Index: Makefile =================================================================== --- Makefile +++ Makefile @@ -0,0 +1,659 @@ +# Created by: timur@FreeBSD.org +# $FreeBSD$ + +PORTNAME= ${SAMBA4_BASENAME}412 +PORTVERSION= ${SAMBA4_VERSION} +PORTREVISION= 0 +CATEGORIES?= net +MASTER_SITES= SAMBA/samba/stable SAMBA/samba/rc +DISTNAME= ${SAMBA4_DISTNAME} + +MAINTAINER= timur@FreeBSD.org +COMMENT= Free SMB/CIFS and AD/DC server and client for Unix + +LICENSE= GPLv3+ +LICENSE_FILE= ${WRKSRC}/COPYING + +IGNORE_NONTHREAD_PYTHON= needs port lang/python${PYTHON_SUFFIX} to be build with THREADS support +#CONFLICTS_INSTALL?= samba4-4.0.* samba4[1-9]-4.* samba410-4.10.* p5-Parse-Pidl-4.* + +USES= cpe + +EXTRA_PATCHES+= ${PATCHDIR}/0001-Zfs-provision-1.patch:-p1 + +SAMBA4_BASENAME= samba +SAMBA4_PORTNAME= ${SAMBA4_BASENAME}4 +SAMBA4_VERSION= 4.12.7 +SAMBA4_DISTNAME= ${SAMBA4_BASENAME}-${SAMBA4_VERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|alpha|} + +WRKSRC?= ${WRKDIR}/${DISTNAME} + +CPE_VENDOR= samba +CPE_PRODUCT= samba +# Directories +VARDIR= ${DESTDIR}/var +SAMBA4_RUNDIR= ${VARDIR}/run/${SAMBA4_PORTNAME} +SAMBA4_LOGDIR= ${VARDIR}/log/${SAMBA4_PORTNAME} +SAMBA4_LOCKDIR= ${VARDIR}/db/${SAMBA4_PORTNAME} +SAMBA4_BINDDNSDIR= ${SAMBA4_LOCKDIR}/bind-dns +SAMBA4_PRIVATEDIR= ${SAMBA4_LOCKDIR}/private +SAMBA4_PAMDIR= ${PREFIX}/lib +SAMBA4_LIBDIR= ${PREFIX}/lib/${SAMBA4_PORTNAME} +SAMBA4_INCLUDEDIR= ${PREFIX}/include/${SAMBA4_PORTNAME} +SAMBA4_CONFDIR= ${PREFIX}/etc +SAMBA4_CONFIG= smb4.conf + +CONFIGURE_ARGS+= --mandir="${MANPREFIX}/man" \ + --sysconfdir="${SAMBA4_CONFDIR}" \ + --includedir="${SAMBA4_INCLUDEDIR}" \ + --datadir="${DATADIR}" \ + --libdir="${SAMBA4_LIBDIR}" \ + --with-privatelibdir="${SAMBA4_LIBDIR}/private" \ + --with-pammodulesdir="${SAMBA4_PAMDIR}" \ + --with-modulesdir="${SAMBA4_MODULEDIR}" \ + --with-pkgconfigdir="${PKGCONFIGDIR}" \ + --localstatedir="${VARDIR}" \ + --with-piddir="${SAMBA4_RUNDIR}" \ + --with-sockets-dir="${SAMBA4_RUNDIR}" \ + --with-privileged-socket-dir="${SAMBA4_RUNDIR}" \ + --with-lockdir="${SAMBA4_LOCKDIR}" \ + --with-statedir="${SAMBA4_LOCKDIR}" \ + --with-cachedir="${SAMBA4_LOCKDIR}" \ + --with-bind-dns-dir=${SAMBA4_BINDDNSDIR} \ + --with-privatedir="${SAMBA4_PRIVATEDIR}" \ + --with-logfilebase="${SAMBA4_LOGDIR}" +# XXX: Flags +CONFIGURE_ENV+= PTHREAD_LDFLAGS="-lpthread" + +USES+= compiler:c++11-lang iconv localbase:ldflags \ + perl5 pkgconfig shebangfix ssl waf gettext-runtime +USE_PERL5= build +USE_LDCONFIG= ${SAMBA4_LIBDIR} +WAF_CMD= buildtools/bin/waf +CONFIGURE_LOG= bin/config.log + +PKGCONFIGDIR?= ${PREFIX}/libdata/pkgconfig +PKGCONFIGDIR_REL?= ${PKGCONFIGDIR:S,^${PREFIX}/,,} +PLIST_SUB+= PKGCONFIGDIR=${PKGCONFIGDIR_REL} +SUB_LIST+= PKGCONFIGDIR=${PKGCONFIGDIR_REL} +############################################################################## +OPTIONS_SUB= yes + +OPTIONS_DEFINE= AD_DC ADS CLUSTER CUPS DOCS FAM GPGME \ + LDAP NTVFS PROFILE QUOTAS SPOTLIGHT SYSLOG UTMP +# This shouldn't be default in the release +OPTIONS_DEFINE+= DEVELOPER MANDOC +#OPTIONS_DEFINE+= MEMORY_DEBUG + +OPTIONS_DEFINE_amd64= AESNI +OPTIONS_DEFAULT_amd64= AESNI + +OPTIONS_GROUP= VFS +OPTIONS_GROUP_VFS= FRUIT GLUSTERFS + +OPTIONS_SINGLE= GSSAPI ZEROCONF +# GSSAPI_HEIMDAL +OPTIONS_SINGLE_GSSAPI= GSSAPI_BUILTIN GSSAPI_MIT +OPTIONS_SINGLE_ZEROCONF= ZEROCONF_NONE AVAHI MDNSRESPONDER + +OPTIONS_RADIO= DNS +OPTIONS_RADIO_DNS= NSUPDATE BIND911 BIND916 +# Make those default options +OPTIONS_DEFAULT= AD_DC ADS DOCS FAM LDAP \ + QUOTAS SYSLOG UTMP PROFILE \ + FRUIT GSSAPI_BUILTIN AVAHI +############################################################################## +AD_DC_DESC= Active Directory Domain Controller +ADS_DESC= Active Directory client(implies LDAP) +AESNI_DESC= Accelerated AES crypto functions(amd64 only) +CLUSTER_DESC= Clustering support +DEVELOPER_DESC= With developer framework(implies NTVFS) +FAM_DESC= File Alteration Monitor +GPGME_DESC= GpgME support +LDAP_DESC= LDAP client +LIBZFS_DESC= LibZFS +SPOTLIGHT_DESC= Spotlight server-side search support +MANDOC_DESC= Build manpages from DOCBOOK templates +MEMORY_DEBUG_DESC= Debug memory allocator +NTVFS_DESC= Build *DEPRECATED* NTVFS file server +PICKY_DEVELOPER_DESC= Treat compiler warnings as errors(implies DEVELOPER) +PROFILE_DESC= Profiling data +QUOTAS_DESC= Disk quota support +UTMP_DESC= UTMP accounting + +VFS_DESC= VFS modules +GLUSTERFS_DESC= GlusterFS support +FRUIT_DESC= MacOSX and TimeMachine support + +GSSAPI_BUILTIN_DESC= GSSAPI support via bundled Heimdal + +ZEROCONF_DESC= Zero configuration networking +ZEROCONF_NONE_DESC= Zeroconf support is absent + +DNS_DESC= DNS frontend +BIND911_DESC= Use Bind 9.11 as AD DC DNS server frontend +BIND916_DESC= Use Bind 9.16 as AD DC DNS server frontend +NSUPDATE_DESC= Use samba NSUPDATE utility for AD DC +############################################################################## +# XXX: Unconditional dependencies which can't be switched off(if present in +# the system) + +# Iconv(picked up unconditionaly) +LIB_DEPENDS+= libiconv.so:converters/libiconv +# ICU +LIB_DEPENDS+= libicuuc.so:devel/icu +# unwind +LIB_DEPENDS+= libunwind.so:devel/libunwind +# Readline(sponsored by Python) +# XXX: USES=readline pollutes CPPFLAGS, so we explicitly put dependency +LIB_DEPENDS+= libreadline.so:devel/readline +# popt +LIB_DEPENDS+= libpopt.so:devel/popt +# inotify +LIB_DEPENDS+= libinotify.so:devel/libinotify +# GNUTLS +LIB_DEPENDS+= libgnutls.so:security/gnutls +LIB_DEPENDS+= libgcrypt.so:security/libgcrypt +# NFSv4 ACL glue +LIB_DEPENDS+= libsunacl.so:sysutils/libsunacl +# Jansson +BUILD_DEPENDS+= jansson>=2.10:devel/jansson +RUN_DEPENDS+= jansson>=2.10:devel/jansson +# tasn1 +LIB_DEPENDS+= libtasn1.so:security/libtasn1 +# External Samba dependencies +# Needed for IDL compiler +BUILD_DEPENDS+= p5-Parse-Yapp>=0:devel/p5-Parse-Yapp +# Libarchive +SAMBA4_BUNDLED_LIBS+= !libarchive +BUILD_DEPENDS+= libarchive>=3.1.2:archivers/libarchive +RUN_DEPENDS+= libarchive>=3.1.2:archivers/libarchive + +### Bundled libraries +SAMBA4_BUNDLED_CMOCKA?= no +SAMBA4_BUNDLED_TALLOC?= no +SAMBA4_BUNDLED_TEVENT?= no +SAMBA4_BUNDLED_TDB?= no +SAMBA4_BUNDLED_LDB?= yes +# cmocka +.if defined(SAMBA4_BUNDLED_CMOCKA) && ${SAMBA4_BUNDLED_CMOCKA} == yes +SAMBA4_BUNDLED_LIBS+= cmocka +CONFLICTS_INSTALL+= cmocka-1.* +PLIST_SUB+= SAMBA4_BUNDLED_CMOCKA="" +SUB_LIST+= SAMBA4_BUNDLED_CMOCKA="" +.else +SAMBA4_BUNDLED_LIBS+= !cmocka +BUILD_DEPENDS+= cmocka>=1.1.3:sysutils/cmocka +PLIST_SUB+= SAMBA4_BUNDLED_CMOCKA="@comment " +SUB_LIST+= SAMBA4_BUNDLED_CMOCKA="@comment " +.endif +# talloc +.if defined(SAMBA4_BUNDLED_TALLOC) && ${SAMBA4_BUNDLED_TALLOC} == yes +SAMBA4_BUNDLED_LIBS+= talloc +CONFLICTS_INSTALL+= talloc-* talloc1-* +PLIST_SUB+= SAMBA4_BUNDLED_TALLOC="" +SUB_LIST+= SAMBA4_BUNDLED_TALLOC="" +.else +SAMBA4_BUNDLED_LIBS+= !talloc +BUILD_DEPENDS+= talloc>=2.2.0:devel/talloc +RUN_DEPENDS+= talloc>=2.2.0:devel/talloc +PLIST_SUB+= SAMBA4_BUNDLED_TALLOC="@comment " +SUB_LIST+= SAMBA4_BUNDLED_TALLOC="@comment " +.endif +# tevent +.if defined(SAMBA4_BUNDLED_TEVENT) && ${SAMBA4_BUNDLED_TEVENT} == yes +SAMBA4_BUNDLED_LIBS+= tevent +CONFLICTS_INSTALL+= tevent-* tevent1-* +PLIST_SUB+= SAMBA4_BUNDLED_TEVENT="" +SUB_LIST+= SAMBA4_BUNDLED_TEVENT="" +.else +SAMBA4_BUNDLED_LIBS+= !tevent +BUILD_DEPENDS+= tevent>=0.10.0:devel/tevent +RUN_DEPENDS+= tevent>=0.10.0:devel/tevent +PLIST_SUB+= SAMBA4_BUNDLED_TEVENT="@comment " +SUB_LIST+= SAMBA4_BUNDLED_TEVENT="@comment " +.endif +# tdb +.if defined(SAMBA4_BUNDLED_TDB) && ${SAMBA4_BUNDLED_TDB} == yes +SAMBA4_BUNDLED_LIBS+= tdb +CONFLICTS_INSTALL+= tdb-* tdb1-* +PLIST_SUB+= SAMBA4_BUNDLED_TDB="" +SUB_LIST+= SAMBA4_BUNDLED_TDB="" +.else +SAMBA4_BUNDLED_LIBS+= !tdb +BUILD_DEPENDS+= tdb>=1.4.2:databases/tdb +RUN_DEPENDS+= tdb>=1.4.2:databases/tdb +PLIST_SUB+= SAMBA4_BUNDLED_TDB="@comment " +SUB_LIST+= SAMBA4_BUNDLED_TDB="@comment " +.endif +# ldb +.if defined(SAMBA4_BUNDLED_LDB) && ${SAMBA4_BUNDLED_LDB} == yes +SAMBA4_BUNDLED_LDB= yes +SAMBA4_BUNDLED_LIBS+= ldb +PLIST_SUB+= SAMBA4_BUNDLED_LDB="" +SUB_LIST+= SAMBA4_BUNDLED_LDB="" +SAMBA4_MODULEDIR= ${SAMBA4_LIBDIR}/modules +.else +SAMBA4_BUNDLED_LIBS+= !ldb +BUILD_DEPENDS+= ldb20>=2.0.8:databases/ldb20 +RUN_DEPENDS+= ldb20>=2.0.8:databases/ldb20 +PLIST_SUB+= SAMBA4_BUNDLED_LDB="@comment " +SUB_LIST+= SAMBA4_BUNDLED_LDB="@comment " +SAMBA4_MODULEDIR= ${PREFIX}/lib/shared-modules +.endif + +.if (defined(SAMBA4_BUNDLED_TALLOC) && ${SAMBA4_BUNDLED_TALLOC} == yes) \ + || (defined(SAMBA4_BUNDLED_TDB) && ${SAMBA4_BUNDLED_TDB} == yes) \ + || (defined(SAMBA4_BUNDLED_LDB) && ${SAMBA4_BUNDLED_LDB} == yes) \ + || (defined(SAMBA4_BUNDLED_TEVENT) && ${SAMBA4_BUNDLED_TEVENT} == yes) +SAMBA4_BUNDLED_LIBS+= replace +.endif +# Don't use external libcom_err +SAMBA4_BUNDLED_LIBS+= com_err +# Set the test environment variables +TEST_USES= python +TEST_ENV+= PYTHON="${PYTHON_CMD}" \ + SHA1SUM=/sbin/sha1 \ + SHA256SUM=/sbin/sha256 \ + MD5SUM=/sbin/md5 \ + PYTHONDONTWRITEBYTECODE=1 +TEST_DEPENDS+= bash:shells/bash \ + tshark:net/tshark +############################################################################## +CONFIGURE_ARGS+= \ + --with-pam \ + --with-iconv \ + --with-winbind \ + --with-regedit \ + --disable-rpath \ + --without-lttng \ + --without-gettext \ + --enable-pthreadpool \ + --without-fake-kaserver \ + --without-systemd \ + --with-libarchive \ + --with-acl-support \ + --with-sendfile-support \ + --disable-ctdb-tests \ + +# ${ICONV_CONFIGURE_BASE} +############################################################################## +FRUIT_PREVENTS= ZEROCONF_NONE +FRUIT_PREVENTS_MSG= MacOSX support requires Zeroconf(AVAHI or MDNSRESPONDER) +FRUIT_VARS= SAMBA4_MODULES+=vfs_fruit +FRUIT_PLIST_FILES+= man/man8/vfs_fruit.8.gz + +GLUSTERFS_CONFIGURE_ENABLE= glusterfs +GLUSTERFS_LIB_DEPENDS= libglusterfs.so:net/glusterfs +GLUSTERFS_VARS= SAMBA4_MODULES+=vfs_glusterfs +GLUSTERFS_PLIST_FILES+= man/man8/vfs_glusterfs.8.gz +GLUSTERFS_CFLAGS+= -DHAVE_GFAPI_VER_7_6 +############################################################################## +ZEROCONF_NONE_VARS= MAKE_ENV+=ZEROCONF=none + +AVAHI_CONFIGURE_ENABLE= avahi +AVAHI_LIB_DEPENDS= libavahi-client.so:net/avahi-app +AVAHI_VARS= SAMBA4_SERVICES+=avahi_daemon + +MDNSRESPONDER_CONFIGURE_ENABLE= dnssd +MDNSRESPONDER_LIB_DEPENDS= libdns_sd.so:net/mDNSResponder +MDNSRESPONDER_VARS= SAMBA4_SERVICES+=mdnsd +############################################################################## +BIND911_RUN_DEPENDS= bind911>=9.11.0.0:dns/bind911 +BIND916_RUN_DEPENDS= bind916>=9.16.0.0:dns/bind916 +NSUPDATE_RUN_DEPENDS= samba-nsupdate:dns/samba-nsupdate +############################################################################## +MEMORY_DEBUG_IMPLIES= DEBUG +MEMORY_DEBUG_CONFIGURE_ENV= ADDITIONAL_CFLAGS="-DENABLE_JEMALLOC `pkg-config --cflags jemalloc`" ADDITIONAL_LDFLAGS="`pkg-config --libs jemalloc`" +MEMORY_DEBUG_LIB_DEPENDS= libjemalloc.so.2:devel/jemalloc +# https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194046 +GDB_CMD?= ${LOCALBASE}/bin/gdb +# https://bugzilla.samba.org/show_bug.cgi?id=8969 +PICKY_DEVELOPER_IMPLIES= DEVELOPER +PICKY_DEVELOPER_CONFIGURE_ON= --picky-developer + +DEVELOPER_IMPLIES= NTVFS +DEVELOPER_CONFIGURE_ON= --enable-developer --enable-selftest --abi-check-disable +DEVELOPER_RUN_DEPENDS= ${SAMBA4_LMDB_DEPENDS} +DEVELOPER_BUILD_DEPENDS= ${GDB_CMD}:devel/gdb \ + ${SAMBA4_LMDB_DEPENDS} +DEVELOPER_TEST_DEPENDS= ${GDB_CMD}:devel/gdb +DEVELOPER_VARS_OFF= GDB_CMD=true +# XXX: Mostly used in conjuction with the DEVELOPER option, don't enable it +# if you don't know what you are doing +NTVFS_IMPLIES= AD_DC +NTVFS_CONFIGURE_WITH= ntvfs-fileserver +NTVFS_PLIST_FILES= ${SAMBA4_MODULEDIR}/service/smb.so \ + lib/samba4/private/libntvfs-samba4.so +############################################################################## +CLUSTER_CONFIGURE_WITH= cluster-support + +CUPS_CONFIGURE_ENABLE= cups iprint +CUPS_LIB_DEPENDS= libcups.so:print/cups +# https://bugzilla.samba.org/show_bug.cgi?id=9545 +FAM_USES= fam +FAM_CONFIGURE_WITH= fam + +GPGME_CONFIGURE_WITH= gpgme +GPGME_LIB_DEPENDS= libgpgme.so:security/gpgme + +PROFILE_CONFIGURE_WITH= profiling-data + +QUOTAS_CONFIGURE_WITH= quotas + +SPOTLIGHT_CONFIGURE_ENABLE= spotlight +SPOTLIGHT_BUILD_DEPENDS= tracker>=1.4.1:sysutils/tracker +SPOTLIGHT_RUN_DEPENDS= tracker>=1.4.1:sysutils/tracker +SPOTLIGHT_USES= bison gnome +SPOTLIGHT_USE= gnome=glib20 + +SYSLOG_CONFIGURE_WITH= syslog + +UTMP_CONFIGURE_WITH= utmp + +AD_DC_CONFIGURE_OFF= --without-ad-dc +AD_DC_BUILD_DEPENDS= ${SAMBA4_LMDB_DEPENDS} +AD_DC_RUN_DEPENDS= ${SAMBA4_LMDB_DEPENDS} + +ADS_IMPLIES= LDAP +ADS_CONFIGURE_WITH= ads dnsupdate + +LDAP_CONFIGURE_WITH= ldap +LDAP_CONFIGURE_ON= --with-openldap=${LOCALBASE} +LDAP_USE= OPENLDAP=yes +LDAP_VARS= SAMBA4_MODULES+=idmap_ldap + +GSSAPI_MIT_CONFIGURE_ON= --with-system-mitkrb5 ${GSSAPIBASEDIR} \ + --with-system-mitkdc=${GSSAPIBASEDIR}/sbin/krb5kdc \ + --with-experimental-mit-ad-dc +GSSAPI_MIT_USES= gssapi:mit + +LIBZFS_CONFIGURE_WITH= libzfs +LIBZFS_VARS= SAMBA4_MODULES+=vfs_zfs_space + +MANDOC_BUILD_DEPENDS= ${LOCALBASE}/share/xsl/docbook/manpages/docbook.xsl:textproc/docbook-xsl \ + xsltproc:textproc/libxslt +MANDOC_CONFIGURE_ENV_OFF= XSLTPROC="true" + +############################################################################## +.include +############################################################################## + +.if !defined(WANT_EXP_MODULES) || empty(WANT_EXP_MODULES) +WANT_EXP_MODULES= vfs_cacheprime +.endif + +.if ${WANT_EXP_MODULES:Mvfs_snapper} +# snapper needs dbus +LIB_DEPENDS+= libdbus-1.so:devel/dbus +LIB_DEPENDS+= libdbus-glib-1.so:devel/dbus-glib +.endif + +SAMBA4_MODULES+= vfs_freebsd + +SAMBA4_MODULES+= idmap_nss idmap_autorid idmap_rid idmap_hash idmap_tdb idmap_tdb2 idmap_script nss-info_hash +# List of extra modules taken from RHEL build +# https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197320 +.if ${PORT_OPTIONS:MADS} +SAMBA4_MODULES+= idmap_ad idmap_rfc2307 nss-info_template nss-info_rfc2307 nss-info_sfu nss-info_sfu20 +.endif + +.if ${PORT_OPTIONS:MDEVELOPER} +SAMBA4_MODULES+= auth_skel pdb_test gpext_security gpext_registry gpext_scripts perfcount_test \ + vfs_fake_dfq vfs_skel_opaque vfs_skel_transparent vfs_shadow_copy_test vfs_fake_acls \ + vfs_nfs4acl_xattr vfs_error_inject vfs_delay_inject +.endif +# Python bindings +.if defined(NO_PYTHON) +USES+= python:build,test +CONFIGURE_ARGS+= --disable-python +PLIST_SUB+= SAMBA4_PYTHON="@comment " +SUB_LIST+= SAMBA4_PYTHON="@comment " +.else +USES+= python:3.4+ +PLIST_SUB+= SAMBA4_PYTHON="" +SUB_LIST+= SAMBA4_PYTHON="" +# Don't cache Python modules +CONFIGURE_ARGS+= --nopycache +MAKE_ENV+= PYTHONDONTWRITEBYTECODE=1 + +.if defined(SAMBA4_BUNDLED_TALLOC) && ${SAMBA4_BUNDLED_TALLOC} == yes +SAMBA4_BUNDLED_LIBS+= pytalloc-util +.else +SAMBA4_BUNDLED_LIBS+= !pytalloc-util +.endif + +.if defined(SAMBA4_BUNDLED_TEVENT) && ${SAMBA4_BUNDLED_TEVENT} == yes +SAMBA4_BUNDLED_LIBS+= pytevent +.else +SAMBA4_BUNDLED_LIBS+= !pytevent +.endif + +.if defined(SAMBA4_BUNDLED_TDB) && ${SAMBA4_BUNDLED_TDB} == yes +SAMBA4_BUNDLED_LIBS+= pytdb +.else +SAMBA4_BUNDLED_LIBS+= !pytdb +.endif + +.if defined(SAMBA4_BUNDLED_LDB) && ${SAMBA4_BUNDLED_LDB} == yes +SAMBA4_BUNDLED_LIBS+= pyldb pyldb-util +.else +SAMBA4_BUNDLED_LIBS+= !pyldb !pyldb-util +.endif +# External Python modules +BUILD_DEPENDS+= ${PYTHON_PKGNAMEPREFIX}iso8601>=0.1.11:devel/py-iso8601@${PY_FLAVOR} +RUN_DEPENDS+= ${PYTHON_PKGNAMEPREFIX}iso8601>=0.1.11:devel/py-iso8601@${PY_FLAVOR} +.endif + +.if defined(WANT_EXP_MODULES) && !empty(WANT_EXP_MODULES) +SAMBA4_MODULES+= ${WANT_EXP_MODULES} +.endif + +.if defined(SAMBA4_BUNDLED_LIBS) && !empty(SAMBA4_BUNDLED_LIBS) +CONFIGURE_ARGS+= --bundled-libraries="${SAMBA4_BUNDLED_LIBS:Q:C|(\\\\ )+|,|g:S|\\||g}" +.endif + +.if defined(SAMBA4_MODULES) && !empty(SAMBA4_MODULES) +CONFIGURE_ARGS+= --with-shared-modules="${SAMBA4_MODULES:C|-|_|:Q:C|(\\\\ )+|,|g:S|\\||g}" +.endif +# XXX: Hack for nss-info_* -> nss_info/* modules +# Add selected modules to the plist +.for module in ${SAMBA4_MODULES} +PLIST_FILES+= ${SAMBA4_MODULEDIR}/${module:C|_|/|:C|-|_|}.so +.endfor + +.if defined(WITH_DEBUG) +CONFIGURE_ARGS+= --verbose --enable-debug +MAKE_ARGS+= --verbose +DEBUG_FLAGS?= -g -ggdb3 -O0 +.endif + +############################################################################## +.include +############################################################################## + +# Require llvm 4.0 and AMD64 +.if ${PORT_OPTIONS:MAESNI} && ${ARCH} == "amd64" +CONFIGURE_ARGS+= --accel-aes=intelaesni +.else +CONFIGURE_ARGS+= --accel-aes=none +.endif + + +# Only for 64-bit architectures +.if ${ARCH} != armv6 && ${ARCH} != armv7 && ${ARCH} != i386 && ${ARCH} != mips && ${ARCH} != powerpc && ${ARCH} != powerpcspe +. if defined(SAMBA4_BUNDLED_LDB) && ${SAMBA4_BUNDLED_LDB} == yes && (${PORT_OPTIONS:MAD_DC} || ${PORT_OPTIONS:MDEVELOPER}) +# LMDB +SAMBA4_LMDB_DEPENDS= lmdb>=0.9.16:databases/lmdb +PLIST_FILES+= lib/samba4/private/libldb-mdb-int-samba4.so \ + ${SAMBA4_MODULEDIR}/ldb/mdb.so +. endif +.endif + +.if ${PORT_OPTIONS:MGSSAPI_MIT} +PLIST_FILES+= ${SAMBA4_MODULEDIR}/krb5/winbind_krb5_localauth.so \ + man/man8/winbind_krb5_localauth.8.gz +. if ${PORT_OPTIONS:MAD_DC} +PLIST_FILES+= lib/samba4/krb5/plugins/kdb/samba.so +. endif +.endif +# for libexecinfo: (so that __builtin_frame_address() finds the top of the stack) +CFLAGS_amd64+= -fno-omit-frame-pointer +# No fancy color error messages +CONFIGURE_ENV+= NOCOLOR=yes WAF_LOG_FORMAT='%(c1)s%(zone)s%(c2)s %(message)s' +MAKE_ENV+= NOCOLOR=yes WAF_LOG_FORMAT='%(c1)s%(zone)s%(c2)s %(message)s' +.if ${CHOSEN_COMPILER_TYPE} == clang +CFLAGS+= -fno-color-diagnostics +.endif +# Allow rpcgen to find proper CPP +MAKE_ENV+= RPCGEN_CPP="${CPP}" +#.if ${readline_ARGS} == port +#CFLAGS+= -D_FUNCTION_DEF +#.endif + +# Make sure that the right version of Python is used by the tools +# https://bugzilla.samba.org/show_bug.cgi?id=7305 +SHEBANG_FILES= ${PATCH_WRKSRC}/source4/scripting/bin/* ${PATCH_WRKSRC}/selftest/* + +SAMBA4_SUB= SAMBA4_LOGDIR="${SAMBA4_LOGDIR}" \ + SAMBA4_RUNDIR="${SAMBA4_RUNDIR}" \ + SAMBA4_LOCKDIR="${SAMBA4_LOCKDIR}" \ + SAMBA4_MODULEDIR="${SAMBA4_MODULEDIR}" \ + SAMBA4_BINDDNSDIR="${SAMBA4_BINDDNSDIR}" \ + SAMBA4_PRIVATEDIR="${SAMBA4_PRIVATEDIR}" \ + SAMBA4_CONFDIR="${SAMBA4_CONFDIR}" \ + SAMBA4_CONFIG="${SAMBA4_CONFIG}" \ + SAMBA4_SERVICES="${SAMBA4_SERVICES}" + +PLIST_SUB+= ${SAMBA4_SUB} +SUB_LIST+= ${SAMBA4_SUB} + +USE_RC_SUBR= samba_server +SUB_FILES= pkg-message README.FreeBSD + +PORTDOCS= README.FreeBSD + +post-extract: + @${RM} -r ${WRKSRC}/pidl/lib/Parse/Yapp + +post-patch: + @${REINPLACE_CMD} -e 's|$${PKGCONFIGDIR}|${PKGCONFIGDIR}|g' \ + ${PATCH_WRKSRC}/buildtools/wafsamba/pkgconfig.py + @${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \ + ${PATCH_WRKSRC}/buildtools/wafsamba/wafsamba.py + @${REINPLACE_CMD} -e 's|%%GDB_CMD%%|${GDB_CMD}|g' \ + ${PATCH_WRKSRC}/buildtools/scripts/abi_gen.sh + @${REINPLACE_CMD} -e 's|%%SAMBA4_CONFIG%%|${SAMBA4_CONFIG}|g' \ + ${PATCH_WRKSRC}/dynconfig/wscript + +# Use threading (or multiprocessing) but not thread (renamed in python 3+). +pre-configure: +.if ! ${PORT_OPTIONS:MAD_DC} && ${PORT_OPTIONS:MNTVFS} + @${ECHO_CMD}; \ + ${ECHO_MSG} "===> NTVFS option requires AD_DC to be set"; \ + ${ECHO_CMD}; \ + ${FALSE} +.endif + @if ! ${PYTHON_CMD} -c "import multiprocessing;" 2>/dev/null; then \ + ${ECHO_CMD}; \ + ${ECHO_MSG} "===> ${PKGNAME} "${IGNORE_NONTHREAD_PYTHON:Q}.; \ + ${ECHO_CMD}; \ + ${FALSE}; \ + fi + +pre-build-MANDOC-off: + ${MKDIR} ${BUILD_WRKSRC}/bin/default/docs-xml/ + ${CP} -rp ${BUILD_WRKSRC}/docs/manpages ${BUILD_WRKSRC}/bin/default/docs-xml/ +.for man in libcli/nbt/man/nmblookup4.1 \ + librpc/tools/ndrdump.1 \ + source4/lib/registry/man/regdiff.1 \ + source4/lib/registry/man/regpatch.1 \ + source4/lib/registry/man/regshell.1 \ + source4/lib/registry/man/regtree.1 \ + source4/scripting/man/samba-gpupdate.8 \ + source4/torture/man/gentest.1 \ + source4/torture/man/locktest.1 \ + source4/torture/man/masktest.1 \ + source4/torture/man/smbtorture.1 \ + source4/utils/man/ntlm_auth4.1 \ + source4/utils/oLschema2ldif/oLschema2ldif.1 \ + lib/tdb/man/tdbdump.8 \ + lib/tdb/man/tdbbackup.8 \ + lib/tdb/man/tdbtool.8 \ + lib/talloc/man/talloc.3 \ + lib/tdb/man/tdbrestore.8 \ + lib/ldb/man/ldbadd.1 \ + lib/ldb/man/ldbsearch.1 \ + lib/ldb/man/ldbmodify.1 \ + lib/ldb/man/ldbrename.1 \ + lib/ldb/man/ldbdel.1 \ + lib/ldb/man/ldbedit.1 \ + docs-xml/manpages/vfs_freebsd.8 + ${MKDIR} `dirname ${BUILD_WRKSRC}/bin/default/${man}` + ${INSTALL_MAN} ${FILESDIR}/man/`basename ${man}` ${BUILD_WRKSRC}/bin/default/${man} +.endfor +.if ${PORT_OPTIONS:MCLUSTER} + ${MKDIR} ${BUILD_WRKSRC}/bin/default/ctdb/ +. for man in ctdb_diagnostics.1 ctdb.1 ctdbd_wrapper.1 ctdbd.1 ltdbtool.1 onnode.1 ping_pong.1 \ + ctdb.conf.5 ctdb.sysconfig.5 ctdb-script.options.5 \ + ctdb.7 ctdb-statistics.7 ctdb-tunables.7 + ${INSTALL_MAN} ${FILESDIR}/man/${man} ${BUILD_WRKSRC}/bin/default/ctdb/ +. endfor +.endif + +post-install-rm-junk: +.if defined(NO_PYTHON) + ${RM} -r ${STAGEDIR}${PYTHON_SITELIBDIR}/samba/third_party/dns \ + ${STAGEDIR}${PYTHON_SITELIBDIR}/samba/third_party/iso8601 +.endif + +post-install-fix-manpages: +.for f in vfs_aio_linux.8 vfs_btrfs.8 vfs_ceph.8 vfs_gpfs.8 + ${RM} ${STAGEDIR}${PREFIX}/man/man8/${f} +.endfor +.if defined(SAMBA4_BUNDLED_LDB) && ${SAMBA4_BUNDLED_LDB} == yes +. for f in ldbadd.1 ldbdel.1 ldbedit.1 ldbmodify.1 ldbrename.1 ldbsearch.1 + ${MV} ${STAGEDIR}${PREFIX}/man/man1/${f} ${STAGEDIR}${PREFIX}/man/man1/samba-${f} +. endfor +.endif +.if defined(SAMBA4_BUNDLED_TDB) && ${SAMBA4_BUNDLED_TDB} == yes +. for f in tdbbackup.8 tdbdump.8 tdbrestore.8 tdbtool.8 + ${MV} ${STAGEDIR}${PREFIX}/man/man8/${f} ${STAGEDIR}${PREFIX}/man/man8/samba-${f} +. endfor +.endif + +post-install: post-install-rm-junk post-install-fix-manpages + ${LN} -sf smb.conf.5.gz ${STAGEDIR}${PREFIX}/man/man5/smb4.conf.5.gz +# Run post-install script +.for dir in ${SAMBA4_LOGDIR} ${SAMBA4_RUNDIR} ${SAMBA4_LOCKDIR} ${SAMBA4_MODULEDIR} + ${INSTALL} -d -m 0755 "${STAGEDIR}${dir}" +.endfor + ${INSTALL} -d -m 0750 "${STAGEDIR}${SAMBA4_BINDDNSDIR}" + ${INSTALL} -d -m 0750 "${STAGEDIR}${SAMBA4_PRIVATEDIR}" +.for dir in auth bind9 gensec gpext idmap ldb nss_info pdb perfcount process_model service vfs + ${INSTALL} -d -m 0755 "${STAGEDIR}${SAMBA4_MODULEDIR}/${dir}" +.endfor +.if !defined(WITH_DEBUG) + -${FIND} ${STAGEDIR}${PREFIX}/bin ${STAGEDIR}${PREFIX}/sbin ${STAGEDIR}${PREFIX}/libexec \ + -type f -print0 | ${XARGS} -0 -n 1 -t ${STRIP_CMD} + -${FIND} ${STAGEDIR}${PREFIX}/lib -name '*.so*' \ + -type f -print0 | ${XARGS} -0 -n 1 -t ${STRIP_CMD} +.endif + +post-install-FRUIT-off: + ${RM} ${STAGEDIR}${SAMBA4_MODULEDIR}/vfs/fruit.so + ${RM} ${STAGEDIR}${PREFIX}/man/man8/vfs_fruit.8 + +post-install-DOCS-on: + ${MKDIR} ${STAGEDIR}${DOCSDIR} +.for doc in ${PORTDOCS} + ${INSTALL_DATA} ${WRKDIR}/${doc} ${STAGEDIR}${DOCSDIR} +.endfor + +post-install-CLUSTER-on: + ${LN} -nfs ../../../../share/ctdb/events/legacy/00.ctdb.script ${STAGEDIR}${PREFIX}/etc/ctdb/events/legacy/00.ctdb.script + ${LN} -nfs ../../../../share/ctdb/events/legacy/10.interface.script ${STAGEDIR}${PREFIX}/etc/ctdb/events/legacy/10.interface.script + ${LN} -nfs ../../../../share/ctdb/events/legacy/05.system.script ${STAGEDIR}${PREFIX}/etc/ctdb/events/legacy/05.system.script + ${LN} -nfs ../../../../share/ctdb/events/legacy/01.reclock.script ${STAGEDIR}${PREFIX}/etc/ctdb/events/legacy/01.reclock.script + +.include Index: distinfo =================================================================== --- distinfo +++ distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1600534860 +SHA256 (samba-4.12.7.tar.gz) = 30556a0dd2f9ab3b251eb9db6132ffd4379c159f574366fc2f2eabbc018c6fd2 +SIZE (samba-4.12.7.tar.gz) = 18230157 Index: files/0001-Zfs-provision-1.patch =================================================================== --- files/0001-Zfs-provision-1.patch +++ files/0001-Zfs-provision-1.patch @@ -0,0 +1,330 @@ +From 2664c997587416a2c8c911a75158485a5c98b70b Mon Sep 17 00:00:00 2001 +From: John Hixon +Date: Sat, 20 May 2017 04:39:37 +0200 +Subject: [PATCH] Zfs provision (#1) + +Cherry-pick ZFS provisioning code by iXsystems Inc. + +* Check if sysvol is on filesystem with NFSv4 ACL's +(cherry picked from commit ca86f52b78a7b6e7537454a69cf93e7b96210cba) + +* Only check targetdir if it is defined (I had assumed it was) +(cherry picked from commit a29050cb2978ce23e3c04a859340dc2664c77a8a) + +* Kick samba a little bit into understanding NFSv4 ACL's +(cherry picked from commit 1c7542ff4904b729e311e17464ee76582760c219) + +Signed-off-by: Timur I. Bakeyev +--- + python/samba/provision/__init__.py | 25 ++++-- + source3/lib/sysacls.c | 10 +++ + source3/param/loadparm.c | 7 ++ + source3/smbd/pysmbd.c | 156 ++++++++++++++++++++++++++++++++++++- + 4 files changed, 191 insertions(+), 7 deletions(-) + +diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py +index 5de986463a5..cd3b91f41b9 100644 +--- a/python/samba/provision/__init__.py ++++ b/python/samba/provision/__init__.py +@@ -1695,19 +1695,26 @@ + s3conf = s3param.get_context() + s3conf.load(lp.configfile) + +- file = tempfile.NamedTemporaryFile(dir=os.path.abspath(sysvol)) ++ sysvol_dir = os.path.abspath(sysvol) ++ ++ set_simple_acl = smbd.set_simple_acl ++ if smbd.has_nfsv4_acls(sysvol_dir): ++ set_simple_acl = smbd.set_simple_nfsv4_acl ++ ++ file = tempfile.NamedTemporaryFile(dir=sysvol_dir) ++ + try: + try: +- smbd.set_simple_acl(file.name, 0o755, system_session_unix(), gid) ++ set_simple_acl(file.name, 0o755, gid) + except OSError: +- if not smbd.have_posix_acls(): ++ if not smbd.have_posix_acls() and not smbd.have_nfsv4_acls(): + # This clue is only strictly correct for RPM and + # Debian-like Linux systems, but hopefully other users + # will get enough clue from it. +- raise ProvisioningError("Samba was compiled without the posix ACL support that s3fs requires. " ++ raise ProvisioningError("Samba was compiled without the ACL support that s3fs requires. " + "Try installing libacl1-dev or libacl-devel, then re-run configure and make.") + +- raise ProvisioningError("Your filesystem or build does not support posix ACLs, which s3fs requires. " ++ raise ProvisioningError("Your filesystem or build does not support ACLs, which s3fs requires. " + "Try the mounting the filesystem with the 'acl' option.") + try: + smbd.chown(file.name, uid, gid, system_session_unix()) +@@ -1984,6 +1991,9 @@ + samdb.transaction_commit() + + if serverrole == "active directory domain controller": ++ if targetdir and smbd.have_nfsv4_acls() and smbd.has_nfsv4_acls(targetdir): ++ smbd.set_nfsv4_defaults() ++ + # Continue setting up sysvol for GPO. This appears to require being + # outside a transaction. + if not skip_sysvolacl: +@@ -2340,6 +2350,9 @@ + + if not os.path.isdir(paths.netlogon): + os.makedirs(paths.netlogon, 0o755) ++ ++ if smbd.have_nfsv4_acls() and smbd.has_nfsv4_acls(paths.sysvol): ++ smbd.set_nfsv4_defaults() + + if adminpass is None: + adminpass = samba.generate_random_password(12, 32) +diff --git a/source3/lib/sysacls.c b/source3/lib/sysacls.c +index 0bf3c37edfa..786cd39b5bc 100644 +--- a/source3/lib/sysacls.c ++++ b/source3/lib/sysacls.c +@@ -38,6 +38,16 @@ + #include "modules/vfs_hpuxacl.h" + #endif + ++/* ++ * NFSv4 ACL's should be understood and a first class citizen. Work ++ * needs to be done in librpc/idl/smb_acl.idl for this to occur. ++ */ ++#if defined(HAVE_LIBSUNACL) && defined(FREEBSD) ++#if 0 ++#include "modules/nfs4_acls.h" ++#endif ++#endif ++ + #undef DBGC_CLASS + #define DBGC_CLASS DBGC_ACLS + +diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c +index a2fcc4246c9..4b676897fc1 100644 +--- a/source3/param/loadparm.c ++++ b/source3/param/loadparm.c +@@ -2740,6 +2740,13 @@ static void init_locals(void) + } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) { + lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb"); + } else { ++ /* ++ * This should only set dfs_samba4 and leave acl_xattr ++ * to be set later (or zfsacl). The only reason the decision ++ * can't be made here to load acl_xattr or zfsacl is ++ * that we don't have access to what the target ++ * directory is. ++ */ + lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr"); + } + } +diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c +index 63fc5d68c33..f5a536ee186 100644 +--- a/source3/smbd/pysmbd.c ++++ b/source3/smbd/pysmbd.c +@@ -393,6 +393,20 @@ static SMB_ACL_T make_simple_acl(TALLOC_ + return acl; + } + ++static SMB_ACL_T make_simple_nfsv4_acl(TALLOC_CTX *mem_ctx, ++ gid_t gid, ++ mode_t chmod_mode) ++{ ++ /* ++ * This function needs to create an NFSv4 ACL. Currently, the only way ++ * to do so is to use the operating system interface, or to use the ++ * functions in source3/modules/nfs4_acls.c. These seems ugly and ++ * hacky. NFSv4 ACL's should be a first class citizen and ++ * librpc/idl/smb_acl.idl should be modified accordingly. ++ */ ++ return NULL; ++} ++ + /* + set a simple ACL on a file, as a test + */ +@@ -438,6 +452,57 @@ static PyObject *py_smbd_set_simple_acl( + Py_RETURN_NONE; + } + ++ ++/* ++ set a simple NFSv4 ACL on a file, as a test ++ */ ++static PyObject *py_smbd_set_simple_nfsv4_acl(PyObject *self, PyObject *args, PyObject *kwargs) ++{ ++ const char * const kwnames[] = { "fname", "mode", "gid", "service", NULL }; ++ char *fname, *service = NULL; ++ int ret; ++ int mode, gid = -1; ++ SMB_ACL_T acl; ++ TALLOC_CTX *frame; ++ connection_struct *conn; ++ ++ if (!PyArg_ParseTupleAndKeywords(args, kwargs, "si|iz", ++ discard_const_p(char *, kwnames), ++ &fname, &mode, &gid, &service)) ++ return NULL; ++ ++ frame = talloc_stackframe(); ++ ++ acl = make_simple_nfsv4_acl(frame, gid, mode); ++ if (acl == NULL) { ++ TALLOC_FREE(frame); ++ Py_RETURN_NONE; ++ } ++ ++ conn = get_conn_tos(service, NULL); ++ if (!conn) { ++ TALLOC_FREE(frame); ++ Py_RETURN_NONE; ++ } ++ ++ /* ++ * SMB_ACL_TYPE_ACCESS -> ACL_TYPE_ACCESS -> Not valid for NFSv4 ACL ++ */ ++ ret = 0; ++ ++ /* ret = set_sys_acl_conn(fname, SMB_ACL_TYPE_ACCESS, acl, conn); */ ++ ++ if (ret != 0) { ++ TALLOC_FREE(frame); ++ errno = ret; ++ return PyErr_SetFromErrno(PyExc_OSError); ++ } ++ ++ TALLOC_FREE(frame); ++ ++ Py_RETURN_NONE; ++} ++ + /* + chown a file + */ +@@ -537,7 +602,7 @@ static PyObject *py_smbd_unlink(PyObject + } + + /* +- check if we have ACL support ++ check if we have POSIX.1e ACL support + */ + static PyObject *py_smbd_have_posix_acls(PyObject *self, + PyObject *Py_UNUSED(ignored)) +@@ -549,6 +614,86 @@ static PyObject *py_smbd_have_posix_acls + #endif + } + ++static PyObject *py_smbd_has_posix_acls(PyObject *self, PyObject *args, PyObject *kwargs) ++{ ++ const char * const kwnames[] = { "path", NULL }; ++ char *path = NULL; ++ TALLOC_CTX *frame; ++ struct statfs fs; ++ int ret = false; ++ ++ frame = talloc_stackframe(); ++ ++ if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s|z", ++ discard_const_p(char *, kwnames), &path)) { ++ TALLOC_FREE(frame); ++ return NULL; ++ } ++ ++ if (statfs(path, &fs) != 0) { ++ TALLOC_FREE(frame); ++ return NULL; ++ } ++ ++ if (fs.f_flags & MNT_ACLS) ++ ret = true; ++ ++ TALLOC_FREE(frame); ++ return PyBool_FromLong(ret); ++} ++ ++/* ++ check if we have NFSv4 ACL support ++ */ ++static PyObject *py_smbd_have_nfsv4_acls(PyObject *self) ++{ ++#ifdef HAVE_LIBSUNACL ++ return PyBool_FromLong(true); ++#else ++ return PyBool_FromLong(false); ++#endif ++} ++ ++static PyObject *py_smbd_has_nfsv4_acls(PyObject *self, PyObject *args, PyObject *kwargs) ++{ ++ const char * const kwnames[] = { "path", NULL }; ++ char *path = NULL; ++ TALLOC_CTX *frame; ++ struct statfs fs; ++ int ret = false; ++ ++ frame = talloc_stackframe(); ++ ++ if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s|z", ++ discard_const_p(char *, kwnames), &path)) { ++ TALLOC_FREE(frame); ++ return NULL; ++ } ++ ++ if (statfs(path, &fs) != 0) { ++ TALLOC_FREE(frame); ++ return NULL; ++ } ++ ++ if (fs.f_flags & MNT_NFS4ACLS) ++ ret = true; ++ ++ TALLOC_FREE(frame); ++ return PyBool_FromLong(ret); ++} ++ ++ ++static PyObject *py_smbd_set_nfsv4_defaults(PyObject *self) ++{ ++ /* ++ * This should really be done in source3/param/loadparm.c ++ */ ++#if defined(HAVE_LIBSUNACL) && defined(FREEBSD) ++ lp_do_parameter(-1, "vfs objects", "dfs_samba4 zfsacl"); ++#endif ++ Py_RETURN_NONE; ++} ++ + /* + set the NT ACL on a file + */ +@@ -883,10 +1028,28 @@ static PyMethodDef py_smbd_methods[] = { + { "have_posix_acls", + (PyCFunction)py_smbd_have_posix_acls, METH_NOARGS, + NULL }, ++ { "has_posix_acls", ++ PY_DISCARD_FUNC_SIG(PyCFunction, py_smbd_has_posix_acls), ++ METH_VARARGS|METH_KEYWORDS, ++ NULL }, ++ { "have_nfsv4_acls", ++ (PyCFunction)py_smbd_have_nfsv4_acls, METH_NOARGS, ++ NULL }, ++ { "has_nfsv4_acls", ++ PY_DISCARD_FUNC_SIG(PyCFunction, py_smbd_has_nfsv4_acls), ++ METH_VARARGS|METH_KEYWORDS, ++ NULL }, ++ { "set_nfsv4_defaults", ++ (PyCFunction)py_smbd_set_nfsv4_defaults, METH_NOARGS, ++ NULL }, + { "set_simple_acl", + PY_DISCARD_FUNC_SIG(PyCFunction, py_smbd_set_simple_acl), + METH_VARARGS|METH_KEYWORDS, + NULL }, ++ { "set_simple_nfsv4_acl", ++ PY_DISCARD_FUNC_SIG(PyCFunction, py_smbd_set_simple_nfsv4_acl), ++ METH_VARARGS|METH_KEYWORDS, ++ NULL }, + { "set_nt_acl", + PY_DISCARD_FUNC_SIG(PyCFunction, py_smbd_set_nt_acl), + METH_VARARGS|METH_KEYWORDS, +-- +2.14.2 + Index: files/README.FreeBSD.in =================================================================== --- files/README.FreeBSD.in +++ files/README.FreeBSD.in @@ -0,0 +1,90 @@ + + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + !!! Please read before runing any tools !!! + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +Documentation +============= + + o https://wiki.samba.org/index.php/Samba4/HOWTO + + o https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO + + o https://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO + +FreeBSD specific information +============================ + +* Your configuration is in: %%SAMBA4_CONFDIR%%/%%SAMBA4_CONFIG%% + +* All the logs are under: %%SAMBA4_LOGDIR%% + +* All the relevant databases are under: %%SAMBA4_LOCKDIR%% + +* Provisioning script is: %%PREFIX%%/bin/samba-tool + +Samba4 provisioning requires file system(s) with the ACLs support. On +UFS2 you need to enable POSIX ACLs by adding 'acls' option to the mount +flags, on ZFS you need to use NFSv4 ACLs and `zfsacl` VFS module to get +provisioning work. + +There is a hack in the code, that makes provisioning work on UFS2 and in +the jails on the price of using USER extattr(2) namespace, which is less +secure than SYSTEM namespace, as can be edited not only by root user, but +also by the owner of the file. + +For the provisioning on ZFS you need to use additional parameters to the +samba-tool, that would explicitly add `zfsacl` to the default `vfs objects`: + + # samba-tool domain provision --interactive \ + --option="vfs objects"="dfs_samba4 zfsacl" + +To run this port you need to perform the following steps: +--------------------------------------------------------- + +0. If you had Samba3 port installed before, please, *take backups* of +all the relevant files. That includes 'smb.conf' file and all the +content of the '/var/db/samba/' directory. + +1a. Create new '%%SAMBA4_CONFDIR%%/%%SAMBA4_CONFIG%%' file by running: + + # samba-tool domain provision + +1b. Or upgrade from the Samba3 'smb.conf' file by running: + + # samba-tool domain classicupgrade + +%%NSUPDATE%%1c. You will need to specify location of the 'nsupdate' command in the +%%NSUPDATE%%'%%SAMBA4_CONFIG%%' file: +%%NSUPDATE%% +%%NSUPDATE%% nsupdate command = %%PREFIX%%/bin/samba-nsupdate -g +%%NSUPDATE%% +2. Put string 'samba_server_enable="YES"' into your /etc/rc.conf. + +3. Make sure that your server doesn't run Samba3, OpenLDAP and named. +Stop them, if necessary. + +4. Run '%%PREFIX%%/etc/rc.d/samba_server start' or reboot. + +Please, check archives of samba@lists.samba.org and ask there for help, +if necessary: + + https://lists.samba.org/archive/samba/ + +In case you found a bug which is clearly not related to the port build +process itself, plese file a bug report at: + + https://bugzilla.samba.org/ + +And add me to CC list. + +You may find those tools helpful: +--------------------------------- + +Microsoft Remote Server Administration Tools (RSAT) for: + +* Vista: http://www.microsoft.com/en-us/download/details.aspx?id=21090 +* Windows 7: http://www.microsoft.com/en-us/download/details.aspx?id=7887 + + +FreeBSD Samba4 port maintainer: Timur I. Bakeyev Index: files/man/ctdb-script.options.5 =================================================================== --- files/man/ctdb-script.options.5 +++ files/man/ctdb-script.options.5 @@ -0,0 +1,567 @@ +'\" t +.\" Title: ctdb-script.options +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 11/18/2018 +.\" Manual: CTDB - clustered TDB database +.\" Source: ctdb +.\" Language: English +.\" +.TH "CTDB\-SCRIPT\&.OPTIO" "5" "11/18/2018" "ctdb" "CTDB \- clustered TDB database" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ctdb-script.options \- CTDB scripts configuration files +.SH "DESCRIPTION" +.PP +Each CTDB script has 2 possible locations for its configuration options: +.PP +/usr/local/etc/ctdb/script\&.options +.RS 4 +This is a catch\-all global file for general purpose scripts and for options that are used in multiple event scripts\&. +.RE +.PP +\fISCRIPT\fR\&.options +.RS 4 +That is, options for +\fISCRIPT\fR +are placed in a file alongside the script, with a "\&.script" suffix added\&. This style is usually recommended for event scripts\&. +.sp +Options in this script\-specific file override those in the global file\&. +.RE +.PP +These files should include simple shell\-style variable assignments and shell\-style comments\&. +.SH "NETWORK CONFIGURATION" +.SS "10\&.interface" +.PP +This event script handles monitoring of interfaces using by public IP addresses\&. +.PP +CTDB_PARTIALLY_ONLINE_INTERFACES=yes|no +.RS 4 +Whether one or more offline interfaces should cause a monitor event to fail if there are other interfaces that are up\&. If this is "yes" and a node has some interfaces that are down then +\fBctdb status\fR +will display the node as "PARTIALLYONLINE"\&. +.sp +Note that CTDB_PARTIALLY_ONLINE_INTERFACES=yes is not generally compatible with NAT gateway or LVS\&. NAT gateway relies on the interface configured by CTDB_NATGW_PUBLIC_IFACE to be up and LVS replies on CTDB_LVS_PUBLIC_IFACE to be up\&. CTDB does not check if these options are set in an incompatible way so care is needed to understand the interaction\&. +.sp +Default is "no"\&. +.RE +.SS "11\&.natgw" +.PP +Provides CTDB\*(Aqs NAT gateway functionality\&. +.PP +NAT gateway is used to configure fallback routing for nodes when they do not host any public IP addresses\&. For example, it allows unhealthy nodes to reliably communicate with external infrastructure\&. One node in a NAT gateway group will be designated as the NAT gateway master node and other (slave) nodes will be configured with fallback routes via the NAT gateway master node\&. For more information, see the +NAT GATEWAY +section in +\fBctdb\fR(7)\&. +.PP +CTDB_NATGW_DEFAULT_GATEWAY=\fIIPADDR\fR +.RS 4 +IPADDR is an alternate network gateway to use on the NAT gateway master node\&. If set, a fallback default route is added via this network gateway\&. +.sp +No default\&. Setting this variable is optional \- if not set that no route is created on the NAT gateway master node\&. +.RE +.PP +CTDB_NATGW_NODES=\fIFILENAME\fR +.RS 4 +FILENAME contains the list of nodes that belong to the same NAT gateway group\&. +.sp +File format: +.sp +.if n \{\ +.RS 4 +.\} +.nf +\fIIPADDR\fR [slave\-only] + +.fi +.if n \{\ +.RE +.\} +.sp +IPADDR is the private IP address of each node in the NAT gateway group\&. +.sp +If "slave\-only" is specified then the corresponding node can not be the NAT gateway master node\&. In this case +\fICTDB_NATGW_PUBLIC_IFACE\fR +and +\fICTDB_NATGW_PUBLIC_IP\fR +are optional and unused\&. +.sp +No default, usually +/usr/local/etc/ctdb/natgw_nodes +when enabled\&. +.RE +.PP +CTDB_NATGW_PRIVATE_NETWORK=\fIIPADDR/MASK\fR +.RS 4 +IPADDR/MASK is the private sub\-network that is internally routed via the NAT gateway master node\&. This is usually the private network that is used for node addresses\&. +.sp +No default\&. +.RE +.PP +CTDB_NATGW_PUBLIC_IFACE=\fIIFACE\fR +.RS 4 +IFACE is the network interface on which the CTDB_NATGW_PUBLIC_IP will be configured\&. +.sp +No default\&. +.RE +.PP +CTDB_NATGW_PUBLIC_IP=\fIIPADDR/MASK\fR +.RS 4 +IPADDR/MASK indicates the IP address that is used for outgoing traffic (originating from CTDB_NATGW_PRIVATE_NETWORK) on the NAT gateway master node\&. This +\fImust not\fR +be a configured public IP address\&. +.sp +No default\&. +.RE +.PP +CTDB_NATGW_STATIC_ROUTES=\fIIPADDR/MASK[@GATEWAY]\fR \&.\&.\&. +.RS 4 +Each IPADDR/MASK identifies a network or host to which NATGW should create a fallback route, instead of creating a single default route\&. This can be used when there is already a default route, via an interface that can not reach required infrastructure, that overrides the NAT gateway default route\&. +.sp +If GATEWAY is specified then the corresponding route on the NATGW master node will be via GATEWAY\&. Such routes are created even if +\fICTDB_NATGW_DEFAULT_GATEWAY\fR +is not specified\&. If GATEWAY is not specified for some networks then routes are only created on the NATGW master node for those networks if +\fICTDB_NATGW_DEFAULT_GATEWAY\fR +is specified\&. +.sp +This should be used with care to avoid causing traffic to unnecessarily double\-hop through the NAT gateway master, even when a node is hosting public IP addresses\&. Each specified network or host should probably have a corresponding automatically created link route or static route to avoid this\&. +.sp +No default\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +CTDB_NATGW_NODES=/usr/local/etc/ctdb/natgw_nodes +CTDB_NATGW_PRIVATE_NETWORK=192\&.168\&.1\&.0/24 +CTDB_NATGW_DEFAULT_GATEWAY=10\&.0\&.0\&.1 +CTDB_NATGW_PUBLIC_IP=10\&.0\&.0\&.227/24 +CTDB_NATGW_PUBLIC_IFACE=eth0 + +.fi +.if n \{\ +.RE +.\} +.PP +A variation that ensures that infrastructure (ADS, DNS, \&.\&.\&.) directly attached to the public network (10\&.0\&.0\&.0/24) is always reachable would look like this: +.sp +.if n \{\ +.RS 4 +.\} +.nf +CTDB_NATGW_NODES=/usr/local/etc/ctdb/natgw_nodes +CTDB_NATGW_PRIVATE_NETWORK=192\&.168\&.1\&.0/24 +CTDB_NATGW_PUBLIC_IP=10\&.0\&.0\&.227/24 +CTDB_NATGW_PUBLIC_IFACE=eth0 +CTDB_NATGW_STATIC_ROUTES=10\&.0\&.0\&.0/24 + +.fi +.if n \{\ +.RE +.\} +.PP +Note that +\fICTDB_NATGW_DEFAULT_GATEWAY\fR +is not specified\&. +.RE +.SS "13\&.per_ip_routing" +.PP +Provides CTDB\*(Aqs policy routing functionality\&. +.PP +A node running CTDB may be a component of a complex network topology\&. In particular, public addresses may be spread across several different networks (or VLANs) and it may not be possible to route packets from these public addresses via the system\*(Aqs default route\&. Therefore, CTDB has support for policy routing via the +13\&.per_ip_routing +eventscript\&. This allows routing to be specified for packets sourced from each public address\&. The routes are added and removed as CTDB moves public addresses between nodes\&. +.PP +For more information, see the +POLICY ROUTING +section in +\fBctdb\fR(7)\&. +.PP +CTDB_PER_IP_ROUTING_CONF=\fIFILENAME\fR +.RS 4 +FILENAME contains elements for constructing the desired routes for each source address\&. +.sp +The special FILENAME value +\fB__auto_link_local__\fR +indicates that no configuration file is provided and that CTDB should generate reasonable link\-local routes for each public IP address\&. +.sp +File format: +.sp +.if n \{\ +.RS 4 +.\} +.nf + \fIIPADDR\fR \fIDEST\-IPADDR/MASK\fR [\fIGATEWAY\-IPADDR\fR] + +.fi +.if n \{\ +.RE +.\} +.sp +No default, usually +/usr/local/etc/ctdb/policy_routing +when enabled\&. +.RE +.PP +CTDB_PER_IP_ROUTING_RULE_PREF=\fINUM\fR +.RS 4 +NUM sets the priority (or preference) for the routing rules that are added by CTDB\&. +.sp +This should be (strictly) greater than 0 and (strictly) less than 32766\&. A priority of 100 is recommended, unless this conflicts with a priority already in use on the system\&. See +\fBip\fR(8), for more details\&. +.RE +.PP +CTDB_PER_IP_ROUTING_TABLE_ID_LOW=\fILOW\-NUM\fR, CTDB_PER_IP_ROUTING_TABLE_ID_HIGH=\fIHIGH\-NUM\fR +.RS 4 +CTDB determines a unique routing table number to use for the routing related to each public address\&. LOW\-NUM and HIGH\-NUM indicate the minimum and maximum routing table numbers that are used\&. +.sp +\fBip\fR(8) +uses some reserved routing table numbers below 255\&. Therefore, CTDB_PER_IP_ROUTING_TABLE_ID_LOW should be (strictly) greater than 255\&. +.sp +CTDB uses the standard file +/etc/iproute2/rt_tables +to maintain a mapping between the routing table numbers and labels\&. The label for a public address +\fIADDR\fR +will look like ctdb\&.\fIaddr\fR\&. This means that the associated rules and routes are easy to read (and manipulate)\&. +.sp +No default, usually 1000 and 9000\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +CTDB_PER_IP_ROUTING_CONF=/usr/local/etc/ctdb/policy_routing +CTDB_PER_IP_ROUTING_RULE_PREF=100 +CTDB_PER_IP_ROUTING_TABLE_ID_LOW=1000 +CTDB_PER_IP_ROUTING_TABLE_ID_HIGH=9000 + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "91\&.lvs" +.PP +Provides CTDB\*(Aqs LVS functionality\&. +.PP +For a general description see the +LVS +section in +\fBctdb\fR(7)\&. +.PP +CTDB_LVS_NODES=\fIFILENAME\fR +.RS 4 +FILENAME contains the list of nodes that belong to the same LVS group\&. +.sp +File format: +.sp +.if n \{\ +.RS 4 +.\} +.nf +\fIIPADDR\fR [slave\-only] + +.fi +.if n \{\ +.RE +.