The Samba-Bugzilla – Attachment 6151 Details for
Bug 7871
net ads: dynamic dns updates registers wrong list of addresses if "clustering = yes"
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Backport Patch for v3-5-test
tmp.diff (text/plain), 12.63 KB, created by
Stefan Metzmacher
on 2010-12-18 02:40:43 UTC
(
hide
)
Description:
Backport Patch for v3-5-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2010-12-18 02:40:43 UTC
Size:
12.63 KB
patch
obsolete
>From e224b0cce6f0e707b29d1cacf88b0cb3a8593621 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Fri, 10 Dec 2010 15:08:53 +1100 >Subject: [PATCH 1/5] s3-net Allow 'net ads dns register' to take an optional hostname argument > >This allows the administrator to more carefully chose what name to register. > >Andrew Bartlett >(cherry picked from commit c2a1ad9047508cf2745a9019e6783c8b8f7ef475) >(cherry picked from commit 10c5a59315ef69eeb4d8bc19237de9787284a63d) > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >--- > source3/utils/net_ads.c | 16 ++++++++++------ > 1 files changed, 10 insertions(+), 6 deletions(-) > >diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c >index b618ab8..6b354ed 100644 >--- a/source3/utils/net_ads.c >+++ b/source3/utils/net_ads.c >@@ -1197,14 +1197,18 @@ done: > return status; > } > >-static NTSTATUS net_update_dns(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads) >+static NTSTATUS net_update_dns(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char *hostname) > { > int num_addrs; > struct sockaddr_storage *iplist = NULL; > fstring machine_name; > NTSTATUS status; > >- name_to_fqdn( machine_name, global_myname() ); >+ if (hostname) { >+ fstrcpy(machine_name, hostname); >+ } else { >+ name_to_fqdn( machine_name, global_myname() ); >+ } > strlower_m( machine_name ); > > /* Get our ip address (not the 127.0.0.x address but a real ip >@@ -1394,7 +1398,7 @@ int net_ads_join(struct net_context *c, int argc, const char **argv) > ads_kinit_password( ads_dns ); > } > >- if ( !ads_dns || !NT_STATUS_IS_OK(net_update_dns( ctx, ads_dns )) ) { >+ if ( !ads_dns || !NT_STATUS_IS_OK(net_update_dns( ctx, ads_dns, NULL)) ) { > d_fprintf( stderr, _("DNS update failed!\n") ); > } > >@@ -1431,9 +1435,9 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar > talloc_enable_leak_report(); > #endif > >- if (argc > 0 || c->display_usage) { >+ if (argc > 1 || c->display_usage) { > d_printf( "%s\n" >- "net ads dns register\n" >+ "net ads dns register [hostname]\n" > " %s\n", > _("Usage:"), > _("Register hostname with DNS\n")); >@@ -1452,7 +1456,7 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar > return -1; > } > >- if ( !NT_STATUS_IS_OK(net_update_dns(ctx, ads)) ) { >+ if ( !NT_STATUS_IS_OK(net_update_dns(ctx, ads, argc == 1 ? argv[0] : NULL)) ) { > d_fprintf( stderr, _("DNS update failed!\n") ); > ads_destroy( &ads ); > TALLOC_FREE( ctx ); >-- >1.7.0.4 > > >From d9adbf36673287c2b4de573e36e7cd9e7e0f1851 Mon Sep 17 00:00:00 2001 >From: Michael Adam <obnox@samba.org> >Date: Thu, 2 Dec 2010 00:42:21 +0100 >Subject: [PATCH 2/5] s3:net: disable dynamic dns updates at the end of "net ads join" in a cluster (bug #7871) > >In a clustered environment, registering the set of ip addresses that are >assigned to the interfaces of the node that performs the join does usually >not have the desired effect, since the local interfaces do not carry >complete set of the cluster's public IP addresses. And it can also contain >internal addresses that should not be visible to the outside at all. >In order to do dns updates in a clustererd setup, use net ads dns register. > >This fixes the net ads join part of bug #7871. > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit b8f19df53e66bf0260b4ae6c49acea87ac379deb) >(cherry picked from commit 1c73d52ddddfcec25cf079da4a0d6bf81fb030da) >--- > source3/utils/net_ads.c | 19 +++++++++++++++++++ > 1 files changed, 19 insertions(+), 0 deletions(-) > >diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c >index 6b354ed..8c04eda 100644 >--- a/source3/utils/net_ads.c >+++ b/source3/utils/net_ads.c >@@ -1380,6 +1380,23 @@ int net_ads_join(struct net_context *c, int argc, const char **argv) > } > > #if defined(WITH_DNS_UPDATES) >+ /* >+ * In a clustered environment, don't do dynamic dns updates: >+ * Registering the set of ip addresses that are assigned to >+ * the interfaces of the node that performs the join does usually >+ * not have the desired effect, since the local interfaces do not >+ * carry the complete set of the cluster's public IP addresses. >+ * And it can also contain internal addresses that should not >+ * be visible to the outside at all. >+ * In order to do dns updates in a clustererd setup, use >+ * net ads dns register. >+ */ >+ if (lp_clustering()) { >+ d_fprintf(stderr, _("Not doing automatic DNS update in a" >+ "clustered setup.