The Samba-Bugzilla – Attachment 10089 Details for
Bug 10703
backport provision fixes from master
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patches for v4-1-test
tmp41.diff (text/plain), 12.89 KB, created by
Stefan Metzmacher
on 2014-07-08 17:23:16 UTC
(
hide
)
Description:
Patches for v4-1-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2014-07-08 17:23:16 UTC
Size:
12.89 KB
patch
obsolete
>From bf13fec51bd667eaea85e753404a50daa1293785 Mon Sep 17 00:00:00 2001 >From: Garming Sam <garming@catalyst.net.nz> >Date: Wed, 27 Nov 2013 15:26:14 +1300 >Subject: [PATCH 1/4] provision: Fix failures on re-provision incorrectly > blamed on posix acl support. > >By doing the test later, there is an actual sam.ldb file that can be connected to. > >Signed-off-by: Garming Sam <garming@catalyst.net.nz> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Jelmer Vernooij <jelmer@samba.org> >(cherry picked from commit a89060a0217f8740798d1dac4466222301a4d81b) >--- > python/samba/provision/__init__.py | 51 +++++++++++++++++++------------------- > 1 file changed, 25 insertions(+), 26 deletions(-) > >diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py >index 46d2cbc..d2a8a57 100644 >--- a/python/samba/provision/__init__.py >+++ b/python/samba/provision/__init__.py >@@ -1527,6 +1527,31 @@ def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain, > s4_passdb = None > > if not use_ntvfs: >+ s3conf = s3param.get_context() >+ s3conf.load(lp.configfile) >+ >+ file = tempfile.NamedTemporaryFile(dir=os.path.abspath(sysvol)) >+ try: >+ try: >+ smbd.set_simple_acl(file.name, 0755, gid) >+ except Exception: >+ if not smbd.have_posix_acls(): >+ # This clue is only strictly correct for RPM and >+ # Debian-like Linux systems, but hopefully other users >+ # will get enough clue from it. >+ raise ProvisioningError("Samba was compiled without the posix ACL support that s3fs requires. " >+ "Try installing libacl1-dev or libacl-devel, then re-run configure and make.") >+ >+ raise ProvisioningError("Your filesystem or build does not support posix ACLs, which s3fs requires. " >+ "Try the mounting the filesystem with the 'acl' option.") >+ try: >+ smbd.chown(file.name, uid, gid) >+ except Exception: >+ raise ProvisioningError("Unable to chown a file on your filesystem. " >+ "You may not be running provision as root.") >+ finally: >+ file.close() >+ > # This will ensure that the smbd code we are running when setting ACLs > # is initialised with the smb.conf > s3conf = s3param.get_context() >@@ -2031,32 +2056,6 @@ def provision(logger, session_info, credentials, smbconf=None, > if paths.sysvol and not os.path.exists(paths.sysvol): > os.makedirs(paths.sysvol, 0775) > >- if not use_ntvfs and serverrole == "active directory domain controller": >- s3conf = s3param.get_context() >- s3conf.load(lp.configfile) >- >- if paths.sysvol is None: >- raise MissingShareError("sysvol", paths.smbconf) >- >- file = tempfile.NamedTemporaryFile(dir=os.path.abspath(paths.sysvol)) >- try: >- try: >- smbd.set_simple_acl(file.name, 0755, root_gid) >- except Exception: >- if not smbd.have_posix_acls(): >- # This clue is only strictly correct for RPM and >- # Debian-like Linux systems, but hopefully other users >- # will get enough clue from it. >- raise ProvisioningError("Samba was compiled without the posix ACL support that s3fs requires. Try installing libacl1-dev or libacl-devel, then re-run configure and make.") >- >- raise ProvisioningError("Your filesystem or build does not support posix ACLs, which s3fs requires. Try the mounting the filesystem with the 'acl' option.") >- try: >- smbd.chown(file.name, root_uid, root_gid) >- except Exception: >- raise ProvisioningError("Unable to chown a file on your filesystem. You may not be running provision as root.") >- finally: >- file.close() >- > ldapi_url = "ldapi://%s" % urllib.quote(paths.s4_ldapi_path, safe="") > > schema = Schema(domainsid, invocationid=invocationid, >-- >1.9.1 > > >From 9dc6de91a6f2a2b09a4f8ead12a6c0ba2fb88dc2 Mon Sep 17 00:00:00 2001 >From: Garming Sam <garming@catalyst.net.nz> >Date: Wed, 5 Feb 2014 15:29:18 +1300 >Subject: [PATCH 2/4] provision: improve error message when connecting to samdb > without the correct permissions > >Signed-off-by: Garming Sam <garming@catalyst.net.nz> >Signed-off-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Jelmer Vernooij <jelmer@samba.org> >(cherry picked from commit b27543aa729ca893270831d5c4fc74ea7ac6d407) >--- > python/samba/provision/__init__.py | 8 +++++++- > 1 file changed, 7 insertions(+), 1 deletion(-) > >diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py >index d2a8a57..af0e080 100644 >--- a/python/samba/provision/__init__.py >+++ b/python/samba/provision/__init__.py >@@ -1199,7 +1199,13 @@ def setup_samdb(path, session_info, provision_backend, lp, names, > > # And now we can connect to the DB - the schema won't be loaded from the > # DB >- samdb.connect(path) >+ try: >+ samdb.connect(path) >+ except ldb.LdbError, (num, string_error): >+ if (num == ldb.ERR_INSUFFICIENT_ACCESS_RIGHTS): >+ raise ProvisioningError("Permission denied connecting to %s, are you running as root?" % path) >+ else: >+ raise > > # But we have to give it one more kick to have it use the schema > # during provision - it needs, now that it is connected, to write >-- >1.9.1 > > >From a6823236c001f7184b3948759c16b1a1db466c4e Mon Sep 17 00:00:00 2001 >From: Garming Sam <garming@catalyst.net.nz> >Date: Wed, 5 Feb 2014 15:31:22 +1300 >Subject: [PATCH 3/4] pysmbd: improve the return of error codes in the python > smbd bindings > >Signed-off-by: Garming Sam <garming@catalyst.net.nz> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Jelmer Vernooij <jelmer@samba.org> >(cherry picked from commit ad773cc01435e65fa5d8e84758b0642069e96c40) >--- > source3/smbd/pysmbd.c | 58 ++++++++++++++++++++++++--------------------------- > 1 file changed, 27 insertions(+), 31 deletions(-) > >diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c >index 683c48c..df0f430 100644 >--- a/source3/smbd/pysmbd.c >+++ b/source3/smbd/pysmbd.c >@@ -76,11 +76,10 @@ static connection_struct *get_conn(TALLOC_CTX *mem_ctx, const char *service) > return conn; > } > >-static NTSTATUS set_sys_acl_conn(const char *fname, >+static int set_sys_acl_conn(const char *fname, > SMB_ACL_TYPE_T acltype, > SMB_ACL_T theacl, connection_struct *conn) > { >- NTSTATUS status = NT_STATUS_OK; > int ret; > mode_t saved_umask; > >@@ -91,16 +90,11 @@ static NTSTATUS set_sys_acl_conn(const char *fname, > saved_umask = umask(0); > > ret = SMB_VFS_SYS_ACL_SET_FILE( conn, fname, acltype, theacl); >- if (ret != 0) { >- status = map_nt_error_from_unix_common(ret); >- DEBUG(0,("set_sys_acl_conn: SMB_VFS_SYS_ACL_SET_FILE " >- "returned zero.\n")); >- } > > umask(saved_umask); > > TALLOC_FREE(frame); >- return status; >+ return ret; > } > > static NTSTATUS set_nt_acl_conn(const char *fname, >@@ -319,8 +313,8 @@ static SMB_ACL_T make_simple_acl(gid_t gid, mode_t chmod_mode) > static PyObject *py_smbd_set_simple_acl(PyObject *self, PyObject *args, PyObject *kwargs) > { > const char * const kwnames[] = { "fname", "mode", "gid", "service", NULL }; >- NTSTATUS status; > char *fname, *service = NULL; >+ int ret; > int mode, gid = -1; > SMB_ACL_T acl; > TALLOC_CTX *frame; >@@ -340,12 +334,16 @@ static PyObject *py_smbd_set_simple_acl(PyObject *self, PyObject *args, PyObject > return NULL; > } > >- status = set_sys_acl_conn(fname, SMB_ACL_TYPE_ACCESS, acl, conn); >+ ret = set_sys_acl_conn(fname, SMB_ACL_TYPE_ACCESS, acl, conn); > TALLOC_FREE(acl); > >- TALLOC_FREE(frame); >+ if (ret != 0) { >+ TALLOC_FREE(frame); >+ errno = ret; >+ return PyErr_SetFromErrno(PyExc_OSError); >+ } > >- PyErr_NTSTATUS_IS_ERR_RAISE(status); >+ TALLOC_FREE(frame); > > Py_RETURN_NONE; > } >@@ -357,7 +355,6 @@ static PyObject *py_smbd_chown(PyObject *self, PyObject *args, PyObject *kwargs) > { > const char * const kwnames[] = { "fname", "uid", "gid", "service", NULL }; > connection_struct *conn; >- NTSTATUS status = NT_STATUS_OK; > int ret; > > char *fname, *service = NULL; >@@ -383,27 +380,26 @@ static PyObject *py_smbd_chown(PyObject *self, PyObject *args, PyObject *kwargs) > > ret = SMB_VFS_CHOWN( conn, fname, uid, gid); > if (ret != 0) { >- status = map_nt_error_from_unix_common(errno); >- DEBUG(0,("chown returned failure: %s\n", strerror(errno))); >+ umask(saved_umask); >+ TALLOC_FREE(frame); >+ errno = ret; >+ return