\} +.sp +IPADDR is the private IP address of each node in the LVS group\&. +.sp +If "slave\-only" is specified then the corresponding node can not be the LVS master node\&. In this case +\fICTDB_LVS_PUBLIC_IFACE\fR +and +\fICTDB_LVS_PUBLIC_IP\fR +are optional and unused\&. +.sp +No default, usually +/usr/local/etc/ctdb/lvs_nodes +when enabled\&. +.RE +.PP +CTDB_LVS_PUBLIC_IFACE=\fIINTERFACE\fR +.RS 4 +INTERFACE is the network interface that clients will use to connection to +\fICTDB_LVS_PUBLIC_IP\fR\&. This is optional for slave\-only nodes\&. No default\&. +.RE +.PP +CTDB_LVS_PUBLIC_IP=\fIIPADDR\fR +.RS 4 +CTDB_LVS_PUBLIC_IP is the LVS public address\&. No default\&. +.RE +.SH "SERVICE CONFIGURATION" +.PP +CTDB can be configured to manage and/or monitor various NAS (and other) services via its eventscripts\&. +.PP +In the simplest case CTDB will manage a service\&. This means the service will be started and stopped along with CTDB, CTDB will monitor the service and CTDB will do any required reconfiguration of the service when public IP addresses are failed over\&. +.SS "20\&.multipathd" +.PP +Provides CTDB\*(Aqs Linux multipathd service management\&. +.PP +It can monitor multipath devices to ensure that active paths are available\&. +.PP +CTDB_MONITOR_MPDEVICES=\fIMP\-DEVICE\-LIST\fR +.RS 4 +MP\-DEVICE\-LIST is a list of multipath devices for CTDB to monitor? +.sp +No default\&. +.RE +.SS "31\&.clamd" +.PP +This event script provide CTDB\*(Aqs ClamAV anti\-virus service management\&. +.PP +This eventscript is not enabled by default\&. Use +\fBctdb enablescript\fR +to enable it\&. +.PP +CTDB_CLAMD_SOCKET=\fIFILENAME\fR +.RS 4 +FILENAME is the socket to monitor ClamAV\&. +.sp +No default\&. +.RE +.SS "49\&.winbind" +.PP +Provides CTDB\*(Aqs Samba winbind service management\&. +.PP +CTDB_SERVICE_WINBIND=\fISERVICE\fR +.RS 4 +Distribution specific SERVICE for managing winbindd\&. +.sp +Default is "winbind"\&. +.RE +.SS "50\&.samba" +.PP +Provides the core of CTDB\*(Aqs Samba file service management\&. +.PP +CTDB_SAMBA_CHECK_PORTS=\fIPORT\-LIST\fR +.RS 4 +When monitoring Samba, check TCP ports in space\-separated PORT\-LIST\&. +.sp +Default is to monitor ports that Samba is configured to listen on\&. +.RE +.PP +CTDB_SAMBA_SKIP_SHARE_CHECK=yes|no +.RS 4 +As part of monitoring, should CTDB skip the check for the existence of each directory configured as share in Samba\&. This may be desirable if there is a large number of shares\&. +.sp +Default is no\&. +.RE +.PP +CTDB_SERVICE_NMB=\fISERVICE\fR +.RS 4 +Distribution specific SERVICE for managing nmbd\&. +.sp +Default is distribution\-dependant\&. +.RE +.PP +CTDB_SERVICE_SMB=\fISERVICE\fR +.RS 4 +Distribution specific SERVICE for managing smbd\&. +.sp +Default is distribution\-dependant\&. +.RE +.SS "60\&.nfs" +.PP +This event script (along with 06\&.nfs) provides CTDB\*(Aqs NFS service management\&. +.PP +This includes parameters for the kernel NFS server\&. Alternative NFS subsystems (such as +\m[blue]\fBNFS\-Ganesha\fR\m[]\&\s-2\u[1]\d\s+2) can be integrated using +\fICTDB_NFS_CALLOUT\fR\&. +.PP +CTDB_NFS_CALLOUT=\fICOMMAND\fR +.RS 4 +COMMAND specifies the path to a callout to handle interactions with the configured NFS system, including startup, shutdown, monitoring\&. +.sp +Default is the included +\fBnfs\-linux\-kernel\-callout\fR\&. +.RE +.PP +CTDB_NFS_CHECKS_DIR=\fIDIRECTORY\fR +.RS 4 +Specifies the path to a DIRECTORY containing files that describe how to monitor the responsiveness of NFS RPC services\&. See the README file for this directory for an explanation of the contents of these "check" files\&. +.sp +CTDB_NFS_CHECKS_DIR can be used to point to different sets of checks for different NFS servers\&. +.sp +One way of using this is to have it point to, say, +/usr/local/etc/ctdb/nfs\-checks\-enabled\&.d +and populate it with symbolic links to the desired check files\&. This avoids duplication and is upgrade\-safe\&. +.sp +Default is +/usr/local/etc/ctdb/nfs\-checks\&.d, which contains NFS RPC checks suitable for Linux kernel NFS\&. +.RE +.PP +CTDB_NFS_SKIP_SHARE_CHECK=yes|no +.RS 4 +As part of monitoring, should CTDB skip the check for the existence of each directory exported via NFS\&. This may be desirable if there is a large number of exports\&. +.sp +Default is no\&. +.RE +.PP +CTDB_RPCINFO_LOCALHOST=\fIIPADDR\fR|\fIHOSTNAME\fR +.RS 4 +IPADDR or HOSTNAME indicates the address that +\fBrpcinfo\fR +should connect to when doing +\fBrpcinfo\fR +check on IPv4 RPC service during monitoring\&. Optimally this would be "localhost"\&. However, this can add some performance overheads\&. +.sp +Default is "127\&.0\&.0\&.1"\&. +.RE +.PP +CTDB_RPCINFO_LOCALHOST6=\fIIPADDR\fR|\fIHOSTNAME\fR +.RS 4 +IPADDR or HOSTNAME indicates the address that +\fBrpcinfo\fR +should connect to when doing +\fBrpcinfo\fR +check on IPv6 RPC service during monitoring\&. Optimally this would be "localhost6" (or similar)\&. However, this can add some performance overheads\&. +.sp +Default is "::1"\&. +.RE +.PP +CTDB_NFS_STATE_FS_TYPE=\fITYPE\fR +.RS 4 +The type of filesystem used for a clustered NFS\*(Aq shared state\&. No default\&. +.RE +.PP +CTDB_NFS_STATE_MNT=\fIDIR\fR +.RS 4 +The directory where a clustered NFS\*(Aq shared state will be located\&. No default\&. +.RE +.SS "70\&.iscsi" +.PP +Provides CTDB\*(Aqs Linux iSCSI tgtd service management\&. +.PP +CTDB_START_ISCSI_SCRIPTS=\fIDIRECTORY\fR +.RS 4 +DIRECTORY on shared storage containing scripts to start tgtd for each public IP address\&. +.sp +No default\&. +.RE +.SH "DATABASE SETUP" +.PP +CTDB checks the consistency of databases during startup\&. +.SS "00\&.ctdb" +.PP +CTDB_MAX_CORRUPT_DB_BACKUPS=\fINUM\fR +.RS 4 +NUM is the maximum number of volatile TDB database backups to be kept (for each database) when a corrupt database is found during startup\&. Volatile TDBs are zeroed during startup so backups are needed to debug any corruption that occurs before a restart\&. +.sp +Default is 10\&. +.RE +.SH "SYSTEM RESOURCE MONITORING" +.SS "05\&.system" +.PP +Provides CTDB\*(Aqs filesystem and memory usage monitoring\&. +.PP +CTDB can experience seemingly random (performance and other) issues if system resources become too constrained\&. Options in this section can be enabled to allow certain system resources to be checked\&. They allows warnings to be logged and nodes to be marked unhealthy when system resource usage reaches the configured thresholds\&. +.PP +Some checks are enabled by default\&. It is recommended that these checks remain enabled or are augmented by extra checks\&. There is no supported way of completely disabling the checks\&. +.PP +CTDB_MONITOR_FILESYSTEM_USAGE=\fIFS\-LIMIT\-LIST\fR +.RS 4 +FS\-LIMIT\-LIST is a space\-separated list of +\fIFILESYSTEM\fR:\fIWARN_LIMIT\fR[:\fIUNHEALTHY_LIMIT\fR] +triples indicating that warnings should be logged if the space used on FILESYSTEM reaches WARN_LIMIT%\&. If usage reaches UNHEALTHY_LIMIT then the node should be flagged unhealthy\&. Either WARN_LIMIT or UNHEALTHY_LIMIT may be left blank, meaning that check will be omitted\&. +.sp +Default is to warn for each filesystem containing a database directory (volatile\ \&database\ \&directory, +persistent\ \&database\ \&directory, +state\ \&database\ \&directory) with a threshold of 90%\&. +.RE +.PP +CTDB_MONITOR_MEMORY_USAGE=\fIMEM\-LIMITS\fR +.RS 4 +MEM\-LIMITS takes the form +\fIWARN_LIMIT\fR[:\fIUNHEALTHY_LIMIT\fR] +indicating that warnings should be logged if memory usage reaches WARN_LIMIT%\&. If usage reaches UNHEALTHY_LIMIT then the node should be flagged unhealthy\&. Either WARN_LIMIT or UNHEALTHY_LIMIT may be left blank, meaning that check will be omitted\&. +.sp +Default is 80, so warnings will be logged when memory usage reaches 80%\&. +.RE +.PP +CTDB_MONITOR_SWAP_USAGE=\fISWAP\-LIMITS\fR +.RS 4 +SWAP\-LIMITS takes the form +\fIWARN_LIMIT\fR[:\fIUNHEALTHY_LIMIT\fR] +indicating that warnings should be logged if swap usage reaches WARN_LIMIT%\&. If usage reaches UNHEALTHY_LIMIT then the node should be flagged unhealthy\&. Either WARN_LIMIT or UNHEALTHY_LIMIT may be left blank, meaning that check will be omitted\&. +.sp +Default is 25, so warnings will be logged when swap usage reaches 25%\&. +.RE +.SH "EVENT SCRIPT DEBUGGING" +.SS "debug\-hung\-script\&.sh" +.PP +CTDB_DEBUG_HUNG_SCRIPT_STACKPAT=\fIREGEXP\fR +.RS 4 +REGEXP specifies interesting processes for which stack traces should be logged when debugging hung eventscripts and those processes are matched in pstree output\&. REGEXP is an extended regexp so choices are separated by pipes (\*(Aq|\*(Aq)\&. However, REGEXP should not contain parentheses\&. See also the +\fBctdb.conf\fR(5) +[event] "debug\ \&script" option\&. +.sp +Default is "exportfs|rpcinfo"\&. +.RE +.SH "FILES" +.RS 4 +/usr/local/etc/ctdb/script\&.options +.RE +.SH "SEE ALSO" +.PP +\fBctdbd\fR(1), +\fBctdb\fR(7), +\m[blue]\fB\%http://ctdb.samba.org/\fR\m[] +.SH "AUTHOR" +.br +.PP +This documentation was written by Amitay Isaacs, Martin Schwenke +.SH "COPYRIGHT" +.br +Copyright \(co 2007 Andrew Tridgell, Ronnie Sahlberg +.br +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. +.PP +You should have received a copy of the GNU General Public License along with this program; if not, see +\m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&. +.sp +.SH "NOTES" +.IP " 1." 4 +NFS-Ganesha +.RS 4 +\%https://github.com/nfs-ganesha/nfs-ganesha/wiki +.RE Index: files/man/ctdb-statistics.7 =================================================================== --- files/man/ctdb-statistics.7 +++ files/man/ctdb-statistics.7 @@ -0,0 +1,550 @@ +'\" t +.\" Title: ctdb-statistics +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 11/18/2018 +.\" Manual: CTDB - clustered TDB database +.\" Source: ctdb +.\" Language: English +.\" +.TH "CTDB\-STATISTICS" "7" "11/18/2018" "ctdb" "CTDB \- clustered TDB database" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ctdb-statistics \- CTDB statistics output +.SH "OVERALL STATISTICS" +.PP +CTDB maintains information about various messages communicated and some of the important operations per node\&. See the +\fBctdb\fR(1) +commands +\fBstatistics\fR +and +\fBstatisticsreset\fR +for displaying statistics\&. +.SS "Example: ctdb statistics" +.sp +.if n \{\ +.RS 4 +.\} +.nf +CTDB version 1 +Current time of statistics : Fri Sep 12 13:32:32 2014 +Statistics collected since : (000 01:49:20) Fri Sep 12 11:43:12 2014 + num_clients 6 + frozen 0 + recovering 0 + num_recoveries 2 + client_packets_sent 281293 + client_packets_recv 296317 + node_packets_sent 452387 + node_packets_recv 182394 + keepalive_packets_sent 3927 + keepalive_packets_recv 3928 + node + req_call 48605 + reply_call 1 + req_dmaster 23404 + reply_dmaster 24917 + reply_error 0 + req_message 958 + req_control 197513 + reply_control 153705 + client + req_call 130866 + req_message 770 + req_control 168921 + timeouts + call 0 + control 0 + traverse 0 + locks + num_calls 220 + num_current 0 + num_pending 0 + num_failed 0 + total_calls 130866 + pending_calls 0 + childwrite_calls 1 + pending_childwrite_calls 0 + memory_used 334490 + max_hop_count 18 + total_ro_delegations 2 + total_ro_revokes 2 + hop_count_buckets: 42816 5464 26 1 0 0 0 0 0 0 0 0 0 0 0 0 + lock_buckets: 9 165 14 15 7 2 2 0 0 0 0 0 0 0 0 0 + locks_latency MIN/AVG/MAX 0\&.000685/0\&.160302/6\&.369342 sec out of 214 + reclock_ctdbd MIN/AVG/MAX 0\&.004940/0\&.004969/0\&.004998 sec out of 2 + reclock_recd MIN/AVG/MAX 0\&.000000/0\&.000000/0\&.000000 sec out of 0 + call_latency MIN/AVG/MAX 0\&.000006/0\&.000719/4\&.562991 sec out of 126626 + childwrite_latency MIN/AVG/MAX 0\&.014527/0\&.014527/0\&.014527 sec out of 1 + +.fi +.if n \{\ +.RE +.\} +.SS "CTDB version" +.PP +Version of the ctdb protocol used by the node\&. +.SS "Current time of statistics" +.PP +Time when the statistics are generated\&. +.PP +This is useful when collecting statistics output periodically for post\-processing\&. +.SS "Statistics collected since" +.PP +Time when ctdb was started or the last time statistics was reset\&. The output shows the duration and the timestamp\&. +.SS "num_clients" +.PP +Number of processes currently connected to CTDB\*(Aqs unix socket\&. This includes recovery daemon, ctdb tool and samba processes (smbd, winbindd)\&. +.SS "frozen" +.PP +1 if the the databases are currently frozen, 0 otherwise\&. +.SS "recovering" +.PP +1 if recovery is active, 0 otherwise\&. +.SS "num_recoveries" +.PP +Number of recoveries since the start of ctdb or since the last statistics reset\&. +.SS "client_packets_sent" +.PP +Number of packets sent to client processes via unix domain socket\&. +.SS "client_packets_recv" +.PP +Number of packets received from client processes via unix domain socket\&. +.SS "node_packets_sent" +.PP +Number of packets sent to the other nodes in the cluster via TCP\&. +.SS "node_packets_recv" +.PP +Number of packets received from the other nodes in the cluster via TCP\&. +.SS "keepalive_packets_sent" +.PP +Number of keepalive messages sent to other nodes\&. +.PP +CTDB periodically sends keepalive messages to other nodes\&. See +KeepaliveInterval +tunable in +\fBctdb-tunables\fR(7) +for more details\&. +.SS "keepalive_packets_recv" +.PP +Number of keepalive messages received from other nodes\&. +.SS "node" +.PP +This section lists various types of messages processed which originated from other nodes via TCP\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBreq_call\fR +.RS 4 +.PP +Number of REQ_CALL messages from the other nodes\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBreply_call\fR +.RS 4 +.PP +Number of REPLY_CALL messages from the other nodes\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBreq_dmaster\fR +.RS 4 +.PP +Number of REQ_DMASTER messages from the other nodes\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBreply_dmaster\fR +.RS 4 +.PP +Number of REPLY_DMASTER messages from the other nodes\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBreply_error\fR +.RS 4 +.PP +Number of REPLY_ERROR messages from the other nodes\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBreq_message\fR +.RS 4 +.PP +Number of REQ_MESSAGE messages from the other nodes\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBreq_control\fR +.RS 4 +.PP +Number of REQ_CONTROL messages from the other nodes\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBreply_control\fR +.RS 4 +.PP +Number of REPLY_CONTROL messages from the other nodes\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBreq_tunnel\fR +.RS 4 +.PP +Number of REQ_TUNNEL messages from the other nodes\&. +.RE +.SS "client" +.PP +This section lists various types of messages processed which originated from clients via unix domain socket\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBreq_call\fR +.RS 4 +.PP +Number of REQ_CALL messages from the clients\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBreq_message\fR +.RS 4 +.PP +Number of REQ_MESSAGE messages from the clients\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBreq_control\fR +.RS 4 +.PP +Number of REQ_CONTROL messages from the clients\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBreq_tunnel\fR +.RS 4 +.PP +Number of REQ_TUNNEL messages from the clients\&. +.RE +.SS "timeouts" +.PP +This section lists timeouts occurred when sending various messages\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBcall\fR +.RS 4 +.PP +Number of timeouts for REQ_CALL messages\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBcontrol\fR +.RS 4 +.PP +Number of timeouts for REQ_CONTROL messages\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBtraverse\fR +.RS 4 +.PP +Number of timeouts for database traverse operations\&. +.RE +.SS "locks" +.PP +This section lists locking statistics\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBnum_calls\fR +.RS 4 +.PP +Number of completed lock calls\&. This includes database locks and record locks\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBnum_current\fR +.RS 4 +.PP +Number of scheduled lock calls\&. This includes database locks and record locks\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBnum_pending\fR +.RS 4 +.PP +Number of queued lock calls\&. This includes database locks and record locks\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBnum_failed\fR +.RS 4 +.PP +Number of failed lock calls\&. This includes database locks and record locks\&. +.RE +.SS "total_calls" +.PP +Number of req_call messages processed from clients\&. This number should be same as client \-\-> req_call\&. +.SS "pending_calls" +.PP +Number of req_call messages which are currenly being processed\&. This number indicates the number of record migrations in flight\&. +.SS "childwrite_calls" +.PP +Number of record update calls\&. Record update calls are used to update a record under a transaction\&. +.SS "pending_childwrite_calls" +.PP +Number of record update calls currently active\&. +.SS "memory_used" +.PP +The amount of memory in bytes currently used by CTDB using talloc\&. This includes all the memory used for CTDB\*(Aqs internal data structures\&. This does not include the memory mapped TDB databases\&. +.SS "max_hop_count" +.PP +The maximum number of hops required for a record migration request to obtain the record\&. High numbers indicate record contention\&. +.SS "total_ro_delegations" +.PP +Number of readonly delegations created\&. +.SS "total_ro_revokes" +.PP +Number of readonly delegations that were revoked\&. The difference between total_ro_revokes and total_ro_delegations gives the number of currently active readonly delegations\&. +.SS "hop_count_buckets" +.PP +Distribution of migration requests based on hop counts values\&. Buckets are 1, < 4, < 8, < 16, < 32, < 64, < 128, < 256, < 512, ≥ 512\&. +.SS "lock_buckets" +.PP +Distribution of record lock requests based on time required to obtain locks\&. Buckets are < 1ms, < 10ms, < 100ms, < 1s, < 2s, < 4s, < 8s, < 16s, < 32s, < 64s, ≥ 64s\&. +.SS "locks_latency" +.PP +The minimum, the average and the maximum time (in seconds) required to obtain record locks\&. +.SS "reclock_ctdbd" +.PP +The minimum, the average and the maximum time (in seconds) required to check if recovery lock is still held by recovery daemon when recovery mode is changed\&. This check is done in ctdb daemon\&. +.SS "reclock_recd" +.PP +The minimum, the average and the maximum time (in seconds) required to check if recovery lock is still held by recovery daemon during recovery\&. This check is done in recovery daemon\&. +.SS "call_latency" +.PP +The minimum, the average and the maximum time (in seconds) required to process a REQ_CALL message from client\&. This includes the time required to migrate a record from remote node, if the record is not available on the local node\&. +.SS "childwrite_latency" +.PP +Default: 0 +.PP +The minimum, the average and the maximum time (in seconds) required to update records under a transaction\&. +.SH "DATABASE STATISTICS" +.PP +CTDB maintains per database statistics about important operations\&. See the +\fBctdb\fR(1) +command +\fBdbstatistics\fR +for displaying database statistics\&. +.SS "Example: ctdb dbstatistics notify_index\&.tdb" +.sp +.if n \{\ +.RS 4 +.\} +.nf +DB Statistics: notify_index\&.tdb + ro_delegations 0 + ro_revokes 0 + locks + total 131 + failed 0 + current 0 + pending 0 + hop_count_buckets: 9890 5454 26 1 0 0 0 0 0 0 0 0 0 0 0 0 + lock_buckets: 4 117 10 0 0 0 0 0 0 0 0 0 0 0 0 0 + locks_latency MIN/AVG/MAX 0\&.000683/0\&.004198/0\&.014730 sec out of 131 + Num Hot Keys: 3 + Count:7 Key:2f636c75737465726673 + Count:18 Key:2f636c757374657266732f64617461 + Count:7 Key:2f636c757374657266732f646174612f636c69656e7473 + +.fi +.if n \{\ +.RE +.\} +.SS "DB Statistics" +.PP +Name of the database\&. +.SS "ro_delegations" +.PP +Number of readonly delegations created in the database\&. +.SS "ro_revokes" +.PP +Number of readonly delegations revoked\&. The difference in ro_delegations and ro_revokes indicates the currently active readonly delegations\&. +.SS "locks" +.PP +This section lists locking statistics\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBtotal\fR +.RS 4 +.PP +Number of completed lock calls\&. This includes database locks and record locks\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBfailed\fR +.RS 4 +.PP +Number of failed lock calls\&. This includes database locks and record locks\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBcurrent\fR +.RS 4 +.PP +Number of scheduled lock calls\&. This includes database locks and record locks\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBpending\fR +.RS 4 +.PP +Number of queued lock calls\&. This includes database locks and record locks\&. +.RE +.SS "hop_count_buckets" +.PP +Distribution of migration requests based on hop counts values\&. Buckets are 1, < 4, < 8, < 16, < 32, < 64, < 128, < 256, < 512, ≥ 512\&. +.SS "lock_buckets" +.PP +Distribution of record lock requests based on time required to obtain locks\&. Buckets are < 1ms, < 10ms, < 100ms, < 1s, < 2s, < 4s, < 8s, < 16s, < 32s, < 64s, ≥ 64s\&. +.SS "locks_latency" +.PP +The minimum, the average and the maximum time (in seconds) required to obtain record locks\&. +.SS "Num Hot Keys" +.PP +Number of contended records determined by hop count\&. CTDB keeps track of top 10 hot records and the output shows hex encoded keys for the hot records\&. +.SH "SEE ALSO" +.PP +\fBctdb\fR(1), +\fBctdbd\fR(1), +\fBctdb-tunables\fR(7), +\m[blue]\fB\%http://ctdb.samba.org/\fR\m[] +.SH "AUTHOR" +.br +.PP +This documentation was written by Amitay Isaacs, Martin Schwenke +.SH "COPYRIGHT" +.br +Copyright \(co 2007 Andrew Tridgell, Ronnie Sahlberg +.br +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. +.PP +You should have received a copy of the GNU General Public License along with this program; if not, see +\m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&. +.sp Index: files/man/ctdb-tunables.7 =================================================================== --- files/man/ctdb-tunables.7 +++ files/man/ctdb-tunables.7 @@ -0,0 +1,424 @@ +'\" t +.\" Title: ctdb-tunables +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 11/18/2018 +.\" Manual: CTDB - clustered TDB database +.\" Source: ctdb +.\" Language: English +.\" +.TH "CTDB\-TUNABLES" "7" "11/18/2018" "ctdb" "CTDB \- clustered TDB database" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ctdb-tunables \- CTDB tunable configuration variables +.SH "DESCRIPTION" +.PP +CTDB\*(Aqs behaviour can be configured by setting run\-time tunable variables\&. This lists and describes all tunables\&. See the +\fBctdb\fR(1) +\fBlistvars\fR, +\fBsetvar\fR +and +\fBgetvar\fR +commands for more details\&. +.PP +Unless otherwise stated, tunables should be set to the same value on all nodes\&. Setting tunables to different values across nodes may produce unexpected results\&. Future releases may set (some or most) tunables globally across the cluster but doing so is currently a manual process\&. +.PP +Tunables can be set at startup from the +/usr/local/etc/ctdb/ctdb\&.tunables +configuration file\&. +.sp +.if n \{\ +.RS 4 +.\} +.nf +\fITUNABLE\fR=\fIVALUE\fR + +.fi +.if n \{\ +.RE +.\} +.PP +For example: +.sp +.if n \{\ +.RS 4 +.\} +.nf +MonitorInterval=20 + +.fi +.if n \{\ +.RE +.\} +.PP +The available tunable variables are listed alphabetically below\&. +.SS "AllowClientDBAttach" +.PP +Default: 1 +.PP +When set to 0, clients are not allowed to attach to any databases\&. This can be used to temporarily block any new processes from attaching to and accessing the databases\&. This is mainly used for detaching a volatile database using \*(Aqctdb detach\*(Aq\&. +.SS "AllowMixedVersions" +.PP +Default: 0 +.PP +CTDB will not allow incompatible versions to co\-exist in a cluster\&. If a version mismatch is found, then losing CTDB will shutdown\&. To disable the incompatible version check, set this tunable to 1\&. +.PP +For version checking, CTDB uses major and minor version\&. For example, CTDB 4\&.6\&.1 and CTDB CTDB 4\&.6\&.2 are matching versions; CTDB 4\&.5\&.x and CTDB 4\&.6\&.y do not match\&. +.PP +CTDB with version check support will lose to CTDB without version check support\&. Between two different CTDB versions with version check support, one running for less time will lose\&. If the running time for both CTDB versions with version check support is equal (to seconds), then the older version will lose\&. The losing CTDB daemon will shutdown\&. +.SS "AllowUnhealthyDBRead" +.PP +Default: 0 +.PP +When set to 1, ctdb allows database traverses to read unhealthy databases\&. By default, ctdb does not allow reading records from unhealthy databases\&. +.SS "ControlTimeout" +.PP +Default: 60 +.PP +This is the default setting for timeout for when sending a control message to either the local or a remote ctdb daemon\&. +.SS "DatabaseHashSize" +.PP +Default: 100001 +.PP +Number of the hash chains for the local store of the tdbs that ctdb manages\&. +.SS "DatabaseMaxDead" +.PP +Default: 5 +.PP +Maximum number of dead records per hash chain for the tdb databses managed by ctdb\&. +.SS "DBRecordCountWarn" +.PP +Default: 100000 +.PP +When set to non\-zero, ctdb will log a warning during recovery if a database has more than this many records\&. This will produce a warning if a database grows uncontrollably with orphaned records\&. +.SS "DBRecordSizeWarn" +.PP +Default: 10000000 +.PP +When set to non\-zero, ctdb will log a warning during recovery if a single record is bigger than this size\&. This will produce a warning if a database record grows uncontrollably\&. +.SS "DBSizeWarn" +.PP +Default: 1000000000 +.PP +When set to non\-zero, ctdb will log a warning during recovery if a database size is bigger than this\&. This will produce a warning if a database grows uncontrollably\&. +.SS "DeferredAttachTO" +.PP +Default: 120 +.PP +When databases are frozen we do not allow clients to attach to the databases\&. Instead of returning an error immediately to the client, the attach request from the client is deferred until the database becomes available again at which stage we respond to the client\&. +.PP +This timeout controls how long we will defer the request from the client before timing it out and returning an error to the client\&. +.SS "ElectionTimeout" +.PP +Default: 3 +.PP +The number of seconds to wait for the election of recovery master to complete\&. If the election is not completed during this interval, then that round of election fails and ctdb starts a new election\&. +.SS "EnableBans" +.PP +Default: 1 +.PP +This parameter allows ctdb to ban a node if the node is misbehaving\&. +.PP +When set to 0, this disables banning completely in the cluster and thus nodes can not get banned, even it they break\&. Don\*(Aqt set to 0 unless you know what you are doing\&. +.SS "EventScriptTimeout" +.PP +Default: 30 +.PP +Maximum time in seconds to allow an event to run before timing out\&. This is the total time for all enabled scripts that are run for an event, not just a single event script\&. +.PP +Note that timeouts are ignored for some events ("takeip", "releaseip", "startrecovery", "recovered") and converted to success\&. The logic here is that the callers of these events implement their own additional timeout\&. +.SS "FetchCollapse" +.PP +Default: 1 +.PP +This parameter is used to avoid multiple migration requests for the same record from a single node\&. All the record requests for the same record are queued up and processed when the record is migrated to the current node\&. +.PP +When many clients across many nodes try to access the same record at the same time this can lead to a fetch storm where the record becomes very active and bounces between nodes very fast\&. This leads to high CPU utilization of the ctdbd daemon, trying to bounce that record around very fast, and poor performance\&. This can improve performance and reduce CPU utilization for certain workloads\&. +.SS "HopcountMakeSticky" +.PP +Default: 50 +.PP +For database(s) marked STICKY (using \*(Aqctdb setdbsticky\*(Aq), any record that is migrating so fast that hopcount exceeds this limit is marked as STICKY record for +\fIStickyDuration\fR +seconds\&. This means that after each migration the sticky record will be kept on the node +\fIStickyPindown\fRmilliseconds and prevented from being migrated off the node\&. +.PP +This will improve performance for certain workloads, such as locking\&.tdb if many clients are opening/closing the same file concurrently\&. +.SS "IPAllocAlgorithm" +.PP +Default: 2 +.PP +Selects the algorithm that CTDB should use when doing public IP address allocation\&. Meaningful values are: +.PP +0 +.RS 4 +Deterministic IP address allocation\&. +.sp +This is a simple and fast option\&. However, it can cause unnecessary address movement during fail\-over because each address has a "home" node\&. Works badly when some nodes do not have any addresses defined\&. Should be used with care when addresses are defined across multiple networks\&. +.RE +.PP +1 +.RS 4 +Non\-deterministic IP address allocation\&. +.sp +This is a relatively fast option that attempts to do a minimise unnecessary address movements\&. Addresses do not have a "home" node\&. Rebalancing is limited but it usually adequate\&. Works badly when addresses are defined across multiple networks\&. +.RE +.PP +2 +.RS 4 +LCP2 IP address allocation\&. +.sp +Uses a heuristic to assign addresses defined across multiple networks, usually balancing addresses on each network evenly across nodes\&. Addresses do not have a "home" node\&. Minimises unnecessary address movements\&. The algorithm is complex, so is slower than other choices for a large number of addresses\&. However, it can calculate an optimal assignment of 900 addresses in under 10 seconds on modern hardware\&. +.RE +.PP +If the specified value is not one of these then the default will be used\&. +.SS "KeepaliveInterval" +.PP +Default: 5 +.PP +How often in seconds should the nodes send keep\-alive packets to each other\&. +.SS "KeepaliveLimit" +.PP +Default: 5 +.PP +After how many keepalive intervals without any traffic should a node wait until marking the peer as DISCONNECTED\&. +.PP +If a node has hung, it can take +\fIKeepaliveInterval\fR +* (\fIKeepaliveLimit\fR ++ 1) seconds before ctdb determines that the node is DISCONNECTED and performs a recovery\&. This limit should not be set too high to enable early detection and avoid any application timeouts (e\&.g\&. SMB1) to kick in before the fail over is completed\&. +.SS "LockProcessesPerDB" +.PP +Default: 200 +.PP +This is the maximum number of lock helper processes ctdb will create for obtaining record locks\&. When ctdb cannot get a record lock without blocking, it creates a helper process that waits for the lock to be obtained\&. +.SS "LogLatencyMs" +.PP +Default: 0 +.PP +When set to non\-zero, ctdb will log if certains operations take longer than this value, in milliseconds, to complete\&. These operations include "process a record request from client", "take a record or database lock", "update a persistent database record" and "vaccum a database"\&. +.SS "MaxQueueDropMsg" +.PP +Default: 1000000 +.PP +This is the maximum number of messages to be queued up for a client before ctdb will treat the client as hung and will terminate the client connection\&. +.SS "MonitorInterval" +.PP +Default: 15 +.PP +How often should ctdb run the \*(Aqmonitor\*(Aq event in seconds to check for a node\*(Aqs health\&. +.SS "MonitorTimeoutCount" +.PP +Default: 20 +.PP +How many \*(Aqmonitor\*(Aq events in a row need to timeout before a node is flagged as UNHEALTHY\&. This setting is useful if scripts can not be written so that they do not hang for benign reasons\&. +.SS "NoIPFailback" +.PP +Default: 0 +.PP +When set to 1, ctdb will not perform failback of IP addresses when a node becomes healthy\&. When a node becomes UNHEALTHY, ctdb WILL perform failover of public IP addresses, but when the node becomes HEALTHY again, ctdb will not fail the addresses back\&. +.PP +Use with caution! Normally when a node becomes available to the cluster ctdb will try to reassign public IP addresses onto the new node as a way to distribute the workload evenly across the clusternode\&. Ctdb tries to make sure that all running nodes have approximately the same number of public addresses it hosts\&. +.PP +When you enable this tunable, ctdb will no longer attempt to rebalance the cluster by failing IP addresses back to the new nodes\&. An unbalanced cluster will therefore remain unbalanced until there is manual intervention from the administrator\&. When this parameter is set, you can manually fail public IP addresses over to the new node(s) using the \*(Aqctdb moveip\*(Aq command\&. +.SS "NoIPTakeover" +.PP +Default: 0 +.PP +When set to 1, ctdb will not allow IP addresses to be failed over to other nodes\&. Any IP addresses already hosted on healthy nodes will remain\&. Any IP addresses hosted on unhealthy nodes will be released by unhealthy nodes and will become un\-hosted\&. +.SS "PullDBPreallocation" +.PP +Default: 10*1024*1024 +.PP +This is the size of a record buffer to pre\-allocate for sending reply to PULLDB control\&. Usually record buffer starts with size of the first record and gets reallocated every time a new record is added to the record buffer\&. For a large number of records, this can be very inefficient to grow the record buffer one record at a time\&. +.SS "QueueBufferSize" +.PP +Default: 1024 +.PP +This is the maximum amount of data (in bytes) ctdb will read from a socket at a time\&. +.PP +For a busy setup, if ctdb is not able to process the TCP sockets fast enough (large amount of data in Recv\-Q for tcp sockets), then this tunable value should be increased\&. However, large values can keep ctdb busy processing packets and prevent ctdb from handling other events\&. +.SS "RecBufferSizeLimit" +.PP +Default: 1000000 +.PP +This is the limit on the size of the record buffer to be sent in various controls\&. This limit is used by new controls used for recovery and controls used in vacuuming\&. +.SS "RecdFailCount" +.PP +Default: 10 +.PP +If the recovery daemon has failed to ping the main dameon for this many consecutive intervals, the main daemon will consider the recovery daemon as hung and will try to restart it to recover\&. +.SS "RecdPingTimeout" +.PP +Default: 60 +.PP +If the main dameon has not heard a "ping" from the recovery dameon for this many seconds, the main dameon will log a message that the recovery daemon is potentially hung\&. This also increments a counter which is checked against +\fIRecdFailCount\fR +for detection of hung recovery daemon\&. +.SS "RecLockLatencyMs" +.PP +Default: 1000 +.PP +When using a reclock file for split brain prevention, if set to non\-zero this tunable will make the recovery dameon log a message if the fcntl() call to lock/testlock the recovery file takes longer than this number of milliseconds\&. +.SS "RecoverInterval" +.PP +Default: 1 +.PP +How frequently in seconds should the recovery daemon perform the consistency checks to determine if it should perform a recovery\&. +.SS "RecoverTimeout" +.PP +Default: 120 +.PP +This is the default setting for timeouts for controls when sent from the recovery daemon\&. We allow longer control timeouts from the recovery daemon than from normal use since the recovery dameon often use controls that can take a lot longer than normal controls\&. +.SS "RecoveryBanPeriod" +.PP +Default: 300 +.PP +The duration in seconds for which a node is banned if the node fails during recovery\&. After this time has elapsed the node will automatically get unbanned and will attempt to rejoin the cluster\&. +.PP +A node usually gets banned due to real problems with the node\&. Don\*(Aqt set this value too small\&. Otherwise, a problematic node will try to re\-join cluster too soon causing unnecessary recoveries\&. +.SS "RecoveryDropAllIPs" +.PP +Default: 120 +.PP +If a node is stuck in recovery, or stopped, or banned, for this many seconds, then ctdb will release all public addresses on that node\&. +.SS "RecoveryGracePeriod" +.PP +Default: 120 +.PP +During recoveries, if a node has not caused recovery failures during the last grace period in seconds, any records of transgressions that the node has caused recovery failures will be forgiven\&. This resets the ban\-counter back to zero for that node\&. +.SS "RepackLimit" +.PP +Default: 10000 +.PP +During vacuuming, if the number of freelist records are more than +\fIRepackLimit\fR, then the database is repacked to get rid of the freelist records to avoid fragmentation\&. +.PP +Databases are repacked only if both +\fIRepackLimit\fR +and +\fIVacuumLimit\fR +are exceeded\&. +.SS "RerecoveryTimeout" +.PP +Default: 10 +.PP +Once a recovery has completed, no additional recoveries are permitted until this timeout in seconds has expired\&. +.SS "SeqnumInterval" +.PP +Default: 1000 +.PP +Some databases have seqnum tracking enabled, so that samba will be able to detect asynchronously when there has been updates to the database\&. Every time a database is updated its sequence number is increased\&. +.PP +This tunable is used to specify in milliseconds how frequently ctdb will send out updates to remote nodes to inform them that the sequence number is increased\&. +.SS "StatHistoryInterval" +.PP +Default: 1 +.PP +Granularity of the statistics collected in the statistics history\&. This is reported by \*(Aqctdb stats\*(Aq command\&. +.SS "StickyDuration" +.PP +Default: 600 +.PP +Once a record has been marked STICKY, this is the duration in seconds, the record will be flagged as a STICKY record\&. +.SS "StickyPindown" +.PP +Default: 200 +.PP +Once a STICKY record has been migrated onto a node, it will be pinned down on that node for this number of milliseconds\&. Any request from other nodes to migrate the record off the node will be deferred\&. +.SS "TakeoverTimeout" +.PP +Default: 9 +.PP +This is the duration in seconds in which ctdb tries to complete IP failover\&. +.SS "TickleUpdateInterval" +.PP +Default: 20 +.PP +Every +\fITickleUpdateInterval\fR +seconds, ctdb synchronizes the client connection information across nodes\&. +.SS "TraverseTimeout" +.PP +Default: 20 +.PP +This is the duration in seconds for which a database traverse is allowed to run\&. If the traverse does not complete during this interval, ctdb will abort the traverse\&. +.SS "VacuumFastPathCount" +.PP +Default: 60 +.PP +During a vacuuming run, ctdb usually processes only the records marked for deletion also called the fast path vacuuming\&. After finishing +\fIVacuumFastPathCount\fR +number of fast path vacuuming runs, ctdb will trigger a scan of complete database for any empty records that need to be deleted\&. +.SS "VacuumInterval" +.PP +Default: 10 +.PP +Periodic interval in seconds when vacuuming is triggered for volatile databases\&. +.SS "VacuumLimit" +.PP +Default: 5000 +.PP +During vacuuming, if the number of deleted records are more than +\fIVacuumLimit\fR, then databases are repacked to avoid fragmentation\&. +.PP +Databases are repacked only if both +\fIRepackLimit\fR +and +\fIVacuumLimit\fR +are exceeded\&. +.SS "VacuumMaxRunTime" +.PP +Default: 120 +.PP +The maximum time in seconds for which the vacuuming process is allowed to run\&. If vacuuming process takes longer than this value, then the vacuuming process is terminated\&. +.SS "VerboseMemoryNames" +.PP +Default: 0 +.PP +When set to non\-zero, ctdb assigns verbose names for some of the talloc allocated memory objects\&. These names are visible in the talloc memory report generated by \*(Aqctdb dumpmemory\*(Aq\&. +.SH "FILES>" +.RS 4 +/usr/local/etc/ctdb/ctdb\&.tunables +.RE +.SH "SEE ALSO" +.PP +\fBctdb\fR(1), +\fBctdbd\fR(1), +\fBctdb.conf\fR(5), +\fBctdb\fR(7), +\m[blue]\fB\%http://ctdb.samba.org/\fR\m[] +.SH "AUTHOR" +.br +.PP +This documentation was written by Ronnie Sahlberg, Amitay Isaacs, Martin Schwenke +.SH "COPYRIGHT" +.br +Copyright \(co 2007 Andrew Tridgell, Ronnie Sahlberg +.br +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. +.PP +You should have received a copy of the GNU General Public License along with this program; if not, see +\m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&. +.sp Index: files/man/ctdb.1 =================================================================== --- files/man/ctdb.1 +++ files/man/ctdb.1 @@ -0,0 +1,1527 @@ +'\" t +.\" Title: ctdb +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 11/18/2018 +.\" Manual: CTDB - clustered TDB database +.\" Source: ctdb +.\" Language: English +.\" +.TH "CTDB" "1" "11/18/2018" "ctdb" "CTDB \- clustered TDB database" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ctdb \- CTDB management utility +.SH "SYNOPSIS" +.HP \w'\fBctdb\fR\ 'u +\fBctdb\fR [\fIOPTION\fR...] {\fICOMMAND\fR} [\fICOMMAND\-ARGS\fR] +.SH "DESCRIPTION" +.PP +ctdb is a utility to view and manage a CTDB cluster\&. +.PP +The following terms are used when referring to nodes in a cluster: +.PP +PNN +.RS 4 +Physical Node Number\&. The physical node number is an integer that describes the node in the cluster\&. The first node has physical node number 0\&. in a cluster\&. +.RE +.PP +PNN\-LIST +.RS 4 +This is either a single PNN, a comma\-separate list of PNNs or "all"\&. +.RE +.PP +Commands that reference a database use the following terms: +.PP +DB +.RS 4 +This is either a database name, such as +locking\&.tdb +or a database ID such as "0x42fe72c5"\&. +.RE +.PP +DB\-LIST +.RS 4 +A space separated list of at least one +\fIDB\fR\&. +.RE +.SH "OPTIONS" +.PP +\-n \fIPNN\fR +.RS 4 +The node specified by PNN should be queried for the requested information\&. Default is to query the daemon running on the local host\&. +.RE +.PP +\-Y +.RS 4 +Produce output in machine readable form for easier parsing by scripts\&. This uses a field delimiter of \*(Aq:\*(Aq\&. Not all commands support this option\&. +.RE +.PP +\-x \fISEPARATOR\fR +.RS 4 +Use SEPARATOR to delimit fields in machine readable output\&. This implies \-Y\&. +.RE +.PP +\-X +.RS 4 +Produce output in machine readable form for easier parsing by scripts\&. This uses a field delimiter of \*(Aq|\*(Aq\&. Not all commands support this option\&. +.sp +This is equivalent to "\-x|" and avoids some shell quoting issues\&. +.RE +.PP +\-t \fITIMEOUT\fR +.RS 4 +Indicates that ctdb should wait up to TIMEOUT seconds for a response to most commands sent to the CTDB daemon\&. The default is 10 seconds\&. +.RE +.PP +\-T \fITIMELIMIT\fR +.RS 4 +Indicates that TIMELIMIT is the maximum run time (in seconds) for the ctdb command\&. When TIMELIMIT is exceeded the ctdb command will terminate with an error\&. The default is 120 seconds\&. +.RE +.PP +\-? \-\-help +.RS 4 +Print some help text to the screen\&. +.RE +.PP +\-\-usage +.RS 4 +Print useage information to the screen\&. +.RE +.PP +\-d \-\-debug=\fIDEBUGLEVEL\fR +.RS 4 +Change the debug level for the command\&. Default is NOTICE\&. +.RE +.SH "ADMINISTRATIVE COMMANDS" +.PP +These are commands used to monitor and administer a CTDB cluster\&. +.SS "pnn" +.PP +This command displays the PNN of the current node\&. +.SS "status" +.PP +This command shows the current status of all CTDB nodes based on information from the queried node\&. +.PP +Note: If the the queried node is INACTIVE then the status might not be current\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBNode status\fR +.RS 4 +.PP +This includes the number of physical nodes and the status of each node\&. See +\fBctdb\fR(7) +for information about node states\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBGeneration\fR +.RS 4 +.PP +The generation id is a number that indicates the current generation of a cluster instance\&. Each time a cluster goes through a reconfiguration or a recovery its generation id will be changed\&. +.PP +This number does not have any particular meaning other than to keep track of when a cluster has gone through a recovery\&. It is a random number that represents the current instance of a ctdb cluster and its databases\&. The CTDB daemon uses this number internally to be able to tell when commands to operate on the cluster and the databases was issued in a different generation of the cluster, to ensure that commands that operate on the databases will not survive across a cluster database recovery\&. After a recovery, all old outstanding commands will automatically become invalid\&. +.PP +Sometimes this number will be shown as "INVALID"\&. This only means that the ctdbd daemon has started but it has not yet merged with the cluster through a recovery\&. All nodes start with generation "INVALID" and are not assigned a real generation id until they have successfully been merged with a cluster through a recovery\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBVirtual Node Number (VNN) map\fR +.RS 4 +.PP +Consists of the number of virtual nodes and mapping from virtual node numbers to physical node numbers\&. Only nodes that are participating in the VNN map can become lmaster for database records\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBRecovery mode\fR +.RS 4 +.PP +This is the current recovery mode of the cluster\&. There are two possible modes: +.PP +NORMAL \- The cluster is fully operational\&. +.PP +RECOVERY \- The cluster databases have all been frozen, pausing all services while the cluster awaits a recovery process to complete\&. A recovery process should finish within seconds\&. If a cluster is stuck in the RECOVERY state this would indicate a cluster malfunction which needs to be investigated\&. +.PP +Once the recovery master detects an inconsistency, for example a node becomes disconnected/connected, the recovery daemon will trigger a cluster recovery process, where all databases are remerged across the cluster\&. When this process starts, the recovery master will first "freeze" all databases to prevent applications such as samba from accessing the databases and it will also mark the recovery mode as RECOVERY\&. +.PP +When the CTDB daemon starts up, it will start in RECOVERY mode\&. Once the node has been merged into a cluster and all databases have been recovered, the node mode will change into NORMAL mode and the databases will be "thawed", allowing samba to access the databases again\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBRecovery master\fR +.RS 4 +.PP +This is the cluster node that is currently designated as the recovery master\&. This node is responsible of monitoring the consistency of the cluster and to perform the actual recovery process when reqired\&. +.PP +Only one node at a time can be the designated recovery master\&. Which node is designated the recovery master is decided by an election process in the recovery daemons running on each node\&. +.RE +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb status +Number of nodes:4 +pnn:0 192\&.168\&.2\&.200 OK (THIS NODE) +pnn:1 192\&.168\&.2\&.201 OK +pnn:2 192\&.168\&.2\&.202 OK +pnn:3 192\&.168\&.2\&.203 OK +Generation:1362079228 +Size:4 +hash:0 lmaster:0 +hash:1 lmaster:1 +hash:2 lmaster:2 +hash:3 lmaster:3 +Recovery mode:NORMAL (0) +Recovery master:0 + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "nodestatus [\fIPNN\-LIST\fR]" +.PP +This command is similar to the +\fBstatus\fR +command\&. It displays the "node status" subset of output\&. The main differences are: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +The exit code is the bitwise\-OR of the flags for each specified node, while +\fBctdb status\fR +exits with 0 if it was able to retrieve status for all nodes\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +\fBctdb status\fR +provides status information for all nodes\&. +\fBctdb nodestatus\fR +defaults to providing status for only the current node\&. If PNN\-LIST is provided then status is given for the indicated node(s)\&. +.RE +.PP +A common invocation in scripts is +\fBctdb nodestatus all\fR +to check whether all nodes in a cluster are healthy\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb nodestatus +pnn:0 10\&.0\&.0\&.30 OK (THIS NODE) + +# ctdb nodestatus all +Number of nodes:2 +pnn:0 10\&.0\&.0\&.30 OK (THIS NODE) +pnn:1 10\&.0\&.0\&.31 OK + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "recmaster" +.PP +This command shows the pnn of the node which is currently the recmaster\&. +.PP +Note: If the the queried node is INACTIVE then the status might not be current\&. +.SS "uptime" +.PP +This command shows the uptime for the ctdb daemon\&. When the last recovery or ip\-failover completed and how long it took\&. If the "duration" is shown as a negative number, this indicates that there is a recovery/failover in progress and it started that many seconds ago\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb uptime +Current time of node : Thu Oct 29 10:38:54 2009 +Ctdbd start time : (000 16:54:28) Wed Oct 28 17:44:26 2009 +Time of last recovery/failover: (000 16:53:31) Wed Oct 28 17:45:23 2009 +Duration of last recovery/failover: 2\&.248552 seconds + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "listnodes" +.PP +This command shows lists the ip addresses of all the nodes in the cluster\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb listnodes +192\&.168\&.2\&.200 +192\&.168\&.2\&.201 +192\&.168\&.2\&.202 +192\&.168\&.2\&.203 + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "natgw {master|list|status}" +.PP +This command shows different aspects of NAT gateway status\&. For an overview of CTDB\*(Aqs NAT gateway functionality please see the +NAT GATEWAY +section in +\fBctdb\fR(7)\&. +.PP +master +.RS 4 +Show the PNN and private IP address of the current NAT gateway master node\&. +.sp +Example output: +.sp +.if n \{\ +.RS 4 +.