\n")); >+ goto done; >+ } >+ > if (r->out.domain_is_ad) { > /* We enter this block with user creds */ > ADS_STRUCT *ads_dns = NULL; >@@ -1406,6 +1423,8 @@ int net_ads_join(struct net_context *c, int argc, const char **argv) > ads_destroy(&ads_dns); > } > #endif >+ >+done: > TALLOC_FREE(r); > TALLOC_FREE( ctx ); > >-- >1.7.0.4 > > >From 63e5b2da3f1f289fca28ddf01f678e839d993efa Mon Sep 17 00:00:00 2001 >From: Michael Adam <obnox@samba.org> >Date: Thu, 16 Dec 2010 00:52:41 +0100 >Subject: [PATCH 3/5] s3:net: add net_update_dns_ext() that accepts a list of addresses as parameter (bug# 7871) > >This generalized form of net_update_dns() will be used to >add support for specifying a list of addresses on the commandline >of "net ads dns register". > >This prepares the "net ads dns register" part of the fix for bug #7871. > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 4d91f98b433e07922373bf4e3ba9668b7af71a00) >(cherry picked from commit 4b7775500b1055acf62decbc0fc8283b088da452) >--- > source3/utils/net_ads.c | 39 +++++++++++++++++++++++++++------------ > 1 files changed, 27 insertions(+), 12 deletions(-) > >diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c >index 8c04eda..75b115e 100644 >--- a/source3/utils/net_ads.c >+++ b/source3/utils/net_ads.c >@@ -1197,10 +1197,12 @@ done: > return status; > } > >-static NTSTATUS net_update_dns(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char *hostname) >+static NTSTATUS net_update_dns_ext(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, >+ const char *hostname, >+ struct sockaddr_storage *iplist, >+ int num_addrs) > { >- int num_addrs; >- struct sockaddr_storage *iplist = NULL; >+ struct sockaddr_storage *iplist_alloc = NULL; > fstring machine_name; > NTSTATUS status; > >@@ -1211,19 +1213,32 @@ static NTSTATUS net_update_dns(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char > } > strlower_m( machine_name ); > >- /* Get our ip address (not the 127.0.0.x address but a real ip >- * address) */ >- >- num_addrs = get_my_ip_address( &iplist ); >- if ( num_addrs <= 0 ) { >- DEBUG(4,("net_update_dns: Failed to find my non-loopback IP " >- "addresses!\n")); >- return NT_STATUS_INVALID_PARAMETER; >+ if (num_addrs == 0 || iplist == NULL) { >+ /* >+ * Get our ip address >+ * (not the 127.0.0.x address but a real ip address) >+ */ >+ num_addrs = get_my_ip_address(&iplist_alloc); >+ if ( num_addrs <= 0 ) { >+ DEBUG(4, ("net_update_dns_ext: Failed to find my " >+ "non-loopback IP addresses!\n")); >+ return NT_STATUS_INVALID_PARAMETER; >+ } >+ iplist = iplist_alloc; > } > > status = net_update_dns_internal(mem_ctx, ads, machine_name, > iplist, num_addrs); >- SAFE_FREE( iplist ); >+ >+ SAFE_FREE(iplist_alloc); >+ return status; >+} >+ >+static NTSTATUS net_update_dns(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char *hostname) >+{ >+ NTSTATUS status; >+ >+ status = net_update_dns_ext(mem_ctx, ads, hostname, NULL, 0); > return status; > } > #endif >-- >1.7.0.4 > > >From 9d178a309915d83f25b8d772318dd13d5e383f23 Mon Sep 17 00:00:00 2001 >From: Michael Adam <obnox@samba.org> >Date: Thu, 16 Dec 2010 01:49:14 +0100 >Subject: [PATCH 4/5] s3:net ads dns register: add support for specifying addresse on the commandline (bug #7871) > >In the clustering case, this is also made the only possiblity to do dns updates, >since the list addresses on the local interfaces is not suitable in that case. > >This fixes the "net ads dns register" part of bug #7871. >It might be extended by a parsing of the "cluster addresses" setting. > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 5e83a05009787d8a2086db1adc1ed58d61b3725d) >(cherry picked from commit 9ed3d33fb3d7365a127ea2752032840272697902) >--- > source3/utils/net_ads.c | 43 ++++++++++++++++++++++++++++++++++++++++--- > 1 files changed, 40 insertions(+), 3 deletions(-) > >diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c >index 75b115e..a432570 100644 >--- a/source3/utils/net_ads.c >+++ b/source3/utils/net_ads.c >@@ -1463,15 +1463,27 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar > #if defined(WITH_DNS_UPDATES) > ADS_STRUCT *ads; > ADS_STATUS status; >+ NTSTATUS ntstatus; > TALLOC_CTX *ctx; >+ const char *hostname = NULL; >+ struct sockaddr_storage *addrs = NULL; >+ int num_addrs = 0; >+ int count; > > #ifdef DEVELOPER > talloc_enable_leak_report(); > #endif > >- if (argc > 1 || c->display_usage) { >+ if (argc <= 1 && lp_clustering()) { >+ d_fprintf(stderr, _("Refusing DNS updates with automatic " >+ "detection of addresses in a clustered " >+ "setup.