PyErr_SetFromErrno(PyExc_OSError); > } > > umask(saved_umask); > > TALLOC_FREE(frame); > >- PyErr_NTSTATUS_IS_ERR_RAISE(status); >- > Py_RETURN_NONE; > } > > /* >- chown a file >+ unlink a file > */ > static PyObject *py_smbd_unlink(PyObject *self, PyObject *args, PyObject *kwargs) > { > const char * const kwnames[] = { "fname", "service", NULL }; > connection_struct *conn; >- NTSTATUS status = NT_STATUS_OK; > int ret; > struct smb_filename *smb_fname = NULL; > char *fname, *service = NULL; >@@ -427,19 +423,18 @@ static PyObject *py_smbd_unlink(PyObject *self, PyObject *args, PyObject *kwargs > smb_fname = synthetic_smb_fname_split(frame, fname, NULL); > if (smb_fname == NULL) { > TALLOC_FREE(frame); >- PyErr_NTSTATUS_IS_ERR_RAISE(NT_STATUS_NO_MEMORY); >+ return PyErr_NoMemory(); > } > > ret = SMB_VFS_UNLINK(conn, smb_fname); > if (ret != 0) { >- status = map_nt_error_from_unix_common(errno); >- DEBUG(0,("unlink returned failure: %s\n", strerror(errno))); >+ TALLOC_FREE(frame); >+ errno = ret; >+ return PyErr_SetFromErrno(PyExc_OSError); > } > > TALLOC_FREE(frame); > >- PyErr_NTSTATUS_IS_ERR_RAISE(status); >- > Py_RETURN_NONE; > } > >@@ -541,7 +536,7 @@ static PyObject *py_smbd_set_sys_acl(PyObject *self, PyObject *args, PyObject *k > { > const char * const kwnames[] = { "fname", "acl_type", "acl", "service", NULL }; > TALLOC_CTX *frame = talloc_stackframe(); >- NTSTATUS status; >+ int ret; > char *fname, *service = NULL; > PyObject *py_acl; > struct smb_acl_t *acl; >@@ -568,8 +563,12 @@ static PyObject *py_smbd_set_sys_acl(PyObject *self, PyObject *args, PyObject *k > > acl = pytalloc_get_type(py_acl, struct smb_acl_t); > >- status = set_sys_acl_conn(fname, acl_type, acl, conn); >- PyErr_NTSTATUS_IS_ERR_RAISE(status); >+ ret = set_sys_acl_conn(fname, acl_type, acl, conn); >+ if (ret != 0) { >+ TALLOC_FREE(frame); >+ errno = ret; >+ return PyErr_SetFromErrno(PyExc_OSError); >+ } > > TALLOC_FREE(frame); > Py_RETURN_NONE; >@@ -588,7 +587,6 @@ static PyObject *py_smbd_get_sys_acl(PyObject *self, PyObject *args, PyObject *k > TALLOC_CTX *frame = talloc_stackframe(); > TALLOC_CTX *tmp_ctx = talloc_new(NULL); > connection_struct *conn; >- NTSTATUS status = NT_STATUS_OK; > char *service = NULL; > if (!tmp_ctx) { > PyErr_NoMemory(); >@@ -614,9 +612,7 @@ static PyObject *py_smbd_get_sys_acl(PyObject *self, PyObject *args, PyObject *k > if (!acl) { > TALLOC_FREE(frame); > TALLOC_FREE(tmp_ctx); >- status = map_nt_error_from_unix_common(errno); >- DEBUG(0,("sys_acl_get_file returned NULL: %s\n", strerror(errno))); >- PyErr_NTSTATUS_IS_ERR_RAISE(status); >+ return PyErr_SetFromErrno(PyExc_OSError); > } > > py_acl = py_return_ndr_struct("samba.dcerpc.smb_acl", "t", acl, acl); >-- >1.9.1 > > >From e37be3edd622b1ec699d2387dd8817e59676d62b Mon Sep 17 00:00:00 2001 >From: Garming Sam <garming@catalyst.net.nz> >Date: Wed, 5 Feb 2014 15:40:59 +1300 >Subject: [PATCH 4/4] provision: capture slightly less generic exceptions > during the test for acls > >Signed-off-by: Garming Sam <garming@catalyst.net.nz> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Jelmer Vernooij <jelmer@samba.org> >(cherry picked from commit f279a297a4a94c5cbc049c9b2cde14b02960a76f) >--- > python/samba/provision/__init__.py | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > >diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py >index af0e080..f11f3c4 100644 >--- a/python/samba/provision/__init__.py >+++ b/python/samba/provision/__init__.py >@@ -1540,7 +1540,7 @@ def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain, > try: > try: > smbd.set_simple_acl(file.name, 0755, gid) >- except Exception: >+ except OSError: > if not smbd.have_posix_acls(): > # This clue is only strictly correct for RPM and > # Debian-like Linux systems, but hopefully other users >@@ -1552,7 +1552,7 @@ def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain, > "Try the mounting the filesystem with the 'acl' option.") > try: > smbd.chown(file.name, uid, gid) >- except Exception: >+ except OSError: > raise ProvisioningError("Unable to chown a file on your filesystem. " > "You may not be running provision as root.") > finally: >-- >1.9.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
abartlet
:
review+
Actions:
View
Attachments on
bug 10703
: 10089