\} +.nf +1 192\&.168\&.2\&.201 + +.fi +.if n \{\ +.RE +.\} +.RE +.PP +list +.RS 4 +List the private IP addresses of nodes in the current NAT gateway group, annotating the master node\&. +.sp +Example output: +.sp +.if n \{\ +.RS 4 +.\} +.nf +192\&.168\&.2\&.200 +192\&.168\&.2\&.201 MASTER +192\&.168\&.2\&.202 +192\&.168\&.2\&.203 + +.fi +.if n \{\ +.RE +.\} +.RE +.PP +status +.RS 4 +List the nodes in the current NAT gateway group and their status\&. +.sp +Example output: +.sp +.if n \{\ +.RS 4 +.\} +.nf +pnn:0 192\&.168\&.2\&.200 UNHEALTHY (THIS NODE) +pnn:1 192\&.168\&.2\&.201 OK +pnn:2 192\&.168\&.2\&.202 OK +pnn:3 192\&.168\&.2\&.203 OK + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "ping" +.PP +This command will "ping" specified CTDB nodes in the cluster to verify that they are running\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb ping +response from 0 time=0\&.000054 sec (3 clients) + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "ifaces" +.PP +This command will display the list of network interfaces, which could host public addresses, along with their status\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb ifaces +Interfaces on node 0 +name:eth5 link:up references:2 +name:eth4 link:down references:0 +name:eth3 link:up references:1 +name:eth2 link:up references:1 + +# ctdb \-X ifaces +|Name|LinkStatus|References| +|eth5|1|2| +|eth4|0|0| +|eth3|1|1| +|eth2|1|1| + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "ip" +.PP +This command will display the list of public addresses that are provided by the cluster and which physical node is currently serving this ip\&. By default this command will ONLY show those public addresses that are known to the node itself\&. To see the full list of all public ips across the cluster you must use "ctdb ip all"\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb ip \-v +Public IPs on node 0 +172\&.31\&.91\&.82 node[1] active[] available[eth2,eth3] configured[eth2,eth3] +172\&.31\&.91\&.83 node[0] active[eth3] available[eth2,eth3] configured[eth2,eth3] +172\&.31\&.91\&.84 node[1] active[] available[eth2,eth3] configured[eth2,eth3] +172\&.31\&.91\&.85 node[0] active[eth2] available[eth2,eth3] configured[eth2,eth3] +172\&.31\&.92\&.82 node[1] active[] available[eth5] configured[eth4,eth5] +172\&.31\&.92\&.83 node[0] active[eth5] available[eth5] configured[eth4,eth5] +172\&.31\&.92\&.84 node[1] active[] available[eth5] configured[eth4,eth5] +172\&.31\&.92\&.85 node[0] active[eth5] available[eth5] configured[eth4,eth5] + +# ctdb \-X ip \-v +|Public IP|Node|ActiveInterface|AvailableInterfaces|ConfiguredInterfaces| +|172\&.31\&.91\&.82|1||eth2,eth3|eth2,eth3| +|172\&.31\&.91\&.83|0|eth3|eth2,eth3|eth2,eth3| +|172\&.31\&.91\&.84|1||eth2,eth3|eth2,eth3| +|172\&.31\&.91\&.85|0|eth2|eth2,eth3|eth2,eth3| +|172\&.31\&.92\&.82|1||eth5|eth4,eth5| +|172\&.31\&.92\&.83|0|eth5|eth5|eth4,eth5| +|172\&.31\&.92\&.84|1||eth5|eth4,eth5| +|172\&.31\&.92\&.85|0|eth5|eth5|eth4,eth5| + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "ipinfo \fIIP\fR" +.PP +This command will display details about the specified public addresses\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb ipinfo 172\&.31\&.92\&.85 +Public IP[172\&.31\&.92\&.85] info on node 0 +IP:172\&.31\&.92\&.85 +CurrentNode:0 +NumInterfaces:2 +Interface[1]: Name:eth4 Link:down References:0 +Interface[2]: Name:eth5 Link:up References:2 (active) + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "event run|status|script list|script enable|script disable" +.PP +This command is used to control event daemon and to inspect status of various events\&. +.PP +The commands below require a component to be specified\&. In the current version the only valid component is +legacy\&. +.PP +run \fITIMEOUT\fR \fICOMPONENT\fR \fIEVENT\fR [\fIARGUMENTS\fR] +.RS 4 +This command can be used to manually run specified EVENT in COMPONENT with optional ARGUMENTS\&. The event will be allowed to run a maximum of TIMEOUT seconds\&. If TIMEOUT is 0, then there is no time limit for running the event\&. +.RE +.PP +status \fICOMPONENT\fR \fIEVENT\fR +.RS 4 +This command displays the last execution status of the specified EVENT in COMPONENT\&. +.sp +The command will terminate with the exit status corresponding to the overall status of event that is displayed\&. +.sp +The output is the list of event scripts executed\&. Each line shows the name, status, duration and start time for each script\&. +.sp +Example output: +.sp +.if n \{\ +.RS 4 +.\} +.nf +00\&.ctdb OK 0\&.014 Sat Dec 17 19:39:11 2016 +01\&.reclock OK 0\&.013 Sat Dec 17 19:39:11 2016 +05\&.system OK 0\&.029 Sat Dec 17 19:39:11 2016 +06\&.nfs OK 0\&.014 Sat Dec 17 19:39:11 2016 +10\&.interface OK 0\&.037 Sat Dec 17 19:39:11 2016 +11\&.natgw OK 0\&.011 Sat Dec 17 19:39:11 2016 +11\&.routing OK 0\&.007 Sat Dec 17 19:39:11 2016 +13\&.per_ip_routing OK 0\&.007 Sat Dec 17 19:39:11 2016 +20\&.multipathd OK 0\&.007 Sat Dec 17 19:39:11 2016 +31\&.clamd OK 0\&.007 Sat Dec 17 19:39:11 2016 +40\&.vsftpd OK 0\&.013 Sat Dec 17 19:39:11 2016 +41\&.httpd OK 0\&.018 Sat Dec 17 19:39:11 2016 +49\&.winbind OK 0\&.023 Sat Dec 17 19:39:11 2016 +50\&.samba OK 0\&.100 Sat Dec 17 19:39:12 2016 +60\&.nfs OK 0\&.376 Sat Dec 17 19:39:12 2016 +70\&.iscsi OK 0\&.009 Sat Dec 17 19:39:12 2016 +91\&.lvs OK 0\&.007 Sat Dec 17 19:39:12 2016 + +.fi +.if n \{\ +.RE +.\} +.RE +.PP +script list \fICOMPONENT\fR +.RS 4 +List the available event scripts in COMPONENT\&. Enabled scripts are flagged with a \*(Aq*\*(Aq\&. +.sp +Generally, event scripts are provided by CTDB\&. However, local or 3rd party event scripts may also be available\&. These are shown in a separate section after those provided by CTDB\&. +.sp +Example output: +.sp +.if n \{\ +.RS 4 +.\} +.nf +* 00\&.ctdb +* 01\&.reclock +* 05\&.system +* 06\&.nfs +* 10\&.interface + 11\&.natgw + 11\&.routing + 13\&.per_ip_routing + 20\&.multipathd + 31\&.clamd + 40\&.vsftpd + 41\&.httpd +* 49\&.winbind +* 50\&.samba +* 60\&.nfs + 70\&.iscsi + 91\&.lvs + +* 02\&.local + +.fi +.if n \{\ +.RE +.\} +.RE +.PP +script enable \fICOMPONENT\fR \fISCRIPT\fR +.RS 4 +Enable the specified event SCRIPT in COMPONENT\&. Only enabled scripts will be executed when running any event\&. +.RE +.PP +script disable \fICOMPONENT\fR \fISCRIPT\fR +.RS 4 +Disable the specified event SCRIPT in COMPONENT\&. This will prevent the script from executing when running any event\&. +.RE +.SS "scriptstatus" +.PP +This command displays which event scripts where run in the previous monitoring cycle and the result of each script\&. If a script failed with an error, causing the node to become unhealthy, the output from that script is also shown\&. +.PP +This command is deprecated\&. It\*(Aqs provided for backward compatibility\&. In place of +\fBctdb scriptstatus\fR, use +\fBctdb event status\fR\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb scriptstatus +00\&.ctdb OK 0\&.011 Sat Dec 17 19:40:46 2016 +01\&.reclock OK 0\&.010 Sat Dec 17 19:40:46 2016 +05\&.system OK 0\&.030 Sat Dec 17 19:40:46 2016 +06\&.nfs OK 0\&.014 Sat Dec 17 19:40:46 2016 +10\&.interface OK 0\&.041 Sat Dec 17 19:40:46 2016 +11\&.natgw OK 0\&.008 Sat Dec 17 19:40:46 2016 +11\&.routing OK 0\&.007 Sat Dec 17 19:40:46 2016 +13\&.per_ip_routing OK 0\&.007 Sat Dec 17 19:40:46 2016 +20\&.multipathd OK 0\&.007 Sat Dec 17 19:40:46 2016 +31\&.clamd OK 0\&.007 Sat Dec 17 19:40:46 2016 +40\&.vsftpd OK 0\&.013 Sat Dec 17 19:40:46 2016 +41\&.httpd OK 0\&.015 Sat Dec 17 19:40:46 2016 +49\&.winbind OK 0\&.022 Sat Dec 17 19:40:46 2016 +50\&.samba ERROR 0\&.077 Sat Dec 17 19:40:46 2016 + OUTPUT: ERROR: samba tcp port 445 is not responding + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "listvars" +.PP +List all tuneable variables, except the values of the obsolete tunables like VacuumMinInterval\&. The obsolete tunables can be retrieved only explicitly with the "ctdb getvar" command\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb listvars +SeqnumInterval = 1000 +ControlTimeout = 60 +TraverseTimeout = 20 +KeepaliveInterval = 5 +KeepaliveLimit = 5 +RecoverTimeout = 120 +RecoverInterval = 1 +ElectionTimeout = 3 +TakeoverTimeout = 9 +MonitorInterval = 15 +TickleUpdateInterval = 20 +EventScriptTimeout = 30 +MonitorTimeoutCount = 20 +RecoveryGracePeriod = 120 +RecoveryBanPeriod = 300 +DatabaseHashSize = 100001 +DatabaseMaxDead = 5 +RerecoveryTimeout = 10 +EnableBans = 1 +NoIPFailback = 0 +VerboseMemoryNames = 0 +RecdPingTimeout = 60 +RecdFailCount = 10 +LogLatencyMs = 0 +RecLockLatencyMs = 1000 +RecoveryDropAllIPs = 120 +VacuumInterval = 10 +VacuumMaxRunTime = 120 +RepackLimit = 10000 +VacuumLimit = 5000 +VacuumFastPathCount = 60 +MaxQueueDropMsg = 1000000 +AllowUnhealthyDBRead = 0 +StatHistoryInterval = 1 +DeferredAttachTO = 120 +AllowClientDBAttach = 1 +RecoverPDBBySeqNum = 1 +DeferredRebalanceOnNodeAdd = 300 +FetchCollapse = 1 +HopcountMakeSticky = 50 +StickyDuration = 600 +StickyPindown = 200 +NoIPTakeover = 0 +DBRecordCountWarn = 100000 +DBRecordSizeWarn = 10000000 +DBSizeWarn = 100000000 +PullDBPreallocation = 10485760 +LockProcessesPerDB = 200 +RecBufferSizeLimit = 1000000 +QueueBufferSize = 1024 +IPAllocAlgorithm = 2 + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "getvar \fINAME\fR" +.PP +Get the runtime value of a tuneable variable\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb getvar MonitorInterval +MonitorInterval = 15 + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "setvar \fINAME\fR \fIVALUE\fR" +.PP +Set the runtime value of a tuneable variable\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb setvar MonitorInterval 20 + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "lvs {master|list|status}" +.PP +This command shows different aspects of LVS status\&. For an overview of CTDB\*(Aqs LVS functionality please see the +LVS +section in +\fBctdb\fR(7)\&. +.PP +master +.RS 4 +Shows the PNN of the current LVS master node\&. +.sp +Example output: +.sp +.if n \{\ +.RS 4 +.\} +.nf +2 + +.fi +.if n \{\ +.RE +.\} +.RE +.PP +list +.RS 4 +Lists the currently usable LVS nodes\&. +.sp +Example output: +.sp +.if n \{\ +.RS 4 +.\} +.nf +2 10\&.0\&.0\&.13 +3 10\&.0\&.0\&.14 + +.fi +.if n \{\ +.RE +.\} +.RE +.PP +status +.RS 4 +List the nodes in the current LVS group and their status\&. +.sp +Example output: +.sp +.if n \{\ +.RS 4 +.\} +.nf +pnn:0 10\&.0\&.0\&.11 UNHEALTHY (THIS NODE) +pnn:1 10\&.0\&.0\&.12 UNHEALTHY +pnn:2 10\&.0\&.0\&.13 OK +pnn:3 10\&.0\&.0\&.14 OK + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "getcapabilities" +.PP +This command shows the capabilities of the current node\&. See the +CAPABILITIES +section in +\fBctdb\fR(7) +for more details\&. +.PP +Example output: +.sp +.if n \{\ +.RS 4 +.\} +.nf +RECMASTER: YES +LMASTER: YES + +.fi +.if n \{\ +.RE +.\} +.SS "statistics" +.PP +Collect statistics from the CTDB daemon about how many calls it has served\&. Information about various fields in statistics can be found in +\fBctdb-statistics\fR(7)\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb statistics +CTDB version 1 +Current time of statistics : Tue Mar 8 15:18:51 2016 +Statistics collected since : (003 21:31:32) Fri Mar 4 17:47:19 2016 + num_clients 9 + frozen 0 + recovering 0 + num_recoveries 2 + client_packets_sent 8170534 + client_packets_recv 7166132 + node_packets_sent 16549998 + node_packets_recv 5244418 + keepalive_packets_sent 201969 + keepalive_packets_recv 201969 + node + req_call 26 + reply_call 0 + req_dmaster 9 + reply_dmaster 12 + reply_error 0 + req_message 1339231 + req_control 8177506 + reply_control 6831284 + client + req_call 15 + req_message 334809 + req_control 6831308 + timeouts + call 0 + control 0 + traverse 0 + locks + num_calls 8 + num_current 0 + num_pending 0 + num_failed 0 + total_calls 15 + pending_calls 0 + childwrite_calls 0 + pending_childwrite_calls 0 + memory_used 394879 + max_hop_count 1 + total_ro_delegations 0 + total_ro_revokes 0 + hop_count_buckets: 8 5 0 0 0 0 0 0 0 0 0 0 0 0 0 0 + lock_buckets: 0 0 8 0 0 0 0 0 0 0 0 0 0 0 0 0 + locks_latency MIN/AVG/MAX 0\&.010005/0\&.010418/0\&.011010 sec out of 8 + reclock_ctdbd MIN/AVG/MAX 0\&.002538/0\&.002538/0\&.002538 sec out of 1 + reclock_recd MIN/AVG/MAX 0\&.000000/0\&.000000/0\&.000000 sec out of 0 + call_latency MIN/AVG/MAX 0\&.000044/0\&.002142/0\&.011702 sec out of 15 + childwrite_latency MIN/AVG/MAX 0\&.000000/0\&.000000/0\&.000000 sec out of 0 + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "statisticsreset" +.PP +This command is used to clear all statistics counters in a node\&. +.PP +Example: ctdb statisticsreset +.SS "dbstatistics \fIDB\fR" +.PP +Display statistics about the database DB\&. Information about various fields in dbstatistics can be found in +\fBctdb-statistics\fR(7)\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb dbstatistics locking\&.tdb +DB Statistics: locking\&.tdb + ro_delegations 0 + ro_revokes 0 + locks + total 14356 + failed 0 + current 0 + pending 0 + hop_count_buckets: 28087 2 1 0 0 0 0 0 0 0 0 0 0 0 0 0 + lock_buckets: 0 14188 38 76 32 19 3 0 0 0 0 0 0 0 0 0 + locks_latency MIN/AVG/MAX 0\&.001066/0\&.012686/4\&.202292 sec out of 14356 + vacuum_latency MIN/AVG/MAX 0\&.000472/0\&.002207/15\&.243570 sec out of 224530 + Num Hot Keys: 1 + Count:8 Key:ff5bd7cb3ee3822edc1f0000000000000000000000000000 + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "getreclock" +.PP +Show details of the recovery lock, if any\&. +.PP +Example output: +.sp +.if n \{\ +.RS 4 +.\} +.nf + /clusterfs/\&.ctdb/recovery\&.lock + +.fi +.if n \{\ +.RE +.\} +.SS "getdebug" +.PP +Get the current debug level for the node\&. the debug level controls what information is written to the log file\&. +.PP +The debug levels are mapped to the corresponding syslog levels\&. When a debug level is set, only those messages at that level and higher levels will be printed\&. +.PP +The list of debug levels from highest to lowest are : +.PP +ERROR WARNING NOTICE INFO DEBUG +.SS "setdebug \fIDEBUGLEVEL\fR" +.PP +Set the debug level of a node\&. This controls what information will be logged\&. +.PP +The debuglevel is one of ERROR WARNING NOTICE INFO DEBUG +.SS "getpid" +.PP +This command will return the process id of the ctdb daemon\&. +.SS "disable" +.PP +This command is used to administratively disable a node in the cluster\&. A disabled node will still participate in the cluster and host clustered TDB records but its public ip address has been taken over by a different node and it no longer hosts any services\&. +.SS "enable" +.PP +Re\-enable a node that has been administratively disabled\&. +.SS "stop" +.PP +This command is used to administratively STOP a node in the cluster\&. A STOPPED node is connected to the cluster but will not host any public ip addresse, nor does it participate in the VNNMAP\&. The difference between a DISABLED node and a STOPPED node is that a STOPPED node does not host any parts of the database which means that a recovery is required to stop/continue nodes\&. +.SS "continue" +.PP +Re\-start a node that has been administratively stopped\&. +.SS "addip \fIIPADDR\fR/\fImask\fR \fIIFACE\fR" +.PP +This command is used to add a new public ip to a node during runtime\&. It should be followed by a +\fBctdb ipreallocate\fR\&. This allows public addresses to be added to a cluster without having to restart the ctdb daemons\&. +.PP +Note that this only updates the runtime instance of ctdb\&. Any changes will be lost next time ctdb is restarted and the public addresses file is re\-read\&. If you want this change to be permanent you must also update the public addresses file manually\&. +.SS "delip \fIIPADDR\fR" +.PP +This command flags IPADDR for deletion from a node at runtime\&. It should be followed by a +\fBctdb ipreallocate\fR\&. If IPADDR is currently hosted by the node it is being removed from, this ensures that the IP will first be failed over to another node, if possible, and that it is then actually removed\&. +.PP +Note that this only updates the runtime instance of CTDB\&. Any changes will be lost next time CTDB is restarted and the public addresses file is re\-read\&. If you want this change to be permanent you must also update the public addresses file manually\&. +.SS "moveip \fIIPADDR\fR \fIPNN\fR" +.PP +This command can be used to manually fail a public ip address to a specific node\&. +.PP +In order to manually override the "automatic" distribution of public ip addresses that ctdb normally provides, this command only works when you have changed the tunables for the daemon to: +.PP +IPAllocAlgorithm != 0 +.PP +NoIPFailback = 1 +.SS "shutdown" +.PP +This command will shutdown a specific CTDB daemon\&. +.SS "setlmasterrole on|off" +.PP +This command is used ot enable/disable the LMASTER capability for a node at runtime\&. This capability determines whether or not a node can be used as an LMASTER for records in the database\&. A node that does not have the LMASTER capability will not show up in the vnnmap\&. +.PP +Nodes will by default have this capability, but it can be stripped off nodes by the setting in the sysconfig file or by using this command\&. +.PP +Once this setting has been enabled/disabled, you need to perform a recovery for it to take effect\&. +.PP +See also "ctdb getcapabilities" +.SS "setrecmasterrole on|off" +.PP +This command is used ot enable/disable the RECMASTER capability for a node at runtime\&. This capability determines whether or not a node can be used as an RECMASTER for the cluster\&. A node that does not have the RECMASTER capability can not win a recmaster election\&. A node that already is the recmaster for the cluster when the capability is stripped off the node will remain the recmaster until the next cluster election\&. +.PP +Nodes will by default have this capability, but it can be stripped off nodes by the setting in the sysconfig file or by using this command\&. +.PP +See also "ctdb getcapabilities" +.SS "reloadnodes" +.PP +This command is used when adding new nodes, or removing existing nodes from an existing cluster\&. +.PP +Procedure to add nodes: +.sp +.RS 4 +.ie n \{\ +\h'-04' 1.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 1." 4.2 +.\} +To expand an existing cluster, first ensure with +\fBctdb status\fR +that all nodes are up and running and that they are all healthy\&. Do not try to expand a cluster unless it is completely healthy! +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04' 2.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 2." 4.2 +.\} +On all nodes, edit +/usr/local/etc/ctdb/nodes +and +\fIadd the new nodes at the end of this file\fR\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04' 3.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 3." 4.2 +.\} +Verify that all the nodes have identical +/usr/local/etc/ctdb/nodes +files after adding the new nodes\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04' 4.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 4." 4.2 +.\} +Run +\fBctdb reloadnodes\fR +to force all nodes to reload the nodes file\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04' 5.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 5." 4.2 +.\} +Use +\fBctdb status\fR +on all nodes and verify that they now show the additional nodes\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04' 6.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 6." 4.2 +.\} +Install and configure the new node and bring it online\&. +.RE +.PP +Procedure to remove nodes: +.sp +.RS 4 +.ie n \{\ +\h'-04' 1.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 1." 4.2 +.\} +To remove nodes from an existing cluster, first ensure with +\fBctdb status\fR +that all nodes, except the node to be deleted, are up and running and that they are all healthy\&. Do not try to remove nodes from a cluster unless the cluster is completely healthy! +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04' 2.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 2." 4.2 +.\} +Shutdown and power off the node to be removed\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04' 3.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 3." 4.2 +.\} +On all other nodes, edit the +/usr/local/etc/ctdb/nodes +file and +\fIcomment out\fR +the nodes to be removed\&. +\fIDo not delete the lines for the deleted nodes\fR, just comment them out by adding a \*(Aq#\*(Aq at the beginning of the lines\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04' 4.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 4." 4.2 +.\} +Run +\fBctdb reloadnodes\fR +to force all nodes to reload the nodes file\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04' 5.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 5." 4.2 +.\} +Use +\fBctdb status\fR +on all nodes and verify that the deleted nodes are no longer listed\&. +.RE +.SS "reloadips [\fIPNN\-LIST\fR]" +.PP +This command reloads the public addresses configuration file on the specified nodes\&. When it completes addresses will be reconfigured and reassigned across the cluster as necessary\&. +.PP +This command is currently unable to make changes to the netmask or interfaces associated with existing addresses\&. Such changes must be made in 2 steps by deleting addresses in question and re\-adding then\&. Unfortunately this will disrupt connections to the changed addresses\&. +.SS "getdbmap" +.PP +This command lists all clustered TDB databases that the CTDB daemon has attached to\&. Some databases are flagged as PERSISTENT, this means that the database stores data persistently and the data will remain across reboots\&. One example of such a database is secrets\&.tdb where information about how the cluster was joined to the domain is stored\&. Some database are flagged as REPLICATED, this means that the data in that database is replicated across all the nodes\&. But the data will not remain across reboots\&. This type of database is used by CTDB to store it\*(Aqs internal state\&. +.PP +If a PERSISTENT database is not in a healthy state the database is flagged as UNHEALTHY\&. If there\*(Aqs at least one completely healthy node running in the cluster, it\*(Aqs possible that the content is restored by a recovery run automaticly\&. Otherwise an administrator needs to analyze the problem\&. +.PP +See also "ctdb getdbstatus", "ctdb backupdb", "ctdb restoredb", "ctdb dumpbackup", "ctdb wipedb", "ctdb setvar AllowUnhealthyDBRead 1" and (if samba or tdb\-utils are installed) "tdbtool check"\&. +.PP +Most databases are not persistent and only store the state information that the currently running samba daemons need\&. These databases are always wiped when ctdb/samba starts and when a node is rebooted\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb getdbmap +Number of databases:10 +dbid:0x435d3410 name:notify\&.tdb path:/var/lib/ctdb/notify\&.tdb\&.0 +dbid:0x42fe72c5 name:locking\&.tdb path:/var/lib/ctdb/locking\&.tdb\&.0 +dbid:0x1421fb78 name:brlock\&.tdb path:/var/lib/ctdb/brlock\&.tdb\&.0 +dbid:0x17055d90 name:connections\&.tdb path:/var/lib/ctdb/connections\&.tdb\&.0 +dbid:0xc0bdde6a name:sessionid\&.tdb path:/var/lib/ctdb/sessionid\&.tdb\&.0 +dbid:0x122224da name:test\&.tdb path:/var/lib/ctdb/test\&.tdb\&.0 +dbid:0x2672a57f name:idmap2\&.tdb path:/var/lib/ctdb/persistent/idmap2\&.tdb\&.0 PERSISTENT +dbid:0xb775fff6 name:secrets\&.tdb path:/var/lib/ctdb/persistent/secrets\&.tdb\&.0 PERSISTENT +dbid:0xe98e08b6 name:group_mapping\&.tdb path:/var/lib/ctdb/persistent/group_mapping\&.tdb\&.0 PERSISTENT +dbid:0x7bbbd26c name:passdb\&.tdb path:/var/lib/ctdb/persistent/passdb\&.tdb\&.0 PERSISTENT + +# ctdb getdbmap # example for unhealthy database +Number of databases:1 +dbid:0xb775fff6 name:secrets\&.tdb path:/var/lib/ctdb/persistent/secrets\&.tdb\&.0 PERSISTENT UNHEALTHY + +# ctdb \-X getdbmap +|ID|Name|Path|Persistent|Unhealthy| +|0x7bbbd26c|passdb\&.tdb|/var/lib/ctdb/persistent/passdb\&.tdb\&.0|1|0| + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "backupdb \fIDB\fR \fIFILE\fR" +.PP +Copy the contents of database DB to FILE\&. FILE can later be read back using +\fBrestoredb\fR\&. This is mainly useful for backing up persistent databases such as +secrets\&.tdb +and similar\&. +.SS "restoredb \fIFILE\fR [\fIDB\fR]" +.PP +This command restores a persistent database that was previously backed up using backupdb\&. By default the data will be restored back into the same database as it was created from\&. By specifying dbname you can restore the data into a different database\&. +.SS "setdbreadonly \fIDB\fR" +.PP +This command will enable the read\-only record support for a database\&. This is an experimental feature to improve performance for contended records primarily in locking\&.tdb and brlock\&.tdb\&. When enabling this feature you must set it on all nodes in the cluster\&. +.SS "setdbsticky \fIDB\fR" +.PP +This command will enable the sticky record support for the specified database\&. This is an experimental feature to improve performance for contended records primarily in locking\&.tdb and brlock\&.tdb\&. When enabling this feature you must set it on all nodes in the cluster\&. +.SH "INTERNAL COMMANDS" +.PP +Internal commands are used by CTDB\*(Aqs scripts and are not required for managing a CTDB cluster\&. Their parameters and behaviour are subject to change\&. +.SS "gettickles \fIIPADDR\fR" +.PP +Show TCP connections that are registered with CTDB to be "tickled" if there is a failover\&. +.SS "gratarp \fIIPADDR\fR \fIINTERFACE\fR" +.PP +Send out a gratuitous ARP for the specified interface through the specified interface\&. This command is mainly used by the ctdb eventscripts\&. +.SS "pdelete \fIDB\fR \fIKEY\fR" +.PP +Delete KEY from DB\&. +.SS "pfetch \fIDB\fR \fIKEY\fR" +.PP +Print the value associated with KEY in DB\&. +.SS "pstore \fIDB\fR \fIKEY\fR \fIFILE\fR" +.PP +Store KEY in DB with contents of FILE as the associated value\&. +.SS "ptrans \fIDB\fR [\fIFILE\fR]" +.PP +Read a list of key\-value pairs, one per line from FILE, and store them in DB using a single transaction\&. An empty value is equivalent to deleting the given key\&. +.PP +The key and value should be separated by spaces or tabs\&. Each key/value should be a printable string enclosed in double\-quotes\&. +.SS "runstate [setup|first_recovery|startup|running]" +.PP +Print the runstate of the specified node\&. Runstates are used to serialise important state transitions in CTDB, particularly during startup\&. +.PP +If one or more optional runstate arguments are specified then the node must be in one of these runstates for the command to succeed\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb runstate +RUNNING + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "setifacelink \fIIFACE\fR up|down" +.PP +Set the internal state of network interface IFACE\&. This is typically used in the +10\&.interface +script in the "monitor" event\&. +.PP +Example: ctdb setifacelink eth0 up +.SS "tickle" +.PP +Read a list of TCP connections, one per line, from standard input and send a TCP tickle to the source host for each connection\&. A connection is specified as: +.sp +.if n \{\ +.RS 4 +.\} +.nf + \fISRC\-IPADDR\fR:\fISRC\-PORT\fR \fIDST\-IPADDR\fR:\fIDST\-PORT\fR + +.fi +.if n \{\ +.RE +.\} +.PP +A single connection can be specified on the command\-line rather than on standard input\&. +.PP +A TCP tickle is a TCP ACK packet with an invalid sequence and acknowledge number and will when received by the source host result in it sending an immediate correct ACK back to the other end\&. +.PP +TCP tickles are useful to "tickle" clients after a IP failover has occurred since this will make the client immediately recognize the TCP connection has been disrupted and that the client will need to reestablish\&. This greatly speeds up the time it takes for a client to detect and reestablish after an IP failover in the ctdb cluster\&. +.SS "version" +.PP +Display the CTDB version\&. +.SH "DEBUGGING COMMANDS" +.PP +These commands are primarily used for CTDB development and testing and should not be used for normal administration\&. +.SS "OPTIONS" +.PP +\-\-print\-emptyrecords +.RS 4 +This enables printing of empty records when dumping databases with the catdb, cattbd and dumpdbbackup commands\&. Records with empty data segment are considered deleted by ctdb and cleaned by the vacuuming mechanism, so this switch can come in handy for debugging the vacuuming behaviour\&. +.RE +.PP +\-\-print\-datasize +.RS 4 +This lets database dumps (catdb, cattdb, dumpdbbackup) print the size of the record data instead of dumping the data contents\&. +.RE +.PP +\-\-print\-lmaster +.RS 4 +This lets catdb print the lmaster for each record\&. +.RE +.PP +\-\-print\-hash +.RS 4 +This lets database dumps (catdb, cattdb, dumpdbbackup) print the hash for each record\&. +.RE +.PP +\-\-print\-recordflags +.RS 4 +This lets catdb and dumpdbbackup print the record flags for each record\&. Note that cattdb always prints the flags\&. +.RE +.SS "process\-exists \fIPID\fR \fI[SRVID]\fR" +.PP +This command checks if a specific process exists on the CTDB host\&. This is mainly used by Samba to check if remote instances of samba are still running or not\&. When the optional SRVID argument is specified, the command check if a specific process exists on the CTDB host and has registered for specified SRVID\&. +.SS "getdbstatus \fIDB\fR" +.PP +This command displays more details about a database\&. +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBExample\fR +.RS 4 +.sp +.if n \{\ +.RS 4 +.\} +.nf +# ctdb getdbstatus test\&.tdb\&.0 +dbid: 0x122224da +name: test\&.tdb +path: /var/lib/ctdb/test\&.tdb\&.0 +PERSISTENT: no +HEALTH: OK + +# ctdb getdbstatus registry\&.tdb # with a corrupted TDB +dbid: 0xf2a58948 +name: registry\&.tdb +path: /var/lib/ctdb/persistent/registry\&.tdb\&.0 +PERSISTENT: yes +HEALTH: NO\-HEALTHY\-NODES \- ERROR \- Backup of corrupted TDB in \*(Aq/var/lib/ctdb/persistent/registry\&.tdb\&.0\&.corrupted\&.20091208091949\&.0Z\*(Aq + +.fi +.if n \{\ +.RE +.\} +.RE +.SS "catdb \fIDB\fR" +.PP +Print a dump of the clustered TDB database DB\&. +.SS "cattdb \fIDB\fR" +.PP +Print a dump of the contents of the local TDB database DB\&. +.SS "dumpdbbackup \fIFILE\fR" +.PP +Print a dump of the contents from database backup FILE, similar to +\fBcatdb\fR\&. +.SS "wipedb \fIDB\fR" +.PP +Remove all contents of database DB\&. +.SS "recover" +.PP +This command will trigger the recovery daemon to do a cluster recovery\&. +.SS "ipreallocate, sync" +.PP +This command will force the recovery master to perform a full ip reallocation process and redistribute all ip addresses\&. This is useful to "reset" the allocations back to its default state if they have been changed using the "moveip" command\&. While a "recover" will also perform this reallocation, a recovery is much more hevyweight since it will also rebuild all the databases\&. +.SS "attach \fIDBNAME\fR [persistent|replicated]" +.PP +Create a new CTDB database called DBNAME and attach to it on all nodes\&. +.SS "detach \fIDB\-LIST\fR" +.PP +Detach specified non\-persistent database(s) from the cluster\&. This command will disconnect specified database(s) on all nodes in the cluster\&. This command should only be used when none of the specified database(s) are in use\&. +.PP +All nodes should be active and tunable AllowClientDBAccess should be disabled on all nodes before detaching databases\&. +.SS "dumpmemory" +.PP +This is a debugging command\&. This command will make the ctdb daemon to write a fill memory allocation map to standard output\&. +.SS "rddumpmemory" +.PP +This is a debugging command\&. This command will dump the talloc memory allocation tree for the recovery daemon to standard output\&. +.SS "ban \fIBANTIME\fR" +.PP +Administratively ban a node for BANTIME seconds\&. The node will be unbanned after BANTIME seconds have elapsed\&. +.PP +A banned node does not participate in the cluster\&. It does not host any records for the clustered TDB and does not host any public IP addresses\&. +.PP +Nodes are automatically banned if they misbehave\&. For example, a node may be banned if it causes too many cluster recoveries\&. +.PP +To administratively exclude a node from a cluster use the +\fBstop\fR +command\&. +.SS "unban" +.PP +This command is used to unban a node that has either been administratively banned using the ban command or has been automatically banned\&. +.SH "SEE ALSO" +.PP +\fBctdbd\fR(1), +\fBonnode\fR(1), +\fBctdb\fR(7), +\fBctdb-statistics\fR(7), +\fBctdb-tunables\fR(7), +\m[blue]\fB\%http://ctdb.samba.org/\fR\m[] +.SH "AUTHOR" +.br +.PP +This documentation was written by Ronnie Sahlberg, Amitay Isaacs, Martin Schwenke +.SH "COPYRIGHT" +.br +Copyright \(co 2007 Andrew Tridgell, Ronnie Sahlberg +.br +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. +.PP +You should have received a copy of the GNU General Public License along with this program; if not, see +\m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&. +.sp Index: files/man/ctdb.7 =================================================================== --- files/man/ctdb.7 +++ files/man/ctdb.7 @@ -0,0 +1,783 @@ +'\" t +.\" Title: ctdb +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 11/18/2018 +.\" Manual: CTDB - clustered TDB database +.\" Source: ctdb +.\" Language: English +.\" +.TH "CTDB" "7" "11/18/2018" "ctdb" "CTDB \- clustered TDB database" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ctdb \- Clustered TDB +.SH "DESCRIPTION" +.PP +CTDB is a clustered database component in clustered Samba that provides a high\-availability load\-sharing CIFS server cluster\&. +.PP +The main functions of CTDB are: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +Provide a clustered version of the TDB database with automatic rebuild/recovery of the databases upon node failures\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +Monitor nodes in the cluster and services running on each node\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +Manage a pool of public IP addresses that are used to provide services to clients\&. Alternatively, CTDB can be used with LVS\&. +.RE +.PP +Combined with a cluster filesystem CTDB provides a full high\-availablity (HA) environment for services such as clustered Samba, NFS and other services\&. +.SH "ANATOMY OF A CTDB CLUSTER" +.PP +A CTDB cluster is a collection of nodes with 2 or more network interfaces\&. All nodes provide network (usually file/NAS) services to clients\&. Data served by file services is stored on shared storage (usually a cluster filesystem) that is accessible by all nodes\&. +.PP +CTDB provides an "all active" cluster, where services are load balanced across all nodes\&. +.SH "RECOVERY LOCK" +.PP +CTDB uses a +\fIrecovery lock\fR +to avoid a +\fIsplit brain\fR, where a cluster becomes partitioned and each partition attempts to operate independently\&. Issues that can result from a split brain include file data corruption, because file locking metadata may not be tracked correctly\&. +.PP +CTDB uses a +\fIcluster leader and follower\fR +model of cluster management\&. All nodes in a cluster elect one node to be the leader\&. The leader node coordinates privileged operations such as database recovery and IP address failover\&. CTDB refers to the leader node as the +\fIrecovery master\fR\&. This node takes and holds the recovery lock to assert its privileged role in the cluster\&. +.PP +By default, the recovery lock is implemented using a file (specified by +\fIrecovery lock\fR +in the +[cluster] +section of +\fBctdb.conf\fR(5)) residing in shared storage (usually) on a cluster filesystem\&. To support a recovery lock the cluster filesystem must support lock coherence\&. See +\fBping_pong\fR(1) +for more details\&. +.PP +The recovery lock can also be implemented using an arbitrary cluster mutex call\-out by using an exclamation point (\*(Aq!\*(Aq) as the first character of +\fIrecovery lock\fR\&. For example, a value of +\fB!/usr/local/bin/myhelper recovery\fR +would run the given helper with the specified arguments\&. See the source code relating to cluster mutexes for clues about writing call\-outs\&. +.PP +If a cluster becomes partitioned (for example, due to a communication failure) and a different recovery master is elected by the nodes in each partition, then only one of these recovery masters will be able to take the recovery lock\&. The recovery master in the "losing" partition will not be able to take the recovery lock and will be excluded from the cluster\&. The nodes in the "losing" partition will elect each node in turn as their recovery master so eventually all the nodes in that partition will be excluded\&. +.PP +CTDB does sanity checks to ensure that the recovery lock is held as expected\&. +.PP +CTDB can run without a recovery lock but this is not recommended as there will be no protection from split brains\&. +.SH "PRIVATE VS PUBLIC ADDRESSES" +.PP +Each node in a CTDB cluster has multiple IP addresses assigned to it: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +A single private IP address that is used for communication between nodes\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +One or more public IP addresses that are used to provide NAS or other services\&. +.RE +.sp +.SS "Private address" +.PP +Each node is configured with a unique, permanently assigned private address\&. This address is configured by the operating system\&. This address uniquely identifies a physical node in the cluster and is the address that CTDB daemons will use to communicate with the CTDB daemons on other nodes\&. +.PP +Private addresses are listed in the file +/usr/local/etc/ctdb/nodes)\&. This file contains the list of private addresses for all nodes in the cluster, one per line\&. This file must be the same on all nodes in the cluster\&. +.PP +Some users like to put this configuration file in their cluster filesystem\&. A symbolic link should be used in this case\&. +.PP +Private addresses should not be used by clients to connect to services provided by the cluster\&. +.PP +It is strongly recommended that the private addresses are configured on a private network that is separate from client networks\&. This is because the CTDB protocol is both unauthenticated and unencrypted\&. If clients share the private network then steps need to be taken to stop injection of packets to relevant ports on the private addresses\&. It is also likely that CTDB protocol traffic between nodes could leak sensitive information if it can be intercepted\&. +.PP +Example +/usr/local/etc/ctdb/nodes +for a four node cluster: +.sp +.if n \{\ +.RS 4 +.\} +.nf +192\&.168\&.1\&.1 +192\&.168\&.1\&.2 +192\&.168\&.1\&.3 +192\&.168\&.1\&.4 + +.fi +.if n \{\ +.RE +.\} +.SS "Public addresses" +.PP +Public addresses are used to provide services to clients\&. Public addresses are not configured at the operating system level and are not permanently associated with a particular node\&. Instead, they are managed by CTDB and are assigned to interfaces on physical nodes at runtime\&. +.PP +The CTDB cluster will assign/reassign these public addresses across the available healthy nodes in the cluster\&. When one node fails, its public addresses will be taken over by one or more other nodes in the cluster\&. This ensures that services provided by all public addresses are always available to clients, as long as there are nodes available capable of hosting this address\&. +.PP +The public address configuration is stored in +/usr/local/etc/ctdb/public_addresses +on each node\&. This file contains a list of the public addresses that the node is capable of hosting, one per line\&. Each entry also contains the netmask and the interface to which the address should be assigned\&. If this file is missing then no public addresses are configured\&. +.PP +Some users who have the same public addresses on all nodes like to put this configuration file in their cluster filesystem\&. A symbolic link should be used in this case\&. +.PP +Example +/usr/local/etc/ctdb/public_addresses +for a node that can host 4 public addresses, on 2 different interfaces: +.sp +.if n \{\ +.RS 4 +.\} +.nf +10\&.1\&.1\&.1/24 eth1 +10\&.1\&.1\&.2/24 eth1 +10\&.1\&.2\&.1/24 eth2 +10\&.1\&.2\&.2/24 eth2 + +.fi +.if n \{\ +.RE +.\} +.PP +In many cases the public addresses file will be the same on all nodes\&. However, it is possible to use different public address configurations on different nodes\&. +.PP +Example: 4 nodes partitioned into two subgroups: +.sp +.if n \{\ +.RS 4 +.\} +.nf +Node 0:/usr/local/etc/ctdb/public_addresses + 10\&.1\&.1\&.1/24 eth1 + 10\&.1\&.1\&.2/24 eth1 + +Node 1:/usr/local/etc/ctdb/public_addresses + 10\&.1\&.1\&.1/24 eth1 + 10\&.1\&.1\&.2/24 eth1 + +Node 2:/usr/local/etc/ctdb/public_addresses + 10\&.1\&.2\&.1/24 eth2 + 10\&.1\&.2\&.2/24 eth2 + +Node 3:/usr/local/etc/ctdb/public_addresses + 10\&.1\&.2\&.1/24 eth2 + 10\&.1\&.2\&.2/24 eth2 + +.fi +.if n \{\ +.RE +.\} +.PP +In this example nodes 0 and 1 host two public addresses on the 10\&.1\&.1\&.x network while nodes 2 and 3 host two public addresses for the 10\&.1\&.2\&.x network\&. +.PP +Public address 10\&.1\&.1\&.1 can be hosted by either of nodes 0 or 1 and will be available to clients as long as at least one of these two nodes are available\&. +.PP +If both nodes 0 and 1 become unavailable then public address 10\&.1\&.1\&.1 also becomes unavailable\&. 10\&.1\&.1\&.1 can not be failed over to nodes 2 or 3 since these nodes do not have this public address configured\&. +.PP +The +\fBctdb ip\fR +command can be used to view the current assignment of public addresses to physical nodes\&. +.SH "NODE STATUS" +.PP +The current status of each node in the cluster can be viewed by the +\fBctdb status\fR +command\&. +.PP +A node can be in one of the following states: +.PP +OK +.RS 4 +This node is healthy and fully functional\&. It hosts public addresses to provide services\&. +.RE +.PP +DISCONNECTED +.RS 4 +This node is not reachable by other nodes via the private network\&. It is not currently participating in the cluster\&. It +\fIdoes not\fR +host public addresses to provide services\&. It might be shut down\&. +.RE +.PP +DISABLED +.RS 4 +This node has been administratively disabled\&. This node is partially functional and participates in the cluster\&. However, it +\fIdoes not\fR +host public addresses to provide services\&. +.RE +.PP +UNHEALTHY +.RS 4 +A service provided by this node has failed a health check and should be investigated\&. This node is partially functional and participates in the cluster\&. However, it +\fIdoes not\fR +host public addresses to provide services\&. Unhealthy nodes should be investigated and may require an administrative action to rectify\&. +.RE +.PP +BANNED +.RS 4 +CTDB is not behaving as designed on this node\&. For example, it may have failed too many recovery attempts\&. Such nodes are banned from participating in the cluster for a configurable time period before they attempt to rejoin the cluster\&. A banned node +\fIdoes not\fR +host public addresses to provide services\&. All banned nodes should be investigated and may require an administrative action to rectify\&. +.RE +.PP +STOPPED +.RS 4 +This node has been administratively exclude from the cluster\&. A stopped node does no participate in the cluster and +\fIdoes not\fR +host public addresses to provide services\&. This state can be used while performing maintenance on a node\&. +.RE +.PP +PARTIALLYONLINE +.RS 4 +A node that is partially online participates in a cluster like a healthy (OK) node\&. Some interfaces to serve public addresses are down, but at least one interface is up\&. See also +\fBctdb ifaces\fR\&. +.RE +.SH "CAPABILITIES" +.PP +Cluster nodes can have several different capabilities enabled\&. These are listed below\&. +.PP +RECMASTER +.RS 4 +Indicates that a node can become the CTDB cluster recovery master\&. The current recovery master is decided via an election held by all active nodes with this capability\&. +.sp +Default is YES\&. +.RE +.PP +LMASTER +.RS 4 +Indicates that a node can be the location master (LMASTER) for database records\&. The LMASTER always knows which node has the latest copy of a record in a volatile database\&. +.sp +Default is YES\&. +.RE +.PP +The RECMASTER and LMASTER capabilities can be disabled when CTDB is used to create a cluster spanning across WAN links\&. In this case CTDB acts as a WAN accelerator\&. +.SH "LVS" +.PP +LVS is a mode where CTDB presents one single IP address for the entire cluster\&. This is an alternative to using public IP addresses and round\-robin DNS to loadbalance clients across the cluster\&. +.PP +This is similar to using a layer\-4 loadbalancing switch but with some restrictions\&. +.PP +One extra LVS public address is assigned on the public network to each LVS group\&. Each LVS group is a set of nodes in the cluster that presents the same LVS address public address to the outside world\&. Normally there would only be one LVS group spanning an entire cluster, but in situations where one CTDB cluster spans multiple physical sites it might be useful to have one LVS group for each site\&. There can be multiple LVS groups in a cluster but each node can only be member of one LVS group\&. +.PP +Client access to the cluster is load\-balanced across the HEALTHY nodes in an LVS group\&. If no HEALTHY nodes exists then all nodes in the group are used, regardless of health status\&. CTDB will, however never load\-balance LVS traffic to nodes that are BANNED, STOPPED, DISABLED or DISCONNECTED\&. The +\fBctdb lvs\fR +command is used to show which nodes are currently load\-balanced across\&. +.PP +In each LVS group, one of the nodes is selected by CTDB to be the LVS master\&. This node receives all traffic from clients coming in to the LVS public address and multiplexes it across the internal network to one of the nodes that LVS is using\&. When responding to the client, that node will send the data back directly to the client, bypassing the LVS master node\&. The command +\fBctdb lvs master\fR +will show which node is the current LVS master\&. +.PP +The path used for a client I/O is: +.sp +.RS 4 +.ie n \{\ +\h'-04' 1.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 1." 4.2 +.\} +Client sends request packet to LVSMASTER\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04' 2.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 2." 4.2 +.\} +LVSMASTER passes the request on to one node across the internal network\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04' 3.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 3." 4.2 +.\} +Selected node processes the request\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04' 4.\h'+01'\c +.\} +.el \{\ +.sp -1 +.IP " 4." 4.2 +.