\n")); >+ c->display_usage = true; >+ } >+ >+ if (c->display_usage) { > d_printf( "%s\n" >- "net ads dns register [hostname]\n" >+ "net ads dns register [hostname [IP [IP...]]]\n" > " %s\n", > _("Usage:"), > _("Register hostname with DNS\n")); >@@ -1483,6 +1495,30 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar > return -1; > } > >+ if (argc >= 1) { >+ hostname = argv[0]; >+ } >+ >+ if (argc > 1) { >+ num_addrs = argc - 1; >+ addrs = talloc_zero_array(ctx, struct sockaddr_storage, num_addrs); >+ if (addrs == NULL) { >+ d_fprintf(stderr, _("Error allocating memory!\n")); >+ talloc_free(ctx); >+ return -1; >+ } >+ } >+ >+ for (count = 0; count < num_addrs; count++) { >+ if (!interpret_string_addr(&addrs[count], argv[count+1], 0)) { >+ d_fprintf(stderr, "%s '%s'.\n", >+ _("Cannot interpret address"), >+ argv[count+1]); >+ talloc_free(ctx); >+ return -1; >+ } >+ } >+ > status = ads_startup(c, true, &ads); > if ( !ADS_ERR_OK(status) ) { > DEBUG(1, ("error on ads_startup: %s\n", ads_errstr(status))); >@@ -1490,7 +1526,8 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar > return -1; > } > >- if ( !NT_STATUS_IS_OK(net_update_dns(ctx, ads, argc == 1 ? argv[0] : NULL)) ) { >+ ntstatus = net_update_dns_ext(ctx, ads, hostname, addrs, num_addrs); >+ if (!NT_STATUS_IS_OK(ntstatus)) { > d_fprintf( stderr, _("DNS update failed!\n") ); > ads_destroy( &ads ); > TALLOC_FREE( ctx ); >-- >1.7.0.4 > > >From 5f43fd1af200cb508520a41050f354f8ff02d7e6 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Thu, 16 Dec 2010 12:07:24 +0100 >Subject: [PATCH 5/5] s3:net ads dns register: use "cluster addresses" option if configured (bug #7871) > >metze > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Autobuild-User: Stefan Metzmacher <metze@samba.org> >Autobuild-Date: Fri Dec 17 16:49:14 CET 2010 on sn-devel-104 >(cherry picked from commit 1dc2fa7616207a2d3a9f1cbe69b2ec1fc61634fd) >(cherry picked from commit 9a40e5f6a500571cc752383ca7fa27347e4efa45) >--- > source3/utils/net_ads.c | 14 +++++++++++--- > 1 files changed, 11 insertions(+), 3 deletions(-) > >diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c >index a432570..83aef18 100644 >--- a/source3/utils/net_ads.c >+++ b/source3/utils/net_ads.c >@@ -1466,6 +1466,7 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar > NTSTATUS ntstatus; > TALLOC_CTX *ctx; > const char *hostname = NULL; >+ const char **addrs_list = NULL; > struct sockaddr_storage *addrs = NULL; > int num_addrs = 0; > int count; >@@ -1474,7 +1475,7 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar > talloc_enable_leak_report(); > #endif > >- if (argc <= 1 && lp_clustering()) { >+ if (argc <= 1 && lp_clustering() && lp_cluster_addresses() == NULL) { > d_fprintf(stderr, _("Refusing DNS updates with automatic " > "detection of addresses in a clustered " > "setup.\n")); >@@ -1501,6 +1502,13 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar > > if (argc > 1) { > num_addrs = argc - 1; >+ addrs_list = &argv[1]; >+ } else if (lp_clustering()) { >+ addrs_list = lp_cluster_addresses(); >+ num_addrs = str_list_length(addrs_list); >+ } >+ >+ if (num_addrs > 0) { > addrs = talloc_zero_array(ctx, struct sockaddr_storage, num_addrs); > if (addrs == NULL) { > d_fprintf(stderr, _("Error allocating memory!\n")); >@@ -1510,10 +1518,10 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar > } > > for (count = 0; count < num_addrs; count++) { >- if (!interpret_string_addr(&addrs[count], argv[count+1], 0)) { >+ if (!interpret_string_addr(&addrs[count], addrs_list[count], 0)) { > d_fprintf(stderr, "%s '%s'.\n", > _("Cannot interpret address"), >- argv[count+1]); >+ addrs_list[count]); > talloc_free(ctx); > return -1; > } >-- >1.7.0.4 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
obnox
:
review+
Actions:
View
Attachments on
bug 7871
:
6136
| 6151