The Samba-Bugzilla – Attachment 15242 Details for
Bug 13973
samba-tool fsmo transfer is not reliable for the dns related partitions
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch for Samba 4.10 (cherry-picked from master)
bug-13973-4.10.patch (text/plain), 10.02 KB, created by
Andrew Bartlett
on 2019-06-11 11:12:15 UTC
(
hide
)
Description:
patch for Samba 4.10 (cherry-picked from master)
Filename:
MIME Type:
Creator:
Andrew Bartlett
Created:
2019-06-11 11:12:15 UTC
Size:
10.02 KB
patch
obsolete
>From 9e35d733fa4e4c438d3328da78ace4292e295319 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?Bj=C3=B6rn=20Baumbach?= <bb@sernet.de> >Date: Fri, 24 May 2019 15:46:17 +0200 >Subject: [PATCH 1/5] s4:torture:fsmo.py: test role transfers of dns partitions >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973 > >Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> > >Signed-off-by: Björn Baumbach <bbaumbach@samba.org> >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 5e000a8487d788dd196980b77ec7299c8be74abf) >--- > selftest/knownfail.d/fsmo | 2 ++ > source4/torture/drs/python/fsmo.py | 10 ++++++++++ > 2 files changed, 12 insertions(+) > create mode 100644 selftest/knownfail.d/fsmo > >diff --git a/selftest/knownfail.d/fsmo b/selftest/knownfail.d/fsmo >new file mode 100644 >index 00000000000..da665d2251d >--- /dev/null >+++ b/selftest/knownfail.d/fsmo >@@ -0,0 +1,2 @@ >+^samba4.drs.fsmo.python.*.fsmo.DrsFsmoTestCase.test_DomainDnsZonesMasterTransfer >+^samba4.drs.fsmo.python.*.fsmo.DrsFsmoTestCase.test_ForestDnsZonesMasterTransfer >diff --git a/source4/torture/drs/python/fsmo.py b/source4/torture/drs/python/fsmo.py >index 744299cc610..32817dae24b 100644 >--- a/source4/torture/drs/python/fsmo.py >+++ b/source4/torture/drs/python/fsmo.py >@@ -52,6 +52,10 @@ class DrsFsmoTestCase(drs_base.DrsBaseTestCase): > self.infrastructure_dn = "CN=Infrastructure," + self.domain_dn > self.naming_dn = "CN=Partitions," + self.config_dn > self.rid_dn = "CN=RID Manager$,CN=System," + self.domain_dn >+ self.domain_dns_dn = ( >+ "CN=Infrastructure,DC=DomainDnsZones, %s" % self.domain_dn ) >+ self.forest_dns_dn = ( >+ "CN=Infrastructure,DC=ForestDnsZones, %s" % self.domain_dn ) > > def tearDown(self): > super(DrsFsmoTestCase, self).tearDown() >@@ -143,3 +147,9 @@ class DrsFsmoTestCase(drs_base.DrsBaseTestCase): > > def test_NamingMasterTransfer(self): > self._role_transfer(role="naming", role_dn=self.naming_dn) >+ >+ def test_DomainDnsZonesMasterTransfer(self): >+ self._role_transfer(role="domaindns", role_dn=self.domain_dns_dn) >+ >+ def test_ForestDnsZonesMasterTransfer(self): >+ self._role_transfer(role="forestdns", role_dn=self.forest_dns_dn) >-- >2.17.1 > > >From e951441eefc5558c7cfaae007520196ba163648e Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Tue, 28 May 2019 14:53:09 +0200 >Subject: [PATCH 2/5] samba-tool: fix replication after dns partition fsmo role > transfer > >The new role owner need to replicate from the old role owner. > >Before we told the old role owner to replicate from itself. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 4793f8ed584a4e6d8a26b06b691ec636e77d8f2a) >--- > python/samba/netcmd/fsmo.py | 4 +++- > selftest/knownfail.d/fsmo | 2 -- > 2 files changed, 3 insertions(+), 3 deletions(-) > delete mode 100644 selftest/knownfail.d/fsmo > >diff --git a/python/samba/netcmd/fsmo.py b/python/samba/netcmd/fsmo.py >index b916f9c97b8..c5c69794409 100644 >--- a/python/samba/netcmd/fsmo.py >+++ b/python/samba/netcmd/fsmo.py >@@ -65,6 +65,8 @@ def transfer_dns_role(outf, sambaopts, credopts, role, samdb): > forest_dn = samba.dn_from_dns_name(samdb.forest_dns_name()) > role_object = "CN=Infrastructure,DC=ForestDnsZones," + forest_dn > >+ new_host_dns_name = samdb.host_dns_name() >+ > res = samdb.search(role_object, > attrs=["fSMORoleOwner"], > scope=ldb.SCOPE_BASE, >@@ -129,7 +131,7 @@ def transfer_dns_role(outf, sambaopts, credopts, role, samdb): > raise CommandError("Failed to add role '%s': %s" % (role, msg)) > > try: >- connection = samba.drs_utils.drsuapi_connect(samdb.host_dns_name(), >+ connection = samba.drs_utils.drsuapi_connect(new_host_dns_name, > lp, creds) > except samba.drs_utils.drsException as e: > raise CommandError("Drsuapi Connect failed", e) >diff --git a/selftest/knownfail.d/fsmo b/selftest/knownfail.d/fsmo >deleted file mode 100644 >index da665d2251d..00000000000 >--- a/selftest/knownfail.d/fsmo >+++ /dev/null >@@ -1,2 +0,0 @@ >-^samba4.drs.fsmo.python.*.fsmo.DrsFsmoTestCase.test_DomainDnsZonesMasterTransfer >-^samba4.drs.fsmo.python.*.fsmo.DrsFsmoTestCase.test_ForestDnsZonesMasterTransfer >-- >2.17.1 > > >From 274a1bc7ded364f894137aa3ac09ae2c5d90d597 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?Bj=C3=B6rn=20Baumbach?