\} +Node responds back to client\&. +.RE +.PP +This means that all incoming traffic to the cluster will pass through one physical node, which limits scalability\&. You can send more data to the LVS address that one physical node can multiplex\&. This means that you should not use LVS if your I/O pattern is write\-intensive since you will be limited in the available network bandwidth that node can handle\&. LVS does work very well for read\-intensive workloads where only smallish READ requests are going through the LVSMASTER bottleneck and the majority of the traffic volume (the data in the read replies) goes straight from the processing node back to the clients\&. For read\-intensive i/o patterns you can achieve very high throughput rates in this mode\&. +.PP +Note: you can use LVS and public addresses at the same time\&. +.PP +If you use LVS, you must have a permanent address configured for the public interface on each node\&. This address must be routable and the cluster nodes must be configured so that all traffic back to client hosts are routed through this interface\&. This is also required in order to allow samba/winbind on the node to talk to the domain controller\&. This LVS IP address can not be used to initiate outgoing traffic\&. +.PP +Make sure that the domain controller and the clients are reachable from a node +\fIbefore\fR +you enable LVS\&. Also ensure that outgoing traffic to these hosts is routed out through the configured public interface\&. +.SS "Configuration" +.PP +To activate LVS on a CTDB node you must specify the +\fICTDB_LVS_PUBLIC_IFACE\fR, +\fICTDB_LVS_PUBLIC_IP\fR +and +\fICTDB_LVS_NODES\fR +configuration variables\&. +\fICTDB_LVS_NODES\fR +specifies a file containing the private address of all nodes in the current node\*(Aqs LVS group\&. +.PP +Example: +.sp +.if n \{\ +.RS 4 +.\} +.nf +CTDB_LVS_PUBLIC_IFACE=eth1 +CTDB_LVS_PUBLIC_IP=10\&.1\&.1\&.237 +CTDB_LVS_NODES=/usr/local/etc/ctdb/lvs_nodes + +.fi +.if n \{\ +.RE +.\} +.PP +Example +/usr/local/etc/ctdb/lvs_nodes: +.sp +.if n \{\ +.RS 4 +.\} +.nf +192\&.168\&.1\&.2 +192\&.168\&.1\&.3 +192\&.168\&.1\&.4 + +.fi +.if n \{\ +.RE +.\} +.PP +Normally any node in an LVS group can act as the LVS master\&. Nodes that are highly loaded due to other demands maybe flagged with the "slave\-only" option in the +\fICTDB_LVS_NODES\fR +file to limit the LVS functionality of those nodes\&. +.PP +LVS nodes file that excludes 192\&.168\&.1\&.4 from being the LVS master node: +.sp +.if n \{\ +.RS 4 +.\} +.nf +192\&.168\&.1\&.2 +192\&.168\&.1\&.3 +192\&.168\&.1\&.4 slave\-only + +.fi +.if n \{\ +.RE +.\} +.SH "TRACKING AND RESETTING TCP CONNECTIONS" +.PP +CTDB tracks TCP connections from clients to public IP addresses, on known ports\&. When an IP address moves from one node to another, all existing TCP connections to that IP address are reset\&. The node taking over this IP address will also send gratuitous ARPs (for IPv4, or neighbour advertisement, for IPv6)\&. This allows clients to reconnect quickly, rather than waiting for TCP timeouts, which can be very long\&. +.PP +It is important that established TCP connections do not survive a release and take of a public IP address on the same node\&. Such connections can get out of sync with sequence and ACK numbers, potentially causing a disruptive ACK storm\&. +.SH "NAT GATEWAY" +.PP +NAT gateway (NATGW) is an optional feature that is used to configure fallback routing for nodes\&. This allows cluster nodes to connect to external services (e\&.g\&. DNS, AD, NIS and LDAP) when they do not host any public addresses (e\&.g\&. when they are unhealthy)\&. +.PP +This also applies to node startup because CTDB marks nodes as UNHEALTHY until they have passed a "monitor" event\&. In this context, NAT gateway helps to avoid a "chicken and egg" situation where a node needs to access an external service to become healthy\&. +.PP +Another way of solving this type of problem is to assign an extra static IP address to a public interface on every node\&. This is simpler but it uses an extra IP address per node, while NAT gateway generally uses only one extra IP address\&. +.SS "Operation" +.PP +One extra NATGW public address is assigned on the public network to each NATGW group\&. Each NATGW group is a set of nodes in the cluster that shares the same NATGW address to talk to the outside world\&. Normally there would only be one NATGW group spanning an entire cluster, but in situations where one CTDB cluster spans multiple physical sites it might be useful to have one NATGW group for each site\&. +.PP +There can be multiple NATGW groups in a cluster but each node can only be member of one NATGW group\&. +.PP +In each NATGW group, one of the nodes is selected by CTDB to be the NATGW master and the other nodes are consider to be NATGW slaves\&. NATGW slaves establish a fallback default route to the NATGW master via the private network\&. When a NATGW slave hosts no public IP addresses then it will use this route for outbound connections\&. The NATGW master hosts the NATGW public IP address and routes outgoing connections from slave nodes via this IP address\&. It also establishes a fallback default route\&. +.SS "Configuration" +.PP +NATGW is usually configured similar to the following example configuration: +.sp +.if n \{\ +.RS 4 +.\} +.nf +CTDB_NATGW_NODES=/usr/local/etc/ctdb/natgw_nodes +CTDB_NATGW_PRIVATE_NETWORK=192\&.168\&.1\&.0/24 +CTDB_NATGW_PUBLIC_IP=10\&.0\&.0\&.227/24 +CTDB_NATGW_PUBLIC_IFACE=eth0 +CTDB_NATGW_DEFAULT_GATEWAY=10\&.0\&.0\&.1 + +.fi +.if n \{\ +.RE +.\} +.PP +Normally any node in a NATGW group can act as the NATGW master\&. Some configurations may have special nodes that lack connectivity to a public network\&. In such cases, those nodes can be flagged with the "slave\-only" option in the +\fICTDB_NATGW_NODES\fR +file to limit the NATGW functionality of those nodes\&. +.PP +See the +NAT GATEWAY +section in +\fBctdb-script.options\fR(5) +for more details of NATGW configuration\&. +.SS "Implementation details" +.PP +When the NATGW functionality is used, one of the nodes is selected to act as a NAT gateway for all the other nodes in the group when they need to communicate with the external services\&. The NATGW master is selected to be a node that is most likely to have usable networks\&. +.PP +The NATGW master hosts the NATGW public IP address +\fICTDB_NATGW_PUBLIC_IP\fR +on the configured public interfaces +\fICTDB_NATGW_PUBLIC_IFACE\fR +and acts as a router, masquerading outgoing connections from slave nodes via this IP address\&. If +\fICTDB_NATGW_DEFAULT_GATEWAY\fR +is set then it also establishes a fallback default route to the configured this gateway with a metric of 10\&. A metric 10 route is used so it can co\-exist with other default routes that may be available\&. +.PP +A NATGW slave establishes its fallback default route to the NATGW master via the private network +\fICTDB_NATGW_PRIVATE_NETWORK\fRwith a metric of 10\&. This route is used for outbound connections when no other default route is available because the node hosts no public addresses\&. A metric 10 routes is used so that it can co\-exist with other default routes that may be available when the node is hosting public addresses\&. +.PP +\fICTDB_NATGW_STATIC_ROUTES\fR +can be used to have NATGW create more specific routes instead of just default routes\&. +.PP +This is implemented in the +11\&.natgw +eventscript\&. Please see the eventscript file and the +NAT GATEWAY +section in +\fBctdb-script.options\fR(5) +for more details\&. +.SH "POLICY ROUTING" +.PP +Policy routing is an optional CTDB feature to support complex network topologies\&. Public addresses may be spread across several different networks (or VLANs) and it may not be possible to route packets from these public addresses via the system\*(Aqs default route\&. Therefore, CTDB has support for policy routing via the +13\&.per_ip_routing +eventscript\&. This allows routing to be specified for packets sourced from each public address\&. The routes are added and removed as CTDB moves public addresses between nodes\&. +.SS "Configuration variables" +.PP +There are 4 configuration variables related to policy routing: +\fICTDB_PER_IP_ROUTING_CONF\fR, +\fICTDB_PER_IP_ROUTING_RULE_PREF\fR, +\fICTDB_PER_IP_ROUTING_TABLE_ID_LOW\fR, +\fICTDB_PER_IP_ROUTING_TABLE_ID_HIGH\fR\&. See the +POLICY ROUTING +section in +\fBctdb-script.options\fR(5) +for more details\&. +.SS "Configuration" +.PP +The format of each line of +\fICTDB_PER_IP_ROUTING_CONF\fR +is: +.sp +.if n \{\ +.RS 4 +.\} +.nf + [ ] + +.fi +.if n \{\ +.RE +.\} +.PP +Leading whitespace is ignored and arbitrary whitespace may be used as a separator\&. Lines that have a "public address" item that doesn\*(Aqt match an actual public address are ignored\&. This means that comment lines can be added using a leading character such as \*(Aq#\*(Aq, since this will never match an IP address\&. +.PP +A line without a gateway indicates a link local route\&. +.PP +For example, consider the configuration line: +.sp +.if n \{\ +.RS 4 +.\} +.nf + 192\&.168\&.1\&.99 192\&.168\&.1\&.1/24 + +.fi +.if n \{\ +.RE +.\} +.PP +If the corresponding public_addresses line is: +.sp +.if n \{\ +.RS 4 +.\} +.nf + 192\&.168\&.1\&.99/24 eth2,eth3 + +.fi +.if n \{\ +.RE +.\} +.PP +\fICTDB_PER_IP_ROUTING_RULE_PREF\fR +is 100, and CTDB adds the address to eth2 then the following routing information is added: +.sp +.if n \{\ +.RS 4 +.\} +.nf + ip rule add from 192\&.168\&.1\&.99 pref 100 table ctdb\&.192\&.168\&.1\&.99 + ip route add 192\&.168\&.1\&.0/24 dev eth2 table ctdb\&.192\&.168\&.1\&.99 + +.fi +.if n \{\ +.RE +.\} +.PP +This causes traffic from 192\&.168\&.1\&.1 to 192\&.168\&.1\&.0/24 go via eth2\&. +.PP +The +\fBip rule\fR +command will show (something like \- depending on other public addresses and other routes on the system): +.sp +.if n \{\ +.RS 4 +.\} +.nf + 0: from all lookup local + 100: from 192\&.168\&.1\&.99 lookup ctdb\&.192\&.168\&.1\&.99 + 32766: from all lookup main + 32767: from all lookup default + +.fi +.if n \{\ +.RE +.\} +.PP +\fBip route show table ctdb\&.192\&.168\&.1\&.99\fR +will show: +.sp +.if n \{\ +.RS 4 +.\} +.nf + 192\&.168\&.1\&.0/24 dev eth2 scope link + +.fi +.if n \{\ +.RE +.\} +.PP +The usual use for a line containing a gateway is to add a default route corresponding to a particular source address\&. Consider this line of configuration: +.sp +.if n \{\ +.RS 4 +.\} +.nf + 192\&.168\&.1\&.99 0\&.0\&.0\&.0/0 192\&.168\&.1\&.1 + +.fi +.if n \{\ +.RE +.\} +.PP +In the situation described above this will cause an extra routing command to be executed: +.sp +.if n \{\ +.RS 4 +.\} +.nf + ip route add 0\&.0\&.0\&.0/0 via 192\&.168\&.1\&.1 dev eth2 table ctdb\&.192\&.168\&.1\&.99 + +.fi +.if n \{\ +.RE +.\} +.PP +With both configuration lines, +\fBip route show table ctdb\&.192\&.168\&.1\&.99\fR +will show: +.sp +.if n \{\ +.RS 4 +.\} +.nf + 192\&.168\&.1\&.0/24 dev eth2 scope link + default via 192\&.168\&.1\&.1 dev eth2 + +.fi +.if n \{\ +.RE +.\} +.SS "Sample configuration" +.PP +Here is a more complete example configuration\&. +.sp +.if n \{\ +.RS 4 +.\} +.nf +/usr/local/etc/ctdb/public_addresses: + + 192\&.168\&.1\&.98 eth2,eth3 + 192\&.168\&.1\&.99 eth2,eth3 + +/usr/local/etc/ctdb/policy_routing: + + 192\&.168\&.1\&.98 192\&.168\&.1\&.0/24 + 192\&.168\&.1\&.98 192\&.168\&.200\&.0/24 192\&.168\&.1\&.254 + 192\&.168\&.1\&.98 0\&.0\&.0\&.0/0 192\&.168\&.1\&.1 + 192\&.168\&.1\&.99 192\&.168\&.1\&.0/24 + 192\&.168\&.1\&.99 192\&.168\&.200\&.0/24 192\&.168\&.1\&.254 + 192\&.168\&.1\&.99 0\&.0\&.0\&.0/0 192\&.168\&.1\&.1 + +.fi +.if n \{\ +.RE +.\} +.PP +The routes local packets as expected, the default route is as previously discussed, but packets to 192\&.168\&.200\&.0/24 are routed via the alternate gateway 192\&.168\&.1\&.254\&. +.SH "NOTIFICATIONS" +.PP +When certain state changes occur in CTDB, it can be configured to perform arbitrary actions via notifications\&. For example, sending SNMP traps or emails when a node becomes unhealthy or similar\&. +.PP +The notification mechanism runs all executable files ending in "\&.script" in +/usr/local/etc/ctdb/events/notification/, ignoring any failures and continuing to run all files\&. +.PP +CTDB currently generates notifications after CTDB changes to these states: +.RS 4 +init +.RE +.RS 4 +setup +.RE +.RS 4 +startup +.RE +.RS 4 +healthy +.RE +.RS 4 +unhealthy +.RE +.SH "LOG LEVELS" +.PP +Valid log levels, in increasing order of verbosity, are: +.RS 4 +ERROR +.RE +.RS 4 +WARNING +.RE +.RS 4 +NOTICE +.RE +.RS 4 +INFO +.RE +.RS 4 +DEBUG +.RE +.SH "REMOTE CLUSTER NODES" +.PP +It is possible to have a CTDB cluster that spans across a WAN link\&. For example where you have a CTDB cluster in your datacentre but you also want to have one additional CTDB node located at a remote branch site\&. This is similar to how a WAN accelerator works but with the difference that while a WAN\-accelerator often acts as a Proxy or a MitM, in the ctdb remote cluster node configuration the Samba instance at the remote site IS the genuine server, not a proxy and not a MitM, and thus provides 100% correct CIFS semantics to clients\&. +.PP +See the cluster as one single multihomed samba server where one of the NICs (the remote node) is very far away\&. +.PP +NOTE: This does require that the cluster filesystem you use can cope with WAN\-link latencies\&. Not all cluster filesystems can handle WAN\-link latencies! Whether this will provide very good WAN\-accelerator performance or it will perform very poorly depends entirely on how optimized your cluster filesystem is in handling high latency for data and metadata operations\&. +.PP +To activate a node as being a remote cluster node you need to set the following two parameters in /usr/local/etc/ctdb/ctdb\&.conf for the remote node: +.sp +.if n \{\ +.RS 4 +.\} +.nf +[legacy] + lmaster capability = false + recmaster capability = false + +.fi +.if n \{\ +.RE +.\} +.PP +Verify with the command "ctdb getcapabilities" that that node no longer has the recmaster or the lmaster capabilities\&. +.SH "SEE ALSO" +.PP +\fBctdb\fR(1), +\fBctdbd\fR(1), +\fBctdbd_wrapper\fR(1), +\fBctdb_diagnostics\fR(1), +\fBltdbtool\fR(1), +\fBonnode\fR(1), +\fBping_pong\fR(1), +\fBctdb.conf\fR(5), +\fBctdb-script.options\fR(5), +\fBctdb.sysconfig\fR(5), +\fBctdb-statistics\fR(7), +\fBctdb-tunables\fR(7), +\m[blue]\fB\%http://ctdb.samba.org/\fR\m[] +.SH "AUTHOR" +.br +.PP +This documentation was written by Ronnie Sahlberg, Amitay Isaacs, Martin Schwenke +.SH "COPYRIGHT" +.br +Copyright \(co 2007 Andrew Tridgell, Ronnie Sahlberg +.br +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. +.PP +You should have received a copy of the GNU General Public License along with this program; if not, see +\m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&. +.sp Index: files/man/ctdb.conf.5 =================================================================== --- files/man/ctdb.conf.5 +++ files/man/ctdb.conf.5 @@ -0,0 +1,359 @@ +'\" t +.\" Title: ctdb.conf +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 11/18/2018 +.\" Manual: CTDB - clustered TDB database +.\" Source: ctdb +.\" Language: English +.\" +.TH "CTDB\&.CONF" "5" "11/18/2018" "ctdb" "CTDB \- clustered TDB database" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ctdb.conf \- CTDB configuration file +.SH "DESCRIPTION" +.PP +This file contains CTDB configuration options that affect the operation of CTDB daemons and command\-line tools\&. The default location of this file is +/usr/local/etc/ctdb/ctdb\&.conf\&. +.PP +Note that this is a Samba\-style configuration file, so it has a very different syntax to previous CTDB configuration files\&. +.PP +For event script options please see +\fBctdb-script.options\fR(5)\&. +.PP +Configuration options are grouped into several sections below\&. There are only a few options in each section, allowing them to be ordered (approximately) in decreasing order of importance\&. +.SH "LOGGING CONFIGURATION" +.PP +Options in this section control CTDB\*(Aqs logging\&. They are valid within the +\fIlogging\fR +section of file, indicated by +[logging]\&. +.PP +log level = \fILOGLEVEL\fR +.RS 4 +LOGLEVEL is a string that controls the verbosity of ctdbd\*(Aqs logging\&. See the +LOG LEVELS +section in +\fBctdb\fR(7) +for more details\&. +.sp +Default: +NOTICE +.RE +.PP +location = \fISTRING\fR +.RS 4 +STRING specifies where ctdbd will write its log\&. +.sp +Valid values are: +.PP +file:\fIFILENAME\fR +.RS 4 +FILENAME where ctdbd will write its log\&. This is usually +/var/log/log\&.ctdb\&. +.RE +.PP +syslog[:\fIMETHOD\fR] +.RS 4 +CTDB will log to syslog\&. By default this will use the syslog(3) API\&. +.sp +If METHOD is specified then it specifies an extension that causes logging to be done in a non\-blocking fashion\&. This can be useful under heavy loads that might cause the syslog daemon to dequeue messages too slowly, which would otherwise cause CTDB to block when logging\&. METHOD must be one of: +.PP +nonblocking +.RS 4 +CTDB will log to syslog via +/dev/log +in non\-blocking mode\&. +.RE +.PP +udp +.RS 4 +CTDB will log to syslog via UDP to localhost:514\&. The syslog daemon must be configured to listen on (at least) localhost:514\&. Most implementations will log the messages against hostname "localhost" \- this is a limit of the implementation for compatibility with more syslog daemon implementations\&. +.RE +.PP +udp\-rfc5424 +.RS 4 +As with "udp" but messages are sent in RFC5424 format\&. This method will log the correct hostname but is not as widely implemented in syslog daemons\&. +.RE +.RE +.sp +Default: file:/var/log/log\&.ctdb +.RE +.SH "CLUSTER CONFIGURATION" +.PP +Options in this section affect the CTDB cluster setup\&. They are valid within the +\fIcluster\fR +section of file, indicated by +[cluster]\&. +.PP +recovery lock = \fILOCK\fR +.RS 4 +LOCK specifies the cluster\-wide mutex used to detect and prevent a partitioned cluster (or "split brain")\&. +.sp +For information about the recovery lock please see the +RECOVERY LOCK +section in +\fBctdb\fR(7)\&. +.sp +Default: NONE\&. However, uses of a recovery lock is +\fIstrongly recommended\fR\&. +.RE +.PP +node address = \fIIPADDR\fR +.RS 4 +IPADDR is the private IP address that ctdbd will bind to\&. +.sp +This option is only required when automatic address detection can not be used\&. This can be the case when running multiple ctdbd daemons/nodes on the same physical host (usually for testing), using InfiniBand for the private network or on Linux when sysctl net\&.ipv4\&.ip_nonlocal_bind=1\&. +.sp +Default: CTDB selects the first address from the nodes list that it can bind to\&. See also the +PRIVATE ADDRESS +section in +\fBctdb\fR(7)\&. +.RE +.PP +transport = tcp|ib +.RS 4 +This option specifies which transport to use for ctdbd internode communications on the private network\&. +.sp +ib +means InfiniBand\&. The InfiniBand support is not regularly tested\&. If it is known to be broken then it may be disabled so that a value of +ib +is considered invalid\&. +.sp +Default: +tcp +.RE +.SH "DATABASE CONFIGURATION" +.PP +Options in this section affect the CTDB database setup\&. They are valid within the +\fIdatabase\fR +section of file, indicated by +[database]\&. +.PP +volatile database directory = \fIDIRECTORY\fR +.RS 4 +DIRECTORY on local storage where CTDB keeps a local copy of volatile TDB databases\&. This directory is local for each node and should not be stored on the shared cluster filesystem\&. +.sp +Mounting a tmpfs (or similar memory filesystem) on this directory can provide a significant performance improvement when there is I/O contention on the local disk\&. +.sp +Default: +/var/lib/ctdb/volatile +.RE +.PP +persistent database directory=\fIDIRECTORY\fR +.RS 4 +DIRECTORY on local storage where CTDB keeps a local copy of persistent TDB databases\&. This directory is local for each node and should not be stored on the shared cluster filesystem\&. +.sp +Default: +/var/lib/ctdb/persistent +.RE +.PP +state database directory = \fIDIRECTORY\fR +.RS 4 +DIRECTORY on local storage where CTDB keeps a local copy of internal state TDB databases\&. This directory is local for each node and should not be stored on the shared cluster filesystem\&. +.sp +Default: +/var/lib/ctdb/state +.RE +.PP +tdb mutexes = true|false +.RS 4 +This parameter enables TDB_MUTEX_LOCKING feature on volatile databases if the robust mutexes are supported\&. This optimizes the record locking using robust mutexes and is much more efficient that using posix locks\&. +.sp +If robust mutexes are unreliable on the platform being used then they can be disabled by setting this to +false\&. +.RE +.PP +lock debug script = \fIFILENAME\fR +.RS 4 +FILENAME is a script used by CTDB\*(Aqs database locking code to attempt to provide debugging information when CTDB is unable to lock an entire database or a record\&. +.sp +This script should be a bare filename relative to the CTDB configuration directory (/usr/local/etc/ctdb/)\&. Any directory prefix is ignored and the path is calculated relative to this directory\&. +.sp +CTDB provides a lock debugging script and installs it as +/usr/local/etc/ctdb/debug_locks\&.sh\&. +.sp +Default: NONE +.RE +.SH "EVENT HANDLING CONFIGURATION" +.PP +Options in this section affect CTDB event handling\&. They are valid within the +\fIevent\fR +section of file, indicated by +[event]\&. +.PP +debug script = \fIFILENAME\fR +.RS 4 +FILENAME is a script used by CTDB\*(Aqs event handling code to attempt to provide debugging information when an event times out\&. +.sp +This script should be a bare filename relative to the CTDB configuration directory (/usr/local/etc/ctdb/)\&. Any directory prefix is ignored and the path is calculated relative to this directory\&. +.sp +CTDB provides a script for debugging timed out event scripts and installs it as +/usr/local/etc/ctdb/debug\-hung\-script\&.sh\&. +.sp +Default: NONE +.RE +.SH "FAILOVER CONFIGURATION" +.PP +Options in this section affect CTDB failover\&. They are valid within the +\fIfailover\fR +section of file, indicated by +[failover]\&. +.PP +disabled = true|false +.RS 4 +If set to +true +then public IP failover is disabled\&. +.sp +Default: +false +.RE +.SH "LEGACY CONFIGURATION" +.PP +Options in this section affect legacy CTDB setup\&. They are valid within the +\fIlegacy\fR +section of file, indicated by +[legacy]\&. +.PP +ctdb start as stopped = true|false +.RS 4 +If set to +true +CTDB starts in the STOPPED state\&. +.sp +To allow the node to take part in the cluster it must be manually continued with the the +\fBctdb continue\fR +command\&. +.sp +Please see the +NODE STATES +section in +\fBctdb\fR(7) +for more information about the STOPPED state\&. +.sp +Default: +false +.RE +.PP +start as disabled = true|false +.RS 4 +If set to +true +CTDB starts in the DISABLED state\&. +.sp +To allow the node to host public IP addresses and services, it must be manually enabled using the +\fBctdb enable\fR +command\&. +.sp +Please see the +NODE STATES +section in +\fBctdb\fR(7) +for more information about the DISABLED state\&. +.sp +Default: +false +.RE +.PP +realtime scheduling = true|false +.RS 4 +Usually CTDB runs with real\-time priority\&. This helps it to perform effectively on a busy system, such as when there are thousands of Samba clients\&. If you are running CTDB on a platform that does not support real\-time priority, you can set this to +false\&. +.sp +Default: +true +.RE +.PP +recmaster capability = true|false +.RS 4 +Indicates whether a node can become the recovery master for the cluster\&. If this is set to +false +then the node will not be able to become the recovery master for the cluster\&. This feature is primarily used for making a cluster span across a WAN link and use CTDB as a WAN\-accelerator\&. +.sp +Please see the +REMOTE CLUSTER NODES +section in +\fBctdb\fR(7) +for more information\&. +.sp +Default: +true +.RE +.PP +lmaster capability = true|false +.RS 4 +Indicates whether a node can become a location master for records in a database\&. If this is set to +false +then the node will not be part of the vnnmap\&. This feature is primarily used for making a cluster span across a WAN link and use CTDB as a WAN\-accelerator\&. +.sp +Please see the +REMOTE CLUSTER NODES +section in +\fBctdb\fR(7) +for more information\&. +.sp +Default: +true +.RE +.PP +script log level = \fILOGLEVEL\fR +.RS 4 +This option sets the debug level of event script output to LOGLEVEL\&. +.sp +See the +DEBUG LEVELS +section in +\fBctdb\fR(7) +for more information\&. +.sp +Default: +ERROR +.RE +.SH "FILES" +.RS 4 +/usr/local/etc/ctdb/ctdb\&.conf +.RE +.SH "SEE ALSO" +.PP +\fBctdbd\fR(1), +\fBonnode\fR(1), +\fBctdb.sysconfig\fR(5), +\fBctdb-script.options\fR(5), +\fBctdb\fR(7), +\fBctdb-tunables\fR(7), +\m[blue]\fB\%http://ctdb.samba.org/\fR\m[] +.SH "AUTHOR" +.br +.PP +This documentation was written by Amitay Isaacs, Martin Schwenke +.SH "COPYRIGHT" +.br +Copyright \(co 2007 Andrew Tridgell, Ronnie Sahlberg +.br +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. +.PP +You should have received a copy of the GNU General Public License along with this program; if not, see +\m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&. +.sp Index: files/man/ctdb.sysconfig.5 =================================================================== --- files/man/ctdb.sysconfig.5 +++ files/man/ctdb.sysconfig.5 @@ -0,0 +1,139 @@ +'\" t +.\" Title: ctdb.sysconfig +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 11/18/2018 +.\" Manual: CTDB - clustered TDB database +.\" Source: ctdb +.\" Language: English +.\" +.TH "CTDB\&.SYSCONFIG" "5" "11/18/2018" "ctdb" "CTDB \- clustered TDB database" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ctdb.sysconfig \- CTDB daemon configuration file +.SH "DESCRIPTION" +.PP +This file contains configuration that affects the operation of CTDB\&. This is a distribution\-specific service configuration file such as +/etc/sysconfig/ctdb +(Red Hat) or +/etc/default/ctdb +(Debian) and is a shell script (see +\fBsh\fR(1))\&. +.SH "GLOBAL CONFIGURATION" +.PP +CTDB_INIT_STYLE=debian|redhat|suse +.RS 4 +This is the init style used by the Linux distribution (or other operating system) being used\&. This is usually determined dynamically by checking the system\&. This variable is used by the initscript to determine which init system primitives to use\&. It is also used by some eventscripts to choose the name of initscripts for certain services, since these can vary between distributions\&. +.sp +If using CTDB\*(Aqs event scripts are unable to determine an appropriate default then this option can also be placed in a relevant +\fBctdb-script.options\fR(5) +file\&. +.sp +Default: NONE\&. Guessed, based on features of distribution\&. +.RE +.PP +CTDB_STARTUP_TIMEOUT=\fINUM\fR +.RS 4 +NUM is the number of seconds to wait for +\fBctdbd\fR(1) +complete early initialisation up to a point where it is unlikely to abort\&. If +\fBctdbd\fR +doesn\*(Aqt complete the "setup" event before this timeout then it is killed\&. +.sp +Defaults: 10 +.RE +.SH "RESOURCE LIMITS" +.SS "Maximum number of open files" +.PP +CTDB can use a lot of file descriptors, especially when used with Samba\&. If there are thousands of smbd processes connected to CTDB when this can mean that thousands of file descriptors are used\&. For CTDB, it is often necessary to increase limit on the maximum number of open files\&. +.PP +The maximum number of open files should be configured using an operating system mechanism\&. +.PP +systemd +.RS 4 +The +LimitNOFILE=\fBLIMIT\fR +option can be used in a unit/service file increase the maximum number of open files\&. See +\fBsystemd.exec\fR(5) +for details\&. +.RE +.PP +SYSV init +.RS 4 +Use a command like +\fBulimit \-n \fR\fB\fBLIMIT\fR\fR +to increase the maximum number of open files\&. This command can be put in the relevant distribution\-specific service configuration file\&. +.RE +.SS "Allowing core dumps" +.PP +Many distributions do not allow core dump files to be generated by default\&. To assist with debugging, core files can be enabled\&. This should be configured using an operating system mechanism\&. +.PP +systemd +.RS 4 +The +LimitCORE=0|unlimited +option can be used in a unit/service file\&. +0 +disallows core files, +unlimited +allows them\&. maximum number of open files\&. See +\fBsystemd.exec\fR(5) +for details\&. +.RE +.PP +SYSV init +.RS 4 +Use a command like +\fBulimit \-c 0|unlimited\fR +to disable or enable core files as required\&. This command can be put in the relevant distribution\-specific service configuration file\&. +.RE +.SH "FILES" +.RS 4 +/etc/sysconfig/ctdb +.RE +.RS 4 +/etc/default/ctdb +.RE +.RS 4 +/usr/local/etc/ctdb/script\&.options +.RE +.SH "SEE ALSO" +.PP +\fBctdbd\fR(1), +\fBctdb-script.options\fR(5), +\fBctdb\fR(7), +\m[blue]\fB\%http://ctdb.samba.org/\fR\m[] +.SH "AUTHOR" +.br +.PP +This documentation was written by Martin Schwenke +.SH "COPYRIGHT" +.br +Copyright \(co 2007 Andrew Tridgell, Ronnie Sahlberg +.br +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. +.PP +You should have received a copy of the GNU General Public License along with this program; if not, see +\m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&. +.sp Index: files/man/ctdb_diagnostics.1 =================================================================== --- files/man/ctdb_diagnostics.1 +++ files/man/ctdb_diagnostics.1 @@ -0,0 +1,79 @@ +'\" t +.\" Title: ctdb_diagnostics +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 11/18/2018 +.\" Manual: CTDB - clustered TDB database +.\" Source: ctdb +.\" Language: English +.\" +.TH "CTDB_DIAGNOSTICS" "1" "11/18/2018" "ctdb" "CTDB \- clustered TDB database" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ctdb_diagnostics \- dump diagnostic information about CTDB/Samba installation +.SH "SYNOPSIS" +.HP \w'\fBctdb_diagnostics\fR\ 'u +\fBctdb_diagnostics\fR [OPTIONS] \&.\&.\&. +.SH "DESCRIPTION" +.PP +ctdb_diagnostics is used to dump diagnostic information about a clustered Samba installation\&. This includes configuration files, output of relevant commands and logs\&. This information can be used to check the correctness of the configuration and to diagnose problems\&. +.SH "OPTIONS" +.PP +\-n +.RS 4 +Comma separated list of nodes to operate on +.RE +.PP +\-c +.RS 4 +Ignore comment lines (starting with \*(Aq#\*(Aq) in file comparisons +.RE +.PP +\-w +.RS 4 +Ignore whitespace in file comparisons +.RE +.PP +\-\-no\-ads +.RS 4 +Do not use commands that assume an Active Directory Server +.RE +.SH "SEE ALSO" +.PP +\fBctdb\fR(1), +\fBctdb\fR(7), +\m[blue]\fB\%https://ctdb.samba.org/\fR\m[] +.SH "AUTHOR" +.br +.PP +This documentation was written by Martijn van Brummelen +.SH "COPYRIGHT" +.br +Copyright \(co 2015 Martijn van Brummelen +.br +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. +.PP +You should have received a copy of the GNU General Public License along with this program; if not, see +\m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&. +.sp Index: files/man/ctdbd.1 =================================================================== --- files/man/ctdbd.1 +++ files/man/ctdbd.1 @@ -0,0 +1,81 @@ +'\" t +.\" Title: ctdbd +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 11/18/2018 +.\" Manual: CTDB - clustered TDB database +.\" Source: ctdb +.\" Language: English +.\" +.TH "CTDBD" "1" "11/18/2018" "ctdb" "CTDB \- clustered TDB database" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ctdbd \- The CTDB cluster daemon +.SH "SYNOPSIS" +.HP \w'\fBctdbd\fR\ 'u +\fBctdbd\fR [\fIOPTION\fR...] +.SH "DESCRIPTION" +.PP +ctdbd is the main CTDB daemon\&. +.PP +Note that ctdbd is not usually invoked directly\&. It is invoked via +\fBctdbd_wrapper\fR(1) +or via the initscript\&. +.PP +See +\fBctdb\fR(7) +for an overview of CTDB\&. +.SH "GENERAL OPTIONS" +.PP +\-i, \-\-interactive +.RS 4 +Enable interactive mode\&. This will make ctdbd run in the foreground and not detach from the terminal\&. By default ctdbd will detach itself and run in the background as a daemon\&. +.RE +.PP +\-?, \-\-help +.RS 4 +Display a summary of options\&. +.RE +.SH "SEE ALSO" +.PP +\fBctdb\fR(1), +\fBctdbd_wrapper\fR(1), +\fBonnode\fR(1), +\fBctdb.conf\fR(5), +\fBctdb\fR(7), +\fBctdb-tunables\fR(7), +\m[blue]\fB\%http://ctdb.samba.org/\fR\m[] +.SH "AUTHOR" +.br +.PP +This documentation was written by Ronnie Sahlberg, Amitay Isaacs, Martin Schwenke +.SH "COPYRIGHT" +.br +Copyright \(co 2007 Andrew Tridgell, Ronnie Sahlberg +.br +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. +.PP +You should have received a copy of the GNU General Public License along with this program; if not, see +\m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&. +.sp Index: files/man/ctdbd_wrapper.1 =================================================================== --- files/man/ctdbd_wrapper.1 +++ files/man/ctdbd_wrapper.1 @@ -0,0 +1,63 @@ +'\" t +.\" Title: ctdbd_wrapper +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 11/18/2018 +.\" Manual: CTDB - clustered TDB database +.\" Source: ctdb +.\" Language: English +.\" +.TH "CTDBD_WRAPPER" "1" "11/18/2018" "ctdb" "CTDB \- clustered TDB database" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ctdbd_wrapper \- Wrapper for ctdbd +.SH "SYNOPSIS" +.HP \w'\fBctdbd_wrapper\fR\ 'u +\fBctdbd_wrapper\fR {start | stop} +.SH "DESCRIPTION" +.PP +ctdbd_wrapper is used to start or stop the main CTDB daemon\&. +.PP +See +\fBctdb\fR(7) +for an overview of CTDB\&. +.SH "SEE ALSO" +.PP +\fBctdbd\fR(1), +\fBctdb.sysconfig\fR(5), +\fBctdb\fR(7), +\m[blue]\fB\%http://ctdb.samba.org/\fR\m[] +.SH "AUTHOR" +.br +.PP +This documentation was written by Amitay Isaacs, Martin Schwenke +.SH "COPYRIGHT" +.br +Copyright \(co 2007 Andrew Tridgell, Ronnie Sahlberg +.br +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. +.PP +You should have received a copy of the GNU General Public License along with this program; if not, see +\m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&. +.sp Index: files/man/gentest.1 =================================================================== --- files/man/gentest.1 +++ files/man/gentest.1 @@ -0,0 +1,133 @@ +'\" t +.\" Title: gentest +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 03/21/2017 +.\" Manual: Test Suite +.\" Source: Samba 4.0 +.\" Language: English +.\" +.TH "GENTEST" "1" "03/21/2017" "Samba 4\&.0" "Test Suite" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +gentest \- Run random generic SMB operations against two SMB servers and show the differences in behavior +.SH "SYNOPSIS" +.HP \w'\fBgentest\fR\ 'u +\fBgentest\fR {//server1/share1} {//server2/share2} {\-U\ user%pass} {\-U\ user%pass} [\-s\ seed] [\-o\ numops] [\-a] [\-A] [\-i\ FILE] [\-O] [\-S\ FILE] [\-L] [\-F] [\-C] [\-X] +.SH "DESCRIPTION" +.PP +gentest +is a utility for detecting differences in behaviour between SMB servers\&. It will run a random set of generic operations against +\fI//server1/share1\fR +and then the same random set against +\fI//server2/share2\fR +and display the differences in the responses it gets\&. +.PP +This utility is used by the Samba team to find differences in behaviour between Samba and Windows servers\&. +.SH "OPTIONS" +.PP +\-U user%pass +.RS 4 +Specify the user and password to use when logging on on the shares\&. This parameter is mandatory and has to be specified twice\&. +.RE +.PP +\-s seed +.RS 4 +Seed the random number generator with the specified value\&. +.RE +.PP +\-o numops +.RS 4 +Set the number of operations to perform\&. +.RE +.PP +\-a +.RS 4 +Print the operations that are performed\&. +.RE +.PP +\-A +.RS 4 +Backtrack to find minimal number of operations required to make the response to a certain call differ\&. +.RE +.PP +\-i FILE +.RS 4 +Specify a file containing the names of fields that have to be ignored (such as time fields)\&. See below for a description of the file format\&. +.RE +.PP +\-O +.RS 4 +Enable oplocks\&. +.RE +.PP +\-S FILE +.RS 4 +Set preset seeds file\&. The default is +gentest_seeds\&.dat\&. +.RE +.PP +\-L +.RS 4 +Use preset seeds +.RE +.PP +\-F +.RS 4 +Fast reconnect (just close files) +.RE +.PP +\-C +.RS 4 +Continuous analysis mode +.RE +.PP +\-X +.RS 4 +Analyse even when the test succeeded\&. +.RE +.SH "VERSION" +.PP +This man page is correct for version 4\&.0 of the Samba suite\&. +.SH "SEE ALSO" +.PP +Samba +.SH "AUTHOR" +.PP +This utility is part of the +\m[blue]\fBSamba\fR\m[]\&\s-2\u[1]\d\s+2 +suite, which is developed by the global +\m[blue]\fBSamba Team\fR\m[]\&\s-2\u[2]\d\s+2\&. +.PP +gentest was written by Andrew Tridgell\&. +.PP +This manpage was written by Jelmer Vernooij\&. +.SH "NOTES" +.IP " 1." 4 +Samba +.RS 4 +\%http://www.samba.org/ +.RE +.IP " 2." 4 +Samba Team +.RS 4 +\%http://www.samba.org/samba/team/ +.RE Index: files/man/ldbadd.1 =================================================================== --- files/man/ldbadd.1 +++ files/man/ldbadd.1 @@ -0,0 +1,78 @@ +'\" t +.\" Title: ldbadd +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 11/05/2017 +.\" Manual: System Administration tools +.\" Source: LDB 1.1 +.\" Language: English +.\" +.TH "LDBADD" "1" "11/05/2017" "LDB 1\&.1" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ldbadd \- Command\-line utility for adding records to an LDB +.SH "SYNOPSIS" +.HP \w'\fBldbadd\fR\ 'u +\fBldbadd\fR [\-h] [\-H\ LDB\-URL] [ldif\-file1] [ldif\-file2] [\&.\&.\&.] +.SH "DESCRIPTION" +.PP +ldbadd adds records to an ldb(3) database\&. It reads the ldif(5) files specified on the command line and adds the records from these files to the LDB database, which is specified by the \-H option or the LDB_URL environment variable\&. +.PP +If \- is specified as a ldb file, the ldif input is read from standard input\&. +.SH "OPTIONS" +.PP +\-h +.RS 4 +Show list of available options\&. +.RE +.PP +\-H +.RS 4 +LDB URL to connect to\&. See ldb(3) for details\&. +.RE +.SH "ENVIRONMENT" +.PP +LDB_URL +.RS 4 +LDB URL to connect to (can be overrided by using the \-H command\-line option\&.) +.RE +.SH "VERSION" +.PP +This man page is correct for version 1\&.1 of LDB\&. +.SH "SEE ALSO" +.PP +ldb(3), ldbmodify, ldbdel, ldif(5) +.SH "AUTHOR" +.PP +ldb was written by +\m[blue]\fBAndrew Tridgell\fR\m[]\&\s-2\u[1]\d\s+2\&. +.PP +If you wish to report a problem or make a suggestion then please see the +\m[blue]\fB\%http://ldb.samba.org/\fR\m[] +web site for current contact and maintainer information\&. +.PP +This manpage was written by Jelmer Vernooij\&. +.SH "NOTES" +.IP " 1." 4 +Andrew Tridgell +.RS 4 +\%https://www.samba.org/~tridge/ +.RE Index: files/man/ldbdel.1 =================================================================== --- files/man/ldbdel.1 +++ files/man/ldbdel.1 @@ -0,0 +1,80 @@ +'\" t +.\" Title: ldbdel +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 11/05/2017 +.\" Manual: System Administration tools +.\" Source: LDB 1.1 +.\" Language: English +.\" +.TH "LDBDEL" "1" "11/05/2017" "LDB 1\&.1" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ldbdel \- Command\-line program for deleting LDB records +.SH "SYNOPSIS" +.HP \w'\fBldbdel\fR\ 'u +\fBldbdel\fR [\-h] [\-H\ LDB\-URL] [dn] [\&.\&.\&.] +.SH "DESCRIPTION" +.PP +ldbdel deletes records from an ldb(3) database\&. It deletes the records identified by the dn\*(Aqs specified on the command\-line\&. +.PP +ldbdel uses either the database that is specified with the \-H option or the database specified by the LDB_URL environment variable\&. +.SH "OPTIONS" +.PP +\-h +.RS 4 +Show list of available options\&. +.RE +.PP +\-H +.RS 4 +LDB URL to connect to\&. See ldb(3) for details\&. +.RE +.SH "ENVIRONMENT" +.PP +LDB_URL +.RS 4 +LDB URL to connect to (can be overrided by using the \-H command\-line option\&.) +.RE +.SH "VERSION" +.PP +This man page is correct for version 1\&.1 of LDB\&. +.SH "SEE ALSO" +.PP +ldb(3), ldbmodify, ldbadd, ldif(5) +.SH "AUTHOR" +.PP +ldb was written by +\m[blue]\fBAndrew Tridgell\fR\m[]\&\s-2\u[1]\d\s+2\&. +.PP +If you wish to report a problem or make a suggestion then please see the +\m[blue]\fB\%http://ldb.samba.org/\fR\m[] +web site for current contact and maintainer information\&. +.PP +ldbdel was written by Andrew Tridgell\&. +.PP +This manpage was written by Jelmer Vernooij\&. +.SH "NOTES" +.IP " 1." 4 +Andrew Tridgell +.RS 4 +\%https://www.samba.org/~tridge/ +.RE Index: files/man/ldbedit.1 =================================================================== --- files/man/ldbedit.1 +++ files/man/ldbedit.1 @@ -0,0 +1,111 @@ +'\" t +.\" Title: ldbedit +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 11/05/2017 +.\" Manual: System Administration tools +.\" Source: LDB 1.1 +.\" Language: English +.\" +.TH "LDBEDIT" "1" "11/05/2017" "LDB 1\&.1" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ldbedit \- Edit LDB databases using your preferred editor +.SH "SYNOPSIS" +.HP \w'\fBldbedit\fR\ 'u +\fBldbedit\fR [\-?] [\-\-usage] [\-s\ base|one|sub] [\-b\ basedn] [\-a] [\-e\ editor] [\-H\ LDB\-URL] [expression] [attributes...] +.SH "DESCRIPTION" +.PP +ldbedit is a utility that allows you to edit LDB entries (in tdb files, sqlite files or LDAP servers) using your preferred editor\&. ldbedit generates an LDIF file based on your query, allows you to edit the LDIF, and then merges that LDIF back into the LDB backend\&. +.SH "OPTIONS" +.PP +\-?, \-\-help +.RS 4 +Show list of available options, and a phrase describing what that option does\&. +.RE +.PP +\-\-usage +.RS 4 +Show list of available options\&. This is similar to the help option, however it does not provide any description, and is hence shorter\&. +.RE +.PP +\-H +.RS 4 +LDB URL to connect to\&. For a tdb database, this will be of the form tdb://\fIfilename\fR\&. For a LDAP connection over unix domain sockets, this will be of the form ldapi://\fIsocket\fR\&. For a (potentially remote) LDAP connection over TCP, this will be of the form ldap://\fIhostname\fR\&. For an SQLite database, this will be of the form sqlite://\fIfilename\fR\&. +.RE +.PP +\-s one|sub|base +.RS 4 +Search scope to use\&. One\-level, subtree or base\&. +.RE +.PP +\-a, \-all +.RS 4 +Edit all records\&. This allows you to apply the same change to a number of records at once\&. You probably want to combine this with an expression of the form "objectclass=*"\&. +.RE +.PP +\-e editor, \-\-editor editor +.RS 4 +Specify the editor that should be used (overrides the VISUAL and EDITOR environment variables)\&. If this option is not used, and neither VISUAL nor EDITOR environment variables are set, then the vi editor will be used\&. +.RE +.PP +\-b basedn +.RS 4 +Specify Base Distinguished Name to use\&. +.RE +.PP +\-v, \-\-verbose +.RS 4 +Make ldbedit more verbose about the operations that are being performed\&. Without this option, ldbedit will only provide a summary change line\&. +.RE +.SH "ENVIRONMENT" +.PP +LDB_URL +.RS 4 +LDB URL to connect to\&. This can be overridden by using the \-H command\-line option\&.) +.RE +.PP +VISUAL and EDITOR +.RS 4 +Environment variables used to determine what editor to use\&. VISUAL takes precedence over EDITOR, and both are overridden by the \-e command\-line option\&. +.RE +.SH "VERSION" +.PP +This man page is correct for version 1\&.1 of LDB\&. +.SH "SEE ALSO" +.PP +ldb(3), ldbmodify(1), ldbdel(1), ldif(5), vi(1) +.SH "AUTHOR" +.PP +ldb was written by +\m[blue]\fBAndrew Tridgell\fR\m[]\&\s-2\u[1]\d\s+2\&. +.PP +If you wish to report a problem or make a suggestion then please see the +\m[blue]\fB\%http://ldb.samba.org/\fR\m[] +web site for current contact and maintainer information\&. +.PP +This manpage was written by Jelmer Vernooij and updated by Brad Hards\&. +.SH "NOTES" +.IP " 1." 4 +Andrew Tridgell +.RS 4 +\%https://www.samba.org/~tridge/ +.RE Index: files/man/ldbmodify.1 =================================================================== --- files/man/ldbmodify.1 +++ files/man/ldbmodify.1 @@ -0,0 +1,73 @@ +'\" t +.\" Title: ldbmodify +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 11/05/2017 +.\" Manual: System Administration tools +.\" Source: LDB 1.1 +.\" Language: English +.\" +.TH "LDBMODIFY" "1" "11/05/2017" "LDB 1\&.1" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ldbmodify \- Modify records in a LDB database +.SH "SYNOPSIS" +.HP \w'\fBldbmodify\fR\ 'u +\fBldbmodify\fR [\-H\ LDB\-URL] [ldif\-file] +.SH "DESCRIPTION" +.PP +ldbmodify changes, adds and deletes records in a LDB database\&. The changes that should be made to the LDB database are read from the specified LDIF\-file\&. If \- is specified as the filename, input is read from stdin\&. +.PP +For now, see ldapmodify(1) for details on the LDIF file format\&. +.SH "OPTIONS" +.PP +\-H +.RS 4 +LDB URL to connect to\&. See ldb(3) for details\&. +.RE +.SH "ENVIRONMENT" +.PP +LDB_URL +.RS 4 +LDB URL to connect to (can be overrided by using the \-H command\-line option\&.) +.RE +.SH "VERSION" +.PP +This man page is correct for version 1\&.1 of LDB\&. +.SH "SEE ALSO" +.PP +ldb(3), ldbedit +.SH "AUTHOR" +.PP +ldb was written by +\m[blue]\fBAndrew Tridgell\fR\m[]\&\s-2\u[1]\d\s+2\&. +.PP +If you wish to report a problem or make a suggestion then please see the +\m[blue]\fB\%http://ldb.samba.org/\fR\m[] +web site for current contact and maintainer information\&. +.PP +This manpage was written by Jelmer Vernooij\&. +.SH "NOTES" +.IP " 1." 4 +Andrew Tridgell +.RS 4 +\%https://www.samba.org/~tridge/ +.RE Index: files/man/ldbrename.1 =================================================================== --- files/man/ldbrename.1 +++ files/man/ldbrename.1 @@ -0,0 +1,81 @@ +'\" t +.\" Title: ldbrename +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 11/05/2017 +.\" Manual: System Administration tools +.\" Source: LDB 1.1 +.\" Language: English +.\" +.TH "LDBRENAME" "1" "11/05/2017" "LDB 1\&.1" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ldbrename \- Edit LDB databases using your favorite editor +.SH "SYNOPSIS" +.HP \w'\fBldbrename\fR\ 'u +\fBldbrename\fR [\-h] [\-o\ options] {olddn} {newdn} +.SH "DESCRIPTION" +.PP +ldbrename is a utility that allows you to rename trees in an LDB database based by DN\&. This utility takes two arguments: the original DN name of the top element and the DN to change it to\&. +.SH "OPTIONS" +.PP +\-h +.RS 4 +Show list of available options\&. +.RE +.PP +\-H +.RS 4 +LDB URL to connect to\&. See ldb(3) for details\&. +.RE +.PP +\-o options +.RS 4 +Extra ldb options, such as modules\&. +.RE +.SH "ENVIRONMENT" +.PP +LDB_URL +.RS 4 +LDB URL to connect to (can be overrided by using the \-H command\-line option\&.) +.RE +.SH "VERSION" +.PP +This man page is correct for version 1\&.1 of LDB\&. +.SH "SEE ALSO" +.PP +ldb(3), ldbmodify, ldbdel, ldif(5) +.SH "AUTHOR" +.PP +ldb was written by +\m[blue]\fBAndrew Tridgell\fR\m[]\&\s-2\u[1]\d\s+2\&. +.PP +If you wish to report a problem or make a suggestion then please see the +\m[blue]\fB\%http://ldb.samba.org/\fR\m[] +web site for current contact and maintainer information\&. +.PP +This manpage was written by Jelmer Vernooij\&. +.SH "NOTES" +.IP " 1." 4 +Andrew Tridgell +.RS 4 +\%https://www.samba.org/~tridge/ +.RE Index: files/man/ldbsearch.1 =================================================================== --- files/man/ldbsearch.1 +++ files/man/ldbsearch.1 @@ -0,0 +1,91 @@ +'\" t +.\" Title: ldbsearch +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 11/05/2017 +.\" Manual: System Administration tools +.\" Source: LDB 1.1 +.\" Language: English +.