The branch, master has been updated via 84172ae7cbc dsdb: Add debugging for a contrived situation where a non-schema attribute is on the record via 1a0d43bbcc9 dsdb: Add very verbose debugging if a delete fails in repl_meta_data via b8aa05525e2 ldb: ensure that ldbedit operates like ldbmodify: set DONT_CREATE_DB from 1e72fbdde00 ctdb-tests: Silence a ShellCheck warning
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 84172ae7cbcc9ccc3a20ac942d4749b28df0f7f5 Author: Andrew Bartlett <abart...@samba.org> Date: Sat Feb 29 09:30:15 2020 +1300 dsdb: Add debugging for a contrived situation where a non-schema attribute is on the record I had to modify the backend DB to produce this error, but I would like a clear error anyway. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Mon Mar 2 04:14:22 UTC 2020 on sn-devel-184 commit 1a0d43bbcc9e8be5f7149a9399b6a9776cd7f3ba Author: Andrew Bartlett <abart...@samba.org> Date: Sat Feb 29 09:06:51 2020 +1300 dsdb: Add very verbose debugging if a delete fails in repl_meta_data The modification into a tombstone should be a pretty reliable operation so if it fails print lots of info for debugging. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> commit b8aa05525e276fb315e21f78d468e48fa286e6c3 Author: Andrew Bartlett <abart...@samba.org> Date: Sat Feb 29 16:03:00 2020 +1300 ldb: ensure that ldbedit operates like ldbmodify: set DONT_CREATE_DB ldb* tools, when passed a raw filename assume tdb:// By default, ldb_tdb will call tdb with O_CREAT. TDB, when passed O_CREAT and a not-tdb file, will wipe the file. This means that if you run ldbedit <path to mdb-format-ldb file> the file will be wiped, which is unexpected. I noticed this while trying to corrupt a sam.ldb backend file (for testing), but instead I wiped it! Ideally tdb would not do that, but the behaviour has been this way for decades. Ideally ldb would have had a "create db" command, but this has been the job of ldbadd for over a decade. So this just blunts the knife for ldbedit. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14302 Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> ----------------------------------------------------------------------- Summary of changes: lib/ldb/tools/cmdline.c | 12 +++++- lib/ldb/tools/cmdline.h | 3 ++ lib/ldb/tools/ldbedit.c | 2 +- source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 49 ++++++++++++++++++++++++- 4 files changed, 61 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/ldb/tools/cmdline.c b/lib/ldb/tools/cmdline.c index a2fe97ee6b2..d53161574fd 100644 --- a/lib/ldb/tools/cmdline.c +++ b/lib/ldb/tools/cmdline.c @@ -96,6 +96,7 @@ static bool add_control(TALLOC_CTX *mem_ctx, const char *control) static struct ldb_cmdline *ldb_cmdline_process_internal(struct ldb_context *ldb, int argc, const char **argv, void (*usage)(struct ldb_context *), + bool dont_create, bool search) { struct ldb_cmdline *ret=NULL; @@ -326,14 +327,21 @@ struct ldb_cmdline *ldb_cmdline_process_search(struct ldb_context *ldb, int argc, const char **argv, void (*usage)(struct ldb_context *)) { - return ldb_cmdline_process_internal(ldb, argc, argv, usage, true); + return ldb_cmdline_process_internal(ldb, argc, argv, usage, true, true); +} + +struct ldb_cmdline *ldb_cmdline_process_edit(struct ldb_context *ldb, + int argc, const char **argv, + void (*usage)(struct ldb_context *)) +{ + return ldb_cmdline_process_internal(ldb, argc, argv, usage, false, true); } struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, int