From ce406eb31e051d199218c9bf6c872bc5e1349cfb Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Sat, 7 Aug 2021 10:51:38 +0000 Subject: [PATCH 1/2] s3/lib/dbwrap: check if global_messaging_context() succeeded The subsequent messaging_ctdb_connection() will fail an assert if messaging is not up and running, maybe it's a bit better to add a check if global_messaging_context() actually succeeded. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14787 Signed-off-by: Ralph Boehme Reviewed-by: Andreas Schneider (cherry picked from commit fd19cae8d2f21977d8285efd3f29e2b480d241e9) --- source3/lib/dbwrap/dbwrap_open.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/source3/lib/dbwrap/dbwrap_open.c b/source3/lib/dbwrap/dbwrap_open.c index 1d8c40af75e..52c8a94aeff 100644 --- a/source3/lib/dbwrap/dbwrap_open.c +++ b/source3/lib/dbwrap/dbwrap_open.c @@ -149,6 +149,10 @@ struct db_context *db_open(TALLOC_CTX *mem_ctx, * to be initialized. */ msg_ctx = global_messaging_context(); + if (msg_ctx == NULL) { + DBG_ERR("Failed to initialize messaging\n"); + return NULL; + } conn = messaging_ctdb_connection(); if (conn == NULL) { -- 2.31.1 From 621370db7b570a048b53f5eda62fd0c932e5fc39 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Sat, 7 Aug 2021 10:52:28 +0000 Subject: [PATCH 2/2] registry: check for running as root in clustering mode MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit BUG: https://bugzilla.samba.org/show_bug.cgi?id=14787 RN: net conf list crashes when run as normal user Signed-off-by: Ralph Boehme Reviewed-by: Andreas Schneider Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Tue Aug 17 11:23:15 UTC 2021 on sn-devel-184 (cherry picked from commit 4809f4a6ee971bcd9767839c729b636b7582fc02) --- source3/registry/reg_backend_db.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/source3/registry/reg_backend_db.c b/source3/registry/reg_backend_db.c index c870dc57ed6..423b310fe8a 100644 --- a/source3/registry/reg_backend_db.c +++ b/source3/registry/reg_backend_db.c @@ -733,6 +733,15 @@ WERROR regdb_init(void) return WERR_OK; } + /* + * Clustered Samba can only work as root because we need messaging to + * talk to ctdb which only works as root. + */ + if (lp_clustering() && geteuid() != 0) { + DBG_ERR("Cluster mode requires running as root.\n"); + return WERR_ACCESS_DENIED; + } + db_path = state_path(talloc_tos(), "registry.tdb"); if (db_path == NULL) { return WERR_NOT_ENOUGH_MEMORY; -- 2.31.1