\" +.TH "LDBSEARCH" "1" "11/05/2017" "LDB 1\&.1" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ldbsearch \- Search for records in a LDB database +.SH "SYNOPSIS" +.HP \w'\fBldbsearch\fR\ 'u +\fBldbsearch\fR [\-h] [\-s\ base|one|sub] [\-b\ basedn] [\-i] [\-H\ LDB\-URL] [expression] [attributes] +.SH "DESCRIPTION" +.PP +ldbsearch searches a LDB database for records matching the specified expression (see the ldapsearch(1) manpage for a description of the expression format)\&. For each record, the specified attributes are printed\&. +.SH "OPTIONS" +.PP +\-h +.RS 4 +Show list of available options\&. +.RE +.PP +\-H +.RS 4 +LDB URL to connect to\&. See ldb(3) for details\&. +.RE +.PP +\-s one|sub|base +.RS 4 +Search scope to use\&. One\-level, subtree or base\&. +.RE +.PP +\-i +.RS 4 +Read search expressions from stdin\&. +.RE +.PP +\-b basedn +.RS 4 +Specify Base DN to use\&. +.RE +.SH "ENVIRONMENT" +.PP +LDB_URL +.RS 4 +LDB URL to connect to (can be overrided by using the \-H command\-line option\&.) +.RE +.SH "VERSION" +.PP +This man page is correct for version 1\&.1 of LDB\&. +.SH "SEE ALSO" +.PP +ldb(3), ldbedit(1) +.SH "AUTHOR" +.PP +ldb was written by +\m[blue]\fBAndrew Tridgell\fR\m[]\&\s-2\u[1]\d\s+2\&. +.PP +If you wish to report a problem or make a suggestion then please see the +\m[blue]\fB\%http://ldb.samba.org/\fR\m[] +web site for current contact and maintainer information\&. +.PP +This manpage was written by Jelmer Vernooij\&. +.SH "NOTES" +.IP " 1." 4 +Andrew Tridgell +.RS 4 +\%https://www.samba.org/~tridge/ +.RE Index: files/man/locktest.1 =================================================================== --- files/man/locktest.1 +++ files/man/locktest.1 @@ -0,0 +1,137 @@ +'\" t +.\" Title: locktest +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 03/21/2017 +.\" Manual: Test Suite +.\" Source: Samba 4.0 +.\" Language: English +.\" +.TH "LOCKTEST" "1" "03/21/2017" "Samba 4\&.0" "Test Suite" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +locktest \- Find differences in locking between two SMB servers +.SH "SYNOPSIS" +.HP \w'\fBlocktest\fR\ 'u +\fBlocktest\fR {//server1/share1} {//server2/share2} [\-U\ user%pass] [\-U\ user%pass] [\-s\ seed] [\-o\ numops] [\-a] [\-O] [\-E] [\-Z] [\-R\ range] [\-B\ base] [\-M\ min] +.SH "DESCRIPTION" +.PP +locktest +is a utility for detecting differences in behaviour in locking between SMB servers\&. It will run a random set of locking operations against +\fI//server1/share1\fR +and then the same random set against +\fI//server2/share2\fR +and display the differences in the responses it gets\&. +.PP +This utility is used by the Samba team to find differences in behaviour between Samba and Windows servers\&. +.SH "OPTIONS" +.PP +\-U user%pass +.RS 4 +Specify the user and password to use when logging on on the shares\&. This parameter can be specified twice (once for the first server, once for the second)\&. +.RE +.PP +\-s seed +.RS 4 +Seed the random number generator with the specified value\&. +.RE +.PP +\-o numops +.RS 4 +Set the number of operations to perform\&. +.RE +.PP +\-a +.RS 4 +Print the operations that are performed\&. +.RE +.PP +\-A +.RS 4 +Backtrack to find minimal number of operations required to make the response to a certain call differ\&. +.RE +.PP +\-O +.RS 4 +Enable oplocks\&. +.RE +.PP +\-u +.RS 4 +Hide unlock fails\&. +.RE +.PP +\-E +.RS 4 +enable exact error code checking +.RE +.PP +\-Z +.RS 4 +enable the zero/zero lock +.RE +.PP +\-R range +.RS 4 +set lock range +.RE +.PP +\-B base +.RS 4 +set lock base +.RE +.PP +\-M min +.RS 4 +set min lock length +.RE +.PP +\-k +.RS 4 +Use kerberos +.RE +.SH "VERSION" +.PP +This man page is correct for version 4\&.0 of the Samba suite\&. +.SH "SEE ALSO" +.PP +Samba +.SH "AUTHOR" +.PP +This utility is part of the +\m[blue]\fBSamba\fR\m[]\&\s-2\u[1]\d\s+2 +suite, which is developed by the global +\m[blue]\fBSamba Team\fR\m[]\&\s-2\u[2]\d\s+2\&. +.PP +locktest was written by Andrew Tridgell\&. +.PP +This manpage was written by Jelmer Vernooij\&. +.SH "NOTES" +.IP " 1." 4 +Samba +.RS 4 +\%http://www.samba.org/ +.RE +.IP " 2." 4 +Samba Team +.RS 4 +\%http://www.samba.org/samba/team/ +.RE Index: files/man/ltdbtool.1 =================================================================== --- files/man/ltdbtool.1 +++ files/man/ltdbtool.1 @@ -0,0 +1,256 @@ +'\" t +.\" Title: ltdbtool +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 11/20/2017 +.\" Manual: CTDB - clustered TDB database +.\" Source: ctdb +.\" Language: English +.\" +.TH "LTDBTOOL" "1" "11/20/2017" "ctdb" "CTDB \- clustered TDB database" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ltdbtool \- manipulate CTDB\*(Aqs local TDB files +.SH "SYNOPSIS" +.HP \w'\fBltdbtool\fR\ 'u +\fBltdbtool\fR [\fIOPTION\fR...] {\fICOMMAND\fR} [\fICOMMAND\-ARGS\fR] +.SH "DESCRIPTION" +.PP +ltdbtool is a utility to manipulate CTDB\*(Aqs local TDB databases (LTDBs) without connecting to a CTDB daemon\&. +.PP +It can be used to: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +dump the contents of a LTDB, optionally printing the CTDB record header information, +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +convert between an LTDB and a non\-clustered tdb by adding or removing CTDB headers and +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +convert between 64 and 32 bit LTDBs where the CTDB record headers differ by 4 bytes of padding\&. +.RE +.SH "OPTIONS" +.PP +\-e +.RS 4 +Dump empty records\&. These are normally excluded\&. +.RE +.PP +\-p +.RS 4 +Dump with header information, similar to "ctdb catdb"\&. +.RE +.PP +\-s {0 | 32 | 64} +.RS 4 +Specify how to determine the CTDB record header size for the input database: +.PP +0 +.RS 4 +no CTDB header +.RE +.PP +32 +.RS 4 +CTDB header size of a 32 bit system (20 bytes) +.RE +.PP +64 +.RS 4 +CTDB header size of a 64 bit system (24 bytes) +.RE +.sp +The default is 32 or 64 depending on the system architecture\&. +.RE +.PP +\-o {0 | 32 | 64} +.RS 4 +Specify how to determine the CTDB record header size for the output database, see \-s\&. +.RE +.PP +\-S \fISIZE\fR +.RS 4 +Explicitly specify the CTDB record header SIZE of the input database in bytes\&. +.RE +.PP +\-O \fISIZE\fR +.RS 4 +Explicitly specify the CTDB record header SIZE for the output database in bytes\&. +.RE +.PP +\-h +.RS 4 +Print help text\&. +.RE +.SH "COMMANDS" +.PP +help +.RS 4 +Print help text\&. +.RE +.PP +dump \fIIDB\fR +.RS 4 +Dump the contents of an LTDB input file IDB to standard output in a human\-readable format\&. +.RE +.PP +convert \fIIDB\fR \fIODB\fR +.RS 4 +Copy an LTDB input file IDB to output file ODB, optionally adding or removing CTDB headers\&. +.RE +.SH "EXAMPLES" +.PP +Print a local tdb in "tdbdump" style: +.sp +.if n \{\ +.RS 4 +.\} +.nf + ltdbtool dump idmap2\&.tdb\&.0 + +.fi +.if n \{\ +.RE +.\} +.PP +Print a local tdb with header information similar to "ctdb catdb": +.sp +.if n \{\ +.RS 4 +.\} +.nf + ltdbtool dump \-p idmap2\&.tdb\&.0 + +.fi +.if n \{\ +.RE +.\} +.PP +Strip the CTDB headers from records: +.sp +.if n \{\ +.RS 4 +.\} +.nf + ltdbtool convert \-o0 idmap2\&.tdb\&.0 idmap\&.tdb + +.fi +.if n \{\ +.RE +.\} +.PP +Strip 64 bit CTDB headers from records, running on i386: +.sp +.if n \{\ +.RS 4 +.\} +.nf + ltdbtool convert \-s64 \-o0 idmap2\&.tdb\&.0 idmap\&.tdb + +.fi +.if n \{\ +.RE +.\} +.PP +Strip the CTDB headers from records by piping through tdbrestore: +.sp +.if n \{\ +.RS 4 +.\} +.nf + ltdbtool dump idmap2\&.tdb\&.0 | tdbrestore idmap\&.tdb + +.fi +.if n \{\ +.RE +.\} +.PP +Convert a local tdb from a 64 bit system for usage on a 32 bit system: +.sp +.if n \{\ +.RS 4 +.\} +.nf + ltdbtool convert \-s64 \-o32 idmap2\&.tdb\&.0 idmap2\&.tdb\&.1 + +.fi +.if n \{\ +.RE +.\} +.PP +Add a default header: +.sp +.if n \{\ +.RS 4 +.\} +.nf + ltdbtool convert \-s0 idmap\&.tdb idmap2\&.tdb\&.0 + +.fi +.if n \{\ +.RE +.\} +.SH "SEE ALSO" +.PP +\fBctdb\fR(1), +\fBtdbdump\fR(1), +\fBtdbrestore\fR(1), +\fBctdb\fR(7), +\m[blue]\fB\%http://ctdb.samba.org/\fR\m[] +.SH "AUTHOR" +.br +.PP +This documentation was written by Gregor Beck +.SH "COPYRIGHT" +.br +Copyright \(co 2011 Gregor Beck, Michael Adam +.br +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. +.PP +You should have received a copy of the GNU General Public License along with this program; if not, see +\m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&. +.sp Index: files/man/masktest.1 =================================================================== --- files/man/masktest.1 +++ files/man/masktest.1 @@ -0,0 +1,113 @@ +'\" t +.\" Title: masktest +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 03/21/2017 +.\" Manual: Test Suite +.\" Source: Samba 4.0 +.\" Language: English +.\" +.TH "MASKTEST" "1" "03/21/2017" "Samba 4\&.0" "Test Suite" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +masktest \- Find differences in wildcard matching between Samba\*(Aqs implementation and that of a remote server\&. +.SH "SYNOPSIS" +.HP \w'\fBmasktest\fR\ 'u +\fBmasktest\fR {//server/share} [\-U\ user%pass] [\-d\ debuglevel] [\-W\ workgroup] [\-n\ numloops] [\-s\ seed] [\-a] [\-E] [\-M\ max\ protocol] [\-f\ filechars] [\-m\ maskchars] [\-v] +.SH "DESCRIPTION" +.PP +masktest +is a utility for detecting differences in behaviour between Samba\*(Aqs own implementation and that of a remote server\&. It will run generate random filenames/masks and check if these match the same files they do on the remote file as they do on the local server\&. It will display any differences it finds\&. +.PP +This utility is used by the Samba team to find differences in behaviour between Samba and Windows servers\&. +.SH "OPTIONS" +.PP +\-U user%pass +.RS 4 +Specify the user and password to use when logging on on the shares\&. This parameter can be specified twice (once for the first server, once for the second)\&. +.RE +.PP +\-s seed +.RS 4 +Seed the random number generator with the specified value\&. +.RE +.PP +\-n numops +.RS 4 +Set the number of operations to perform\&. +.RE +.PP +\-a +.RS 4 +Print the operations that are performed\&. +.RE +.PP +\-M max_protocol +.RS 4 +Maximum protocol to use\&. +.RE +.PP +\-f +.RS 4 +Specify characters that can be used when generating file names\&. Default: abcdefghijklm\&. +.RE +.PP +\-E +.RS 4 +Abort when difference in behaviour is found\&. +.RE +.PP +\-m maskchars +.RS 4 +Specify characters used for wildcards\&. +.RE +.PP +\-v +.RS 4 +Be verbose +.RE +.SH "VERSION" +.PP +This man page is correct for version 4\&.0 of the Samba suite\&. +.SH "SEE ALSO" +.PP +Samba +.SH "AUTHOR" +.PP +This utility is part of the +\m[blue]\fBSamba\fR\m[]\&\s-2\u[1]\d\s+2 +suite, which is developed by the global +\m[blue]\fBSamba Team\fR\m[]\&\s-2\u[2]\d\s+2\&. +.PP +masktest was written by Andrew Tridgell\&. +.PP +This manpage was written by Jelmer Vernooij\&. +.SH "NOTES" +.IP " 1." 4 +Samba +.RS 4 +\%http://www.samba.org/ +.RE +.IP " 2." 4 +Samba Team +.RS 4 +\%http://www.samba.org/samba/team/ +.RE Index: files/man/ndrdump.1 =================================================================== --- files/man/ndrdump.1 +++ files/man/ndrdump.1 @@ -0,0 +1,83 @@ +'\" t +.\" Title: ndrdump +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 03/21/2017 +.\" Manual: System Administration tools +.\" Source: Samba 4.0 +.\" Language: English +.\" +.TH "NDRDUMP" "1" "03/21/2017" "Samba 4\&.0" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ndrdump \- DCE/RPC Packet Parser and Dumper +.SH "SYNOPSIS" +.HP \w'\fBndrdump\fR\ 'u +\fBndrdump\fR [\-c\ context] {pipe} {function} {in|out} {filename} +.HP \w'\fBndrdump\fR\ 'u +\fBndrdump\fR [pipe] +.HP \w'\fBndrdump\fR\ 'u +\fBndrdump\fR +.SH "DESCRIPTION" +.PP +ndrdump tries to parse the specified +\fIfilename\fR +using Samba\*(Aqs parser for the specified pipe and function\&. The third argument should be either +\fIin\fR +or +\fIout\fR, depending on whether the data should be parsed as a request or a reply\&. +.PP +Running ndrdump without arguments will list the pipes for which parsers are available\&. +.PP +Running ndrdump with one argument will list the functions that Samba can parse for the specified pipe\&. +.PP +The primary function of ndrdump is debugging Samba\*(Aqs internal DCE/RPC parsing functions\&. The file being parsed is usually one exported by wiresharks +\(lqExport selected packet bytes\(rq +function\&. +.PP +The context argument can be used to load context data from the request packet when parsing reply packets (such as array lengths)\&. +.SH "VERSION" +.PP +This man page is correct for version 4\&.0 of the Samba suite\&. +.SH "SEE ALSO" +.PP +wireshark, pidl +.SH "AUTHOR" +.PP +This utility is part of the +\m[blue]\fBSamba\fR\m[]\&\s-2\u[1]\d\s+2 +suite, which is developed by the global +\m[blue]\fBSamba Team\fR\m[]\&\s-2\u[2]\d\s+2\&. +.PP +ndrdump was written by Andrew Tridgell\&. +.PP +This manpage was written by Jelmer Vernooij\&. +.SH "NOTES" +.IP " 1." 4 +Samba +.RS 4 +\%http://www.samba.org/ +.RE +.IP " 2." 4 +Samba Team +.RS 4 +\%http://www.samba.org/samba/team/ +.RE Index: files/man/nmblookup4.1 =================================================================== --- files/man/nmblookup4.1 +++ files/man/nmblookup4.1 @@ -0,0 +1,157 @@ +'\" t +.\" Title: nmblookup4 +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 03/24/2017 +.\" Manual: User Commands +.\" Source: Samba 3.2 +.\" Language: English +.\" +.TH "NMBLOOKUP4" "1" "03/24/2017" "Samba 3\&.2" "User Commands" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +nmblookup4 \- NetBIOS over TCP/IP client used to lookup NetBIOS names +.SH "SYNOPSIS" +.HP \w'\fBnmblookup4\fR\ 'u +\fBnmblookup4\fR [\-M] [\-R] [\-S] [\-r] [\-A] [\-h] [\-B\ ] [\-U\ ] [\-d\ ] [\-s\ ] [\-i\ ] [\-T] [\-f] {name} +.SH "DESCRIPTION" +.PP +This tool is part of the +\fBsamba\fR(7) +suite\&. +.PP +\fBnmblookup4\fR +is used to query NetBIOS names and map them to IP addresses in a network using NetBIOS over TCP/IP queries\&. The options allow the name queries to be directed at a particular IP broadcast area or to a particular machine\&. All queries are done over UDP\&. +.SH "OPTIONS" +.PP +\-M +.RS 4 +Searches for a master browser by looking up the NetBIOS +\fIname\fR +with a type of +\fB0x1d\fR\&. If +\fI name\fR +is "\-" then it does a lookup on the special name +\fB__MSBROWSE__\fR\&. Please note that in order to use the name "\-", you need to make sure "\-" isn\*(Aqt parsed as an argument, e\&.g\&. use : +\fBnmblookup4 \-M \-\- \-\fR\&. +.RE +.PP +\-R +.RS 4 +Set the recursion desired bit in the packet to do a recursive lookup\&. This is used when sending a name query to a machine running a WINS server and the user wishes to query the names in the WINS server\&. If this bit is unset the normal (broadcast responding) NetBIOS processing code on a machine is used instead\&. See RFC1001, RFC1002 for details\&. +.RE +.PP +\-S +.RS 4 +Once the name query has returned an IP address then do a node status query as well\&. A node status query returns the NetBIOS names registered by a host\&. +.RE +.PP +\-r +.RS 4 +Try and bind to UDP port 137 to send and receive UDP datagrams\&. The reason for this option is a bug in Windows 95 where it ignores the source port of the requesting packet and only replies to UDP port 137\&. Unfortunately, on most UNIX systems root privilege is needed to bind to this port, and in addition, if the +\fBnmbd\fR(8) +daemon is running on this machine it also binds to this port\&. +.RE +.PP +\-A +.RS 4 +Interpret +\fIname\fR +as an IP Address and do a node status query on this address\&. +.RE +.PP +\-B +.RS 4 +Send the query to the given broadcast address\&. Without this option the default behavior of nmblookup4 is to send the query to the broadcast address of the network interfaces as either auto\-detected or defined in the +\m[blue]\fB\fIinterfaces\fR\fR\m[]\&\s-2\u[1]\d\s+2 +parameter of the +\fBsmb.conf\fR(5) +file\&. +.RE +.PP +\-U +.RS 4 +Do a unicast query to the specified address or host +\fIunicast address\fR\&. This option (along with the +\fI\-R\fR +option) is needed to query a WINS server\&. +.RE +.PP +\-T +.RS 4 +This causes any IP addresses found in the lookup to be looked up via a reverse DNS lookup into a DNS name, and printed out before each +.sp +\fIIP address \&.\&.\&.\&. NetBIOS name\fR +.sp +pair that is the normal output\&. +.RE +.PP +\-f +.RS 4 +Show which flags apply to the name that has been looked up\&. Possible answers are zero or more of: Response, Authoritative, Truncated, Recursion_Desired, Recursion_Available, Broadcast\&. +.RE +.PP +name +.RS 4 +This is the NetBIOS name being queried\&. Depending upon the previous options this may be a NetBIOS name or IP address\&. If a NetBIOS name then the different name types may be specified by appending \*(Aq#\*(Aq to the name\&. This name may also be \*(Aq*\*(Aq, which will return all registered names within a broadcast area\&. +.RE +.SH "EXAMPLES" +.PP +\fBnmblookup4\fR +can be used to query a WINS server (in the same way +\fBnslookup\fR +is used to query DNS servers)\&. To query a WINS server, +\fBnmblookup4\fR +must be called like this: +.PP +\fBnmblookup4 \-U server \-R \*(Aqname\*(Aq\fR +.PP +For example, running : +.PP +\fBnmblookup4 \-U samba\&.org \-R \*(AqIRIX#1B\*(Aq\fR +.PP +would query the WINS server samba\&.org for the domain master browser (1B name type) for the IRIX workgroup\&. +.SH "VERSION" +.PP +This man page is correct for version 3 of the Samba suite\&. +.SH "SEE ALSO" +.PP +\fBnmbd\fR(8), +\fBsamba\fR(7), and +\fBsmb.conf\fR(5)\&. +.SH "AUTHOR" +.PP +The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&. +.PP +The original Samba man pages were written by Karl Auer\&. The man page sources were converted to YODL format (another excellent piece of Open Source software, available at +\m[blue]\fBftp://ftp\&.icce\&.rug\&.nl/pub/unix/\fR\m[]\&\s-2\u[2]\d\s+2) and updated for the Samba 2\&.0 release by Jeremy Allison\&. The conversion to DocBook for Samba 2\&.2 was done by Gerald Carter\&. The conversion to DocBook XML 4\&.2 for Samba 3\&.0 was done by Alexander Bokovoy\&. +.SH "NOTES" +.IP " 1." 4 +\fIinterfaces\fR + +.RS 4 +\%[set $man.base.url.for.relative.links]/smb.conf.5.html#INTERFACES +.RE +.IP " 2." 4 +ftp://ftp.icce.rug.nl/pub/unix/ +.RS 4 +\%ftp://ftp.icce.rug.nl/pub/unix/ +.RE Index: files/man/ntlm_auth4.1 =================================================================== --- files/man/ntlm_auth4.1 +++ files/man/ntlm_auth4.1 @@ -0,0 +1,233 @@ +'\" t +.\" Title: ntlm_auth4 +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 03/24/2017 +.\" Manual: User Commands +.\" Source: Samba 4.0 +.\" Language: English +.\" +.TH "NTLM_AUTH4" "1" "03/24/2017" "Samba 4\&.0" "User Commands" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ntlm_auth4 \- tool to allow external access to Winbind\*(Aqs NTLM authentication function +.SH "SYNOPSIS" +.HP \w'\fBntlm_auth4\fR\ 'u +\fBntlm_auth4\fR [\-d\ debuglevel] [\-l\ logdir] [\-s\ ] +.SH "DESCRIPTION" +.PP +This tool is part of the +\fBsamba\fR(7) +suite\&. +.PP +\fBntlm_auth4\fR +is a helper utility that authenticates users using NT/LM authentication\&. It returns 0 if the users is authenticated successfully and 1 if access was denied\&. ntlm_auth4 uses winbind to access the user and authentication data for a domain\&. This utility is only indended to be used by other programs (currently squid)\&. +.SH "OPERATIONAL REQUIREMENTS" +.PP +The +\fBwinbindd\fR(8) +daemon must be operational for many of these commands to function\&. +.PP +Some of these commands also require access to the directory +winbindd_privileged +in +$LOCKDIR\&. This should be done either by running this command as root or providing group access to the +winbindd_privileged +directory\&. For security reasons, this directory should not be world\-accessable\&. +.SH "OPTIONS" +.PP +\-\-helper\-protocol=PROTO +.RS 4 +Operate as a stdio\-based helper\&. Valid helper protocols are: +.PP +squid\-2\&.4\-basic +.RS 4 +Server\-side helper for use with Squid 2\&.4\*(Aqs basic (plaintext) authentication\&. +.RE +.PP +squid\-2\&.5\-basic +.RS 4 +Server\-side helper for use with Squid 2\&.5\*(Aqs basic (plaintext) authentication\&. +.RE +.PP +squid\-2\&.5\-ntlmssp +.RS 4 +Server\-side helper for use with Squid 2\&.5\*(Aqs NTLMSSP authentication\&. +.sp +Requires access to the directory +winbindd_privileged +in +$LOCKDIR\&. The protocol used is described here: +\m[blue]\fBhttp://devel\&.squid\-cache\&.org/ntlm/squid_helper_protocol\&.html\fR\m[] +.RE +.PP +ntlmssp\-client\-1 +.RS 4 +Cleint\-side helper for use with arbitary external programs that may wish to use Samba\*(Aqs NTLMSSP authentication knowlege\&. +.sp +This helper is a client, and as such may be run by any user\&. The protocol used is effectivly the reverse of the previous protocol\&. +.RE +.PP +gss\-spnego +.RS 4 +Server\-side helper that implements GSS\-SPNEGO\&. This uses a protocol that is almost the same as +\fBsquid\-2\&.5\-ntlmssp\fR, but has some subtle differences that are undocumented outside the source at this stage\&. +.sp +Requires access to the directory +winbindd_privileged +in +$LOCKDIR\&. +.RE +.PP +gss\-spnego\-client +.RS 4 +Client\-side helper that implements GSS\-SPNEGO\&. This also uses a protocol similar to the above helpers, but is currently undocumented\&. +.RE +.RE +.PP +\-\-username=USERNAME +.RS 4 +Specify username of user to authenticate +.RE +.PP +\-\-domain=DOMAIN +.RS 4 +Specify domain of user to authenticate +.RE +.PP +\-\-workstation=WORKSTATION +.RS 4 +Specify the workstation the user authenticated from +.RE +.PP +\-\-challenge=STRING +.RS 4 +NTLM challenge (in HEXADECIMAL) +.RE +.PP +\-\-lm\-response=RESPONSE +.RS 4 +LM Response to the challenge (in HEXADECIMAL) +.RE +.PP +\-\-nt\-response=RESPONSE +.RS 4 +NT or NTLMv2 Response to the challenge (in HEXADECIMAL) +.RE +.PP +\-\-password=PASSWORD +.RS 4 +User\*(Aqs plaintext password +.sp +If not specified on the command line, this is prompted for when required\&. +.RE +.PP +\-\-request\-lm\-key +.RS 4 +Retrieve LM session key +.RE +.PP +\-\-request\-nt\-key +.RS 4 +Request NT key +.RE +.PP +\-\-diagnostics +.RS 4 +Perform Diagnostics on the authentication chain\&. Uses the password from +\fB\-\-password\fR +or prompts for one\&. +.RE +.PP +\-\-require\-membership\-of={SID|Name} +.RS 4 +Require that a user be a member of specified group (either name or SID) for authentication to succeed\&. +.RE +.SH "EXAMPLE SETUP" +.PP +To setup ntlm_auth4 for use by squid 2\&.5, with both basic and NTLMSSP authentication, the following should be placed in the +squid\&.conf +file\&. +.sp +.if n \{\ +.RS 4 +.\} +.nf +auth_param ntlm program ntlm_auth4 \-\-helper\-protocol=squid\-2\&.5\-ntlmssp +auth_param basic program ntlm_auth4 \-\-helper\-protocol=squid\-2\&.5\-basic +auth_param basic children 5 +auth_param basic realm Squid proxy\-caching web server +auth_param basic credentialsttl 2 hours +.fi +.if n \{\ +.RE +.\} +.if n \{\ +.sp +.\} +.RS 4 +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.ps +1 +\fBNote\fR +.ps -1 +.br +.PP +This example assumes that ntlm_auth4 has been installed into your path, and that the group permissions on +winbindd_privileged +are as described above\&. +.sp .5v +.RE +.PP +To setup ntlm_auth4 for use by squid 2\&.5 with group limitation in addition to the above example, the following should be added to the +squid\&.conf +file\&. +.sp +.if n \{\ +.RS 4 +.\} +.nf +auth_param ntlm program ntlm_auth4 \-\-helper\-protocol=squid\-2\&.5\-ntlmssp \-\-require\-membership\-of=\*(AqWORKGROUP\eDomain Users\*(Aq +auth_param basic program ntlm_auth4 \-\-helper\-protocol=squid\-2\&.5\-basic \-\-require\-membership\-of=\*(AqWORKGROUP\eDomain Users\*(Aq +.fi +.if n \{\ +.RE +.\} +.SH "TROUBLESHOOTING" +.PP +If you\*(Aqre experiencing problems with authenticating Internet Explorer running under MS Windows 9X or Millenium Edition against ntlm_auth4\*(Aqs NTLMSSP authentication helper (\-\-helper\-protocol=squid\-2\&.5\-ntlmssp), then please read +\m[blue]\fBthe Microsoft Knowledge Base article #239869 and follow instructions described there\fR\m[]\&\s-2\u[1]\d\s+2\&. +.SH "VERSION" +.PP +This man page is correct for version 3\&.0 of the Samba suite\&. +.SH "AUTHOR" +.PP +The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&. +.PP +The ntlm_auth4 manpage was written by Jelmer Vernooij and Andrew Bartlett\&. +.SH "NOTES" +.IP " 1." 4 +the Microsoft Knowledge Base article #239869 and follow instructions described there +.RS 4 +\%http://support.microsoft.com/support/kb/articles/Q239/8/69.ASP +.RE Index: files/man/oLschema2ldif.1 =================================================================== --- files/man/oLschema2ldif.1 +++ files/man/oLschema2ldif.1 @@ -0,0 +1,74 @@ +'\" t +.\" Title: oLschema2ldif +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 03/24/2017 +.\" Manual: System Administration tools +.\" Source: Samba 4.0 +.\" Language: English +.\" +.TH "OLSCHEMA2LDIF" "1" "03/24/2017" "Samba 4\&.0" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +oLschema2ldif \- Converts LDAP schema\*(Aqs to LDB\-compatible LDIF +.SH "SYNOPSIS" +.HP \w'\fBoLschema2ldif\fR\ 'u +\fBoLschema2ldif\fR [\-I\ INPUT\-FILE] [\-O\ OUTPUT\-FILE] +.SH "DESCRIPTION" +.PP +oLschema2ldif is a simple tool that converts standard OpenLDAP schema files to a LDIF format that is understood by LDB\&. +.SH "OPTIONS" +.PP +\-I input\-file +.RS 4 +OpenLDAP schema to read\&. If none are specified, the schema file will be read from standard input\&. +.RE +.PP +\-O output\-file +.RS 4 +File to write ldif version of schema to\&. +.RE +.SH "VERSION" +.PP +This man page is correct for version 4\&.0 of the Samba suite\&. +.SH "SEE ALSO" +.PP +ldb(7), ldbmodify, ldbdel, ldif(5) +.SH "AUTHOR" +.PP +ldb was written by +\m[blue]\fBAndrew Tridgell\fR\m[]\&\s-2\u[1]\d\s+2\&. oLschema2ldif was written by +\m[blue]\fBSimo Sorce\fR\m[]\&\s-2\u[2]\d\s+2\&. +.PP +If you wish to report a problem or make a suggestion then please see the +\m[blue]\fB\%http://ldb.samba.org/\fR\m[] +web site for current contact and maintainer information\&. +.SH "NOTES" +.IP " 1." 4 +Andrew Tridgell +.RS 4 +\%http://samba.org/~tridge/ +.RE +.IP " 2." 4 +Simo Sorce +.RS 4 +\%mailto:idra@samba.org +.RE Index: files/man/onnode.1 =================================================================== --- files/man/onnode.1 +++ files/man/onnode.1 @@ -0,0 +1,252 @@ +'\" t +.\" Title: onnode +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 11/20/2017 +.\" Manual: CTDB - clustered TDB database +.\" Source: ctdb +.\" Language: English +.\" +.TH "ONNODE" "1" "11/20/2017" "ctdb" "CTDB \- clustered TDB database" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +onnode \- run commands on CTDB cluster nodes +.SH "SYNOPSIS" +.HP \w'\fBonnode\fR\ 'u +\fBonnode\fR [\fIOPTION\fR...] {\fINODES\fR} {\fICOMMAND\fR} +.SH "DESCRIPTION" +.PP +onnode is a utility to run commands on a specific node of a CTDB cluster, or on all nodes\&. +.PP +\fINODES\fR +specifies which node(s) to run a command on\&. See section +NODES SPECIFICATION +for details\&. +.PP +\fICOMMAND\fR +can be any shell command\&. The onnode utility uses ssh or rsh to connect to the remote nodes and run the command\&. +.SH "OPTIONS" +.PP +\-c +.RS 4 +Execute COMMAND in the current working directory on the specified nodes\&. +.RE +.PP +\-f \fIFILENAME\fR +.RS 4 +Specify an alternative nodes FILENAME to use instead of the default\&. This option overrides the CTDB_NODES_FILE and CTDB_NODES variables\&. See the discussion of +/usr/local/etc/ctdb/nodes +in the FILES section for more details\&. +.RE +.PP +\-i +.RS 4 +Keep standard input open, allowing data to be piped to onnode\&. Normally onnode closes stdin to avoid surprises when scripting\&. Note that this option is ignored when using +\fB\-p\fR +or if +\fBSSH\fR +is set to anything other than "ssh"\&. +.RE +.PP +\-n +.RS 4 +Allow nodes to be specified by name rather than node numbers\&. These nodes don\*(Aqt need to be listed in the nodes file\&. You can avoid the nodes file entirely by combining this with +\-f /dev/null\&. +.RE +.PP +\-o \fIPREFIX\fR +.RS 4 +Causes standard output from each node to be saved into a file with name PREFIX\&.\fIIP\fR\&. +.RE +.PP +\-p +.RS 4 +Run COMMAND in parallel on the specified nodes\&. The default is to run COMMAND sequentially on each node\&. +.RE +.PP +\-P +.RS 4 +Push files to nodes\&. Names of files to push are specified rather than the usual command\&. Quoting is fragile/broken \- filenames with whitespace in them are not supported\&. +.RE +.PP +\-q +.RS 4 +Do not print node addresses\&. Normally, onnode prints informational node addresses if more than one node is specified\&. This overrides \-v\&. +.RE +.PP +\-v +.RS 4 +Print node addresses even if only one node is specified\&. Normally, onnode prints informational node addresses when more than one node is specified\&. +.RE +.PP +\-h, \-\-help +.RS 4 +Show a short usage guide\&. +.RE +.SH "NODES SPECIFICATION" +.PP +Nodes can be specified via numeric node numbers (from 0 to N\-1) or mnemonics\&. Multiple nodes are specified using lists of nodes, separated by commas, and ranges of numeric node numbers, separated by dashes\&. If nodes are specified multiple times then the command will be executed multiple times on those nodes\&. The order of nodes is significant\&. +.PP +The following mnemonics are available: +.PP +all +.RS 4 +All nodes\&. +.RE +.PP +any +.RS 4 +A node where ctdbd is running\&. This semi\-random but there is a bias towards choosing a low numbered node\&. +.RE +.PP +ok | healthy +.RS 4 +All nodes that are not disconnected, banned, disabled or unhealthy\&. +.RE +.PP +con | connected +.RS 4 +All nodes that are not disconnected\&. +.RE +.SH "EXAMPLES" +.PP +The following command would show the process ID of ctdbd on all nodes +.sp +.if n \{\ +.RS 4 +.\} +.nf + onnode all ctdb getpid + +.fi +.if n \{\ +.RE +.\} +.PP +The following command would show the last 5 lines of log on each node, preceded by the node\*(Aqs hostname +.sp +.if n \{\ +.RS 4 +.\} +.nf + onnode all "hostname; tail \-5 /usr/local/var/log/log\&.ctdb" + +.fi +.if n \{\ +.RE +.\} +.PP +The following command would restart the ctdb service on all nodes, in parallel\&. +.sp +.if n \{\ +.RS 4 +.\} +.nf + onnode \-p all service ctdb restart + +.fi +.if n \{\ +.RE +.\} +.PP +The following command would run \&./foo in the current working directory, in parallel, on nodes 0, 2, 3 and 4\&. +.sp +.if n \{\ +.RS 4 +.\} +.nf + onnode \-c \-p 0,2\-4 \&./foo + +.fi +.if n \{\ +.RE +.\} +.SH "ENVIRONMENT" +.PP +\fBCTDB_BASE\fR +.RS 4 +Directory containing CTDB configuration files\&. The default is +/usr/local/etc/ctdb\&. +.RE +.PP +\fBCTDB_NODES_FILE\fR +.RS 4 +Name of alternative nodes file to use instead of the default\&. See the +FILES +section for more details\&. +.RE +.SH "FILES" +.PP +/usr/local/etc/ctdb/nodes +.RS 4 +Default file containing a list of each node\*(Aqs IP address or hostname\&. +.sp +As above, a file specified via the +\fB\-f\fR +or +\fBCTDB_NODES_FILE\fR +is given precedence\&. If a relative path is specified and no corresponding file exists relative to the current directory then the file is also searched for in the +$CTDB_BASE +directory\&. +.sp +If +\fBCTDB_NODES_FILE\fR +is not set and +\fBCTDB_NODES\fR +is set in configuration then the file pointed to by +\fBCTDB_NODES\fR +is used\&. +.sp +Otherwise the default is +$CTDB_BASE/nodes, where +\fBCTDB_BASE\fR +defaults to +/usr/local/etc/ctdb\&. +.RE +.PP +/usr/local/etc/ctdb/onnode\&.conf +.RS 4 +If this file exists it is sourced by onnode\&. The main purpose is to allow the administrator to set +\fBSSH\fR +to something other than "ssh"\&. In this case the \-t option is ignored\&. For example, the administrator may choose to use use rsh instead of ssh\&. +.RE +.SH "SEE ALSO" +.PP +\fBctdb\fR(7), +\m[blue]\fB\%http://ctdb.samba.org/\fR\m[] +.SH "AUTHOR" +.br +.PP +This documentation was written by Andrew Tridgell, Martin Schwenke +.SH "COPYRIGHT" +.br +Copyright \(co 2007 Andrew Tridgell, Ronnie Sahlberg +.br +Copyright \(co 2008 Martin Schwenke +.br +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. +.PP +You should have received a copy of the GNU General Public License along with this program; if not, see +\m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&. +.sp Index: files/man/ping_pong.1 =================================================================== --- files/man/ping_pong.1 +++ files/man/ping_pong.1 @@ -0,0 +1,122 @@ +'\" t +.\" Title: ping_pong +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 11/20/2017 +.\" Manual: CTDB - clustered TDB database +.\" Source: ctdb +.\" Language: English +.\" +.TH "PING_PONG" "1" "11/20/2017" "ctdb" "CTDB \- clustered TDB database" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +ping_pong \- measures the ping\-pong byte range lock latency +.SH "SYNOPSIS" +.HP \w'\fBping_pong\fR\ 'u +\fBping_pong\fR {\-r | \-w | \-rw} [\-m] [\-c] {\fIFILENAME\fR} {\fINUM\-LOCKS\fR} +.SH "DESCRIPTION" +.PP +ping_pong measures the byte range lock latency\&. It is especially useful on a cluster of nodes sharing a common lock manager as it will give some indication of the lock manager\*(Aqs performance under stress\&. +.PP +FILENAME is a file on shared storage to use for byte range locking tests\&. +.PP +NUM\-LOCKS is the number of byte range locks, so needs to be (strictly) greater than the number of nodes in the cluster\&. +.SH "OPTIONS" +.PP +\-r +.RS 4 +test read performance +.RE +.PP +\-w +.RS 4 +test write performance +.RE +.PP +\-m +.RS 4 +use mmap +.RE +.PP +\-c +.RS 4 +validate the locks +.RE +.SH "EXAMPLES" +.PP +Testing lock coherence +.sp +.if n \{\ +.RS 4 +.\} +.nf + ping_pong test\&.dat N + +.fi +.if n \{\ +.RE +.\} +.PP +Testing lock coherence with lock validation +.sp +.if n \{\ +.RS 4 +.\} +.nf + ping_pong \-c test\&.dat N + +.fi +.if n \{\ +.RE +.\} +.PP +Testing IO coherence +.sp +.if n \{\ +.RS 4 +.\} +.nf + ping_pong \-rw test\&.dat N + +.fi +.if n \{\ +.RE +.\} +.SH "SEE ALSO" +.PP +\fBctdb\fR(7), +\m[blue]\fB\%https://wiki.samba.org/index.php/Ping_pong\fR\m[] +.SH "AUTHOR" +.br +.PP +This documentation was written by Mathieu Parent +.SH "COPYRIGHT" +.br +Copyright \(co 2002 Andrew Tridgell +.br +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. +.PP +You should have received a copy of the GNU General Public License along with this program; if not, see +\m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&. +.sp Index: files/man/regdiff.1 =================================================================== --- files/man/regdiff.1 +++ files/man/regdiff.1 @@ -0,0 +1,87 @@ +'\" t +.\" Title: regdiff +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 03/21/2017 +.\" Manual: System Administration tools +.\" Source: Samba 4.0 +.\" Language: English +.\" +.TH "REGDIFF" "1" "03/21/2017" "Samba 4\&.0" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +regdiff \- Diff program for Windows registry files +.SH "SYNOPSIS" +.HP \w'\fBregdiff\fR\ 'u +\fBregdiff\fR [\-\-help] [\-\-backend=BACKEND] [\-\-credentials=CREDENTIALS] [location] +.SH "DESCRIPTION" +.PP +regdiff compares two Windows registry files key by key and value by value and generates a text file that contains the differences between the two files\&. +.PP +A file generated by regdiff can later be applied to a registry file by the regpatch utility\&. +.PP +regdiff and regpatch use the same file format as the regedit32\&.exe utility from Windows\&. +.SH "OPTIONS" +.PP +\-\-help +.RS 4 +Show list of available options\&. +.RE +.PP +\-\-backend BACKEND +.RS 4 +Name of backend to load\&. Possible values are: creg, regf, dir and rpc\&. The default is +\fIdir\fR\&. +.sp +This argument can be specified twice: once for the first registry file and once for the second\&. +.RE +.PP +\-\-credentials=CREDENTIALS +.RS 4 +Credentials to use, if any\&. Password should be separated from user name by a percent sign\&. +.sp +This argument can be specified twice: once for the first registry file and once for the second\&. +.RE +.SH "VERSION" +.PP +This man page is correct for version 4\&.0 of the Samba suite\&. +.SH "SEE ALSO" +.PP +gregedit, regshell, regpatch, regtree, samba, patch, diff +.SH "AUTHOR" +.PP +This utility is part of the +\m[blue]\fBSamba\fR\m[]\&\s-2\u[1]\d\s+2 +suite, which is developed by the global +\m[blue]\fBSamba Team\fR\m[]\&\s-2\u[2]\d\s+2\&. +.PP +This manpage and regdiff were written by Jelmer Vernooij\&. +.SH "NOTES" +.IP " 1." 4 +Samba +.RS 4 +\%http://www.samba.org/ +.RE +.IP " 2." 4 +Samba Team +.RS 4 +\%http://www.samba.org/samba/team/ +.RE Index: files/man/regpatch.1 =================================================================== --- files/man/regpatch.1 +++ files/man/regpatch.1 @@ -0,0 +1,81 @@ +'\" t +.\" Title: regpatch +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 03/21/2017 +.\" Manual: System Administration tools +.\" Source: Samba 4.0 +.\" Language: English +.\" +.TH "REGPATCH" "1" "03/21/2017" "Samba 4\&.0" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +regpatch \- Applies registry patches to registry files +.SH "SYNOPSIS" +.HP \w'\fBregpatch\fR\ 'u +\fBregpatch\fR [\-\-help] [\-\-backend=BACKEND] [\-\-credentials=CREDENTIALS] [location] [patch\-file] +.SH "DESCRIPTION" +.PP +The regpatch utility applies registry patches to Windows registry files\&. The patch files should have the same format as is being used by the regdiff utility and regedit32\&.exe from Windows\&. +.PP +If no patch file is specified on the command line, regpatch attempts to read it from standard input\&. +.SH "OPTIONS" +.PP +\-\-help +.RS 4 +Show list of available options\&. +.RE +.PP +\-\-backend BACKEND +.RS 4 +Name of backend to load\&. Possible values are: creg, regf, dir and rpc\&. The default is +\fIdir\fR\&. +.RE +.PP +\-\-credentials=CREDENTIALS +.RS 4 +Credentials to use, if any\&. Password should be separated from user name by a percent sign\&. +.RE +.SH "VERSION" +.PP +This man page is correct for version 4\&.0 of the Samba suite\&. +.SH "SEE ALSO" +.PP +regdiff, regtree, regshell, gregedit, samba, diff, patch +.SH "AUTHOR" +.PP +This utility is part of the +\m[blue]\fBSamba\fR\m[]\&\s-2\u[1]\d\s+2 +suite, which is developed by the global +\m[blue]\fBSamba Team\fR\m[]\&\s-2\u[2]\d\s+2\&. +.PP +This manpage and regpatch were written by Jelmer Vernooij\&. +.SH "NOTES" +.IP " 1." 4 +Samba +.RS 4 +\%http://www.samba.org/ +.RE +.IP " 2." 4 +Samba Team +.RS 4 +\%http://www.samba.org/samba/team/ +.RE Index: files/man/regshell.1 =================================================================== --- files/man/regshell.1 +++ files/man/regshell.1 @@ -0,0 +1,177 @@ +'\" t +.\" Title: regshell +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 03/21/2017 +.\" Manual: System Administration tools +.\" Source: Samba 4.0 +.\" Language: English +.\" +.TH "REGSHELL" "1" "03/21/2017" "Samba 4\&.0" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +regshell \- Windows registry file browser using readline +.SH "SYNOPSIS" +.HP \w'\fBregshell\fR\ 'u +\fBregshell\fR [\-\-help] [\-\-backend=BACKEND] [\-\-credentials=CREDENTIALS] [location] +.SH "DESCRIPTION" +.PP +regshell is a utility that lets you browse thru a Windows registry file as if you were using a regular unix shell to browse thru a file system\&. +.SH "OPTIONS" +.PP +\-\-help +.RS 4 +Show list of available options\&. +.RE +.PP +\-\-backend BACKEND +.RS 4 +Name of backend to load\&. Possible values are: creg, regf, dir and rpc\&. The default is +\fIdir\fR\&. +.RE +.PP +\-\-credentials=CREDENTIALS +.RS 4 +Credentials to use, if any\&. Password should be separated from user name by a percent sign\&. +.RE +.SH "COMMANDS" +.PP +ck|cd +.RS 4 +Go to the specified subkey\&. +.RE +.PP +ch|predef [predefined\-key\-name] +.RS 4 +Go to the specified predefined key\&. +.RE +.PP +list|ls +.RS 4 +List subkeys and values of the current key\&. +.RE +.PP +mkkey|mkdir +.RS 4 +Create a key with the specified +\fIkeyname\fR +as a subkey of the current key\&. +.RE +.PP +rmval|rm +.RS 4 +Delete the specified value\&. +.RE +.PP +rmkey|rmdir +.RS 4 +Delete the specified subkey recursively\&. +.RE +.PP +pwd|pwk +.RS 4 +Print the full name of the current key\&. +.RE +.PP +set|update +.RS 4 +Update the value of a key value\&. Not implemented at the moment\&. +.RE +.PP +help|? +.RS 4 +Print a list of available commands\&. +.RE +.PP +exit|quit +.RS 4 +Leave regshell\&. +.RE +.SH "EXAMPLES" +.PP +Browsing thru a nt4 registry file +.sp +.if n \{\ +.RS 4 +.\} +.nf +\fBregshell \-b nt4 NTUSER\&.DAT\fR +$$$PROTO\&.HIV> \fBls\fR +K AppEvents +K Console +K Control Panel +K Environment +K Identities +K Keyboard Layout +K Network +K Printers +K Software +K UNICODE Program Groups +K Windows 3\&.1 Migration Status +$$$PROTO\&.HIV> \fBexit\fR +.fi +.if n \{\ +.RE +.\} +.PP +Listing the subkeys of HKEY_CURRENT_USER\eAppEvents on a remote computer: +.sp +.if n \{\ +.RS 4 +.\} +.nf +\fBregshell \-\-remote=ncacn_np:aurelia \-c "jelmer%secret"\fR +HKEY_CURRENT_MACHINE> \fBpredef HKEY_CURRENT_USER\fR +HKEY_CURRENT_USER> \fBcd AppEvents\fR +Current path is: HKEY_CURRENT_USER\eAppEvents +HKEY_CURRENT_USER\eAppEvents> \fBls\fR +K EventLabels +K Schemes +HKEY_CURRENT_USER\eAppEvents> \fBexit\fR +.fi +.if n \{\ +.RE +.\} +.SH "VERSION" +.PP +This man page is correct for version 4\&.0 of the Samba suite\&. +.SH "SEE ALSO" +.PP +regtree, regdiff, regpatch, gregedit, samba +.SH "AUTHOR" +.PP +This utility is part of the +\m[blue]\fBSamba\fR\m[]\&\s-2\u[1]\d\s+2 +suite, which is developed by the global +\m[blue]\fBSamba Team\fR\m[]\&\s-2\u[2]\d\s+2\&. +.PP +This manpage and regshell were written by Jelmer Vernooij\&. +.SH "NOTES" +.IP " 1." 4 +Samba +.RS 4 +\%http://www.samba.org/ +.RE +.IP " 2." 4 +Samba Team +.RS 4 +\%http://www.samba.org/samba/team/ +.RE Index: files/man/regtree.1 =================================================================== --- files/man/regtree.1 +++ files/man/regtree.1 @@ -0,0 +1,89 @@ +'\" t +.\" Title: regtree +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 03/21/2017 +.\" Manual: System Administration tools +.\" Source: Samba 4.0 +.\" Language: English +.\" +.TH "REGTREE" "1" "03/21/2017" "Samba 4\&.0" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +regtree \- Text\-mode registry viewer +.SH "SYNOPSIS" +.HP \w'\fBregtree\fR\ 'u +\fBregtree\fR [\-\-help] [\-\-backend=BACKEND] [\-\-fullpath] [\-\-no\-values] [\-\-credentials=CREDENTIALS] [location] +.SH "DESCRIPTION" +.PP +The regtree utility prints out all the contents of a Windows registry file\&. Subkeys are printed with one level more indentation than their parents\&. +.SH "OPTIONS" +.PP +\-\-help +.RS 4 +Show list of available options\&. +.RE +.PP +\-\-backend BACKEND +.RS 4 +Name of backend to load\&. Possible values are: creg, regf, dir and rpc\&. The default is +\fIdir\fR\&. +.RE +.PP +\-\-credentials=CREDENTIALS +.RS 4 +Credentials to use, if any\&. Password should be separated from user name by a percent sign\&. +.RE +.PP +\-\-fullpath +.RS 4 +Print the full path to each key instead of only its name\&. +.RE +.PP +\-\-no\-values +.RS 4 +Don\*(Aqt print values, just keys\&. +.RE +.SH "VERSION" +.PP +This man page is correct for version 4\&.0 of the Samba suite\&. +.SH "SEE ALSO" +.PP +gregedit, regshell, regdiff, regpatch, samba +.SH "AUTHOR" +.PP +This utility is part of the +\m[blue]\fBSamba\fR\m[]\&\s-2\u[1]\d\s+2 +suite, which is developed by the global +\m[blue]\fBSamba Team\fR\m[]\&\s-2\u[2]\d\s+2\&. +.PP +This manpage and regtree were written by Jelmer Vernooij\&. +.SH "NOTES" +.IP " 1." 4 +Samba +.RS 4 +\%http://www.samba.org/ +.RE +.IP " 2." 4 +Samba Team +.RS 4 +\%http://www.samba.org/samba/team/ +.RE Index: files/man/samba-gpupdate.8 =================================================================== --- files/man/samba-gpupdate.8 +++ files/man/samba-gpupdate.8 @@ -0,0 +1,113 @@ +'\" t +.\" Title: SAMBA_GPOUPDATE +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 2017-07-11 +.\" Manual: System Administration tools +.\" Source: Samba 4.8.0 +.\" Language: English +.\" +.TH "SAMBA_GPOUPDATE" "8" "2017\-07\-11" "Samba 4\&.8\&.0" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +samba_gpoupdate \- apply group policy +.SH "SYNOPSIS" +.HP \w'\fBsamba_gpoupdate\fR\ 'u +\fBsamba_gpoupdate\fR +.HP \w'\fBsamba_gpoupdate\fR\ 'u +\fBsamba_gpoupdate\fR [\fIoptions\fR] +.SH "DESCRIPTION" +.PP +This tool is part of the +\fBsamba\fR(1) +suite\&. +.PP +\fBsamba_gpoupdate\fR +a script for applying and unapplying Group Policy\&. Group Policy application is experimental\&. Currently this applies password policies (minimum/maximum password age, minimum password length, and password complexity) and kerberos policies (user/service ticket lifetime and renew lifetime)\&. +.SH "OPTIONS" +.PP +\fB\-h\fR, +\fB\-\-help\fR +show this help message and exit +.PP +\fB\-H \fRURL, +\fB\-\-url\fR=\fIURL\fR +URL for the samdb +.PP +\fB\-X\fR, +\fB\-\-unapply\fR +Unapply Group Policy +.PP +Samba Common Options: +.PP +\fB\-s \fRFILE, +\fB\-\-configfile\fR=\fIFILE\fR +Configuration file +.PP +\fB\-d \fRDEBUGLEVEL, +\fB\-\-debuglevel\fR=\fIDEBUGLEVEL\fR +debug level +.PP +\fB\-\-option\fR=\fIOPTION\fR +set smb\&.conf option from command line +.PP +\fB\-\-realm\fR=\fIREALM\fR +set the realm name +.PP +Version Options: +.PP +\fB\-V\fR, +\fB\-\-version\fR +Display version number +.PP +Credentials Options: +.PP +\fB\-\-simple\-bind\-dn\fR=\fIDN\fR +DN to use for a simple bind +.PP +\fB\-\-password\fR=\fIPASSWORD\fR +Password +.PP +\fB\-U \fRUSERNAME, +\fB\-\-username\fR=\fIUSERNAME\fR +Username +.PP +\fB\-W \fRWORKGROUP, +\fB\-\-workgroup\fR=\fIWORKGROUP\fR +Workgroup +.PP +\fB\-N\fR, +\fB\-\-no\-pass\fR +Don\*(Aqt ask for a password +.PP +\fB\-k \fRKERBEROS, +\fB\-\-kerberos\fR=\fIKERBEROS\fR +Use Kerberos +.PP +\fB\-\-ipaddress\fR=\fIIPADDRESS\fR +IP address of server +.PP +\fB\-P\fR, +\fB\-\-machine\-pass\fR +Use stored machine account password +.SH "AUTHOR" +.PP +The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&. Index: files/man/smbtorture.1 =================================================================== --- files/man/smbtorture.1 +++ files/man/smbtorture.1 @@ -0,0 +1,367 @@ +'\" t +.\" Title: smbtorture +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 03/21/2017 +.\" Manual: Test Suite +.\" Source: Samba 4.0 +.\" Language: English +.\" +.TH "SMBTORTURE" "1" "03/21/2017" "Samba 4\&.0" "Test Suite" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +smbtorture \- Run a series of tests against a SMB server +.SH "SYNOPSIS" +.HP \w'\fBsmbtorture\fR\ 'u +\fBsmbtorture\fR {//server/share} [\-d\ debuglevel] [\-U\ user%pass] [\-k] [\-N\ numprocs] [\-n\ netbios_name] [\-W\ workgroup] [\-o\ num_operations] [\-e\ num\ files(entries)] [\-O\ socket_options] [\-m\ maximum_protocol] [\-L] [\-c\ CLIENT\&.TXT] [\-t\ timelimit] [\-C\ filename] [\-A] [\-p\ port] [\-s\ seed] [\-f\ max_failures] [\-X] {BINDING\-STRING|UNC} {TEST1} [TEST2] [\&.\&.\&.] +.SH "DESCRIPTION" +.PP +smbtorture is a testsuite that runs several tests against a SMB server\&. All tests are known to succeed against a Windows 2003 server (?)