argc, const char **argv, void (*usage)(struct ldb_context *)) { - return ldb_cmdline_process_internal(ldb, argc, argv, usage, false); + return ldb_cmdline_process_internal(ldb, argc, argv, usage, false, false); } /* this function check controls reply and determines if more diff --git a/lib/ldb/tools/cmdline.h b/lib/ldb/tools/cmdline.h index 9af0ea168b7..dbc216aab17 100644 --- a/lib/ldb/tools/cmdline.h +++ b/lib/ldb/tools/cmdline.h @@ -49,6 +49,9 @@ struct ldb_cmdline { struct ldb_cmdline *ldb_cmdline_process_search(struct ldb_context *ldb, int argc, const char **argv, void (*usage)(struct ldb_context *)); +struct ldb_cmdline *ldb_cmdline_process_edit(struct ldb_context *ldb, + int argc, const char **argv, + void (*usage)(struct ldb_context *)); struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, int argc, const char **argv, void (*usage)(struct ldb_context *)); diff --git a/lib/ldb/tools/ldbedit.c b/lib/ldb/tools/ldbedit.c index 5b837834482..497ef970244 100644 --- a/lib/ldb/tools/ldbedit.c +++ b/lib/ldb/tools/ldbedit.c @@ -327,7 +327,7 @@ int main(int argc, const char **argv) return LDB_ERR_OPERATIONS_ERROR; } - options = ldb_cmdline_process(ldb, argc, argv, usage); + options = ldb_cmdline_process_edit(ldb, argc, argv, usage); /* the check for '=' is for compatibility with ldapsearch */ if (options->argc > 0 && diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index 824a4612f5a..589323ca320 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -4601,6 +4601,17 @@ static int replmd_delete_internals(struct ldb_module *module, struct ldb_request el = &old_msg->elements[i]; sa = dsdb_attribute_by_lDAPDisplayName(schema, el->name); if (!sa) { + const char *old_dn_str + = ldb_dn_get_linearized(old_dn); + + ldb_asprintf_errstring(ldb, + __location__ + ": Attribute %s " + "not found in schema " + "when deleting %s. " + "Existing record is invalid", + el->name, + old_dn_str); talloc_free(tmp_ctx); return LDB_ERR_OPERATIONS_ERROR; } @@ -4777,8 +4788,42 @@ static int replmd_delete_internals(struct ldb_module *module, struct ldb_request ret = dsdb_module_modify(module, msg, dsdb_flags|DSDB_FLAG_OWN_MODULE, req); if (ret != LDB_SUCCESS) { - ldb_asprintf_errstring(ldb, "replmd_delete: Failed to modify object %s in delete - %s", - ldb_dn_get_linearized(old_dn), ldb_errstring(ldb)); + char *s = NULL; + /* + * This should not fail, so be quite verbose in the + * error handling if it fails + */ + if (strcmp(ldb_dn_get_linearized(old_dn), + ldb_dn_get_linearized(new_dn)) != 0) { + DBG_NOTICE("Failure to handle '%s' of object %s " + "after successful rename to %s. " + "Error during tombstone modificaton was: %s\n", + re_delete ? "re-delete" : "delete", + ldb_dn_get_linearized(new_dn), + ldb_dn_get_linearized(old_dn), + ldb_errstring(ldb)); + } else { + DBG_NOTICE("Failure to handle '%s' of object %s. " + "Error during tombstone modificaton was: %s\n", + re_delete ? "re-delete" : "delete", + ldb_dn_get_linearized(new_dn), + ldb_errstring(ldb)); + } + s = ldb_ldif_message_redacted_string(ldb_module_get_ctx(module), + tmp_ctx, + LDB_CHANGETYPE_MODIFY, + msg); + + DBG_INFO("Failed tombstone modify%s was:\n%s\n", + (dsdb_flags & DSDB_REPLMD_VANISH_LINKS) ? + " with VANISH_LINKS" : "", + s); + ldb_asprintf_errstring(ldb, + "replmd_delete: Failed to modify" + " object %s in '%s' - %s", + ldb_dn_get_linearized(old_dn), + re_delete ? "re-delete" : "delete", + ldb_errstring(ldb)); talloc_free(tmp_ctx); return ret; } -- Samba Shared Repository