= <bb@sernet.de> >Date: Tue, 28 May 2019 14:57:15 +0200 >Subject: [PATCH 3/5] s4:torture:fsmo.py: remove unused 'net_cmd' variable >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973 > >Signed-off-by: Björn Baumbach <bbaumbach@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 0fbb013bef886e425602fdbbef14a4029719818f) >--- > source4/torture/drs/python/fsmo.py | 2 -- > 1 file changed, 2 deletions(-) > >diff --git a/source4/torture/drs/python/fsmo.py b/source4/torture/drs/python/fsmo.py >index 32817dae24b..f846ca71611 100644 >--- a/source4/torture/drs/python/fsmo.py >+++ b/source4/torture/drs/python/fsmo.py >@@ -61,8 +61,6 @@ class DrsFsmoTestCase(drs_base.DrsBaseTestCase): > super(DrsFsmoTestCase, self).tearDown() > > def _net_fsmo_role_transfer(self, DC, role, noop=False): >- # find out where is samba-tool command >- net_cmd = os.path.abspath("./bin/samba-tool") > # make command line credentials string > ccache_name = self.get_creds_ccache_name() > cmd_line_auth = "--krb5-ccache=%s" % ccache_name >-- >2.17.1 > > >From dfecc3f6c5034420f7f831c4e09db7c8bb832bf9 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Tue, 28 May 2019 14:54:19 +0200 >Subject: [PATCH 4/5] samba-tool: use only one LDAP modify for dns partition > fsmo role transfer > >We should not risk that we end with no role owner. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 6a2e3a15585086bcceb18283216978a2fcb30da3) >--- > python/samba/netcmd/fsmo.py | 22 ++++++---------------- > 1 file changed, 6 insertions(+), 16 deletions(-) > >diff --git a/python/samba/netcmd/fsmo.py b/python/samba/netcmd/fsmo.py >index c5c69794409..4061bad4322 100644 >--- a/python/samba/netcmd/fsmo.py >+++ b/python/samba/netcmd/fsmo.py >@@ -108,22 +108,12 @@ def transfer_dns_role(outf, sambaopts, credopts, role, samdb): > > m = ldb.Message() > m.dn = ldb.Dn(samdb, role_object) >- m["fSMORoleOwner"] = ldb.MessageElement(master_owner, >- ldb.FLAG_MOD_DELETE, >- "fSMORoleOwner") >- >- try: >- samdb.modify(m) >- except LdbError as e4: >- (num, msg) = e4.args >- raise CommandError("Failed to delete role '%s': %s" % >- (role, msg)) >- >- m = ldb.Message() >- m.dn = ldb.Dn(samdb, role_object) >- m["fSMORoleOwner"] = ldb.MessageElement(new_owner, >- ldb.FLAG_MOD_ADD, >- "fSMORoleOwner") >+ m["fSMORoleOwner_Del"] = ldb.MessageElement(master_owner, >+ ldb.FLAG_MOD_DELETE, >+ "fSMORoleOwner") >+ m["fSMORoleOwner_Add"] = ldb.MessageElement(new_owner, >+ ldb.FLAG_MOD_ADD, >+ "fSMORoleOwner") > try: > samdb.modify(m) > except LdbError as e5: >-- >2.17.1 > > >From 6023cfc8d34a392947ff9cd85c0d8c55ea626768 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?Bj=C3=B6rn=20Baumbach?= <bb@sernet.de> >Date: Tue, 28 May 2019 14:52:36 +0200 >Subject: [PATCH 5/5] samba-tool: add 'import samba.drs_utils' to fsmo.py >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >On some systems we're seeing this: > > ERROR(<type 'exceptions.AttributeError'>): uncaught exception - 'module' object has no attribute 'drs_utils' > File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 185, in _run > return self.run(*args, **kwargs) > File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line 533, in run > transfer_dns_role(self.outf, sambaopts, credopts, role, samdb) > File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line 136, in transfer_dns_role > except samba.drs_utils.drsException as e: > >E.g. it happens on debian stretch (9.9) with python 2.7.13 (on 4.10.4) > >While it doesn't happen on ubuntu 18.04 with python 2.7.15rc1 or >with python 3.6.7. > >There were also some reports on the mailing lists, see: >https://lists.samba.org/archive/samba-technical/2019-May/133624.html > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973 > >Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> > >Signed-off-by: Björn Baumbach <bbaumbach@samba.org> >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> > >Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> >Autobuild-Date(master): Thu May 30 08:27:24 UTC 2019 on sn-devel-184 > >(cherry picked from commit 320a5c5425e6ced18b1a9bf19b4f361ee16821ed) >--- > python/samba/netcmd/fsmo.py | 1 + > 1 file changed, 1 insertion(+) > >diff --git a/python/samba/netcmd/fsmo.py b/python/samba/netcmd/fsmo.py >index 4061bad4322..643d0aec1b6 100644 >--- a/python/samba/netcmd/fsmo.py >+++ b/python/samba/netcmd/fsmo.py >@@ -23,6 +23,7 @@ import ldb > from ldb import LdbError > from samba.dcerpc import drsuapi, misc > from samba.auth import system_session >+import samba.drs_utils > from samba.netcmd import ( > Command, > CommandError, >-- >2.17.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=15242">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
metze
:
review+
Actions:
View
Attachments on
bug 13973
: 15242 |
15275