\&. Smbtorture\*(Aqs primary goal is finding differences in implementations of the SMB protocol and testing SMB servers\&. +.PP +Any number of tests can be specified on the command\-line\&. If no tests are specified, all tests are run\&. +.PP +If no arguments are specified at all, all available options and tests are listed\&. +.SS "Binding string format" +.PP +The binding string format is: +.PP +TRANSPORT:host[flags] +.PP +Where TRANSPORT is either ncacn_np for SMB, ncacn_ip_tcp for RPC/TCP or ncalrpc for local connections\&. +.PP +\*(Aqhost\*(Aq is an IP or hostname or netbios name\&. If the binding string identifies the server side of an endpoint, \*(Aqhost\*(Aq may be an empty string\&. +.PP +\*(Aqflags\*(Aq can include a SMB pipe name if using the ncacn_np transport or a TCP port number if using the ncacn_ip_tcp transport, otherwise they will be auto\-determined\&. +.PP +other recognised flags are: +.PP +sign +.RS 4 +enable ntlmssp signing +.RE +.PP +seal +.RS 4 +enable ntlmssp sealing +.RE +.PP +connect +.RS 4 +enable rpc connect level auth (auth, but no sign or seal) +.RE +.PP +validate +.RS 4 +enable the NDR validator +.RE +.PP +print +.RS 4 +enable debugging of the packets +.RE +.PP +bigendian +.RS 4 +use bigendian RPC +.RE +.PP +padcheck +.RS 4 +check reply data for non\-zero pad bytes +.RE +.PP +For example, these all connect to the samr pipe: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ncacn_np:myserver +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ncacn_np:myserver[samr] +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ncacn_np:myserver[\e\epipe\e\esamr] +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ncacn_np:myserver[/pipe/samr] +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ncacn_np:myserver[samr,sign,print] +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ncacn_np:myserver[\e\epipe\e\esamr,sign,seal,bigendian] +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ncacn_np:myserver[/pipe/samr,seal,validate] +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ncacn_np: +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ncacn_np:[/pipe/samr] +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ncacn_ip_tcp:myserver +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ncacn_ip_tcp:myserver[1024] +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ncacn_ip_tcp:myserver[1024,sign,seal] +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +ncalrpc: +.RE +.SS "UNC Format" +.PP +The UNC format is: +.PP +//server/share +.SH "OPTIONS" +.PP +\-d debuglevel +.RS 4 +Use the specified Samba debug level\&. A higher debug level means more output\&. +.RE +.PP +\-U user%pass +.RS 4 +Use the specified username/password combination when logging in to a remote server\&. +.RE +.PP +\-k +.RS 4 +Use kerberos when authenticating\&. +.RE +.PP +\-W workgroup +.RS 4 +Use specified name as our workgroup name\&. +.RE +.PP +\-n netbios_name +.RS 4 +Use specified name as our NetBIOS name\&. +.RE +.PP +\-O socket_options +.RS 4 +Use specified socket options, equivalent of the smb\&.conf option +\(lqsocket options\(rq\&. See the smb\&.conf(5) manpage for details\&. +.RE +.PP +\-m max_protocol +.RS 4 +Specify the maximum SMB dialect that should be used\&. Possible values are: CORE, COREPLUS, LANMAN1, LANMAN2, NT1 +.RE +.PP +\-s seed +.RS 4 +Initialize the randomizer using +\fIseed\fR +as seed\&. +.RE +.PP +\-L +.RS 4 +Use oplocks\&. +.RE +.PP +\-X +.RS 4 +Enable dangerous tests\&. Use with care! This might crash your server\&.\&.\&. +.RE +.PP +\-t timelimit +.RS 4 +Specify the NBENCH time limit in seconds\&. Defaults to 600\&. +.RE +.PP +\-p ports +.RS 4 +Specify ports to connect to\&. +.RE +.PP +\-c file +.RS 4 +Read NBENCH commands from +\fIfile\fR +instead of from CLIENT\&.TXT\&. +.RE +.PP +\-A +.RS 4 +Show not just OK or FAILED but more detailed output\&. Used only by DENY test at the moment\&. +.RE +.PP +\-C filename +.RS 4 +Load a list of UNC names from the specified filename\&. Smbtorture instances will connect to a random host from this list\&. +.RE +.PP +\-N numprocs +.RS 4 +Specify number of smbtorture processes to launch\&. +.RE +.PP +\-o num_operations +.RS 4 +Number of times some operations should be tried before assuming they\*(Aqre output is consistent (default:100)\&. +.RE +.PP +\-e num_files +.RS 4 +Number of entries to use in certain tests (such as creating X files) (default: 1000)\&. +.RE +.PP +\-f max_failures +.RS 4 +Number of failures before aborting a test (default: 1)\&. +.RE +.SH "VERSION" +.PP +This man page is correct for version 4\&.0 of the Samba suite\&. +.SH "SEE ALSO" +.PP +Samba +.SH "AUTHOR" +.PP +This utility is part of the +\m[blue]\fBSamba\fR\m[]\&\s-2\u[1]\d\s+2 +suite, which is developed by the global +\m[blue]\fBSamba Team\fR\m[]\&\s-2\u[2]\d\s+2\&. +.PP +smbtorture was written by Andrew Tridgell\&. +.PP +This manpage was written by Jelmer Vernooij\&. +.SH "NOTES" +.IP " 1." 4 +Samba +.RS 4 +\%http://www.samba.org/ +.RE +.IP " 2." 4 +Samba Team +.RS 4 +\%http://www.samba.org/samba/team/ +.RE Index: files/man/talloc.3 =================================================================== --- files/man/talloc.3 +++ files/man/talloc.3 @@ -0,0 +1,683 @@ +'\" t +.\" Title: talloc +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 2015-04-10 +.\" Manual: System Administration tools +.\" Source: Samba 4.0 +.\" Language: English +.\" +.TH "TALLOC" "3" "2015\-04\-10" "Samba 4\&.0" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +talloc \- hierarchical reference counted memory pool system with destructors +.SH "SYNOPSIS" +.sp +.nf +#include +.fi +.SH "DESCRIPTION" +.PP +If you are used to talloc from Samba3 then please read this carefully, as talloc has changed a lot\&. +.PP +The new talloc is a hierarchical, reference counted memory pool system with destructors\&. Quite a mouthful really, but not too bad once you get used to it\&. +.PP +Perhaps the biggest change from Samba3 is that there is no distinction between a "talloc context" and a "talloc pointer"\&. Any pointer returned from talloc() is itself a valid talloc context\&. This means you can do this: +.sp +.if n \{\ +.RS 4 +.\} +.nf + struct foo *X = talloc(mem_ctx, struct foo); + X\->name = talloc_strdup(X, "foo"); + +.fi +.if n \{\ +.RE +.\} +.PP +and the pointer +X\->name +would be a "child" of the talloc context +X +which is itself a child of +mem_ctx\&. So if you do +talloc_free(mem_ctx) +then it is all destroyed, whereas if you do +talloc_free(X) +then just +X +and +X\->name +are destroyed, and if you do +talloc_free(X\->name) +then just the name element of +X +is destroyed\&. +.PP +If you think about this, then what this effectively gives you is an n\-ary tree, where you can free any part of the tree with talloc_free()\&. +.PP +If you find this confusing, then I suggest you run the +testsuite +program to watch talloc in action\&. You may also like to add your own tests to +testsuite\&.c +to clarify how some particular situation is handled\&. +.SH "TALLOC API" +.PP +The following is a complete guide to the talloc API\&. Read it all at least twice\&. +.SS "(type *)talloc(const void *ctx, type);" +.PP +The talloc() macro is the core of the talloc library\&. It takes a memory +\fIctx\fR +and a +\fItype\fR, and returns a pointer to a new area of memory of the given +\fItype\fR\&. +.PP +The returned pointer is itself a talloc context, so you can use it as the +\fIctx\fR +argument to more calls to talloc() if you wish\&. +.PP +The returned pointer is a "child" of the supplied context\&. This means that if you talloc_free() the +\fIctx\fR +then the new child disappears as well\&. Alternatively you can free just the child\&. +.PP +The +\fIctx\fR +argument to talloc() can be NULL, in which case a new top level context is created\&. +.SS "void *talloc_size(const void *ctx, size_t size);" +.PP +The function talloc_size() should be used when you don\*(Aqt have a convenient type to pass to talloc()\&. Unlike talloc(), it is not type safe (as it returns a void *), so you are on your own for type checking\&. +.SS "(typeof(ptr)) talloc_ptrtype(const void *ctx, ptr);" +.PP +The talloc_ptrtype() macro should be used when you have a pointer and want to allocate memory to point at with this pointer\&. When compiling with gcc >= 3 it is typesafe\&. Note this is a wrapper of talloc_size() and talloc_get_name() will return the current location in the source file\&. and not the type\&. +.SS "int talloc_free(void *ptr);" +.PP +The talloc_free() function frees a piece of talloc memory, and all its children\&. You can call talloc_free() on any pointer returned by talloc()\&. +.PP +The return value of talloc_free() indicates success or failure, with 0 returned for success and \-1 for failure\&. The only possible failure condition is if +\fIptr\fR +had a destructor attached to it and the destructor returned \-1\&. See +\(lqtalloc_set_destructor()\(rq +for details on destructors\&. +.PP +If this pointer has an additional parent when talloc_free() is called then the memory is not actually released, but instead the most recently established parent is destroyed\&. See +\(lqtalloc_reference()\(rq +for details on establishing additional parents\&. +.PP +For more control on which parent is removed, see +\(lqtalloc_unlink()\(rq\&. +.PP +talloc_free() operates recursively on its children\&. +.PP +From the 2\&.0 version of talloc, as a special case, talloc_free() is refused on pointers that have more than one parent, as talloc would have no way of knowing which parent should be removed\&. To free a pointer that has more than one parent please use talloc_unlink()\&. +.PP +To help you find problems in your code caused by this behaviour, if you do try and free a pointer with more than one parent then the talloc logging function will be called to give output like this: +.PP + +.sp +.if n \{\ +.RS 4 +.\} +.nf + ERROR: talloc_free with references at some_dir/source/foo\&.c:123 + reference at some_dir/source/other\&.c:325 + reference at some_dir/source/third\&.c:121 + +.fi +.if n \{\ +.RE +.\} +.PP +Please see the documentation for talloc_set_log_fn() and talloc_set_log_stderr() for more information on talloc logging functions\&. +.SS "void *talloc_reference(const void *ctx, const void *ptr);" +.PP +The talloc_reference() function makes +\fIctx\fR +an additional parent of +\fIptr\fR\&. +.PP +The return value of talloc_reference() is always the original pointer +\fIptr\fR, unless talloc ran out of memory in creating the reference in which case it will return NULL (each additional reference consumes around 48 bytes of memory on intel x86 platforms)\&. +.PP +If +\fIptr\fR +is NULL, then the function is a no\-op, and simply returns NULL\&. +.PP +After creating a reference you can free it in one of the following ways: +.PP + +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +you can talloc_free() any parent of the original pointer\&. That will reduce the number of parents of this pointer by 1, and will cause this pointer to be freed if it runs out of parents\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +you can talloc_free() the pointer itself if it has at maximum one parent\&. This behaviour has been changed since the release of version 2\&.0\&. Further informations in the description of "talloc_free"\&. +.RE +.PP +For more control on which parent to remove, see +\(lqtalloc_unlink()\(rq\&. +.SS "int talloc_unlink(const void *ctx, void *ptr);" +.PP +The talloc_unlink() function removes a specific parent from +\fIptr\fR\&. The +\fIctx\fR +passed must either be a context used in talloc_reference() with this pointer, or must be a direct parent of ptr\&. +.PP +Note that if the parent has already been removed using talloc_free() then this function will fail and will return \-1\&. Likewise, if +\fIptr\fR +is NULL, then the function will make no modifications and return \-1\&. +.PP +Usually you can just use talloc_free() instead of talloc_unlink(), but sometimes it is useful to have the additional control on which parent is removed\&. +.SS "void talloc_set_destructor(const void *ptr, int (*destructor)(void *));" +.PP +The function talloc_set_destructor() sets the +\fIdestructor\fR +for the pointer +\fIptr\fR\&. A +\fIdestructor\fR +is a function that is called when the memory used by a pointer is about to be released\&. The destructor receives +\fIptr\fR +as an argument, and should return 0 for success and \-1 for failure\&. +.PP +The +\fIdestructor\fR +can do anything it wants to, including freeing other pieces of memory\&. A common use for destructors is to clean up operating system resources (such as open file descriptors) contained in the structure the destructor is placed on\&. +.PP +You can only place one destructor on a pointer\&. If you need more than one destructor then you can create a zero\-length child of the pointer and place an additional destructor on that\&. +.PP +To remove a destructor call talloc_set_destructor() with NULL for the destructor\&. +.PP +If your destructor attempts to talloc_free() the pointer that it is the destructor for then talloc_free() will return \-1 and the free will be ignored\&. This would be a pointless operation anyway, as the destructor is only called when the memory is just about to go away\&. +.SS "int talloc_increase_ref_count(const void *\fIptr\fR);" +.PP +The talloc_increase_ref_count(\fIptr\fR) function is exactly equivalent to: +.sp +.if n \{\ +.RS 4 +.\} +.nf +talloc_reference(NULL, ptr); +.fi +.if n \{\ +.RE +.\} +.PP +You can use either syntax, depending on which you think is clearer in your code\&. +.PP +It returns 0 on success and \-1 on failure\&. +.SS "size_t talloc_reference_count(const void *\fIptr\fR);" +.PP +Return the number of references to the pointer\&. +.SS "void talloc_set_name(const void *ptr, const char *fmt, \&.\&.\&.);" +.PP +Each talloc pointer has a "name"\&. The name is used principally for debugging purposes, although it is also possible to set and get the name on a pointer in as a way of "marking" pointers in your code\&. +.PP +The main use for names on pointer is for "talloc reports"\&. See +\(lqtalloc_report_depth_cb()\(rq, +\(lqtalloc_report_depth_file()\(rq, +\(lqtalloc_report()\(rq +\(lqtalloc_report()\(rq +and +\(lqtalloc_report_full()\(rq +for details\&. Also see +\(lqtalloc_enable_leak_report()\(rq +and +\(lqtalloc_enable_leak_report_full()\(rq\&. +.PP +The talloc_set_name() function allocates memory as a child of the pointer\&. It is logically equivalent to: +.sp +.if n \{\ +.RS 4 +.\} +.nf +talloc_set_name_const(ptr, talloc_asprintf(ptr, fmt, \&.\&.\&.)); +.fi +.if n \{\ +.RE +.\} +.PP +Note that multiple calls to talloc_set_name() will allocate more memory without releasing the name\&. All of the memory is released when the ptr is freed using talloc_free()\&. +.SS "void talloc_set_name_const(const void *\fIptr\fR, const char *\fIname\fR);" +.PP +The function talloc_set_name_const() is just like talloc_set_name(), but it takes a string constant, and is much faster\&. It is extensively used by the "auto naming" macros, such as talloc_p()\&. +.PP +This function does not allocate any memory\&. It just copies the supplied pointer into the internal representation of the talloc ptr\&. This means you must not pass a +\fIname\fR +pointer to memory that will disappear before +\fIptr\fR +is freed with talloc_free()\&. +.SS "void *talloc_named(const void *\fIctx\fR, size_t \fIsize\fR, const char *\fIfmt\fR, \&.\&.\&.);" +.PP +The talloc_named() function creates a named talloc pointer\&. It is equivalent to: +.sp +.if n \{\ +.RS 4 +.\} +.nf +ptr = talloc_size(ctx, size); +talloc_set_name(ptr, fmt, \&.\&.\&.\&.); +.fi +.if n \{\ +.RE +.\} +.SS "void *talloc_named_const(const void *\fIctx\fR, size_t \fIsize\fR, const char *\fIname\fR);" +.PP +This is equivalent to: +.sp +.if n \{\ +.RS 4 +.\} +.nf +ptr = talloc_size(ctx, size); +talloc_set_name_const(ptr, name); +.fi +.if n \{\ +.RE +.\} +.SS "const char *talloc_get_name(const void *\fIptr\fR);" +.PP +This returns the current name for the given talloc pointer, +\fIptr\fR\&. See +\(lqtalloc_set_name()\(rq +for details\&. +.SS "void *talloc_init(const char *\fIfmt\fR, \&.\&.\&.);" +.PP +This function creates a zero length named talloc context as a top level context\&. It is equivalent to: +.sp +.if n \{\ +.RS 4 +.\} +.nf +talloc_named(NULL, 0, fmt, \&.\&.\&.); +.fi +.if n \{\ +.RE +.\} +.SS "void *talloc_new(void *\fIctx\fR);" +.PP +This is a utility macro that creates a new memory context hanging off an existing context, automatically naming it "talloc_new: __location__" where __location__ is the source line it is called from\&. It is particularly useful for creating a new temporary working context\&. +.SS "(\fItype\fR *)talloc_realloc(const void *\fIctx\fR, void *\fIptr\fR, \fItype\fR, \fIcount\fR);" +.PP +The talloc_realloc() macro changes the size of a talloc pointer\&. It has the following equivalences: +.sp +.if n \{\ +.RS 4 +.\} +.nf +talloc_realloc(ctx, NULL, type, 1) ==> talloc(ctx, type); +talloc_realloc(ctx, ptr, type, 0) ==> talloc_free(ptr); +.fi +.if n \{\ +.RE +.\} +.PP +The +\fIctx\fR +argument is only used if +\fIptr\fR +is not NULL, otherwise it is ignored\&. +.PP +talloc_realloc() returns the new pointer, or NULL on failure\&. The call will fail either due to a lack of memory, or because the pointer has more than one parent (see +\(lqtalloc_reference()\(rq)\&. +.SS "void *talloc_realloc_size(const void *ctx, void *ptr, size_t size);" +.PP +the talloc_realloc_size() function is useful when the type is not known so the type\-safe talloc_realloc() cannot be used\&. +.SS "TYPE *talloc_steal(const void *\fInew_ctx\fR, const TYPE *\fIptr\fR);" +.PP +The talloc_steal() function changes the parent context of a talloc pointer\&. It is typically used when the context that the pointer is currently a child of is going to be freed and you wish to keep the memory for a longer time\&. +.PP +The talloc_steal() function returns the pointer that you pass it\&. It does not have any failure modes\&. +.PP +It is possible to produce loops in the parent/child relationship if you are not careful with talloc_steal()\&. No guarantees are provided as to your sanity or the safety of your data if you do this\&. +.PP +Note that if you try and call talloc_steal() on a pointer that has more than one parent then the result is ambiguous\&. Talloc will choose to remove the parent that is currently indicated by talloc_parent() and replace it with the chosen parent\&. You will also get a message like this via the talloc logging functions: +.PP + +.sp +.if n \{\ +.RS 4 +.\} +.nf + WARNING: talloc_steal with references at some_dir/source/foo\&.c:123 + reference at some_dir/source/other\&.c:325 + reference at some_dir/source/third\&.c:121 + +.fi +.if n \{\ +.RE +.\} +.PP +To unambiguously change the parent of a pointer please see the function +\(lqtalloc_reparent()\(rq\&. See the talloc_set_log_fn() documentation for more information on talloc logging\&. +.SS "TYPE *talloc_reparent(const void *\fIold_parent\fR, const void *\fInew_parent\fR, const TYPE *\fIptr\fR);" +.PP +The talloc_reparent() function changes the parent context of a talloc pointer\&. It is typically used when the context that the pointer is currently a child of is going to be freed and you wish to keep the memory for a longer time\&. +.PP +The talloc_reparent() function returns the pointer that you pass it\&. It does not have any failure modes\&. +.PP +The difference between talloc_reparent() and talloc_steal() is that talloc_reparent() can specify which parent you wish to change\&. This is useful when a pointer has multiple parents via references\&. +.SS "TYPE *talloc_move(const void *\fInew_ctx\fR, TYPE **\fIptr\fR);" +.PP +The talloc_move() function is a wrapper around talloc_steal() which zeros the source pointer after the move\&. This avoids a potential source of bugs where a programmer leaves a pointer in two structures, and uses the pointer from the old structure after it has been moved to a new one\&. +.SS "size_t talloc_total_size(const void *\fIptr\fR);" +.PP +The talloc_total_size() function returns the total size in bytes used by this pointer and all child pointers\&. Mostly useful for debugging\&. +.PP +Passing NULL is allowed, but it will only give a meaningful result if talloc_enable_leak_report() or talloc_enable_leak_report_full() has been called\&. +.SS "size_t talloc_total_blocks(const void *\fIptr\fR);" +.PP +The talloc_total_blocks() function returns the total memory block count used by this pointer and all child pointers\&. Mostly useful for debugging\&. +.PP +Passing NULL is allowed, but it will only give a meaningful result if talloc_enable_leak_report() or talloc_enable_leak_report_full() has been called\&. +.SS "void talloc_report(const void *ptr, FILE *f);" +.PP +The talloc_report() function prints a summary report of all memory used by +\fIptr\fR\&. One line of report is printed for each immediate child of ptr, showing the total memory and number of blocks used by that child\&. +.PP +You can pass NULL for the pointer, in which case a report is printed for the top level memory context, but only if talloc_enable_leak_report() or talloc_enable_leak_report_full() has been called\&. +.SS "void talloc_report_full(const void *\fIptr\fR, FILE *\fIf\fR);" +.PP +This provides a more detailed report than talloc_report()\&. It will recursively print the entire tree of memory referenced by the pointer\&. References in the tree are shown by giving the name of the pointer that is referenced\&. +.PP +You can pass NULL for the pointer, in which case a report is printed for the top level memory context, but only if talloc_enable_leak_report() or talloc_enable_leak_report_full() has been called\&. +.SS "" +.HP \w'void\ talloc_report_depth_cb('u +.BI "void talloc_report_depth_cb(" "const\ void\ *ptr" ", " "int\ depth" ", " "int\ max_depth" ", " "void\ (*callback)(const\ void\ *ptr,\ int\ depth,\ int\ max_depth,\ int\ is_ref,\ void\ *priv)" ", " "void\ *priv" ");" +.PP +This provides a more flexible reports than talloc_report()\&. It will recursively call the callback for the entire tree of memory referenced by the pointer\&. References in the tree are passed with +\fIis_ref = 1\fR +and the pointer that is referenced\&. +.PP +You can pass NULL for the pointer, in which case a report is printed for the top level memory context, but only if talloc_enable_leak_report() or talloc_enable_leak_report_full() has been called\&. +.PP +The recursion is stopped when depth >= max_depth\&. max_depth = \-1 means only stop at leaf nodes\&. +.SS "" +.HP \w'void\ talloc_report_depth_file('u +.BI "void talloc_report_depth_file(" "const\ void\ *ptr" ", " "int\ depth" ", " "int\ max_depth" ", " "FILE\ *f" ");" +.PP +This provides a more flexible reports than talloc_report()\&. It will let you specify the depth and max_depth\&. +.SS "void talloc_enable_leak_report(void);" +.PP +This enables calling of talloc_report(NULL, stderr) when the program exits\&. In Samba4 this is enabled by using the \-\-leak\-report command line option\&. +.PP +For it to be useful, this function must be called before any other talloc function as it establishes a "null context" that acts as the top of the tree\&. If you don\*(Aqt call this function first then passing NULL to talloc_report() or talloc_report_full() won\*(Aqt give you the full tree printout\&. +.PP +Here is a typical talloc report: +.sp +.if n \{\ +.RS 4 +.\} +.nf +talloc report on \*(Aqnull_context\*(Aq (total 267 bytes in 15 blocks) +libcli/auth/spnego_parse\&.c:55 contains 31 bytes in 2 blocks +libcli/auth/spnego_parse\&.c:55 contains 31 bytes in 2 blocks +iconv(UTF8,CP850) contains 42 bytes in 2 blocks +libcli/auth/spnego_parse\&.c:55 contains 31 bytes in 2 blocks +iconv(CP850,UTF8) contains 42 bytes in 2 blocks +iconv(UTF8,UTF\-16LE) contains 45 bytes in 2 blocks +iconv(UTF\-16LE,UTF8) contains 45 bytes in 2 blocks + +.fi +.if n \{\ +.RE +.\} +.SS "void talloc_enable_leak_report_full(void);" +.PP +This enables calling of talloc_report_full(NULL, stderr) when the program exits\&. In Samba4 this is enabled by using the \-\-leak\-report\-full command line option\&. +.PP +For it to be useful, this function must be called before any other talloc function as it establishes a "null context" that acts as the top of the tree\&. If you don\*(Aqt call this function first then passing NULL to talloc_report() or talloc_report_full() won\*(Aqt give you the full tree printout\&. +.PP +Here is a typical full report: +.sp +.if n \{\ +.RS 4 +.\} +.nf +full talloc report on \*(Aqroot\*(Aq (total 18 bytes in 8 blocks) +p1 contains 18 bytes in 7 blocks (ref 0) + r1 contains 13 bytes in 2 blocks (ref 0) + reference to: p2 + p2 contains 1 bytes in 1 blocks (ref 1) + x3 contains 1 bytes in 1 blocks (ref 0) + x2 contains 1 bytes in 1 blocks (ref 0) + x1 contains 1 bytes in 1 blocks (ref 0) + +.fi +.if n \{\ +.RE +.\} +.SS "(\fItype\fR *)talloc_zero(const void *\fIctx\fR, \fItype\fR);" +.PP +The talloc_zero() macro is equivalent to: +.sp +.if n \{\ +.RS 4 +.\} +.nf +ptr = talloc(ctx, type); +if (ptr) memset(ptr, 0, sizeof(type)); +.fi +.if n \{\ +.RE +.\} +.SS "void *talloc_zero_size(const void *\fIctx\fR, size_t \fIsize\fR)" +.PP +The talloc_zero_size() function is useful when you don\*(Aqt have a known type\&. +.SS "void *talloc_memdup(const void *\fIctx\fR, const void *\fIp\fR, size_t size);" +.PP +The talloc_memdup() function is equivalent to: +.sp +.if n \{\ +.RS 4 +.\} +.nf +ptr = talloc_size(ctx, size); +if (ptr) memcpy(ptr, p, size); +.fi +.if n \{\ +.RE +.\} +.SS "char *talloc_strdup(const void *\fIctx\fR, const char *\fIp\fR);" +.PP +The talloc_strdup() function is equivalent to: +.sp +.if n \{\ +.RS 4 +.\} +.nf +ptr = talloc_size(ctx, strlen(p)+1); +if (ptr) memcpy(ptr, p, strlen(p)+1); +.fi +.if n \{\ +.RE +.\} +.PP +This function sets the name of the new pointer to the passed string\&. This is equivalent to: +.sp +.if n \{\ +.RS 4 +.\} +.nf +talloc_set_name_const(ptr, ptr) +.fi +.if n \{\ +.RE +.\} +.SS "char *talloc_strndup(const void *\fIt\fR, const char *\fIp\fR, size_t \fIn\fR);" +.PP +The talloc_strndup() function is the talloc equivalent of the C library function strndup(3)\&. +.PP +This function sets the name of the new pointer to the passed string\&. This is equivalent to: +.sp +.if n \{\ +.RS 4 +.\} +.nf +talloc_set_name_const(ptr, ptr) +.fi +.if n \{\ +.RE +.\} +.SS "char *talloc_vasprintf(const void *\fIt\fR, const char *\fIfmt\fR, va_list \fIap\fR);" +.PP +The talloc_vasprintf() function is the talloc equivalent of the C library function vasprintf(3)\&. +.PP +This function sets the name of the new pointer to the new string\&. This is equivalent to: +.sp +.if n \{\ +.RS 4 +.\} +.nf +talloc_set_name_const(ptr, ptr) +.fi +.if n \{\ +.RE +.\} +.SS "char *talloc_asprintf(const void *\fIt\fR, const char *\fIfmt\fR, \&.\&.\&.);" +.PP +The talloc_asprintf() function is the talloc equivalent of the C library function asprintf(3)\&. +.PP +This function sets the name of the new pointer to the passed string\&. This is equivalent to: +.sp +.if n \{\ +.RS 4 +.\} +.nf +talloc_set_name_const(ptr, ptr) +.fi +.if n \{\ +.RE +.\} +.SS "char *talloc_asprintf_append(char *s, const char *fmt, \&.\&.\&.);" +.PP +The talloc_asprintf_append() function appends the given formatted string to the given string\&. +.PP +This function sets the name of the new pointer to the new string\&. This is equivalent to: +.sp +.if n \{\ +.RS 4 +.\} +.nf +talloc_set_name_const(ptr, ptr) +.fi +.if n \{\ +.RE +.\} +.SS "(type *)talloc_array(const void *ctx, type, unsigned int count);" +.PP +The talloc_array() macro is equivalent to: +.sp +.if n \{\ +.RS 4 +.\} +.nf +(type *)talloc_size(ctx, sizeof(type) * count); +.fi +.if n \{\ +.RE +.\} +.PP +except that it provides integer overflow protection for the multiply, returning NULL if the multiply overflows\&. +.SS "void *talloc_array_size(const void *ctx, size_t size, unsigned int count);" +.PP +The talloc_array_size() function is useful when the type is not known\&. It operates in the same way as talloc_array(), but takes a size instead of a type\&. +.SS "(typeof(ptr)) talloc_array_ptrtype(const void *ctx, ptr, unsigned int count);" +.PP +The talloc_ptrtype() macro should be used when you have a pointer to an array and want to allocate memory of an array to point at with this pointer\&. When compiling with gcc >= 3 it is typesafe\&. Note this is a wrapper of talloc_array_size() and talloc_get_name() will return the current location in the source file\&. and not the type\&. +.SS "void *talloc_realloc_fn(const void *ctx, void *ptr, size_t size)" +.PP +This is a non\-macro version of talloc_realloc(), which is useful as libraries sometimes want a realloc function pointer\&. A realloc(3) implementation encapsulates the functionality of malloc(3), free(3) and realloc(3) in one call, which is why it is useful to be able to pass around a single function pointer\&. +.SS "void *talloc_autofree_context(void);" +.PP +This is a handy utility function that returns a talloc context which will be automatically freed on program exit\&. This can be used to reduce the noise in memory leak reports\&. +.SS "void *talloc_check_name(const void *ptr, const char *name);" +.PP +This function checks if a pointer has the specified +\fIname\fR\&. If it does then the pointer is returned\&. It it doesn\*(Aqt then NULL is returned\&. +.SS "(type *)talloc_get_type(const void *ptr, type);" +.PP +This macro allows you to do type checking on talloc pointers\&. It is particularly useful for void* private pointers\&. It is equivalent to this: +.sp +.if n \{\ +.RS 4 +.\} +.nf +(type *)talloc_check_name(ptr, #type) +.fi +.if n \{\ +.RE +.\} +.SS "talloc_set_type(const void *ptr, type);" +.PP +This macro allows you to force the name of a pointer to be a particular +\fItype\fR\&. This can be used in conjunction with talloc_get_type() to do type checking on void* pointers\&. +.PP +It is equivalent to this: +.sp +.if n \{\ +.RS 4 +.\} +.nf +talloc_set_name_const(ptr, #type) +.fi +.if n \{\ +.RE +.\} +.SS "talloc_set_log_fn(void (*log_fn)(const char *message));" +.PP +This function sets a logging function that talloc will use for warnings and errors\&. By default talloc will not print any warnings or errors\&. +.SS "talloc_set_log_stderr(void);" +.PP +This sets the talloc log function to write log messages to stderr +.SH "PERFORMANCE" +.PP +All the additional features of talloc(3) over malloc(3) do come at a price\&. We have a simple performance test in Samba4 that measures talloc() versus malloc() performance, and it seems that talloc() is about 10% slower than malloc() on my x86 Debian Linux box\&. For Samba, the great reduction in code complexity that we get by using talloc makes this worthwhile, especially as the total overhead of talloc/malloc in Samba is already quite small\&. +.SH "SEE ALSO" +.PP +malloc(3), strndup(3), vasprintf(3), asprintf(3), +\m[blue]\fB\%http://talloc.samba.org/\fR\m[] +.SH "AUTHOR" +.PP +The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&. +.SH "COPYRIGHT/LICENSE" +.PP +Copyright (C) Andrew Tridgell 2004 +.PP +This program is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&. +.PP +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. +.PP +You should have received a copy of the GNU General Public License along with this program; if not, see http://www\&.gnu\&.org/licenses/\&. Index: files/man/tdbbackup.8 =================================================================== --- files/man/tdbbackup.8 +++ files/man/tdbbackup.8 @@ -0,0 +1,129 @@ +'\" t +.\" Title: tdbbackup +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 2015-04-25 +.\" Manual: System Administration tools +.\" Source: Samba 3.6 +.\" Language: English +.\" +.TH "TDBBACKUP" "8" "2015\-04\-25" "Samba 3\&.6" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +tdbbackup \- tool for backing up and for validating the integrity of samba \&.tdb files +.SH "SYNOPSIS" +.HP \w'\fBtdbbackup\fR\ 'u +\fBtdbbackup\fR [\-s\ suffix] [\-v] [\-h] [\-l] +.SH "DESCRIPTION" +.PP +This tool is part of the +\fBsamba\fR(1) +suite\&. +.PP +\fBtdbbackup\fR +is a tool that may be used to backup samba \&.tdb files\&. This tool may also be used to verify the integrity of the \&.tdb files prior to samba startup or during normal operation\&. If it finds file damage and it finds a prior backup the backup file will be restored\&. +.SH "OPTIONS" +.PP +\-h +.RS 4 +Get help information\&. +.RE +.PP +\-s suffix +.RS 4 +The +\fB\-s\fR +option allows the administrator to specify a file backup extension\&. This way it is possible to keep a history of tdb backup files by using a new suffix for each backup\&. +.RE +.PP +\-v +.RS 4 +The +\fB\-v\fR +will check the database for damages (corrupt data) which if detected causes the backup to be restored\&. +.RE +.PP +\-l +.RS 4 +This options disables any locking, by passing TDB_NOLOCK to tdb_open_ex()\&. Only use this for database files which are not used by any other process! And also only if it is otherwise not possible to open the database, e\&.g\&. databases which were created with mutex locking\&. +.RE +.SH "COMMANDS" +.PP +\fIGENERAL INFORMATION\fR +.PP +The +\fBtdbbackup\fR +utility can safely be run at any time\&. It was designed so that it can be used at any time to validate the integrity of tdb files, even during Samba operation\&. Typical usage for the command will be: +.PP +tdbbackup [\-s suffix] *\&.tdb +.PP +Before restarting samba the following command may be run to validate \&.tdb files: +.PP +tdbbackup \-v [\-s suffix] *\&.tdb +.PP +Samba \&.tdb files are stored in various locations, be sure to run backup all \&.tdb file on the system\&. Important files includes: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} + +\fBsecrets\&.tdb\fR +\- usual location is in the /usr/local/samba/private directory, or on some systems in /etc/samba\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} + +\fBpassdb\&.tdb\fR +\- usual location is in the /usr/local/samba/private directory, or on some systems in /etc/samba\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} + +\fB*\&.tdb\fR +located in the /usr/local/samba/var directory or on some systems in the /var/cache or /var/lib/samba directories\&. +.RE +.SH "VERSION" +.PP +This man page is correct for version 3 of the Samba suite\&. +.SH "AUTHOR" +.PP +The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&. +.PP +The tdbbackup man page was written by John H Terpstra\&. Index: files/man/tdbdump.8 =================================================================== --- files/man/tdbdump.8 +++ files/man/tdbdump.8 @@ -0,0 +1,72 @@ +'\" t +.\" Title: tdbdump +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 2015-04-25 +.\" Manual: System Administration tools +.\" Source: Samba 3.6 +.\" Language: English +.\" +.TH "TDBDUMP" "8" "2015\-04\-25" "Samba 3\&.6" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +tdbdump \- tool for printing the contents of a TDB file +.SH "SYNOPSIS" +.HP \w'\fBtdbdump\fR\ 'u +\fBtdbdump\fR [\-k\ \fIkeyname\fR] [\-e] [\-h] {filename} +.SH "DESCRIPTION" +.PP +This tool is part of the +\fBsamba\fR(1) +suite\&. +.PP +\fBtdbdump\fR +is a very simple utility that \*(Aqdumps\*(Aq the contents of a TDB (Trivial DataBase) file to standard output in a human\-readable format\&. +.PP +This tool can be used when debugging problems with TDB files\&. It is intended for those who are somewhat familiar with Samba internals\&. +.SH "OPTIONS" +.PP +\-h +.RS 4 +Get help information\&. +.RE +.PP +\-k \fIkeyname\fR +.RS 4 +The +\fB\-k\fR +option restricts dumping to a single key, if found\&. +.RE +.PP +\-e +.RS 4 +The +\fB\-e\fR +tries to dump out from a corrupt database\&. Naturally, such a dump is unreliable, at best\&. +.RE +.SH "VERSION" +.PP +This man page is correct for version 3 of the Samba suite\&. +.SH "AUTHOR" +.PP +The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&. +.PP +The tdbdump man page was written by Jelmer Vernooij\&. Index: files/man/tdbrestore.8 =================================================================== --- files/man/tdbrestore.8 +++ files/man/tdbrestore.8 @@ -0,0 +1,54 @@ +'\" t +.\" Title: tdbrestore +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 2015-04-25 +.\" Manual: System Administration tools +.\" Source: Samba 3.6 +.\" Language: English +.\" +.TH "TDBRESTORE" "8" "2015\-04\-25" "Samba 3\&.6" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +tdbrestore \- tool for creating a TDB file out of a tdbdump output +.SH "SYNOPSIS" +.HP \w'\fBtdbrestore\fR\ 'u +\fBtdbrestore\fR {tdbfilename} +.SH "DESCRIPTION" +.PP +This tool is part of the +\fBsamba\fR(1) +suite\&. +.PP +\fBtdbrestore\fR +is a very simple utility that \*(Aqrestores\*(Aq the contents of dump file into TDB (Trivial DataBase) file\&. The dump file is obtained from the tdbdump command\&. +.PP +This tool wait on the standard input for the content of the dump and will write the tdb in the tdbfilename parameter\&. +.PP +This tool can be used for unpacking the content of tdb as backup mean\&. +.SH "VERSION" +.PP +This man page is correct for version 3 of the Samba suite\&. +.SH "AUTHOR" +.PP +The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&. This tool was initially written by Volker Lendecke based on an idea by Simon McVittie\&. +.PP +The tdbrestore man page was written by Matthieu Patou\&. Index: files/man/tdbtool.8 =================================================================== --- files/man/tdbtool.8 +++ files/man/tdbtool.8 @@ -0,0 +1,170 @@ +'\" t +.\" Title: tdbtool +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.76.1 +.\" Date: 2015-04-25 +.\" Manual: System Administration tools +.\" Source: Samba 4.0 +.\" Language: English +.\" +.TH "TDBTOOL" "8" "2015\-04\-25" "Samba 4\&.0" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +tdbtool \- manipulate the contents TDB files +.SH "SYNOPSIS" +.HP \w'\fBtdbtool\fR\ 'u +\fBtdbtool\fR +.HP \w'\fBtdbtool\fR\ 'u +\fBtdbtool\fR [\-l] \fITDBFILE\fR [\fICOMMANDS\fR...] +.SH "DESCRIPTION" +.PP +This tool is part of the +\fBsamba\fR(1) +suite\&. +.PP +\fBtdbtool\fR +a tool for displaying and altering the contents of Samba TDB (Trivial DataBase) files\&. Each of the commands listed below can be entered interactively or provided on the command line\&. +.SH "OPTIONS" +.PP +\-l +.RS 4 +This options disables any locking, by passing TDB_NOLOCK to tdb_open_ex()\&. Only use this for database files which are not used by any other process! And also only if it is otherwise not possible to open the database, e\&.g\&. databases which were created with mutex locking\&. +.RE +.SH "COMMANDS" +.PP +\fBcreate\fR \fITDBFILE\fR +.RS 4 +Create a new database named +\fITDBFILE\fR\&. +.RE +.PP +\fBopen\fR \fITDBFILE\fR +.RS 4 +Open an existing database named +\fITDBFILE\fR\&. +.RE +.PP +\fBerase\fR +.RS 4 +Erase the current database\&. +.RE +.PP +\fBdump\fR +.RS 4 +Dump the current database as strings\&. +.RE +.PP +\fBcdump\fR +.RS 4 +Dump the current database as connection records\&. +.RE +.PP +\fBkeys\fR +.RS 4 +Dump the current database keys as strings\&. +.RE +.PP +\fBhexkeys\fR +.RS 4 +Dump the current database keys as hex values\&. +.RE +.PP +\fBinfo\fR +.RS 4 +Print summary information about the current database\&. +.RE +.PP +\fBinsert\fR \fIKEY\fR \fIDATA\fR +.RS 4 +Insert a record into the current database\&. +.RE +.PP +\fBmove\fR \fIKEY\fR \fITDBFILE\fR +.RS 4 +Move a record from the current database into +\fITDBFILE\fR\&. +.RE +.PP +\fBstore\fR \fIKEY\fR \fIDATA\fR +.RS 4 +Store (replace) a record in the current database\&. +.RE +.PP +\fBshow\fR \fIKEY\fR +.RS 4 +Show a record by key\&. +.RE +.PP +\fBdelete\fR \fIKEY\fR +.RS 4 +Delete a record by key\&. +.RE +.PP +\fBlist\fR +.RS 4 +Print the current database hash table and free list\&. +.RE +.PP +\fBfree\fR +.RS 4 +Print the current database and free list\&. +.RE +.PP +\fB!\fR \fICOMMAND\fR +.RS 4 +Execute the given system command\&. +.RE +.PP +\fBfirst\fR +.RS 4 +Print the first record in the current database\&. +.RE +.PP +\fBnext\fR +.RS 4 +Print the next record in the current database\&. +.RE +.PP +\fBcheck\fR +.RS 4 +Check the integrity of the current database\&. +.RE +.PP +\fBrepack\fR +.RS 4 +Repack a database using a temporary file to remove fragmentation\&. +.RE +.PP +\fBquit\fR +.RS 4 +Exit +\fBtdbtool\fR\&. +.RE +.SH "CAVEATS" +.PP +The contents of the Samba TDB files are private to the implementation and should not be altered with +\fBtdbtool\fR\&. +.SH "VERSION" +.PP +This man page is correct for version 3\&.6 of the Samba suite\&. +.SH "AUTHOR" +.PP +The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&. Index: files/man/vfs_freebsd.8 =================================================================== --- files/man/vfs_freebsd.8 +++ files/man/vfs_freebsd.8 @@ -0,0 +1,204 @@ +'\" t +.\" Title: vfs_freebsd +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 06/24/2019 +.\" Manual: System Administration tools +.\" Source: Samba 4.10.5 +.\" Language: English +.\" +.TH "VFS_FREEBSD" "8" "06/24/2019" "Samba 4\&.10\&.5" "System Administration tools" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +vfs_freebsd \- FreeBSD\-specific VFS functions +.SH "SYNOPSIS" +.HP \w'\ 'u +vfs objects = freebsd +.SH "DESCRIPTION" +.PP +This VFS module is part of the +\fBsamba\fR(7) +suite\&. +.PP +The +vfs_freebsd +module implements some of the FreeBSD\-specific VFS functions\&. +.PP +This module is stackable\&. +.SH "OPTIONS" +.PP +freebsd:extattr mode=[legacy|compat|secure] +.RS 4 +This parameter defines how the emulation of the Linux attr(5) extended attributes is performed through the FreeBSD native extattr(9) system calls\&. +.sp +Currently the +\fIsecurity\fR, +\fIsystem\fR, +\fItrusted\fR +and +\fIuser\fR +extended attribute(xattr) classes are defined in Linux\&. Contrary FreeBSD has only +\fIUSER\fR +and +\fISYSTEM\fR +extended attribute(extattr) namespaces, so mapping of one set into another isn\*(Aqt straightforward and can be done in different ways\&. +.sp +Historically the Samba(7) built\-in xattr mapping implementation simply converted +\fIsystem\fR +and +\fIuser\fR +xattr into corresponding +\fISYSTEM\fR +and +\fIUSER\fR +extattr namespaces, dropping the class prefix name with the separating dot and using attribute name only within the mapped namespace\&. It also rejected any other xattr classes, like +\fIsecurity\fR +and +\fItrusted\fR +as invalid\&. Such behavior in particular broke AD provisioning on UFS2 file systems as essential +\fIsecurity\&.NTACL\fR +xattr was rejected as invalid\&. +.sp +This module tries to address this problem and provide secure, where it\*(Aqs possible, way to map Linux xattr into FreeBSD\*(Aqs extattr\&. +.sp +When +\fImode\fR +is set to the +\fIlegacy (default)\fR +then modified version of built\-in mapping is used, where +\fIsystem\fR +xattr is mapped into SYSTEM namespace, while +\fIsecure\fR, +\fItrusted\fR +and +\fIuser\fR +xattr are all mapped into the USER namespace, dropping class prefixes and mix them all together\&. This is the way how Samba FreeBSD ports were patched up to the 4\&.9 version and that created multiple potential security issues\&. This mode is aimed for the compatibility with the legacy installations only and should be avoided in new setups\&. +.sp +The +\fIcompat\fR +mode is mostly designed for the jailed environments, where it\*(Aqs not possible to write extattrs into the secure SYSTEM namespace, so all four classes are mapped into the USER namespace\&. To preserve information about origin of the extended attribute it is stored together with the class preffix in the +\fIclass\&.attribute\fR +format\&. +.sp +The +\fIsecure\fR +mode is meant for storing extended attributes in a secure manner, so that +\fIsecurity\fR, +\fIsystem\fR +and +\fItrusted\fR +are stored in the SYSTEM namespace, which can be modified only by root\&. +.RE +.SH "" +.sp +.it 1 an-trap +.nr an-no-space-flag 1 +.nr an-break-flag 1 +.br +.B Table\ \&1.\ \&Attributes mapping +.TS +allbox tab(:); +lB lB lB lB lB. +T{ + +T}:T{ +built\-in +T}:T{ +legacy +T}:T{ +compat/jail +T}:T{ +secure +T} +.T& +lB l l l l +lB l l l l +lB l l l l +lB l l l l. +T{ +user +T}:T{ +USER; attribute +T}:T{ +USER; attribute +T}:T{ +USER; user\&.attribute +T}:T{ +USER; user\&.attribute +T} +T{ +system +T}:T{ +SYSTEM; attribute +T}:T{ +SYSTEM; attribute +T}:T{ +USER; system\&.attribute +T}:T{ +SYSTEM; system\&.attribute +T} +T{ +trusted +T}:T{ +FAIL +T}:T{ +USER; attribute +T}:T{ +USER; trusted\&.attribute +T}:T{ +SYSTEM; trusted\&.attribute +T} +T{ +security +T}:T{ +FAIL +T}:T{ +USER; attribute +T}:T{ +USER; security\&.attribute +T}:T{ +SYSTEM; security\&.attribute +T} +.TE +.sp 1 +.SH "EXAMPLES" +.PP +Use secure method of setting extended attributes on the share: +.sp +.if n \{\ +.RS 4 +.\} +.nf + \fI[sysvol]\fR + \m[blue]\fBvfs objects = freebsd\fR\m[] + \m[blue]\fBfreebsd:extattr mode = secure\fR\m[] +.fi +.if n \{\ +.RE +.\} +.SH "VERSION" +.PP +This man page is part of version 4\&.10\&.5 of the Samba suite\&. +.SH "AUTHOR" +.PP +The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&. +.PP +This module was written by Timur I\&. Bakeyev Index: files/patch-bind =================================================================== --- files/patch-bind +++ files/patch-bind @@ -0,0 +1,215 @@ +--- python/samba/provision/sambadns.py.orig 2020-03-26 08:58:46 UTC ++++ python/samba/provision/sambadns.py +@@ -27,6 +27,7 @@ import time + import ldb + from base64 import b64encode + import subprocess ++import re + import samba + from samba.tdb_util import tdb_copy + from samba.mdb_util import mdb_copy +@@ -965,34 +966,35 @@ def create_named_conf(paths, realm, dnsdomain, dns_bac + stderr=subprocess.STDOUT, + cwd='.').communicate()[0] + bind_info = get_string(bind_info) +- bind9_8 = '#' +- bind9_9 = '#' +- bind9_10 = '#' +- bind9_11 = '#' +- bind9_12 = '#' +- if bind_info.upper().find('BIND 9.8') != -1: +- bind9_8 = '' +- elif bind_info.upper().find('BIND 9.9') != -1: +- bind9_9 = '' +- elif bind_info.upper().find('BIND 9.10') != -1: +- bind9_10 = '' +- elif bind_info.upper().find('BIND 9.11') != -1: +- bind9_11 = '' +- elif bind_info.upper().find('BIND 9.12') != -1: +- bind9_12 = '' +- elif bind_info.upper().find('BIND 9.7') != -1: +- raise ProvisioningError("DLZ option incompatible with BIND 9.7.") ++ bind9_release = re.search('BIND (9)\.