ORIGINATING_USN=3730>;<RMD_VERSION=1>;<SID=S-1-5-21-4177067393-1453636373-93818738-1103>;CN=User UT. Tester,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp' is present on deleted object CN=usg\0ADEL:d012e8f5-a4bd-40ea-a2a1-68ff2508847d,CN=Deleted Objects,DC=release-4-5-0-pre1,DC=samba,DC=corp Remove linked attribute member [YES] Fixed undead forward link member @@ -39,4 +45,4 @@ Fixed undead forward link member ERROR: linked attribute 'member' to '<GUID=50d78122-17c8-4352-acf0-8f549b5b5b3c>;<RMD_ADDTIME=131116484680000000>;<RMD_CHANGETIME=131116484710000000>;<RMD_FLAGS=1>;<RMD_INVOCID=4e4496a3-7fb8-4f97-8a33-d238db8b5e2d>;<RMD_LOCAL_USN=3731>;<RMD_ORIGINATING_USN=3731>;<RMD_VERSION=1>;<SID=S-1-5-21-4177067393-1453636373-93818738-1104>;CN=User1 UT. Tester,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp' is present on deleted object CN=ddg\0ADEL:fb8c2fe3-5448-43de-99f9-e1d3b9357cfc,CN=Deleted Objects,DC=release-4-5-0-pre1,DC=samba,DC=corp Remove linked attribute member [YES] Fixed undead forward link member -Checked 221 objects (13 errors) +Checked 223 objects (15 errors) diff --git a/testprogs/blackbox/dbcheck-links.sh b/testprogs/blackbox/dbcheck-links.sh index 0799a50..2a1bfba 100755 --- a/testprogs/blackbox/dbcheck-links.sh +++ b/testprogs/blackbox/dbcheck-links.sh @@ -91,6 +91,41 @@ dbcheck_clean() { fi } +add_dangling_link() { + ldif=$release_dir/add-dangling-forwardlink-user.ldif + TZ=UTC $ldbadd -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb $ldif + if [ "$?" != "0" ]; then + return 1 + fi + + ldif=$release_dir/add-initially-normal-link.ldif + TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb $ldif + if [ "$?" != "0" ]; then + return 1 + fi + sleep 6 + + ldif=$release_dir/delete-only-backlink.ldif + TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb.d/DC%3DRELEASE-4-5-0-PRE1,DC%3DSAMBA,DC%3DCORP.ldb $ldif + if [ "$?" != "0" ]; then + return 1 + fi +} + +add_dangling_backlink() { + ldif=$release_dir/add-dangling-backlink-user.ldif + TZ=UTC $ldbadd -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb $ldif + if [ "$?" != "0" ]; then + return 1 + fi + + ldif=$release_dir/add-dangling-backlink.ldif + TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb.d/DC%3DRELEASE-4-5-0-PRE1,DC%3DSAMBA,DC%3DCORP.ldb $ldif + if [ "$?" != "0" ]; then + return 1 + fi +} + add_two_more_users() { ldif=$release_dir/add-two-more-users.ldif TZ=UTC $ldbadd -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb $ldif @@ -172,6 +207,8 @@ if [ -d $release_dir ]; then testit "remove_one_link" remove_one_link testit "remove_one_user" remove_one_user testit "move_one_user" move_one_user + testit "add_dangling_link" add_dangling_link + testit "add_dangling_backlink" add_dangling_backlink testit "dbcheck" dbcheck testit "dbcheck_clean" dbcheck_clean testit "check_expected_after_deleted_links" check_expected_after_deleted_links -- Samba Shared Repository