(\d+)\.', bind_info, re.I) ++ if bind9_release: ++ bind9_disabled = '' ++ bind9_version = bind9_release.group(0) + "x" ++ bind9_version_major = int(bind9_release.group(1)) ++ bind9_version_minor = int(bind9_release.group(2)) ++ if bind9_version_minor == 7: ++ raise ProvisioningError("DLZ option incompatible with BIND 9.7.") ++ elif bind9_version_minor == 8: ++ bind9_dlz_version = "9" ++ else: ++ bind9_dlz_version = "%d_%d" % (bind9_version_major, bind9_version_minor) + else: ++ bind9_disabled = '# ' ++ bind9_version = "BIND z.y.x" ++ bind9_dlz_version = "z_y" + logger.warning("BIND version unknown, please modify %s manually." % paths.namedconf) ++ ++ bind9_dlz = ( ++ ' # For %s\n' ++ ' %sdatabase "dlopen %s/bind9/dlz_bind%s.so";' ++ ) % ( ++ bind9_version, bind9_disabled, samba.param.modules_dir(), bind9_dlz_version ++ ) ++ + setup_file(setup_path("named.conf.dlz"), paths.namedconf, { + "NAMED_CONF": paths.namedconf, + "MODULESDIR": samba.param.modules_dir(), +- "BIND9_8": bind9_8, +- "BIND9_9": bind9_9, +- "BIND9_10": bind9_10, +- "BIND9_11": bind9_11, +- "BIND9_12": bind9_12 +- ++ "BIND9_DLZ": bind9_dlz + }) + + +--- source4/dns_server/dlz_minimal.h.orig 2019-12-06 10:10:30 UTC ++++ source4/dns_server/dlz_minimal.h +@@ -23,22 +23,23 @@ + #ifndef DLZ_MINIMAL_H + #define DLZ_MINIMAL_H 1 + +-#if defined (BIND_VERSION_9_8) +-# define DLZ_DLOPEN_VERSION 1 +-#elif defined (BIND_VERSION_9_9) +-# define DLZ_DLOPEN_VERSION 2 +-# define DNS_CLIENTINFO_VERSION 1 +-#elif defined (BIND_VERSION_9_10) +-# define DLZ_DLOPEN_VERSION 3 +-# define DNS_CLIENTINFO_VERSION 1 +-#elif defined (BIND_VERSION_9_11) +-# define DLZ_DLOPEN_VERSION 3 +-# define DNS_CLIENTINFO_VERSION 2 +-#elif defined (BIND_VERSION_9_12) +-# define DLZ_DLOPEN_VERSION 3 +-# define DNS_CLIENTINFO_VERSION 2 ++#if defined (BIND_VERSION) ++# if BIND_VERSION == 908 ++# define DLZ_DLOPEN_VERSION 1 ++# elif BIND_VERSION == 909 ++# define DLZ_DLOPEN_VERSION 2 ++# define DNS_CLIENTINFO_VERSION 1 ++# elif BIND_VERSION == 910 ++# define DLZ_DLOPEN_VERSION 3 ++# define DNS_CLIENTINFO_VERSION 1 ++# elif BIND_VERSION >= 911 ++# define DLZ_DLOPEN_VERSION 3 ++# define DNS_CLIENTINFO_VERSION 2 ++# else ++# error Unsupported BIND version ++# endif + #else +-# error Unsupported BIND version ++# error BIND_VERSION undefined + #endif + + #if DLZ_DLOPEN_VERSION > 1 +--- source4/dns_server/wscript_build.orig 2019-12-06 10:11:08 UTC ++++ source4/dns_server/wscript_build +@@ -20,7 +20,7 @@ bld.SAMBA_MODULE('service_dns', + # a bind9 dlz module giving access to the Samba DNS SAM + bld.SAMBA_LIBRARY('dlz_bind9', + source='dlz_bind9.c', +- cflags='-DBIND_VERSION_9_8', ++ cflags='-DBIND_VERSION=908', + private_library=True, + link_name='modules/bind9/dlz_bind9.so', + realname='dlz_bind9.so', +@@ -28,49 +28,21 @@ bld.SAMBA_LIBRARY('dlz_bind9', + deps='samba-hostconfig samdb-common gensec popt dnsserver_common', + enabled=bld.AD_DC_BUILD_IS_ENABLED()) + +-bld.SAMBA_LIBRARY('dlz_bind9_9', ++for bind_version in (909, 910, 911, 912, 913, 914, 916): ++ string_version='%d_%d' % (bind_version//100, bind_version % 100) ++ bld.SAMBA_LIBRARY('dlz_bind%s' % (string_version), + source='dlz_bind9.c', +- cflags='-DBIND_VERSION_9_9', ++ cflags='-DBIND_VERSION=%d' % bind_version, + private_library=True, +- link_name='modules/bind9/dlz_bind9_9.so', +- realname='dlz_bind9_9.so', ++ link_name='modules/bind9/dlz_bind%s.so' % (string_version), ++ realname='dlz_bind%s.so' % (string_version), + install_path='${MODULESDIR}/bind9', + deps='samba-hostconfig samdb-common gensec popt dnsserver_common', + enabled=bld.AD_DC_BUILD_IS_ENABLED()) + +-bld.SAMBA_LIBRARY('dlz_bind9_10', +- source='dlz_bind9.c', +- cflags='-DBIND_VERSION_9_10', +- private_library=True, +- link_name='modules/bind9/dlz_bind9_10.so', +- realname='dlz_bind9_10.so', +- install_path='${MODULESDIR}/bind9', +- deps='samba-hostconfig samdb-common gensec popt dnsserver_common', +- enabled=bld.AD_DC_BUILD_IS_ENABLED()) +- +-bld.SAMBA_LIBRARY('dlz_bind9_11', +- source='dlz_bind9.c', +- cflags='-DBIND_VERSION_9_11', +- private_library=True, +- link_name='modules/bind9/dlz_bind9_11.so', +- realname='dlz_bind9_11.so', +- install_path='${MODULESDIR}/bind9', +- deps='samba-hostconfig samdb-common gensec popt dnsserver_common', +- enabled=bld.AD_DC_BUILD_IS_ENABLED()) +- +-bld.SAMBA_LIBRARY('dlz_bind9_12', +- source='dlz_bind9.c', +- cflags='-DBIND_VERSION_9_12', +- private_library=True, +- link_name='modules/bind9/dlz_bind9_12.so', +- realname='dlz_bind9_12.so', +- install_path='${MODULESDIR}/bind9', +- deps='samba-hostconfig samdb-common gensec popt dnsserver_common', +- enabled=bld.AD_DC_BUILD_IS_ENABLED()) +- + bld.SAMBA_LIBRARY('dlz_bind9_for_torture', + source='dlz_bind9.c', +- cflags='-DBIND_VERSION_9_8', ++ cflags='-DBIND_VERSION=908', + private_library=True, + deps='samba-hostconfig samdb-common gensec popt dnsserver_common', + enabled=bld.AD_DC_BUILD_IS_ENABLED()) +--- source4/setup/named.conf.dlz.orig 2019-12-06 10:10:31 UTC ++++ source4/setup/named.conf.dlz +@@ -7,22 +7,10 @@ + + # + # This configures dynamically loadable zones (DLZ) from AD schema +-# Uncomment only single database line, depending on your BIND version + # + dlz "AD DNS Zone" { +- # For BIND 9.8.x +- ${BIND9_8} database "dlopen ${MODULESDIR}/bind9/dlz_bind9.so"; + +- # For BIND 9.9.x +- ${BIND9_9} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_9.so"; ++${BIND9_DLZ} + +- # For BIND 9.10.x +- ${BIND9_10} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_10.so"; +- +- # For BIND 9.11.x +- ${BIND9_11} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_11.so"; +- +- # For BIND 9.12.x +- ${BIND9_12} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_12.so"; + }; + +--- source4/torture/dns/wscript_build.orig 2020-04-11 03:26:46 UTC ++++ source4/torture/dns/wscript_build +@@ -5,7 +5,7 @@ if bld.AD_DC_BUILD_IS_ENABLED(): + source='dlz_bind9.c', + subsystem='smbtorture', + init_function='torture_bind_dns_init', +- cflags='-DBIND_VERSION_9_8', ++ cflags='-DBIND_VERSION=908', + deps='torture talloc torturemain dlz_bind9_for_torture', + internal_module=True + ) Index: files/patch-buildtools_scripts_abi__gen.sh =================================================================== --- files/patch-buildtools_scripts_abi__gen.sh +++ files/patch-buildtools_scripts_abi__gen.sh @@ -0,0 +1,21 @@ +--- buildtools/scripts/abi_gen.sh.orig 2019-01-15 10:07:00 UTC ++++ buildtools/scripts/abi_gen.sh +@@ -9,13 +9,14 @@ GDBSCRIPT="gdb_syms.$$" + cat < $GDBSCRIPT + + # forcing the terminal avoids a problem on Fedora12 +-TERM=none gdb -batch -x $GDBSCRIPT "$SHAREDLIB" < /dev/null ++TERM=none %%GDB_CMD%% -batch -x $GDBSCRIPT "$SHAREDLIB" < /dev/null | sed -e 's/:type =/:/g' + rm -f $GDBSCRIPT Index: files/patch-buildtools_wafsamba_samba__autoconf.py =================================================================== --- files/patch-buildtools_wafsamba_samba__autoconf.py +++ files/patch-buildtools_wafsamba_samba__autoconf.py @@ -0,0 +1,35 @@ +--- buildtools/wafsamba/samba_autoconf.py.orig 2019-08-20 15:35:08 UTC ++++ buildtools/wafsamba/samba_autoconf.py +@@ -573,7 +573,7 @@ def library_flags(self, libs): + + + @conf +-def CHECK_LIB(conf, libs, mandatory=False, empty_decl=True, set_target=True, shlib=False): ++def CHECK_LIB(conf, libs, mandatory=False, empty_decl=True, set_target=True, shlib=False, msg=None): + '''check if a set of libraries exist as system libraries + + returns the sublist of libs that do exist as a syslib or [] +@@ -593,11 +593,14 @@ int foo() + ret.append(lib) + continue + ++ if msg is None: ++ msg = 'Checking for library %s' % lib ++ + (ccflags, ldflags, cpppath) = library_flags(conf, lib) + if shlib: +- res = conf.check(features='c cshlib', fragment=fragment, lib=lib, uselib_store=lib, cflags=ccflags, ldflags=ldflags, uselib=lib.upper(), mandatory=False) ++ res = conf.check(features='c cshlib', fragment=fragment, lib=lib, uselib_store=lib, cflags=ccflags, ldflags=ldflags, uselib=lib.upper(), mandatory=False, msg=msg) + else: +- res = conf.check(lib=lib, uselib_store=lib, cflags=ccflags, ldflags=ldflags, uselib=lib.upper(), mandatory=False) ++ res = conf.check(lib=lib, uselib_store=lib, cflags=ccflags, ldflags=ldflags, uselib=lib.upper(), mandatory=False, msg=msg) + + if not res: + if mandatory: +@@ -949,5 +952,5 @@ def SAMBA_CHECK_UNDEFINED_SYMBOL_FLAGS(c + conf.env.undefined_ldflags = conf.ADD_LDFLAGS('-Wl,-no-undefined', testflags=True) + + if (conf.env.undefined_ignore_ldflags == [] and +- conf.CHECK_LDFLAGS(['-undefined', 'dynamic_lookup'])): ++ conf.CHECK_LDFLAGS(['-undefined', 'dynamic_lookup'] + conf.env.WERROR_CFLAGS)): + conf.env.undefined_ignore_ldflags = ['-undefined', 'dynamic_lookup'] Index: files/patch-buildtools_wafsamba_samba__install.py =================================================================== --- files/patch-buildtools_wafsamba_samba__install.py +++ files/patch-buildtools_wafsamba_samba__install.py @@ -0,0 +1,11 @@ +--- buildtools/wafsamba/samba_install.py.orig 2019-01-15 10:07:00 UTC ++++ buildtools/wafsamba/samba_install.py +@@ -118,7 +118,7 @@ def install_library(self): + inst_name = bld.make_libname(t.target) + elif self.vnum: + vnum_base = self.vnum.split('.')[0] +- install_name = bld.make_libname(target_name, version=self.vnum) ++ install_name = bld.make_libname(target_name, version=vnum_base) + install_link = bld.make_libname(target_name, version=vnum_base) + inst_name = bld.make_libname(t.target) + if not self.private_library: Index: files/patch-buildtools_wafsamba_wafsamba.py =================================================================== --- files/patch-buildtools_wafsamba_wafsamba.py +++ files/patch-buildtools_wafsamba_wafsamba.py @@ -0,0 +1,11 @@ +--- ./buildtools/wafsamba/wafsamba.py.orig 2015-07-21 09:47:48 UTC ++++ ./buildtools/wafsamba/wafsamba.py +@@ -919,7 +919,7 @@ def SAMBAMANPAGES(bld, manpages, extra_s + bld.env.SAMBA_EXPAND_XSL = bld.srcnode.abspath() + '/docs-xml/xslt/expand-sambadoc.xsl' + bld.env.SAMBA_MAN_XSL = bld.srcnode.abspath() + '/docs-xml/xslt/man.xsl' + bld.env.SAMBA_CATALOG = bld.bldnode.abspath() + '/docs-xml/build/catalog.xml' +- bld.env.SAMBA_CATALOGS = 'file:///etc/xml/catalog file:///usr/local/share/xml/catalog file://' + bld.env.SAMBA_CATALOG ++ bld.env.SAMBA_CATALOGS = 'file:///etc/xml/catalog file://%%LOCALBASE%%/share/xml/catalog file://' + bld.env.SAMBA_CATALOG + + for m in manpages.split(): + source = m + '.xml' Index: files/patch-buildtools_wafsamba_wscript =================================================================== --- files/patch-buildtools_wafsamba_wscript +++ files/patch-buildtools_wafsamba_wscript @@ -0,0 +1,22 @@ +--- buildtools/wafsamba/wscript.orig 2019-01-15 10:07:00 UTC ++++ buildtools/wafsamba/wscript +@@ -80,12 +80,17 @@ def options(opt): + help=("private library directory [PREFIX/lib/%s]" % Context.g_module.APPNAME), + action="store", dest='PRIVATELIBDIR', default=None) + ++ opt.add_option('--with-openldap', ++ help='additional directory to search for OpenLDAP libs', ++ action='store', dest='ldap_open', default=None, ++ match = ['Checking for library lber', 'Checking for library ldap']) ++ + opt.add_option('--with-libiconv', + help='additional directory to search for libiconv', +- action='store', dest='iconv_open', default='/usr/local', ++ action='store', dest='iconv_open', default=None, + match = ['Checking for library iconv', 'Checking for iconv_open', 'Checking for header iconv.h']) + opt.add_option('--without-gettext', +- help=("Disable use of gettext"), ++ help=("disable use of gettext"), + action="store_true", dest='disable_gettext', default=False) + + gr = opt.option_group('developer options') Index: files/patch-ctdb_wscript =================================================================== --- files/patch-ctdb_wscript +++ files/patch-ctdb_wscript @@ -0,0 +1,39 @@ +--- ctdb/wscript.orig 2019-05-22 10:16:26 UTC ++++ ctdb/wscript +@@ -104,6 +104,9 @@ def options(opt): + opt.add_option('--enable-ceph-reclock', + help=("Enable Ceph CTDB recovery lock helper (default=no)"), + action="store_true", dest='ctdb_ceph_reclock', default=False) ++ opt.add_option('--disable-ctdb-tests', ++ help=("Disable CTDB tests (default=no)"), ++ action="store_true", dest='ctdb_no_tests', default=False) + + opt.add_option('--with-logdir', + help=("Path to log directory"), +@@ -303,8 +306,14 @@ def configure(conf): + conf.env.CTDB_VARDIR, + conf.env.CTDB_RUNDIR)) + +- conf.env.CTDB_TEST_DATADIR = os.path.join(conf.env.CTDB_DATADIR, 'tests') +- conf.env.CTDB_TEST_LIBEXECDIR = os.path.join(conf.env.LIBEXECDIR, 'ctdb/tests') ++ if Options.options.ctdb_no_tests: ++ conf.env.ctdb_tests = False ++ else: ++ conf.env.ctdb_tests = True ++ ++ if conf.env.ctdb_tests: ++ conf.env.CTDB_TEST_DATADIR = os.path.join(conf.env.CTDB_DATADIR, 'tests') ++ conf.env.CTDB_TEST_LIBEXECDIR = os.path.join(conf.env.LIBEXECDIR, 'ctdb/tests') + + # Allow unified compilation and separate compilation of utilities + # to find includes +@@ -864,6 +873,9 @@ def build(bld): + for d in ['volatile', 'persistent', 'state']: + bld.INSTALL_DIR(os.path.join(bld.env.CTDB_VARDIR, d)) + ++ if not bld.env.ctdb_tests: ++ return ++ + bld.SAMBA_BINARY('errcode', + source='tests/src/errcode.c', + deps='replace', Index: files/patch-dwrap =================================================================== --- files/patch-dwrap +++ files/patch-dwrap @@ -0,0 +1,96 @@ +--- lib/dbwrap/dbwrap.c.orig 2019-01-15 10:07:00 UTC ++++ lib/dbwrap/dbwrap.c +@@ -28,6 +28,9 @@ + #include "lib/util/util_tdb.h" + #include "lib/util/tevent_ntstatus.h" + ++#undef DBGC_CLASS ++#define DBGC_CLASS DBGC_LOCKING ++ + /* + * Fall back using fetch if no genuine exists operation is provided + */ +--- lib/dbwrap/dbwrap_local_open.c.orig 2019-01-15 10:07:00 UTC ++++ lib/dbwrap/dbwrap_local_open.c +@@ -23,6 +23,9 @@ + #include "dbwrap/dbwrap_tdb.h" + #include "tdb.h" + ++#undef DBGC_CLASS ++#define DBGC_CLASS DBGC_LOCKING ++ + struct db_context *dbwrap_local_open(TALLOC_CTX *mem_ctx, + const char *name, + int hash_size, int tdb_flags, +--- lib/dbwrap/dbwrap_rbt.c.orig 2019-01-15 10:07:00 UTC ++++ lib/dbwrap/dbwrap_rbt.c +@@ -24,6 +24,9 @@ + #include "../lib/util/rbtree.h" + #include "../lib/util/dlinklist.h" + ++#undef DBGC_CLASS ++#define DBGC_CLASS DBGC_LOCKING ++ + #define DBWRAP_RBT_ALIGN(_size_) (((_size_)+15)&~15) + + struct db_rbt_ctx { +--- lib/dbwrap/dbwrap_tdb.c.orig 2019-01-15 10:07:00 UTC ++++ lib/dbwrap/dbwrap_tdb.c +@@ -27,6 +27,9 @@ + #include "lib/param/param.h" + #include "libcli/util/error.h" + ++#undef DBGC_CLASS ++#define DBGC_CLASS DBGC_LOCKING ++ + struct db_tdb_ctx { + struct tdb_wrap *wtdb; + +--- lib/dbwrap/dbwrap_util.c.orig 2019-01-15 10:07:00 UTC ++++ lib/dbwrap/dbwrap_util.c +@@ -26,6 +26,9 @@ + #include "dbwrap.h" + #include "lib/util/util_tdb.h" + ++#undef DBGC_CLASS ++#define DBGC_CLASS DBGC_LOCKING ++ + struct dbwrap_fetch_int32_state { + NTSTATUS status; + int32_t result; +--- source3/lib/dbwrap/dbwrap_ctdb.c.orig 2019-01-15 10:07:00 UTC ++++ source3/lib/dbwrap/dbwrap_ctdb.c +@@ -38,6 +38,9 @@ + #include "lib/cluster_support.h" + #include "lib/util/tevent_ntstatus.h" + ++#undef DBGC_CLASS ++#define DBGC_CLASS DBGC_LOCKING ++ + struct db_ctdb_transaction_handle { + struct db_ctdb_ctx *ctx; + /* +--- source3/lib/dbwrap/dbwrap_open.c.orig 2019-01-15 10:07:00 UTC ++++ source3/lib/dbwrap/dbwrap_open.c +@@ -31,6 +31,9 @@ + #include "ctdbd_conn.h" + #include "messages.h" + ++#undef DBGC_CLASS ++#define DBGC_CLASS DBGC_LOCKING ++ + bool db_is_local(const char *name) + { + const char *sockname = lp_ctdbd_socket(); +--- source3/lib/dbwrap/dbwrap_watch.c.orig 2019-01-15 10:07:00 UTC ++++ source3/lib/dbwrap/dbwrap_watch.c +@@ -28,6 +28,9 @@ + #include "server_id_watch.h" + #include "lib/dbwrap/dbwrap_private.h" + ++#undef DBGC_CLASS ++#define DBGC_CLASS DBGC_LOCKING ++ + struct dbwrap_watcher { + /* + * Process watching this record Index: files/patch-dynconfig_wscript =================================================================== --- files/patch-dynconfig_wscript +++ files/patch-dynconfig_wscript @@ -0,0 +1,32 @@ +--- dynconfig/wscript.orig 2019-01-15 10:07:00 UTC ++++ dynconfig/wscript +@@ -141,6 +141,8 @@ dynconfig = { + 'PKGCONFIGDIR' : { + 'STD-PATH': '${LIBDIR}/pkgconfig', + 'FHS-PATH': '${LIBDIR}/pkgconfig', ++ 'OPTION': '--with-pkgconfigdir', ++ 'HELPTEXT': 'Where to put .pc files', + }, + 'CODEPAGEDIR' : { + 'STD-PATH': '${DATADIR}/codepages', +@@ -247,8 +249,8 @@ dynconfig = { + 'DELAY': True, + }, + 'CONFIGFILE' : { +- 'STD-PATH': '${CONFIGDIR}/smb.conf', +- 'FHS-PATH': '${CONFIGDIR}/smb.conf', ++ 'STD-PATH': '${CONFIGDIR}/%%SAMBA4_CONFIG%%', ++ 'FHS-PATH': '${CONFIGDIR}/%%SAMBA4_CONFIG%%', + 'DELAY': True, + }, + 'LMHOSTSFILE' : { +@@ -307,9 +309,6 @@ def configure(conf): + flavor = 'FHS-PATH' + else: + flavor = 'STD-PATH' +- if conf.env.PREFIX == '/usr' or conf.env.PREFIX == '/usr/local': +- Logs.error("Don't install directly under /usr or /usr/local without using the FHS option (--enable-fhs)") +- raise Errors.WafError("ERROR: invalid --prefix=%s value" % (conf.env.PREFIX)) + + explicit_set ={} + Index: files/patch-examples_pdb_wscript__build =================================================================== --- files/patch-examples_pdb_wscript__build +++ files/patch-examples_pdb_wscript__build @@ -0,0 +1,11 @@ +--- examples/pdb/wscript_build.orig 2019-01-15 10:07:00 UTC ++++ examples/pdb/wscript_build +@@ -3,7 +3,7 @@ + bld.SAMBA3_MODULE('pdb_test', + subsystem='pdb', + source='test.c', +- deps='samba-util', ++ deps='samba-util samba-debug', + init_function='', + internal_module=bld.SAMBA3_IS_STATIC_MODULE('pdb_test'), + enabled=bld.SAMBA3_IS_ENABLED_MODULE('pdb_test')) Index: files/patch-lib_ldb_ldb__key__value_ldb__kv__cache.c =================================================================== --- files/patch-lib_ldb_ldb__key__value_ldb__kv__cache.c +++ files/patch-lib_ldb_ldb__key__value_ldb__kv__cache.c @@ -0,0 +1,13 @@ +--- lib/ldb/ldb_key_value/ldb_kv_cache.c.orig 2019-01-15 10:07:00 UTC ++++ lib/ldb/ldb_key_value/ldb_kv_cache.c +@@ -90,7 +90,9 @@ static int ldb_schema_attribute_compare( + { + const struct ldb_schema_attribute *sa1 = (const struct ldb_schema_attribute *)p1; + const struct ldb_schema_attribute *sa2 = (const struct ldb_schema_attribute *)p2; +- return ldb_attr_cmp(sa1->name, sa2->name); ++ int res = ldb_attr_cmp(sa1->name, sa2->name); ++ ++ return (res) ? res : (sa1->flags > sa2->flags) ? 1 : (sa1->flags < sa2->flags) ? -1 : 0; + } + + /* Index: files/patch-lib_ldb_ldb__mdb_ldb__mdb.c =================================================================== --- files/patch-lib_ldb_ldb__mdb_ldb__mdb.c +++ files/patch-lib_ldb_ldb__mdb_ldb__mdb.c @@ -0,0 +1,11 @@ +--- lib/ldb/ldb_mdb/ldb_mdb.c.orig 2019-01-15 10:07:00 UTC ++++ lib/ldb/ldb_mdb/ldb_mdb.c +@@ -183,7 +183,7 @@ static int lmdb_store(struct ldb_kv_priv + + if (flags == TDB_INSERT) { + mdb_flags = MDB_NOOVERWRITE; +- } else if ((flags == TDB_MODIFY)) { ++ } else if (flags == TDB_MODIFY) { + /* + * Modifying a record, ensure that it exists. + * This mimics the TDB semantics Index: files/patch-lib_ldb_wscript =================================================================== --- files/patch-lib_ldb_wscript +++ files/patch-lib_ldb_wscript @@ -0,0 +1,61 @@ +--- lib/ldb/wscript.orig 2019-07-08 12:47:51 UTC ++++ lib/ldb/wscript +@@ -207,7 +207,7 @@ def build(bld): + if bld.env.standalone_ldb: + if not 'PACKAGE_VERSION' in bld.env: + bld.env.PACKAGE_VERSION = VERSION +- bld.env.PKGCONFIGDIR = '${LIBDIR}/pkgconfig' ++ bld.env.PKGCONFIGDIR = '%%PKGCONFIGDIR%%' + private_library = False + else: + private_library = True +@@ -284,7 +284,6 @@ def build(bld): + pc_files='ldb.pc', + vnum=VERSION, + private_library=private_library, +- manpages='man/ldb.3', + abi_directory='ABI', + abi_match = abi_match) + +@@ -437,7 +436,7 @@ def build(bld): + + LDB_TOOLS='ldbadd ldbsearch ldbdel ldbmodify ldbedit ldbrename' + for t in LDB_TOOLS.split(): +- bld.SAMBA_BINARY(t, 'tools/%s.c' % t, deps='ldb-cmdline ldb', ++ bld.SAMBA_BINARY('samba-%s' % t, 'tools/%s.c' % t, deps='ldb-cmdline ldb', + manpages='man/%s.1' % t) + + # ldbtest doesn't get installed +@@ -449,10 +448,10 @@ def build(bld): + else: + lmdb_deps = '' + # ldbdump doesn't get installed +- bld.SAMBA_BINARY('ldbdump', ++ bld.SAMBA_BINARY('samba-ldbdump', + 'tools/ldbdump.c', + deps='ldb-cmdline ldb' + lmdb_deps, +- install=False) ++ install=True) + + bld.SAMBA_LIBRARY('ldb-cmdline', + source='tools/ldbutil.c tools/cmdline.c', +@@ -497,11 +496,6 @@ def build(bld): + deps='cmocka ldb', + install=False) + +- bld.SAMBA_BINARY('ldb_match_test', +- source='tests/ldb_match_test.c', +- deps='cmocka ldb', +- install=False) +- + bld.SAMBA_BINARY('ldb_key_value_test', + source='tests/ldb_key_value_test.c', + deps='cmocka ldb ldb_tdb_err_map', +@@ -609,7 +603,6 @@ def test(ctx): + 'ldb_msg_test', + 'ldb_tdb_kv_ops_test', + 'ldb_tdb_test', +- 'ldb_match_test', + 'ldb_key_value_test', + # we currently don't run ldb_key_value_sub_txn_tdb_test as it + # tests the nested/sub transaction handling Index: files/patch-lib_replace_wscript =================================================================== --- files/patch-lib_replace_wscript +++ files/patch-lib_replace_wscript @@ -0,0 +1,11 @@ +--- lib/replace/wscript.orig 2019-01-15 10:07:00 UTC ++++ lib/replace/wscript +@@ -119,7 +119,7 @@ def configure(conf): + conf.CHECK_HEADERS('sys/atomic.h stdatomic.h') + conf.CHECK_HEADERS('libgen.h') + +- if conf.CHECK_CFLAGS('-Wno-format-truncation'): ++ if conf.CHECK_CFLAGS(['-Wno-format-truncation'] + conf.env.WERROR_CFLAGS): + conf.define('HAVE_WNO_FORMAT_TRUNCATION', '1') + + if conf.CHECK_CFLAGS('-Wno-unused-function'): Index: files/patch-lib_talloc_talloc.c =================================================================== --- files/patch-lib_talloc_talloc.c +++ files/patch-lib_talloc_talloc.c @@ -0,0 +1,20 @@ +--- lib/talloc/talloc.c.orig 2019-01-15 10:07:00 UTC ++++ lib/talloc/talloc.c +@@ -391,6 +391,9 @@ void talloc_lib_init(void) __attribute__ + void talloc_lib_init(void) + { + uint32_t random_value; ++#if defined(HAVE_ARC4RANDOM) ++ random_value = arc4random(); ++#else + #if defined(HAVE_GETAUXVAL) && defined(AT_RANDOM) + uint8_t *p; + /* +@@ -424,6 +427,7 @@ void talloc_lib_init(void) + */ + random_value = ((uintptr_t)talloc_lib_init & 0xFFFFFFFF); + } ++#endif /* HAVE_ARC4RANDOM */ + talloc_magic = random_value & ~TALLOC_FLAG_MASK; + } + #else Index: files/patch-lib_talloc_wscript =================================================================== --- files/patch-lib_talloc_wscript +++ files/patch-lib_talloc_wscript @@ -0,0 +1,18 @@ +--- lib/talloc/wscript.orig 2019-05-07 08:38:21 UTC ++++ lib/talloc/wscript +@@ -45,13 +45,14 @@ def configure(conf): + conf.env.TALLOC_COMPAT1 = False + if conf.env.standalone_talloc: + conf.env.TALLOC_COMPAT1 = Options.options.TALLOC_COMPAT1 +- conf.env.PKGCONFIGDIR = '${LIBDIR}/pkgconfig' ++ conf.env.PKGCONFIGDIR = '%%PKGCONFIGDIR%%' + conf.env.TALLOC_VERSION = VERSION + + conf.CHECK_XSLTPROC_MANPAGES() + + conf.CHECK_HEADERS('sys/auxv.h') + conf.CHECK_FUNCS('getauxval') ++ conf.CHECK_FUNCS('arc4random') + + conf.SAMBA_CONFIG_H() + Index: files/patch-lib_tdb_wscript =================================================================== --- files/patch-lib_tdb_wscript +++ files/patch-lib_tdb_wscript @@ -0,0 +1,27 @@ +--- lib/tdb/wscript.orig 2019-07-02 22:39:54 UTC ++++ lib/tdb/wscript +@@ -145,20 +145,20 @@ def build(bld): + 'tdb', + install=False) + +- bld.SAMBA_BINARY('tdbrestore', ++ bld.SAMBA_BINARY('samba-tdbrestore', + 'tools/tdbrestore.c', + 'tdb', manpages='man/tdbrestore.8') + +- bld.SAMBA_BINARY('tdbdump', ++ bld.SAMBA_BINARY('samba-tdbdump', + 'tools/tdbdump.c', + 'tdb', manpages='man/tdbdump.8') + +- bld.SAMBA_BINARY('tdbbackup', ++ bld.SAMBA_BINARY('samba-tdbbackup', + 'tools/tdbbackup.c', + 'tdb', + manpages='man/tdbbackup.8') + +- bld.SAMBA_BINARY('tdbtool', ++ bld.SAMBA_BINARY('samba-tdbtool', + 'tools/tdbtool.c', + 'tdb', manpages='man/tdbtool.8') + Index: files/patch-lib_util_wscript__build =================================================================== --- files/patch-lib_util_wscript__build +++ files/patch-lib_util_wscript__build @@ -0,0 +1,17 @@ +--- lib/util/wscript_build.orig 2019-05-07 08:38:21 UTC ++++ lib/util/wscript_build +@@ -170,7 +170,7 @@ else: + + bld.SAMBA_LIBRARY('samba-modules', + source='modules.c', +- deps='samba-errors samba-util', ++ deps='samba-errors samba-util samba-debug', + local_include=False, + private_library=True) + +@@ -285,4 +285,4 @@ else: + bld.SAMBA_BINARY('test_util_paths', + source='tests/test_util_paths.c', + deps='cmocka replace talloc samba-util', +- local_include=False) ++ local_include=False, Index: files/patch-listen-backlog =================================================================== --- files/patch-listen-backlog +++ files/patch-listen-backlog @@ -0,0 +1,94 @@ +--- lib/tevent/echo_server.c.orig 2019-01-15 10:07:00 UTC ++++ lib/tevent/echo_server.c +@@ -633,7 +633,7 @@ int main(int argc, const char **argv) + exit(1); + } + +- ret = listen(listen_sock, 5); ++ ret = listen(listen_sock, DEFAULT_LISTEN_BACKLOG); + if (ret == -1) { + perror("listen() failed"); + exit(1); +--- source3/include/local.h.orig 2019-01-15 10:07:00 UTC ++++ source3/include/local.h +@@ -173,7 +173,18 @@ + #define WINBIND_SERVER_MUTEX_WAIT_TIME (( ((NUM_CLI_AUTH_CONNECT_RETRIES) * ((CLI_AUTH_TIMEOUT)/1000)) + 5)*2) + + /* size of listen() backlog in smbd */ ++#if defined (FREEBSD) ++#define SMBD_LISTEN_BACKLOG -1 ++#else + #define SMBD_LISTEN_BACKLOG 50 ++#endif ++ ++/* size of listen() default backlog */ ++#if defined (FREEBSD) ++#define DEFAULT_LISTEN_BACKLOG -1 ++#else ++#define DEFAULT_LISTEN_BACKLOG 5 ++#endif + + /* Number of microseconds to wait before a sharing violation. */ + #define SHARING_VIOLATION_USEC_WAIT 950000 +--- source3/libsmb/unexpected.c.orig 2019-01-15 10:07:00 UTC ++++ source3/libsmb/unexpected.c +@@ -95,7 +95,7 @@ NTSTATUS nb_packet_server_create(TALLOC_ + status = map_nt_error_from_unix(errno); + goto fail; + } +- rc = listen(result->listen_sock, 5); ++ rc = listen(result->listen_sock, DEFAULT_LISTEN_BACKLOG); + if (rc < 0) { + status = map_nt_error_from_unix(errno); + goto fail; +--- source3/rpc_server/rpc_server.c.orig 2019-01-15 10:07:00 UTC ++++ source3/rpc_server/rpc_server.c +@@ -158,7 +158,7 @@ bool setup_named_pipe_socket(const char + goto out; + } + +- rc = listen(state->fd, 5); ++ rc = listen(state->fd, DEFAULT_LISTEN_BACKLOG); + if (rc < 0) { + DEBUG(0, ("Failed to listen on pipe socket %s: %s\n", + pipe_name, strerror(errno))); +@@ -830,7 +830,7 @@ bool setup_dcerpc_ncalrpc_socket(struct + goto out; + } + +- rc = listen(state->fd, 5); ++ rc = listen(state->fd, DEFAULT_LISTEN_BACKLOG); + if (rc < 0) { + DEBUG(0, ("Failed to listen on ncalrpc socket %s: %s\n", + name, strerror(errno))); +--- source3/utils/smbfilter.c.orig 2019-01-15 10:07:00 UTC ++++ source3/utils/smbfilter.c +@@ -291,7 +291,7 @@ static void start_filter(char *desthost) + exit(1); + } + +- if (listen(s, 5) == -1) { ++ if (listen(s, DEFAULT_LISTEN_BACKLOG) == -1) { + d_printf("listen failed\n"); + } + +--- source3/winbindd/winbindd.c.orig 2019-01-15 10:07:00 UTC ++++ source3/winbindd/winbindd.c +@@ -1317,7 +1317,7 @@ static bool winbindd_setup_listeners(voi + if (pub_state->fd == -1) { + goto failed; + } +- rc = listen(pub_state->fd, 5); ++ rc = listen(pub_state->fd, DEFAULT_LISTEN_BACKLOG); + if (rc < 0) { + goto failed; + } +@@ -1349,7 +1349,7 @@ static bool winbindd_setup_listeners(voi + if (priv_state->fd == -1) { + goto failed; + } +- rc = listen(priv_state->fd, 5); ++ rc = listen(priv_state->fd, DEFAULT_LISTEN_BACKLOG); + if (rc < 0) { + goto failed; + } Index: files/patch-mdns =================================================================== --- files/patch-mdns +++ files/patch-mdns @@ -0,0 +1,532 @@ +From 923bc7a1afeb0b920e60e14846987ae1d2d7dca4 Mon Sep 17 00:00:00 2001 +From: John Hixson +Date: Thu, 7 Dec 2017 09:36:32 -0500 +Subject: [PATCH] Freenas/master mdns fixes (#22) + +* mDNS fixes for Samba (work in progress). + +* Fix mDNS - Can advertise on individual interfaces + +* Fix mDNS browsing in smbclient + +Signed-off-by: Timur I. Bakeyev + +--- source3/client/dnsbrowse.c.orig 2019-01-15 10:07:00 UTC ++++ source3/client/dnsbrowse.c +@@ -39,6 +39,7 @@ struct mdns_smbsrv_result + struct mdns_browse_state + { + struct mdns_smbsrv_result *listhead; /* Browse result list head */ ++ TALLOC_CTX * ctx; + int browseDone; + + }; +@@ -64,7 +65,7 @@ static void do_smb_resolve(struct mdns_s + struct timeval tv; + DNSServiceErrorType err; + +- TALLOC_CTX * ctx = talloc_tos(); ++ TALLOC_CTX * ctx = talloc_new(NULL); + + err = DNSServiceResolve(&mdns_conn_sdref, 0 /* flags */, + browsesrv->ifIndex, +@@ -91,7 +92,7 @@ static void do_smb_resolve(struct mdns_s + } + } + +- TALLOC_FREE(fdset); ++ TALLOC_FREE(ctx); + DNSServiceRefDeallocate(mdns_conn_sdref); + } + +@@ -124,18 +125,19 @@ do_smb_browse_reply(DNSServiceRef sdRef, + return; + } + +- bresult = talloc_array(talloc_tos(), struct mdns_smbsrv_result, 1); ++ bresult = talloc_array(bstatep->ctx, struct mdns_smbsrv_result, 1); + if (bresult == NULL) { + return; + } + ++ bresult->nextResult = NULL; + if (bstatep->listhead != NULL) { + bresult->nextResult = bstatep->listhead; + } + +- bresult->serviceName = talloc_strdup(talloc_tos(), serviceName); +- bresult->regType = talloc_strdup(talloc_tos(), regtype); +- bresult->domain = talloc_strdup(talloc_tos(), replyDomain); ++ bresult->serviceName = talloc_strdup(bstatep->ctx, serviceName); ++ bresult->regType = talloc_strdup(bstatep->ctx, regtype); ++ bresult->domain = talloc_strdup(bstatep->ctx, replyDomain); + bresult->ifIndex = interfaceIndex; + bstatep->listhead = bresult; + } +@@ -151,10 +153,13 @@ int do_smb_browse(void) + DNSServiceRef mdns_conn_sdref = NULL; + DNSServiceErrorType err; + +- TALLOC_CTX * ctx = talloc_stackframe(); ++ TALLOC_CTX * ctx = talloc_new(NULL); + + ZERO_STRUCT(bstate); + ++ bstate.ctx = ctx; ++ bstate.listhead = NULL; ++ + err = DNSServiceBrowse(&mdns_conn_sdref, 0, 0, "_smb._tcp", "", + do_smb_browse_reply, &bstate); + +--- source3/smbd/dnsregister.c.orig 2019-01-15 10:07:00 UTC ++++ source3/smbd/dnsregister.c +@@ -29,6 +29,29 @@ + * browse for advertised SMB services. + */ + ++/* ++ * Time Machine Errata: ++ * sys=adVF=0x100 -- this is required when ._adisk._tcp is present on device. When it is ++ * set, the MacOS client will send a NetShareEnumAll IOCTL and shares will be visible. ++ * Otherwise, Finder will only see the Time Machine share. In the absence of ._adisk._tcp ++ * MacOS will _always_ send NetShareEnumAll IOCTL. ++ * ++ * waMa=0 -- MacOS server uses waMa=0, while embedded devices have it set to their Mac Address. ++ * Speculation in Samba-Technical indicates that this stands for "Wireless AirDisk Mac Address". ++ * ++ * adVU -- AirDisk Volume UUID. Mac OS servers generate a UUID. Time machine over SMB works without one ++ * set. Netatalk generates a UUID and stores it persistently in afp_voluuid.conf. This can be ++ * set by adding the share parameter "fruit:volume_uuid = " ++ * ++ * dk(n)=adVF= ++ * 0xa1, 0x81 - AFP support ++ * 0xa2, 0x82 - SMB support ++ * 0xa3, 0x83 - AFP and SMB support ++ * ++ * adVN -- AirDisk Volume Name. We set this to the share name. ++ * ++ */ ++ + #define DNS_REG_RETRY_INTERVAL (5*60) /* in seconds */ + + #ifdef WITH_DNSSD_SUPPORT +@@ -36,85 +59,177 @@ + #include + + struct dns_reg_state { +- struct tevent_context *event_ctx; +- uint16_t port; +- DNSServiceRef srv_ref; +- struct tevent_timer *te; +- int fd; +- struct tevent_fd *fde; ++ int count; ++ struct reg_state { ++ DNSServiceRef srv_ref; ++ TALLOC_CTX *mem_ctx; ++ struct tevent_context *event_ctx; ++ struct tevent_timer *te; ++ struct tevent_fd *fde; ++ uint16_t port; ++ int if_index; ++ int fd; ++ } *drs; + }; + +-static int dns_reg_state_destructor(struct dns_reg_state *dns_state) ++static void dns_register_smbd_retry(struct tevent_context *ctx, ++ struct tevent_timer *te, ++ struct timeval now, ++ void *private_data); ++static void dns_register_smbd_fde_handler(struct tevent_context *ev, ++ struct tevent_fd *fde, ++ uint16_t flags, ++ void *private_data); ++ ++ ++static int reg_state_destructor(struct reg_state *state) + { +- if (dns_state->srv_ref != NULL) { ++ if (state == NULL) { ++ return -1; ++ } ++ ++ if (state->srv_ref != NULL) { + /* Close connection to the mDNS daemon */ +- DNSServiceRefDeallocate(dns_state->srv_ref); +- dns_state->srv_ref = NULL; ++ DNSServiceRefDeallocate(state->srv_ref); ++ state->srv_ref = NULL; + } + + /* Clear event handler */ +- TALLOC_FREE(dns_state->te); +- TALLOC_FREE(dns_state->fde); +- dns_state->fd = -1; ++ TALLOC_FREE(state->te); ++ TALLOC_FREE(state->fde); ++ state->fd = -1; + + return 0; + } + +-static void dns_register_smbd_retry(struct tevent_context *ctx, +- struct tevent_timer *te, +- struct timeval now, +- void *private_data); +-static void dns_register_smbd_fde_handler(struct tevent_context *ev, +- struct tevent_fd *fde, +- uint16_t flags, +- void *private_data); ++int TXTRecordPrintf(TXTRecordRef * rec, const char * key, const char * fmt, ... ) ++{ ++ int ret = 0; ++ char *str; ++ va_list ap; ++ va_start( ap, fmt ); + +-static bool dns_register_smbd_schedule(struct dns_reg_state *dns_state, ++ if( 0 > vasprintf(&str, fmt, ap ) ) { ++ va_end(ap); ++ return -1; ++ } ++ va_end(ap); ++ ++ if( kDNSServiceErr_NoError != TXTRecordSetValue(rec, key, strlen(str), str) ) { ++ ret = -1; ++ } ++ ++ free(str); ++ return ret; ++} ++ ++int TXTRecordKeyPrintf(TXTRecordRef * rec, const char * key_fmt, int key_var, const char * fmt, ...) ++{ ++ int ret = 0; ++ char *key = NULL, *str = NULL; ++ va_list ap; ++ ++ if( 0 > asprintf(&key, key_fmt, key_var)) { ++ DEBUG(1, ("Failed in asprintf\n")); ++ return -1; ++ } ++ ++ va_start( ap, fmt ); ++ if( 0 > vasprintf(&str, fmt, ap )) { ++ va_end(ap); ++ DEBUG(1, ("Failed in vasprintf\n")); ++ ret = -1; ++ goto exit; ++ } ++ va_end(ap); ++ ++ if( kDNSServiceErr_NoError != TXTRecordSetValue(rec, key, strlen(str), str) ) { ++ DEBUG(1, ("Failed in TXTRecordSetValuen")); ++ ret = -1; ++ goto exit; ++ } ++ ++ exit: ++ if (str) ++ free(str); ++ if (key) ++ free(key); ++ return ret; ++} ++ ++ ++static bool dns_register_smbd_schedule(struct reg_state *state, + struct timeval tval) + { +- dns_reg_state_destructor(dns_state); ++ reg_state_destructor(state); + +- dns_state->te = tevent_add_timer(dns_state->event_ctx, +- dns_state, ++ state->te = tevent_add_timer(state->event_ctx, ++ state->mem_ctx, + tval, + dns_register_smbd_retry, +- dns_state); +- if (!dns_state->te) { ++ state); ++ if (!state->te) { + return false; + } + + return true; + } + ++static void dns_register_smbd_callback(DNSServiceRef service, ++ DNSServiceFlags flags, ++ DNSServiceErrorType errorCode, ++ const char *name, ++ const char *type, ++ const char *domain, ++ void *context) ++{ ++ if (errorCode != kDNSServiceErr_NoError) { ++ DEBUG(6, ("error=%d\n", errorCode)); ++ } else { ++ DEBUG(6, ("%-15s %s.%s%s\n", "REGISTER", name, type, domain)); ++ } ++} ++ + static void dns_register_smbd_retry(struct tevent_context *ctx, + struct tevent_timer *te, + struct timeval now, + void *private_data) + { +- struct dns_reg_state *dns_state = talloc_get_type_abort(private_data, +- struct dns_reg_state); ++ struct reg_state *state = (struct reg_state *)private_data; + DNSServiceErrorType err; ++ int snum; ++ size_t dk = 0; ++ bool sys_txt_created = false; ++ TXTRecordRef txt_adisk; ++ TXTRecordRef txt_devinfo; ++ char *servname; ++ char *v_uuid; ++ int num_services = lp_numservices(); + +- dns_reg_state_destructor(dns_state); ++ reg_state_destructor(state); + +- DEBUG(6, ("registering _smb._tcp service on port %d\n", +- dns_state->port)); ++ TXTRecordCreate(&txt_adisk, 0, NULL); ++ ++ DEBUG(6, ("registering _smb._tcp service on port %d index %d\n", ++ state->port, state->if_index)); + + /* Register service with DNS. Connects with the mDNS + * daemon running on the local system to perform DNS + * service registration. + */ +- err = DNSServiceRegister(&dns_state->srv_ref, 0 /* flags */, +- kDNSServiceInterfaceIndexAny, +- NULL /* service name */, +- "_smb._tcp" /* service type */, +- NULL /* domain */, +- "" /* SRV target host name */, +- htons(dns_state->port), +- 0 /* TXT record len */, +- NULL /* TXT record data */, +- NULL /* callback func */, +- NULL /* callback context */); ++ err = DNSServiceRegister(&state->srv_ref, ++ 0 /* flags */, ++ state->if_index /* interface index */, ++ NULL /* service name */, ++ "_smb._tcp" /* service type */, ++ NULL /* domain */, ++ "" /* SRV target host name */, ++ htons(state->port) /* port */, ++ 0 /* TXT record len */, ++ NULL /* TXT record data */, ++ dns_register_smbd_callback /* callback func */, ++ NULL /* callback context */); ++ + + if (err != kDNSServiceErr_NoError) { + /* Failed to register service. Schedule a re-try attempt. +@@ -123,24 +238,96 @@ static void dns_register_smbd_retry(stru + goto retry; + } + +- dns_state->fd = DNSServiceRefSockFD(dns_state->srv_ref); +- if (dns_state->fd == -1) { ++ /* ++ * Check for services that are configured as Time Machine targets ++ * ++ */ ++ for (snum = 0; snum < num_services; snum++) { ++ if (lp_snum_ok(snum) && lp_parm_bool(snum, "fruit", "time machine", false)) ++ { ++ if (!sys_txt_created) { ++ if( 0 > TXTRecordPrintf(&txt_adisk, "sys", "adVF=0x100") ) { ++ DEBUG(1, ("Failed to create Zeroconf TXTRecord for sys") ); ++ goto retry; ++ } ++ else ++ { ++ sys_txt_created = true; ++ } ++ } ++ ++ v_uuid = lp_parm_const_string(snum, "fruit", "volume_uuid", NULL); ++ servname = lp_const_servicename(snum); ++ DEBUG(1, ("Registering volume %s for TimeMachine\n", servname)); ++ if (v_uuid) { ++ if( 0 > TXTRecordKeyPrintf(&txt_adisk, "dk%zu", dk++, "adVN=%s,adVF=0x82,adVU=%s", ++ servname, v_uuid) ) { ++ DEBUG(1, ("Could not set Zeroconf TXTRecord for dk%zu \n", dk)); ++ goto retry; ++ } ++ DEBUG(1, ("Registering TimeMachine with the following TXT parameters: " ++ "dk%zu,adVN=%s,adVF=0x82,adVU=%s\n", dk, servname, v_uuid) ); ++ } ++ else { ++ if( 0 > TXTRecordKeyPrintf(&txt_adisk, "dk%zu", dk++, "adVN=%s,adVF=0x82", ++ servname) ) { ++ DEBUG(1, ("Could not set Zeroconf TXTRecord for dk%zu \n", dk)); ++ goto retry; ++ } ++ DEBUG(1, ("Registering TimeMachine with the following TXT parameters: " ++ "dk%zu,adVN=%s,adVF=0x82\n", dk, servname) ); ++ } ++ } ++ } ++ ++ if (dk) { ++ err = DNSServiceRegister(&state->srv_ref, ++ 0 /* flags */, ++ state->if_index /* interface index */, ++ NULL /* service name */, ++ "_adisk._tcp" /* service type */, ++ NULL /* domain */, ++ "" /* SRV target host name */, ++ /* ++ * We would probably use port 0 zero, but we can't, from man DNSServiceRegister: ++ * "A value of 0 for a port is passed to register placeholder services. ++ * Place holder services are not found when browsing, but other ++ * clients cannot register with the same name as the placeholder service." ++ * We therefor use port 9 which is used by the adisk service type. ++ */ ++ htons(9) /* port */, ++ TXTRecordGetLength(&txt_adisk) /* TXT record len */, ++ TXTRecordGetBytesPtr(&txt_adisk) /* TXT record data */, ++ dns_register_smbd_callback /* callback func */, ++ NULL /* callback context */); ++ ++ ++ if (err != kDNSServiceErr_NoError) { ++ /* Failed to register service. Schedule a re-try attempt. ++ */ ++ DEBUG(1, ("unable to register with mDNS (err %d)\n", err)); ++ goto retry; ++ } ++ } ++ ++ state->fd = DNSServiceRefSockFD(state->srv_ref); ++ if (state->fd == -1) { + goto retry; + } + +- dns_state->fde = tevent_add_fd(dns_state->event_ctx, +- dns_state, +- dns_state->fd, +- TEVENT_FD_READ, +- dns_register_smbd_fde_handler, +- dns_state); +- if (!dns_state->fde) { ++ state->fde = tevent_add_fd(state->event_ctx, ++ state->mem_ctx, ++ state->fd, ++ TEVENT_FD_READ, ++ dns_register_smbd_fde_handler, ++ state); ++ if (!state->fde) { + goto retry; + } + + return; + retry: +- dns_register_smbd_schedule(dns_state, ++ dns_register_smbd_schedule(state, + timeval_current_ofs(DNS_REG_RETRY_INTERVAL, 0)); + } + +@@ -150,44 +337,77 @@ static void dns_register_smbd_fde_handle + uint16_t flags, + void *private_data) + { +- struct dns_reg_state *dns_state = talloc_get_type_abort(private_data, +- struct dns_reg_state); ++ struct reg_state *state = (struct reg_state *)private_data; + DNSServiceErrorType err; + +- err = DNSServiceProcessResult(dns_state->srv_ref); ++ err = DNSServiceProcessResult(state->srv_ref); + if (err != kDNSServiceErr_NoError) { +- DEBUG(3, ("failed to process mDNS result (err %d), re-trying\n", +- err)); ++ DEBUG(3, ("failed to process mDNS result (err %d), re-trying\n", err)); + goto retry; + } + +- talloc_free(dns_state); + return; + + retry: +- dns_register_smbd_schedule(dns_state, +- timeval_current_ofs(DNS_REG_RETRY_INTERVAL, 0)); ++ dns_register_smbd_schedule(state, timeval_zero()); ++} ++ ++static int dns_reg_state_destructor(struct dns_reg_state *state) ++{ ++ if (state != NULL) { ++ talloc_free(state); ++ } ++ return 0; + } + ++ + bool smbd_setup_mdns_registration(struct tevent_context *ev, + TALLOC_CTX *mem_ctx, + uint16_t port) + { + struct dns_reg_state *dns_state; ++ bool bind_all = true; ++ int i; + + dns_state = talloc_zero(mem_ctx, struct dns_reg_state); +- if (dns_state == NULL) { ++ if (dns_state == NULL) ++ return false; ++ ++ if (lp_interfaces() && lp_bind_interfaces_only()) ++ bind_all = false; ++ ++ dns_state->count = iface_count(); ++ if (dns_state->count <= 0 || bind_all == true) ++ dns_state->count = 1; ++ ++ dns_state->drs = talloc_array(mem_ctx, struct reg_state, dns_state->count); ++ if (dns_state->drs == NULL) { ++ talloc_free(dns_state); + return false; + } +- dns_state->event_ctx = ev; +- dns_state->port = port; +- dns_state->fd = -1; + +- talloc_set_destructor(dns_state, dns_reg_state_destructor); ++ for (i = 0; i < dns_state->count; i++) { ++ struct interface *iface = get_interface(i); ++ struct reg_state *state = &dns_state->drs[i]; + +- return dns_register_smbd_schedule(dns_state, timeval_zero()); ++ state->mem_ctx = mem_ctx; ++ state->srv_ref = NULL; ++ state->event_ctx = ev; ++ state->te = NULL; ++ state->fde = NULL; ++ state->port = port; ++ state->fd = -1; ++ ++ state->if_index = bind_all ? kDNSServiceInterfaceIndexAny : iface->if_index; ++ ++ dns_register_smbd_schedule(&dns_state->drs[i], timeval_zero()); ++ } ++ ++ talloc_set_destructor(dns_state, dns_reg_state_destructor); ++ return true; + } + ++ + #else /* WITH_DNSSD_SUPPORT */ + + bool smbd_setup_mdns_registration(struct tevent_context *ev, Index: files/patch-nsswitch_wscript__build =================================================================== --- files/patch-nsswitch_wscript__build +++ files/patch-nsswitch_wscript__build @@ -0,0 +1,17 @@ +--- nsswitch/wscript_build.orig 2019-01-15 10:07:00 UTC ++++ nsswitch/wscript_build +@@ -61,12 +61,14 @@ elif (host_os.rfind('freebsd') > -1): + source='winbind_nss_linux.c winbind_nss_freebsd.c', + deps='winbind-client', + realname='nss_winbind.so.1', ++ install_path='${PAMMODULESDIR}', + vnum='1') + + bld.SAMBA3_LIBRARY('nss_wins', + source='wins.c wins_freebsd.c', + deps='''wbclient''', + realname='nss_wins.so.1', ++ install_path='${PAMMODULESDIR}', + vnum='1') + + elif (host_os.rfind('netbsd') > -1): Index: files/patch-source3_include_includes.h =================================================================== --- files/patch-source3_include_includes.h +++ files/patch-source3_include_includes.h @@ -0,0 +1,11 @@ +--- source3/include/includes.h.orig 2019-01-15 10:07:00 UTC ++++ source3/include/includes.h +@@ -322,6 +322,8 @@ typedef char fstring[FSTRING_LEN]; + * the *bottom* of include files so as not to conflict. */ + #ifdef ENABLE_DMALLOC + # include ++#elif ENABLE_JEMALLOC ++# include + #endif + + Index: files/patch-source3_lib_adouble.c =================================================================== --- files/patch-source3_lib_adouble.c +++ files/patch-source3_lib_adouble.c @@ -0,0 +1,35 @@ +--- source3/lib/adouble.c.orig 2020-01-31 11:25:36.000000000 +0100 ++++ source3/lib/adouble.c 2020-09-19 20:14:34.979937000 +0200 +@@ -2662,6 +2662,8 @@ + return AFP_INFO_SIZE; + } + ++#define BROKEN_FREEBSD_AFP_Signature 0x00465000 ++ + /** + * Unpack a buffer into a AfpInfo structure + * +@@ -2681,10 +2683,20 @@ + memcpy(ai->afpi_FinderInfo, (const char *)data + 16, + sizeof(ai->afpi_FinderInfo)); + +- if (ai->afpi_Signature != AFP_Signature +- || ai->afpi_Version != AFP_Version) { +- DEBUG(1, ("Bad AfpInfo signature or version\n")); ++ if (ai->afpi_Signature != AFP_Signature) { ++ DBG_WARNING("Bad AFP signature [%x]\n", ai->afpi_Signature); ++ ++ if (ai->afpi_Signature != BROKEN_FREEBSD_AFP_Signature) { ++ DBG_ERR("Bad AfpInfo signature\n"); ++ TALLOC_FREE(ai); ++ return NULL; ++ } ++ } ++ ++ if (ai->afpi_Version != AFP_Version) { ++ DBG_ERR("Bad AfpInfo version\n"); + TALLOC_FREE(ai); ++ return NULL; + } + + return ai; Index: files/patch-source3_lib_sysquotas__4B.c =================================================================== --- files/patch-source3_lib_sysquotas__4B.c +++ files/patch-source3_lib_sysquotas__4B.c @@ -0,0 +1,18 @@ +--- source3/lib/sysquotas_4B.c.orig 2019-01-15 10:07:00 UTC ++++ source3/lib/sysquotas_4B.c +@@ -140,7 +140,14 @@ static int sys_quotactl_4B(const char * + /* ENOTSUP means quota support is not compiled in. EINVAL + * means that quotas are not configured (commonly). + */ +- if (errno != ENOTSUP && errno != EINVAL) { ++ if (errno != ENOTSUP && errno != EINVAL ++/* ++ * FreeBSD 12 between r336017 and r342928 wrongfuly return ENOENT for the not enabled qoutas on ZFS. ++ */ ++#if defined(__FreeBSD__) && ((__FreeBSD_version >= 1102503 && __FreeBSD_version <= 1102506) || (__FreeBSD_version >= 1200072 && __FreeBSD_version <= 1200503) || (__FreeBSD_version >= 1300000 && __FreeBSD_version <= 1300009)) ++ && errno != ENOENT ++#endif ++ ) { + DEBUG(5, ("failed to %s quota for %s ID %u on %s: %s\n", + (cmd & QCMD(Q_GETQUOTA, 0)) ? "get" : "set", + (cmd & QCMD(0, GRPQUOTA)) ? "group" : "user", Index: files/patch-source3_lib_util.c =================================================================== --- files/patch-source3_lib_util.c +++ files/patch-source3_lib_util.c @@ -0,0 +1,14 @@ +--- source3/lib/util.c.orig 2019-05-07 08:38:21 UTC ++++ source3/lib/util.c +@@ -1916,7 +1916,10 @@ bool any_nt_status_not_ok(NTSTATUS err1, + + int timeval_to_msec(struct timeval t) + { +- return t.tv_sec * 1000 + (t.tv_usec+999) / 1000; ++ unsigned long result; ++ ++ result = t.tv_sec * 1000 + (t.tv_usec+999) / 1000; ++ return result > INT_MAX ? INT_MAX : result; + } + + /******************************************************************* Index: files/patch-source3_librpc_crypto_gse.c =================================================================== --- files/patch-source3_librpc_crypto_gse.c +++ files/patch-source3_librpc_crypto_gse.c @@ -0,0 +1,16 @@ +--- source3/librpc/crypto/gse.c.orig 2019-01-15 10:07:00 UTC ++++ source3/librpc/crypto/gse.c +@@ -621,11 +621,12 @@ static NTSTATUS gse_get_server_auth_toke + struct gse_context *gse_ctx = + talloc_get_type_abort(gensec_security->private_data, + struct gse_context); +- OM_uint32 gss_maj, gss_min; ++ OM_uint32 gss_min; + gss_buffer_desc in_data; + gss_buffer_desc out_data; + DATA_BLOB blob = data_blob_null; + NTSTATUS status; ++ OM_uint32 gss_maj = -1; + OM_uint32 time_rec = 0; + struct timeval tv; + Index: files/patch-source3_modules_vfs__fruit.c =================================================================== --- files/patch-source3_modules_vfs__fruit.c +++ files/patch-source3_modules_vfs__fruit.c @@ -0,0 +1,28 @@ +--- source3/modules/vfs_fruit.c.orig 2020-04-07 08:45:51.000000000 +0200 ++++ source3/modules/vfs_fruit.c 2020-09-19 20:10:05.720434000 +0200 +@@ -2191,12 +2191,23 @@ + { + ssize_t nread; + int ret; ++ char *p = (char *)data; + + nread = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset); +- if (nread == -1 || nread == n) { +- return nread; ++ ++ if (nread == -1) { ++ return -1; + } + ++ if (nread == n) { ++ if (offset == 0 && nread > 3 && p[0] == 0 && p[1] == 'F' && p[2] == 'P') { ++ DBG_NOTICE("Fixing AFP_Info of [%s]\n", ++ fsp_str_dbg(fsp)); ++ p[0] = 'A'; ++ } ++ return nread; ++ } ++ + DBG_ERR("Removing [%s] after short read [%zd]\n", + fsp_str_dbg(fsp), nread); + Index: files/patch-source3_modules_vfs__streams__xattr.c =================================================================== --- files/patch-source3_modules_vfs__streams__xattr.c +++ files/patch-source3_modules_vfs__streams__xattr.c @@ -0,0 +1,526 @@ +--- source3/modules/vfs_streams_xattr.c.orig 2019-01-15 10:07:00 UTC ++++ source3/modules/vfs_streams_xattr.c +@@ -1,10 +1,10 @@ + /* + * Store streams in xattrs + * +- * Copyright (C) Volker Lendecke, 2008 ++ * Copyright (C) Volker Lendecke, 2008 ++ * Copyright (C) Timur I. Bakeyev, 2017 + * + * Partly based on James Peach's Darwin module, which is +- * + * Copyright (C) James Peach 2006-2007 + * + * This program is free software; you can redistribute it and/or modify +@@ -79,25 +79,79 @@ static SMB_INO_T stream_inode(const SMB_ + } + + static ssize_t get_xattr_size(connection_struct *conn, +- const struct smb_filename *smb_fname, +- const char *xattr_name) ++ const struct smb_filename *smb_fname, ++ const char *xattr_name) + { +- NTSTATUS status; +- struct ea_struct ea; + ssize_t result; + +- status = get_ea_value(talloc_tos(), conn, NULL, smb_fname, +- xattr_name, &ea); ++ result = SMB_VFS_GETXATTR(conn, smb_fname, xattr_name, NULL, 0); ++ // ? -1 ++ return result; ++} + +- if (!NT_STATUS_IS_OK(status)) { +- return -1; ++static NTSTATUS get_xattr_value(TALLOC_CTX *mem_ctx, ++ connection_struct *conn, ++ const struct smb_filename *smb_fname, ++ const char *ea_name, ++ struct ea_struct *pea) ++{ ++ ssize_t attr_size; ++ ++ attr_size = get_xattr_size(conn, smb_fname, ea_name); ++ ++ if (attr_size == -1) { ++ return map_nt_error_from_unix(errno); + } + +- result = ea.value.length-1; +- TALLOC_FREE(ea.value.data); +- return result; ++ pea->value = data_blob_talloc(mem_ctx, NULL, attr_size); ++ /* We may have xattr of a 0 size */ ++ if(pea->value.data == NULL && attr_size) { ++ DEBUG(5, ++ ("get_xattr_value: for EA '%s' failed to allocate %lu bytes\n", ++ ea_name, (unsigned long)attr_size) ++ ); ++ return NT_STATUS_NO_MEMORY; ++ } ++ ++ attr_size = SMB_VFS_GETXATTR(conn, smb_fname, ea_name, pea->value.data, pea->value.length); ++ ++ if (attr_size == -1) { ++ return map_nt_error_from_unix(errno); ++ } ++ ++ if(pea->value.length != attr_size) { ++ DEBUG(5, ++ ("get_xattr_value: for EA '%s' requested %lu, read %lu bytes\n", ++ ea_name, (unsigned long)pea->value.length, (unsigned long)attr_size) ++ ); ++ return NT_STATUS_UNSUCCESSFUL; ++ } ++ ++ DEBUG(10,("get_xattr_value: EA '%s' is of length %lu\n", ea_name, (unsigned long)attr_size)); ++ /* ++ * This can dump huge amount of data multiple times. For example ++ * for 1Mb ADS and chunk size 64Kb the same 1Mb dump will be ++ * logged 16 times! ++ */ ++ dump_data(50, (uint8_t *)pea->value.data, pea->value.length); ++ ++ pea->flags = 0; ++ // ? user. ++ if (strnequal(ea_name, "user.", 5)) { ++ pea->name = talloc_strdup(mem_ctx, &ea_name[5]); ++ } else { ++ pea->name = talloc_strdup(mem_ctx, ea_name); ++ } ++ ++ if (pea->name == NULL) { ++ data_blob_free(&pea->value); ++ return NT_STATUS_NO_MEMORY; ++ } ++ ++ return NT_STATUS_OK; + } + ++ + /** + * Given a stream name, populate xattr_name with the xattr name to use for + * accessing the stream. +@@ -114,6 +168,7 @@ static NTSTATUS streams_xattr_get_name(v + SMB_VFS_HANDLE_GET_DATA(handle, config, struct streams_xattr_config, + return NT_STATUS_UNSUCCESSFUL); + ++ // stream_name is passed as ':stream', so skip leading ':' + sname = talloc_strdup(ctx, stream_name + 1); + if (sname == NULL) { + return NT_STATUS_NO_MEMORY; +@@ -125,7 +180,7 @@ static NTSTATUS streams_xattr_get_name(v + * characters from their on-the-wire Unicode Private Range + * encoding to their native ASCII representation. + * +- * As as result the name of xattrs storing the streams (via ++ * As a result the name of xattrs storing the streams (via + * vfs_streams_xattr) may contain a colon, so we have to use + * strrchr_m() instead of strchr_m() for matching the stream + * type suffix. +@@ -157,7 +212,7 @@ static NTSTATUS streams_xattr_get_name(v + return NT_STATUS_NO_MEMORY; + } + +- DEBUG(10, ("xattr_name: %s, stream_name: %s\n", *xattr_name, ++ DEBUG(10, ("xattr_name: '%s', stream_name: '%s'\n", *xattr_name, + stream_name)); + + talloc_free(sname); +@@ -270,8 +325,8 @@ static int streams_xattr_fstat(vfs_handl + return -1; + } + +- sbuf->st_ex_size = get_xattr_size(handle->conn, +- smb_fname_base, io->xattr_name); ++ sbuf->st_ex_size = get_xattr_size(handle->conn, smb_fname_base, ++ io->xattr_name); + if (sbuf->st_ex_size == -1) { + TALLOC_FREE(smb_fname_base); + SET_STAT_INVALID(*sbuf); +@@ -446,10 +501,10 @@ static int streams_xattr_open(vfs_handle + goto fail; + } + +- status = get_ea_value(talloc_tos(), handle->conn, NULL, +- smb_fname, xattr_name, &ea); ++ status = get_xattr_value(talloc_tos(), handle->conn, ++ smb_fname, xattr_name, &ea); + +- DEBUG(10, ("get_ea_value returned %s\n", nt_errstr(status))); ++ DEBUG(10, ("get_xattr_value returned %s\n", nt_errstr(status))); + + if (!NT_STATUS_IS_OK(status)) { + if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) { +@@ -480,19 +535,13 @@ static int streams_xattr_open(vfs_handle + /* + * The attribute does not exist or needs to be truncated + */ +- +- /* +- * Darn, xattrs need at least 1 byte +- */ +- char null = '\0'; +- + DEBUG(10, ("creating or truncating attribute %s on file %s\n", + xattr_name, smb_fname->base_name)); + + ret = SMB_VFS_SETXATTR(fsp->conn, + smb_fname, + xattr_name, +- &null, sizeof(null), ++ NULL, 0, + flags & O_EXCL ? XATTR_CREATE : 0); + if (ret != 0) { + goto fail; +@@ -678,8 +727,8 @@ static int streams_xattr_rename(vfs_hand + } + + /* read the old stream */ +- status = get_ea_value(talloc_tos(), handle->conn, NULL, +- smb_fname_src, src_xattr_name, &ea); ++ status = get_xattr_value(talloc_tos(), handle->conn, ++ smb_fname_src, src_xattr_name, &ea); + if (!NT_STATUS_IS_OK(status)) { + errno = ENOENT; + goto fail; +@@ -766,14 +815,13 @@ static NTSTATUS walk_xattr_streams(vfs_h + continue; + } + +- status = get_ea_value(names, ++ status = get_xattr_value(names, + handle->conn, +- NULL, + smb_fname, + names[i], + &ea); + if (!NT_STATUS_IS_OK(status)) { +- DEBUG(10, ("Could not get ea %s for file %s: %s\n", ++ DEBUG(10, ("Could not get EA %s for file %s: %s\n", + names[i], + smb_fname->base_name, + nt_errstr(status))); +@@ -835,16 +883,17 @@ struct streaminfo_state { + NTSTATUS status; + }; + +-static bool collect_one_stream(struct ea_struct *ea, void *private_data) ++static bool collect_one_stream(struct ea_struct *pea, void *private_data) + { + struct streaminfo_state *state = + (struct streaminfo_state *)private_data; + ++ // ? -1 + if (!add_one_stream(state->mem_ctx, + &state->num_streams, &state->streams, +- ea->name, ea->value.length-1, ++ pea->name, pea->value.length, + smb_roundup(state->handle->conn, +- ea->value.length-1))) { ++ pea->value.length))) { + state->status = NT_STATUS_NO_MEMORY; + return false; + } +@@ -964,14 +1013,17 @@ static ssize_t streams_xattr_pwrite(vfs_ + files_struct *fsp, const void *data, + size_t n, off_t offset) + { +- struct stream_io *sio = ++ struct stream_io *sio = + (struct stream_io *)VFS_FETCH_FSP_EXTENSION(handle, fsp); ++ struct smb_filename *smb_fname_base = NULL; ++ TALLOC_CTX *frame = NULL; ++ + struct ea_struct ea; + NTSTATUS status; +- struct smb_filename *smb_fname_base = NULL; + int ret; + +- DEBUG(10, ("streams_xattr_pwrite called for %d bytes\n", (int)n)); ++ DEBUG(10, ("streams_xattr_pwrite: offset=%lu, size=%lu\n", ++ (unsigned long)offset, (unsigned long)n)); + + if (sio == NULL) { + return SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset); +@@ -981,6 +1033,8 @@ static ssize_t streams_xattr_pwrite(vfs_ + return -1; + } + ++ frame = talloc_stackframe(); ++ + /* Create an smb_filename with stream_name == NULL. */ + smb_fname_base = synthetic_smb_fname(talloc_tos(), + sio->base, +@@ -988,39 +1042,55 @@ static ssize_t streams_xattr_pwrite(vfs_ + NULL, + fsp->fsp_name->flags); + if (smb_fname_base == NULL) { ++ TALLOC_FREE(frame); + errno = ENOMEM; + return -1; + } + +- status = get_ea_value(talloc_tos(), handle->conn, NULL, +- smb_fname_base, sio->xattr_name, &ea); +- if (!NT_STATUS_IS_OK(status)) { +- return -1; +- } +- +- if ((offset + n) > ea.value.length-1) { +- uint8_t *tmp; ++ status = get_xattr_value(talloc_tos(), handle->conn, ++ smb_fname_base, sio->xattr_name, &ea); + +- tmp = talloc_realloc(talloc_tos(), ea.value.data, uint8_t, +- offset + n + 1); ++ if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) { ++ /* ++ * This can happen if we sit behind vfs_fruit: ++ * fruit_ftruncate calls UNLINK on an attribute ++ * truncating the "file" to zero length. A later ++ * pwrite faces a non-existing attribute, we need to ++ * cope with that here. ++ * ++ * This might be not the last word on this. ++ */ + +- if (tmp == NULL) { +- TALLOC_FREE(ea.value.data); +- errno = ENOMEM; +- return -1; +- } +- ea.value.data = tmp; +- ea.value.length = offset + n + 1; +- ea.value.data[offset+n] = 0; +- } ++ ea = (struct ea_struct) {0}; ++ ea.name = talloc_strdup(talloc_tos(), sio->xattr_name); ++ if (ea.name == NULL) { ++ TALLOC_FREE(frame); ++ errno = ENOMEM; ++ return -1; ++ } ++ status = NT_STATUS_OK; ++ } + +- memcpy(ea.value.data + offset, data, n); ++ if (!NT_STATUS_IS_OK(status)) { ++ TALLOC_FREE(frame); ++ return -1; ++ } ++ // ? -1 ++ if ((offset + n) > ea.value.length) { ++ if(!data_blob_realloc(talloc_tos(), &ea.value, offset + n)) { ++ TALLOC_FREE(frame); ++ errno = ENOMEM; ++ return -1; ++ } ++ } ++ memcpy(ea.value.data + offset, data, n); + + ret = SMB_VFS_SETXATTR(fsp->conn, + fsp->fsp_name, + sio->xattr_name, + ea.value.data, ea.value.length, 0); +- TALLOC_FREE(ea.value.data); ++ ++ TALLOC_FREE(frame); + + if (ret == -1) { + return -1; +@@ -1033,15 +1103,17 @@ static ssize_t streams_xattr_pread(vfs_h + files_struct *fsp, void *data, + size_t n, off_t offset) + { +- struct stream_io *sio = ++ struct stream_io *sio = + (struct stream_io *)VFS_FETCH_FSP_EXTENSION(handle, fsp); ++ struct smb_filename *smb_fname_base = NULL; ++ TALLOC_CTX *frame = NULL; ++ + struct ea_struct ea; + NTSTATUS status; +- size_t length, overlap; +- struct smb_filename *smb_fname_base = NULL; ++ size_t overlap; + +- DEBUG(10, ("streams_xattr_pread: offset=%d, size=%d\n", +- (int)offset, (int)n)); ++ DEBUG(10, ("streams_xattr_pread: offset=%lu, size=%lu\n", ++ (unsigned long)offset, (unsigned long)n)); + + if (sio == NULL) { + return SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset); +@@ -1051,6 +1123,8 @@ static ssize_t streams_xattr_pread(vfs_h + return -1; + } + ++ frame = talloc_stackframe(); ++ + /* Create an smb_filename with stream_name == NULL. */ + smb_fname_base = synthetic_smb_fname(talloc_tos(), + sio->base, +@@ -1058,31 +1132,35 @@ static ssize_t streams_xattr_pread(vfs_h + NULL, + fsp->fsp_name->flags); + if (smb_fname_base == NULL) { ++ TALLOC_FREE(frame); + errno = ENOMEM; + return -1; + } + +- status = get_ea_value(talloc_tos(), handle->conn, NULL, +- smb_fname_base, sio->xattr_name, &ea); ++ status = get_xattr_value(talloc_tos(), handle->conn, ++ smb_fname_base, sio->xattr_name, &ea); + if (!NT_STATUS_IS_OK(status)) { ++ TALLOC_FREE(frame); + return -1; + } ++ // ? -1 ++ //length = ea.value.length-1; + +- length = ea.value.length-1; ++ DEBUG(10, ("streams_xattr_pread: get_xattr_value() returned %lu bytes\n", ++ (unsigned long)ea.value.length)); + +- DEBUG(10, ("streams_xattr_pread: get_ea_value returned %d bytes\n", +- (int)length)); ++ /* Attempt to read past EOF. */ ++ if (ea.value.length <= offset) { ++ TALLOC_FREE(frame); ++ return 0; ++ } + +- /* Attempt to read past EOF. */ +- if (length <= offset) { +- return 0; +- } ++ overlap = (offset + n) > ea.value.length ? (ea.value.length - offset) : n; ++ memcpy(data, ea.value.data + offset, overlap); + +- overlap = (offset + n) > length ? (length - offset) : n; +- memcpy(data, ea.value.data + offset, overlap); ++ TALLOC_FREE(frame); + +- TALLOC_FREE(ea.value.data); +- return overlap; ++ return overlap; + } + + struct streams_xattr_pread_state { +@@ -1249,16 +1327,18 @@ static int streams_xattr_ftruncate(struc + struct files_struct *fsp, + off_t offset) + { +- int ret; +- uint8_t *tmp; +- struct ea_struct ea; +- NTSTATUS status; +- struct stream_io *sio = ++ struct stream_io *sio = + (struct stream_io *)VFS_FETCH_FSP_EXTENSION(handle, fsp); + struct smb_filename *smb_fname_base = NULL; ++ TALLOC_CTX *frame = NULL; + +- DEBUG(10, ("streams_xattr_ftruncate called for file %s offset %.0f\n", +- fsp_str_dbg(fsp), (double)offset)); ++ struct ea_struct ea; ++ NTSTATUS status; ++ size_t orig_length; ++ int ret; ++ ++ DEBUG(10, ("streams_xattr_ftruncate: called for file '%s' with offset %lu\n", ++ fsp_str_dbg(fsp), (unsigned long)offset)); + + if (sio == NULL) { + return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, offset); +@@ -1268,6 +1348,8 @@ static int streams_xattr_ftruncate(struc + return -1; + } + ++ frame = talloc_stackframe(); ++ + /* Create an smb_filename with stream_name == NULL. */ + smb_fname_base = synthetic_smb_fname(talloc_tos(), + sio->base, +@@ -1275,40 +1357,46 @@ static int streams_xattr_ftruncate(struc + NULL, + fsp->fsp_name->flags); + if (smb_fname_base == NULL) { ++ TALLOC_FREE(frame); + errno = ENOMEM; + return -1; + } + +- status = get_ea_value(talloc_tos(), handle->conn, NULL, +- smb_fname_base, sio->xattr_name, &ea); ++ status = get_xattr_value(talloc_tos(), handle->conn, ++ smb_fname_base, sio->xattr_name, &ea); + if (!NT_STATUS_IS_OK(status)) { ++ TALLOC_FREE(frame); + return -1; + } ++ orig_length = ea.value.length; + +- tmp = talloc_realloc(talloc_tos(), ea.value.data, uint8_t, +- offset + 1); ++ /* Requested size matches the original size */ ++ if(orig_length == offset) { ++ TALLOC_FREE(frame); ++ return 0; ++ } + +- if (tmp == NULL) { +- TALLOC_FREE(ea.value.data); ++ /* That can both shrink and expand */ ++ /* XXX: If offset == 0 the result of talloc_realloc is NULL, but still valid */ ++ if(offset && !data_blob_realloc(talloc_tos(), &ea.value, offset)) { ++ TALLOC_FREE(frame); + errno = ENOMEM; + return -1; + } + +- /* Did we expand ? */ +- if (ea.value.length < offset + 1) { +- memset(&tmp[ea.value.length], '\0', +- offset + 1 - ea.value.length); ++ /* If we expanded, fill up extra space with zeros */ ++ if (orig_length < offset) { ++ memset(ea.value.data + orig_length, 0, ++ offset - orig_length); + } + +- ea.value.data = tmp; +- ea.value.length = offset + 1; +- ea.value.data[offset] = 0; +- ++ /* XXX: We should use ea.value.length here, but when offset == 0 ++ it's not reset to 0 in data_blob_realloc() */ + ret = SMB_VFS_SETXATTR(fsp->conn, + fsp->fsp_name, + sio->xattr_name, +- ea.value.data, ea.value.length, 0); +- TALLOC_FREE(ea.value.data); ++ ea.value.data, offset, 0); ++ TALLOC_FREE(frame); + + if (ret == -1) { + return -1; +@@ -1326,9 +1414,9 @@ static int streams_xattr_fallocate(struc + struct stream_io *sio = + (struct stream_io *)VFS_FETCH_FSP_EXTENSION(handle, fsp); + +- DEBUG(10, ("streams_xattr_fallocate called for file %s offset %.0f" +- "len = %.0f\n", +- fsp_str_dbg(fsp), (double)offset, (double)len)); ++ DEBUG(10, ("streams_xattr_fallocate: called for file '%s' with offset %lu" ++ "len = %lu\n", ++ fsp_str_dbg(fsp), (unsigned long)offset, (unsigned long)len)); + + if (sio == NULL) { + return SMB_VFS_NEXT_FALLOCATE(handle, fsp, mode, offset, len); Index: files/patch-source3_modules_vfs__virusfilter__utils.c =================================================================== --- files/patch-source3_modules_vfs__virusfilter__utils.c +++ files/patch-source3_modules_vfs__virusfilter__utils.c @@ -0,0 +1,36 @@ +--- source3/modules/vfs_virusfilter_utils.c.orig 2019-01-15 10:07:00 UTC ++++ source3/modules/vfs_virusfilter_utils.c +@@ -392,6 +392,10 @@ bool virusfilter_io_writel( + + bool virusfilter_io_writefl( + struct virusfilter_io_handle *io_h, ++ const char *data_fmt, ...) PRINTF_ATTRIBUTE(2, 3); ++ ++bool virusfilter_io_writefl( ++ struct virusfilter_io_handle *io_h, + const char *data_fmt, ...) + { + va_list ap; +@@ -415,6 +419,10 @@ bool virusfilter_io_writefl( + + bool virusfilter_io_vwritefl( + struct virusfilter_io_handle *io_h, ++ const char *data_fmt, va_list ap) PRINTF_ATTRIBUTE(2, 0); ++ ++bool virusfilter_io_vwritefl( ++ struct virusfilter_io_handle *io_h, + const char *data_fmt, va_list ap) + { + char data[VIRUSFILTER_IO_BUFFER_SIZE + VIRUSFILTER_IO_EOL_SIZE]; +@@ -666,6 +674,11 @@ bool virusfilter_io_readl(TALLOC_CTX *ct + bool virusfilter_io_writefl_readl( + struct virusfilter_io_handle *io_h, + char **read_line, ++ const char *fmt, ...) PRINTF_ATTRIBUTE(3, 4); ++ ++bool virusfilter_io_writefl_readl( ++ struct virusfilter_io_handle *io_h, ++ char **read_line, + const char *fmt, ...) + { + bool ok; Index: files/patch-source3_registry_tests_test__regfio.c =================================================================== --- files/patch-source3_registry_tests_test__regfio.c +++ files/patch-source3_registry_tests_test__regfio.c @@ -0,0 +1,10 @@ +--- source3/registry/tests/test_regfio.c.orig 2019-05-07 08:38:21 UTC ++++ source3/registry/tests/test_regfio.c +@@ -24,6 +24,7 @@ + + #include + #include ++#include + #include + #include + #include Index: files/patch-source3_smbd_quotas.c =================================================================== --- files/patch-source3_smbd_quotas.c +++ files/patch-source3_smbd_quotas.c @@ -0,0 +1,19 @@ +--- source3/smbd/quotas.c.orig 2019-01-15 10:07:00 UTC ++++ source3/smbd/quotas.c +@@ -125,6 +125,7 @@ static bool nfs_quotas(char *nfspath, ui + if (!cutstr) + return False; + ++ memset(&D, '\0', sizeof(D)); + memset(cutstr, '\0', len+1); + host = strncat(cutstr,mnttype, sizeof(char) * len ); + DEBUG(5,("nfs_quotas: looking for mount on \"%s\"\n", cutstr)); +@@ -133,7 +134,7 @@ static bool nfs_quotas(char *nfspath, ui + args.gqa_pathp = testpath+1; + args.gqa_uid = uid; + +- DEBUG(5,("nfs_quotas: Asking for host \"%s\" rpcprog \"%i\" rpcvers \"%i\" network \"%s\"\n", host, RQUOTAPROG, RQUOTAVERS, "udp")); ++ DEBUG(5,("nfs_quotas: Asking for host \"%s\" rpcprog \"%lu\" rpcvers \"%lu\" network \"%s\"\n", host, RQUOTAPROG, RQUOTAVERS, "udp")); + + if ((clnt = clnt_create(host, RQUOTAPROG, RQUOTAVERS, "udp")) == NULL) { + ret = False; Index: files/patch-source3_smbd_utmp.c =================================================================== --- files/patch-source3_smbd_utmp.c +++ files/patch-source3_smbd_utmp.c @@ -0,0 +1,261 @@ +--- source3/smbd/utmp.c.orig 2019-01-15 10:07:00 UTC ++++ source3/smbd/utmp.c +@@ -257,7 +257,7 @@ static char *uw_pathname(TALLOC_CTX *ctx + Update utmp file directly. No subroutine interface: probably a BSD system. + ****************************************************************************/ + +-static void pututline_my(const char *uname, struct utmp *u, bool claim) ++static void pututline_my(const char *uname, STRUCT_UTMP *u, bool claim) + { + DEBUG(1,("pututline_my: not yet implemented\n")); + /* BSD implementor: may want to consider (or not) adjusting "lastlog" */ +@@ -271,7 +271,7 @@ static void pututline_my(const char *una + Credit: Michail Vidiassov + ****************************************************************************/ + +-static void updwtmp_my(const char *wname, struct utmp *u, bool claim) ++static void updwtmp_my(const char *wname, STRUCT_UTMP *u, bool claim) + { + int fd; + struct stat buf; +@@ -303,7 +303,7 @@ static void updwtmp_my(const char *wname + if ((fd = open(wname, O_WRONLY|O_APPEND, 0)) < 0) + return; + if (fstat(fd, &buf) == 0) { +- if (write(fd, (char *)u, sizeof(struct utmp)) != sizeof(struct utmp)) ++ if (write(fd, (char *)u, sizeof(STRUCT_UTMP)) != sizeof(STRUCT_UTMP)) + (void) ftruncate(fd, buf.st_size); + } + (void) close(fd); +@@ -314,12 +314,12 @@ static void updwtmp_my(const char *wname + Update via utmp/wtmp (not utmpx/wtmpx). + ****************************************************************************/ + +-static void utmp_nox_update(struct utmp *u, bool claim) ++static void utmp_nox_update(STRUCT_UTMP *u, bool claim) + { + char *uname = NULL; + char *wname = NULL; + #if defined(PUTUTLINE_RETURNS_UTMP) +- struct utmp *urc; ++ STRUCT_UTMP *urc; + #endif /* PUTUTLINE_RETURNS_UTMP */ + + uname = uw_pathname(talloc_tos(), "utmp", ut_pathname); +@@ -376,127 +376,52 @@ static void utmp_nox_update(struct utmp + } + } + +-/**************************************************************************** +- Copy a string in the utmp structure. +-****************************************************************************/ + +-static void utmp_strcpy(char *dest, const char *src, size_t n) +-{ +- size_t len = 0; + +- memset(dest, '\0', n); +- if (src) +- len = strlen(src); +- if (len >= n) { +- memcpy(dest, src, n); +- } else { +- if (len) +- memcpy(dest, src, len); +- } +-} ++ + + /**************************************************************************** + Update via utmpx/wtmpx (preferred) or via utmp/wtmp. + ****************************************************************************/ + +-static void sys_utmp_update(struct utmp *u, const char *hostname, bool claim) ++static void sys_utmp_update(STRUCT_UTMP *u, const char *hostname, bool claim) + { +-#if !defined(HAVE_UTMPX_H) +- /* No utmpx stuff. Drop to non-x stuff */ +- utmp_nox_update(u, claim); +-#elif !defined(HAVE_PUTUTXLINE) +- /* Odd. Have utmpx.h but no "pututxline()". Drop to non-x stuff */ +- DEBUG(1,("utmp_update: have utmpx.h but no pututxline() function\n")); +- utmp_nox_update(u, claim); +-#elif !defined(HAVE_GETUTMPX) +- /* Odd. Have utmpx.h but no "getutmpx()". Drop to non-x stuff */ +- DEBUG(1,("utmp_update: have utmpx.h but no getutmpx() function\n")); +- utmp_nox_update(u, claim); +-#elif !defined(HAVE_UPDWTMPX) +- /* Have utmpx.h but no "updwtmpx()". Drop to non-x stuff */ +- DEBUG(1,("utmp_update: have utmpx.h but no updwtmpx() function\n")); +- utmp_nox_update(u, claim); +-#else +- char *uname = NULL; +- char *wname = NULL; +- struct utmpx ux, *uxrc; +- +- getutmpx(u, &ux); +- +-#if defined(HAVE_UX_UT_SYSLEN) +- if (hostname) +- ux.ut_syslen = strlen(hostname) + 1; /* include end NULL */ +- else +- ux.ut_syslen = 0; +-#endif +-#if defined(HAVE_UX_UT_HOST) +- utmp_strcpy(ux.ut_host, hostname, sizeof(ux.ut_host)); +-#endif +- +- uname = uw_pathname(talloc_tos(), "utmpx", ux_pathname); +- wname = uw_pathname(talloc_tos(), "wtmpx", wx_pathname); +- if (uname && wname) { +- DEBUG(2,("utmp_update: uname:%s wname:%s\n", uname, wname)); +- } ++ STRUCT_UTMP *urc; + +- /* +- * Check for either uname or wname being empty. +- * Some systems, such as Redhat 6, have a "utmpx.h" which doesn't +- * define default filenames. +- * Also, our local installation has not provided an override. +- * Drop to non-x method. (E.g. RH6 has good defaults in "utmp.h".) +- */ +- if (!uname || !wname || (strlen(uname) == 0) || (strlen(wname) == 0)) { +- utmp_nox_update(u, claim); +- } else { +- utmpxname(uname); +- setutxent(); +- uxrc = pututxline(&ux); +- endutxent(); +- if (uxrc == NULL) { +- DEBUG(2,("utmp_update: pututxline() failed\n")); +- return; +- } +- updwtmpx(wname, &ux); ++ setutxent(); ++ urc = pututxline(u); ++ endutxent(); ++ if (urc == NULL) { ++ DEBUG(2,("utmp_update: pututxline() failed\n")); ++ return; + } +-#endif /* HAVE_UTMPX_H */ + } + + #if defined(HAVE_UT_UT_ID) + /**************************************************************************** + Encode the unique connection number into "ut_id". + ****************************************************************************/ +- +-static int ut_id_encode(int i, char *fourbyte) ++static void ut_id_encode(char *buf, int id, size_t buf_size) + { +- int nbase; +- const char *ut_id_encstr = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; +- +-/* +- * 'ut_id_encstr' is the character set on which modulo arithmetic is done. +- * Example: digits would produce the base-10 numbers from '001'. +- */ +- nbase = strlen(ut_id_encstr); ++ const char ut_id_encstr[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; + +- fourbyte[0] = ut_id_encstr[i % nbase]; +- i /= nbase; +- fourbyte[1] = ut_id_encstr[i % nbase]; +- i /= nbase; +- fourbyte[3] = ut_id_encstr[i % nbase]; +- i /= nbase; +- fourbyte[2] = ut_id_encstr[i % nbase]; +- i /= nbase; ++ int nbase = sizeof(ut_id_encstr) - 1; ++ /* ++ * 'ut_id_encstr' is the character set on which modulo arithmetic is done. ++ * Example: digits would produce the base-10 numbers from '001'. ++ */ + +- /* we do not care about overflows as i is a random number */ +- return 0; ++ for(int i = 0; i < buf_size; i++) { ++ buf[i] = ut_id_encstr[id % nbase]; ++ id /= nbase; ++ } + } + #endif /* defined(HAVE_UT_UT_ID) */ + +- + /* + fill a system utmp structure given all the info we can gather + */ +-static bool sys_utmp_fill(struct utmp *u, ++static bool sys_utmp_fill(STRUCT_UTMP *u, + const char *username, const char *hostname, + const char *id_str, int id_num) + { +@@ -509,16 +434,16 @@ static bool sys_utmp_fill(struct utmp *u + * rather than to try to detect and optimise. + */ + #if defined(HAVE_UT_UT_USER) +- utmp_strcpy(u->ut_user, username, sizeof(u->ut_user)); ++ strncpy(u->ut_user, username, sizeof(u->ut_user)); + #elif defined(HAVE_UT_UT_NAME) +- utmp_strcpy(u->ut_name, username, sizeof(u->ut_name)); ++ strncpy(u->ut_name, username, sizeof(u->ut_name)); + #endif + + /* + * ut_line: + * If size limit proves troublesome, then perhaps use "ut_id_encode()". + */ +- utmp_strcpy(u->ut_line, id_str, sizeof(u->ut_line)); ++ strncpy(u->ut_line, id_str, sizeof(u->ut_line)); + + #if defined(HAVE_UT_UT_PID) + u->ut_pid = getpid(); +@@ -535,20 +460,23 @@ static bool sys_utmp_fill(struct utmp *u + u->ut_time = timeval.tv_sec; + #elif defined(HAVE_UT_UT_TV) + GetTimeOfDay(&timeval); +- u->ut_tv = timeval; ++ u->ut_tv.tv_sec = timeval.tv_sec; ++ u->ut_tv.tv_usec = timeval.tv_usec; + #else + #error "with-utmp must have UT_TIME or UT_TV" + #endif + + #if defined(HAVE_UT_UT_HOST) +- utmp_strcpy(u->ut_host, hostname, sizeof(u->ut_host)); ++ if(hostname != NULL) { ++ strncpy(u->ut_host, hostname, sizeof(u->ut_host)); ++#if defined(HAVE_UT_UT_SYSLEN) ++ u->ut_syslen = strlen(hostname) + 1; /* include trailing NULL */ ++#endif ++ } + #endif + + #if defined(HAVE_UT_UT_ID) +- if (ut_id_encode(id_num, u->ut_id) != 0) { +- DEBUG(1,("utmp_fill: cannot encode id %d\n", id_num)); +- return False; +- } ++ ut_id_encode(u->ut_id, id_num, sizeof(u->ut_id)); + #endif + + return True; +@@ -561,7 +489,7 @@ static bool sys_utmp_fill(struct utmp *u + void sys_utmp_yield(const char *username, const char *hostname, + const char *id_str, int id_num) + { +- struct utmp u; ++ STRUCT_UTMP u; + + ZERO_STRUCT(u); + +@@ -587,7 +515,7 @@ void sys_utmp_yield(const char *username + void sys_utmp_claim(const char *username, const char *hostname, + const char *id_str, int id_num) + { +- struct utmp u; ++ STRUCT_UTMP u; + + ZERO_STRUCT(u); + Index: files/patch-source3_torture_cmd__vfs.c =================================================================== --- files/patch-source3_torture_cmd__vfs.c +++ files/patch-source3_torture_cmd__vfs.c @@ -0,0 +1,138 @@ +--- source3/torture/cmd_vfs.c.orig 2019-01-15 10:07:00 UTC ++++ source3/torture/cmd_vfs.c +@@ -141,6 +141,82 @@ static NTSTATUS cmd_disk_free(struct vfs + return NT_STATUS_OK; + } + ++static NTSTATUS cmd_get_quota(struct vfs_state *vfs, TALLOC_CTX *mem_ctx, int argc, const char **argv) ++{ ++ struct smb_filename *smb_fname = NULL; ++ uint64_t quota, bsize, dfree, dsize; ++ enum SMB_QUOTA_TYPE qtype; ++ SMB_DISK_QUOTA D; ++ unid_t id; ++ int r; ++ ++ if (argc != 4) { ++ printf("Usage: get_quota [user|group] id\n"); ++ return NT_STATUS_OK; ++ } ++ ++ smb_fname = synthetic_smb_fname(talloc_tos(), ++ argv[1], ++ NULL, ++ NULL, ++ ssf_flags()); ++ if (smb_fname == NULL) { ++ return NT_STATUS_NO_MEMORY; ++ } ++ ++ if(strcmp(argv[2], "user") == 0) { ++ qtype = SMB_USER_FS_QUOTA_TYPE; ++ } ++ else if(strcmp(argv[2], "group") == 0) { ++ qtype = SMB_GROUP_FS_QUOTA_TYPE; ++ } ++ else { ++ printf("Usage: get_quota [user|group] id\n"); ++ return NT_STATUS_OK; ++ } ++ ++ id.uid = atoi(argv[3]); ++ ++ ZERO_STRUCT(D); ++ ++ r = SMB_VFS_GET_QUOTA(vfs->conn, smb_fname, qtype, id, &D); ++ ++ if (r == -1 && errno != ENOSYS) { ++ return NT_STATUS_UNSUCCESSFUL; ++ } ++ ++ if (r == 0 && (D.qflags & QUOTAS_DENY_DISK) == 0) { ++ return NT_STATUS_UNSUCCESSFUL; ++ } ++ ++ bsize = D.bsize; ++ /* Use softlimit to determine disk space, except when it has been exceeded */ ++ if ( ++ (D.softlimit && D.curblocks >= D.softlimit) || ++ (D.hardlimit && D.curblocks >= D.hardlimit) || ++ (D.isoftlimit && D.curinodes >= D.isoftlimit) || ++ (D.ihardlimit && D.curinodes>=D.ihardlimit) ++ ) { ++ dfree = 0; ++ dsize = D.curblocks; ++ } else if (D.softlimit==0 && D.hardlimit==0) { ++ return NT_STATUS_UNSUCCESSFUL; ++ } else { ++ if (D.softlimit == 0) { ++ D.softlimit = D.hardlimit; ++ } ++ dfree = D.softlimit - D.curblocks; ++ dsize = D.softlimit; ++ } ++ ++ printf("get_quota: bsize = %lu, dfree = %lu, dsize = %lu\n", ++ (unsigned long)bsize, ++ (unsigned long)dfree, ++ (unsigned long)dsize); ++ ++ return NT_STATUS_OK; ++} ++ + + static NTSTATUS cmd_opendir(struct vfs_state *vfs, TALLOC_CTX *mem_ctx, int argc, const char **argv) + { +@@ -1947,6 +2023,7 @@ struct cmd_set vfs_commands[] = { + { "connect", cmd_connect, "VFS connect()", "connect" }, + { "disconnect", cmd_disconnect, "VFS disconnect()", "disconnect" }, + { "disk_free", cmd_disk_free, "VFS disk_free()", "disk_free " }, ++ { "get_quota", cmd_get_quota, "VFS get_quota()", "get_quota [user|group] id" }, + { "opendir", cmd_opendir, "VFS opendir()", "opendir " }, + { "readdir", cmd_readdir, "VFS readdir()", "readdir" }, + { "mkdir", cmd_mkdir, "VFS mkdir()", "mkdir " }, +@@ -1977,33 +2054,22 @@ struct cmd_set vfs_commands[] = { + { "link", cmd_link, "VFS link()", "link " }, + { "mknod", cmd_mknod, "VFS mknod()", "mknod " }, + { "realpath", cmd_realpath, "VFS realpath()", "realpath " }, +- { "getxattr", cmd_getxattr, "VFS getxattr()", +- "getxattr " }, +- { "listxattr", cmd_listxattr, "VFS listxattr()", +- "listxattr " }, +- { "setxattr", cmd_setxattr, "VFS setxattr()", +- "setxattr []" }, +- { "removexattr", cmd_removexattr, "VFS removexattr()", +- "removexattr \n" }, +- { "fget_nt_acl", cmd_fget_nt_acl, "VFS fget_nt_acl()", +- "fget_nt_acl \n" }, +- { "get_nt_acl", cmd_get_nt_acl, "VFS get_nt_acl()", +- "get_nt_acl \n" }, +- { "fset_nt_acl", cmd_fset_nt_acl, "VFS fset_nt_acl()", +- "fset_nt_acl \n" }, +- { "set_nt_acl", cmd_set_nt_acl, "VFS open() and fset_nt_acl()", +- "set_nt_acl \n" }, ++ { "getxattr", cmd_getxattr, "VFS getxattr()", "getxattr " }, ++ { "listxattr", cmd_listxattr, "VFS listxattr()", "listxattr " }, ++ { "setxattr", cmd_setxattr, "VFS setxattr()", "setxattr []" }, ++ { "removexattr", cmd_removexattr, "VFS removexattr()", "removexattr \n" }, ++ { "fget_nt_acl", cmd_fget_nt_acl, "VFS fget_nt_acl()", "fget_nt_acl \n" }, ++ { "get_nt_acl", cmd_get_nt_acl, "VFS get_nt_acl()", "get_nt_acl \n" }, ++ { "fset_nt_acl", cmd_fset_nt_acl, "VFS fset_nt_acl()", "fset_nt_acl \n" }, ++ { "set_nt_acl", cmd_set_nt_acl, "VFS open() and fset_nt_acl()", "set_nt_acl \n" }, + { "sys_acl_get_file", cmd_sys_acl_get_file, "VFS sys_acl_get_file()", "sys_acl_get_file " }, + { "sys_acl_get_fd", cmd_sys_acl_get_fd, "VFS sys_acl_get_fd()", "sys_acl_get_fd " }, +- { "sys_acl_blob_get_file", cmd_sys_acl_blob_get_file, +- "VFS sys_acl_blob_get_file()", "sys_acl_blob_get_file " }, +- { "sys_acl_blob_get_fd", cmd_sys_acl_blob_get_fd, +- "VFS sys_acl_blob_get_fd()", "sys_acl_blob_get_fd " }, ++ { "sys_acl_blob_get_file", cmd_sys_acl_blob_get_file, "VFS sys_acl_blob_get_file()", "sys_acl_blob_get_file " }, ++ { "sys_acl_blob_get_fd", cmd_sys_acl_blob_get_fd, "VFS sys_acl_blob_get_fd()", "sys_acl_blob_get_fd " }, + { "sys_acl_delete_def_file", cmd_sys_acl_delete_def_file, "VFS sys_acl_delete_def_file()", "sys_acl_delete_def_file " }, + + +- { "test_chain", cmd_test_chain, "test chain code", +- "test_chain" }, ++ { "test_chain", cmd_test_chain, "test chain code", "test_chain" }, + { "translate_name", cmd_translate_name, "VFS translate_name()", "translate_name unix_filename" }, + { NULL } + }; Index: files/patch-source3_utils_net.c =================================================================== --- files/patch-source3_utils_net.c +++ files/patch-source3_utils_net.c @@ -0,0 +1,18 @@ +--- source3/utils/net.c.orig 2019-01-15 10:07:00 UTC ++++ source3/utils/net.c +@@ -1096,8 +1096,13 @@ static void get_credentials_file(struct + lp_set_cmdline("netbios name", c->opt_requester_name); + } + +- if (!c->opt_user_name && getenv("LOGNAME")) { +- c->opt_user_name = getenv("LOGNAME"); ++ if (!c->opt_user_name) { ++ if(getenv("LOGNAME")) ++ c->opt_user_name = getenv("LOGNAME"); ++ else ++ d_fprintf(stderr, ++ _("Environment LOGNAME is not defined." ++ " Trying anonymous access.\n")); + } + + if (!c->opt_workgroup) { Index: files/patch-source3_utils_net__time.c =================================================================== --- files/patch-source3_utils_net__time.c +++ files/patch-source3_utils_net__time.c @@ -0,0 +1,19 @@ +--- source3/utils/net_time.c.orig 2019-01-15 10:07:00 UTC ++++ source3/utils/net_time.c +@@ -81,10 +81,15 @@ static const char *systime(time_t t) + if (!tm) { + return "unknown"; + } +- ++#if defined(FREEBSD) ++ return talloc_asprintf(talloc_tos(), "%02d%02d%02d%02d%02d.%02d", ++ tm->tm_year + 1900, tm->tm_mon+1, tm->tm_mday, ++ tm->tm_hour, tm->tm_min, tm->tm_sec); ++#else + return talloc_asprintf(talloc_tos(), "%02d%02d%02d%02d%04d.%02d", + tm->tm_mon+1, tm->tm_mday, tm->tm_hour, + tm->tm_min, tm->tm_year + 1900, tm->tm_sec); ++#endif + } + + int net_time_usage(struct net_context *c, int argc, const char **argv) Index: files/patch-source3_wscript =================================================================== --- files/patch-source3_wscript +++ files/patch-source3_wscript @@ -0,0 +1,94 @@ +--- source3/wscript.orig 2019-07-09 10:08:41 UTC ++++ source3/wscript +@@ -50,6 +50,7 @@ def options(opt): + opt.samba_add_onoff_option('sendfile-support', default=None) + opt.samba_add_onoff_option('utmp') + opt.samba_add_onoff_option('avahi', with_name="enable", without_name="disable") ++ opt.samba_add_onoff_option('dnssd', with_name="enable", without_name="disable") + opt.samba_add_onoff_option('iconv') + opt.samba_add_onoff_option('acl-support') + opt.samba_add_onoff_option('dnsupdate') +@@ -784,34 +785,39 @@ msg.msg_accrightslen = sizeof(fd); + + if Options.options.with_utmp: + conf.env.with_utmp = True +- if not conf.CHECK_HEADERS('utmp.h'): conf.env.with_utmp = False +- conf.CHECK_FUNCS('pututline pututxline updwtmp updwtmpx getutmpx getutxent') +- conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_name', headers='utmp.h', ++ if not conf.CHECK_HEADERS('utmpx.h') and not conf.CHECK_HEADERS('utmp.h'): ++ conf.env.with_utmp = False ++ if conf.CONFIG_SET('HAVE_UTMPX_H'): ++ conf.DEFINE('STRUCT_UTMP', 'struct utmpx') ++ elif conf.CONFIG_SET('HAVE_UTMP_H'): ++ conf.DEFINE('STRUCT_UTMP', 'struct utmp') ++ conf.CHECK_FUNCS('pututxline getutxid getutxline updwtmpx getutmpx setutxent endutxent') ++ conf.CHECK_FUNCS('pututline getutid getutline updwtmp getutmp setutent endutent') ++ conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_name', headers='utmpx.h utmp.h', + define='HAVE_UT_UT_NAME') +- conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_user', headers='utmp.h', ++ ++ conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_user', headers='utmpx.h utmp.h', + define='HAVE_UT_UT_USER') +- conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_id', headers='utmp.h', ++ conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_id', headers='utmpx.h utmp.h', + define='HAVE_UT_UT_ID') +- conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_host', headers='utmp.h', ++ conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_host', headers='utmpx.h utmp.h', + define='HAVE_UT_UT_HOST') +- conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_time', headers='utmp.h', ++ conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_time', headers='utmpx.h utmp.h', + define='HAVE_UT_UT_TIME') +- conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_tv', headers='utmp.h', ++ conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_tv', headers='utmpx.h utmp.h', + define='HAVE_UT_UT_TV') +- conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_type', headers='utmp.h', ++ conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_type', headers='utmpx.h utmp.h', + define='HAVE_UT_UT_TYPE') +- conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_pid', headers='utmp.h', ++ conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_pid', headers='utmpx.h utmp.h', + define='HAVE_UT_UT_PID') +- conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_exit.e_exit', headers='utmp.h', ++ conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_exit.e_exit', headers='utmpx.h utmp.h', + define='HAVE_UT_UT_EXIT') +- conf.CHECK_STRUCTURE_MEMBER('struct utmpx', 'ut_syslen', headers='utmpx.h', +- define='HAVE_UX_UT_SYSLEN') +- conf.CHECK_STRUCTURE_MEMBER('struct utmpx', 'ut_host', headers='utmpx.h', +- define='HAVE_UX_UT_HOST') ++ conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_syslen', headers='utmpx.h utmp.h', ++ define='HAVE_UT_UT_SYSLEN') + conf.CHECK_CODE('struct utmp utarg; struct utmp *utreturn; utreturn = pututline(&utarg);', + 'PUTUTLINE_RETURNS_UTMP', headers='utmp.h', + msg="Checking whether pututline returns pointer") +- conf.CHECK_SIZEOF(['((struct utmp *)NULL)->ut_line'], headers='utmp.h', ++ conf.CHECK_SIZEOF(['((STRUCT_UTMP *)NULL)->ut_line'], headers='utmpx.h utmp.h', + define='SIZEOF_UTMP_UT_LINE', critical=False) + if not conf.CONFIG_SET('SIZEOF_UTMP_UT_LINE'): + conf.env.with_utmp = False +@@ -833,6 +839,17 @@ msg.msg_accrightslen = sizeof(fd); + conf.SET_TARGET_TYPE('avahi-common', 'EMPTY') + conf.SET_TARGET_TYPE('avahi-client', 'EMPTY') + ++ if Options.options.with_dnssd: ++ conf.env.with_dnssd = True ++ if not conf.CHECK_HEADERS('dns_sd.h'): ++ conf.env.with_dnssd = False ++ if not conf.CHECK_FUNCS_IN('DNSServiceRegister', 'dns_sd'): ++ conf.env.with_dnssd = False ++ if conf.env.with_dnssd: ++ conf.DEFINE('WITH_DNSSD_SUPPORT', 1) ++ else: ++ conf.SET_TARGET_TYPE('dns_sd', 'EMPTY') ++ + if Options.options.with_iconv: + conf.env.with_iconv = True + if not conf.CHECK_FUNCS_IN('iconv_open', 'iconv', headers='iconv.h'): +@@ -1778,9 +1795,6 @@ main() { + if conf.CONFIG_SET('HAVE_VXFS'): + default_shared_modules.extend(TO_LIST('vfs_vxfs')) + +- if conf.CONFIG_SET('HAVE_DBUS'): +- default_shared_modules.extend(TO_LIST('vfs_snapper')) +- + explicit_shared_modules = TO_LIST(Options.options.shared_modules, delimiter=',') + explicit_static_modules = TO_LIST(Options.options.static_modules, delimiter=',') + Index: files/patch-source3_wscript__build =================================================================== --- files/patch-source3_wscript__build +++ files/patch-source3_wscript__build @@ -0,0 +1,40 @@ +--- source3/wscript_build.orig 2019-05-07 08:38:21 UTC ++++ source3/wscript_build +@@ -236,11 +236,9 @@ bld.SAMBA3_SUBSYSTEM('SMBREGISTRY', + talloc + replace + util_reg +- samba-util +- samba-security + errors3 + dbwrap +- samba3-util ++ samba3util + ''') + + # Do not link against this use 'smbconf' +@@ -514,7 +512,7 @@ bld.SAMBA3_LIBRARY('secrets3', + + bld.SAMBA3_LIBRARY('smbldap', + source='lib/smbldap.c', +- deps='ldap lber samba-util smbconf', ++ deps='ldap lber samba3util smbd_shim samba-debug smbconf', + enabled=bld.CONFIG_SET("HAVE_LDAP"), + private_library=False, + abi_directory='lib/ABI', +@@ -739,6 +737,7 @@ bld.SAMBA3_LIBRARY('smbd_base', + smbd_conn + param_service + AVAHI ++ dns_sd + PRINTBASE + PROFILE + LOCKING +@@ -1116,6 +1115,7 @@ bld.SAMBA3_BINARY('client/smbclient', + msrpc3 + RPC_NDR_SRVSVC + cli_smb_common ++ dns_sd + archive + ''') + Index: files/patch-source4_heimdal_lib_roken_rand.c =================================================================== --- files/patch-source4_heimdal_lib_roken_rand.c +++ files/patch-source4_heimdal_lib_roken_rand.c @@ -0,0 +1,10 @@ +--- source4/heimdal/lib/roken/rand.c.orig 2019-01-15 10:07:00 UTC ++++ source4/heimdal/lib/roken/rand.c +@@ -37,7 +37,6 @@ void ROKEN_LIB_FUNCTION + rk_random_init(void) + { + #if defined(HAVE_ARC4RANDOM) +- arc4random_stir(); + #elif defined(HAVE_SRANDOMDEV) + srandomdev(); + #elif defined(HAVE_RANDOM) Index: files/patch-source4_kdc_kdc-service-mit.c =================================================================== --- files/patch-source4_kdc_kdc-service-mit.c +++ files/patch-source4_kdc_kdc-service-mit.c @@ -0,0 +1,17 @@ +--- source4/kdc/kdc-service-mit.c.orig 2019-01-15 10:07:00 UTC ++++ source4/kdc/kdc-service-mit.c +@@ -36,9 +36,13 @@ + #include "kdc/samba_kdc.h" + #include "kdc/kdc-server.h" + #include "kdc/kpasswd-service.h" +-#include + #include + ++#pragma clang diagnostic push ++#pragma clang diagnostic ignored "-Wstrict-prototypes" ++#include ++#pragma clang diagnostic pop ++ + #include "source4/kdc/mit_kdc_irpc.h" + + /* PROTOTYPES */ Index: files/patch-source4_lib_http_http.c =================================================================== --- files/patch-source4_lib_http_http.c +++ files/patch-source4_lib_http_http.c @@ -0,0 +1,69 @@ +--- libcli/http/http.c.orig 2019-01-15 10:07:00 UTC ++++ libcli/http/http.c +@@ -134,7 +134,19 @@ static enum http_read_status http_parse_ + return HTTP_ALL_DATA_READ; + } + ++#ifdef FREEBSD ++ int s0, s1, s2, s3; s0 = s1 = s2 = s3 = 0; ++ n = sscanf(line, "%n%*[^:]%n: %n%*[^\r\n]%n\r\n", &s0, &s1, &s2, &s3); ++ ++ if(n >= 0) { ++ key = calloc(sizeof(char), s1-s0+1); ++ value = calloc(sizeof(char), s3-s2+1); ++ ++ n = sscanf(line, "%[^:]: %[^\r\n]\r\n", key, value); ++ } ++#else + n = sscanf(line, "%m[^:]: %m[^\r\n]\r\n", &key, &value); ++#endif + if (n != 2) { + DEBUG(0, ("%s: Error parsing header '%s'\n", __func__, line)); + status = HTTP_DATA_CORRUPTED; +@@ -160,7 +172,7 @@ error: + static bool http_parse_response_line(struct http_read_response_state *state) + { + bool status = true; +- char *protocol; ++ char *protocol = NULL; + char *msg = NULL; + char major; + char minor; +@@ -180,12 +192,22 @@ static bool http_parse_response_line(str + return false; + } + ++#ifdef FREEBSD ++ int s0, s1, s2, s3; s0 = s1 = s2 = s3 = 0; ++ n = sscanf(line, "%n%*[^/]%n/%c.%c %d %n%*[^\r\n]%n\r\n", ++ &s0, &s1, &major, &minor, &code, &s2, &s3); ++ ++ if(n == 3) { ++ protocol = calloc(sizeof(char), s1-s0+1); ++ msg = calloc(sizeof(char), s3-s2+1); ++ ++ n = sscanf(line, "%[^/]/%c.%c %d %[^\r\n]\r\n", ++ protocol, &major, &minor, &code, msg); ++ } ++#else + n = sscanf(line, "%m[^/]/%c.%c %d %m[^\r\n]\r\n", + &protocol, &major, &minor, &code, &msg); +- +- DEBUG(11, ("%s: Header parsed(%i): protocol->%s, major->%c, minor->%c, " +- "code->%d, message->%s\n", __func__, n, protocol, major, minor, +- code, msg)); ++#endif + + if (n != 5) { + DEBUG(0, ("%s: Error parsing header\n", __func__)); +@@ -193,6 +215,10 @@ static bool http_parse_response_line(str + goto error; + } + ++ DEBUG(11, ("%s: Header parsed(%i): protocol->%s, major->%c, minor->%c, " ++ "code->%d, message->%s\n", __func__, n, protocol, major, minor, ++ code, msg)); ++ + if (major != '1') { + DEBUG(0, ("%s: Bad HTTP major number '%c'\n", __func__, major)); + status = false; Index: files/patch-vfs_freebsd =================================================================== --- files/patch-vfs_freebsd +++ files/patch-vfs_freebsd @@ -0,0 +1,1000 @@ +--- docs-xml/wscript_build.orig 2019-06-25 00:52:38 UTC ++++ docs-xml/wscript_build +@@ -79,6 +79,7 @@ vfs_module_manpages = ['vfs_acl_tdb', + 'vfs_extd_audit', + 'vfs_fake_perms', + 'vfs_fileid', ++ 'vfs_freebsd', + 'vfs_fruit', + 'vfs_full_audit', + 'vfs_glusterfs', +--- source3/modules/wscript_build.orig 2019-05-07 08:38:21 UTC ++++ source3/modules/wscript_build +@@ -613,3 +613,11 @@ bld.SAMBA3_MODULE('vfs_delay_inject', + init_function='', + internal_module=bld.SAMBA3_IS_STATIC_MODULE('vfs_delay_inject'), + enabled=bld.SAMBA3_IS_ENABLED_MODULE('vfs_delay_inject')) ++ ++bld.SAMBA3_MODULE('vfs_freebsd', ++ subsystem='vfs', ++ source='vfs_freebsd.c', ++ deps='samba-util', ++ init_function='', ++ internal_module=bld.SAMBA3_IS_STATIC_MODULE('vfs_freebsd'), ++ enabled=bld.SAMBA3_IS_ENABLED_MODULE('vfs_freebsd')) + bld.SAMBA_GENERATOR('nfs41acl-xdr-c', +--- source3/modules/vfs_freebsd.c.orig 2019-06-22 11:56:57 UTC ++++ source3/modules/vfs_freebsd.c +@@ -0,0 +1,800 @@ ++/* ++ * This module implements VFS calls specific to FreeBSD ++ * ++ * Copyright (C) Timur I. Bakeyev, 2018 ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, see . ++ */ ++ ++#include "includes.h" ++ ++#include "lib/util/tevent_unix.h" ++#include "lib/util/tevent_ntstatus.h" ++#include "system/filesys.h" ++ ++#include ++ ++static int vfs_freebsd_debug_level = DBGC_VFS; ++ ++#undef DBGC_CLASS ++#define DBGC_CLASS vfs_freebsd_debug_level ++ ++#ifndef EXTATTR_MAXNAMELEN ++#define EXTATTR_MAXNAMELEN UINT8_MAX ++#endif ++ ++#define EXTATTR_NAMESPACE(NS) EXTATTR_NAMESPACE_ ## NS, \ ++ EXTATTR_NAMESPACE_ ## NS ## _STRING ".", \ ++ .data.len = (sizeof(EXTATTR_NAMESPACE_ ## NS ## _STRING ".") - 1) ++ ++#define EXTATTR_EMPTY 0x00 ++#define EXTATTR_USER 0x01 ++#define EXTATTR_SYSTEM 0x02 ++#define EXTATTR_SECURITY 0x03 ++#define EXTATTR_TRUSTED 0x04 ++ ++enum extattr_mode { ++ FREEBSD_EXTATTR_SECURE, ++ FREEBSD_EXTATTR_COMPAT, ++ FREEBSD_EXTATTR_LEGACY ++}; ++ ++typedef struct { ++ int namespace; ++ char name[EXTATTR_MAXNAMELEN+1]; ++ union { ++ uint16_t len; ++ uint16_t flags; ++ } data; ++} extattr_attr; ++ ++typedef struct { ++ enum { ++ EXTATTR_FILE, EXTATTR_LINK, EXTATTR_FDES ++ } method; ++ union { ++ const char *path; ++ int filedes; ++ } param; ++} extattr_arg; ++ ++static const struct enum_list extattr_mode_param[] = { ++ { FREEBSD_EXTATTR_SECURE, "secure" }, /* */ ++ { FREEBSD_EXTATTR_COMPAT, "compat" }, /* */ ++ { FREEBSD_EXTATTR_LEGACY, "legacy" }, /* */ ++ { -1, NULL } ++}; ++ ++ ++/* */ ++struct freebsd_handle_data { ++ enum extattr_mode extattr_mode; ++}; ++ ++ ++/* XXX: This order doesn't match namespace ids order! */ ++static extattr_attr extattr[] = { ++ { EXTATTR_NAMESPACE(EMPTY) }, ++ { EXTATTR_NAMESPACE(SYSTEM) }, ++ { EXTATTR_NAMESPACE(USER) }, ++}; ++ ++ ++static bool freebsd_in_jail(void) { ++ int val = 0; ++ size_t val_len = sizeof(val); ++ ++ if((sysctlbyname("security.jail.jailed", &val, &val_len, NULL, 0) != -1) && val == 1) { ++ return true; ++ } ++ return false; ++} ++ ++static uint16_t freebsd_map_attrname(const char *name) ++{ ++ if(name == NULL || name[0] == '\0') { ++ return EXTATTR_EMPTY; ++ } ++ ++ switch(name[0]) { ++ case 'u': ++ if(strncmp(name, "user.", 5) == 0) ++ return EXTATTR_USER; ++ break; ++ case 't': ++ if(strncmp(name, "trusted.", 8) == 0) ++ return EXTATTR_TRUSTED; ++ break; ++ case 's': ++ /* name[1] could be any character, including '\0' */ ++ switch(name[1]) { ++ case 'e': ++ if(strncmp(name, "security.", 9) == 0) ++ return EXTATTR_SECURITY; ++ break; ++ case 'y': ++ if(strncmp(name, "system.", 7) == 0) ++ return EXTATTR_SYSTEM; ++ break; ++ } ++ break; ++ } ++ return EXTATTR_USER; ++} ++ ++/* security, system, trusted or user */ ++static extattr_attr* freebsd_map_xattr(enum extattr_mode extattr_mode, const char *name, extattr_attr *attr) ++{ ++ int attrnamespace = EXTATTR_NAMESPACE_EMPTY; ++ const char *p, *attrname = name; ++ ++ if(name == NULL || name[0] == '\0') { ++ return NULL; ++ } ++ ++ if(attr == NULL) { ++ return NULL; ++ } ++ ++ uint16_t flags = freebsd_map_attrname(name); ++ ++ switch(flags) { ++ case EXTATTR_SECURITY: ++ case EXTATTR_TRUSTED: ++ case EXTATTR_SYSTEM: ++ attrnamespace = (extattr_mode == FREEBSD_EXTATTR_SECURE) ? ++ EXTATTR_NAMESPACE_SYSTEM : ++ EXTATTR_NAMESPACE_USER; ++ break; ++ case EXTATTR_USER: ++ attrnamespace = EXTATTR_NAMESPACE_USER; ++ break; ++ default: ++ /* Default to "user" namespace if nothing else was specified */ ++ attrnamespace = EXTATTR_NAMESPACE_USER; ++ flags = EXTATTR_USER; ++ break; ++ } ++ ++ if (extattr_mode == FREEBSD_EXTATTR_LEGACY) { ++ switch(flags) { ++ case EXTATTR_SECURITY: ++ attrname = name + 9; ++ break; ++ case EXTATTR_TRUSTED: ++ attrname = name + 8; ++ break; ++ case EXTATTR_SYSTEM: ++ attrname = name + 7; ++ break; ++ case EXTATTR_USER: ++ attrname = name + 5; ++ break; ++ default: ++ attrname = ((p=strchr(name, '.')) != NULL) ? p + 1 : name; ++ break; ++ } ++ } ++ ++ attr->namespace = attrnamespace; ++ attr->data.flags = flags; ++ strlcpy(attr->name, attrname, EXTATTR_MAXNAMELEN + 1); ++ ++ return attr; ++} ++ ++static ssize_t extattr_size(extattr_arg arg, extattr_attr *attr) ++{ ++ ssize_t result; ++ ++ switch(arg.method) { ++#if defined(HAVE_XATTR_EXTATTR) ++ case EXTATTR_FILE: ++ result = extattr_get_file(arg.param.path, attr->namespace, attr->name, NULL, 0); ++ break; ++ case EXTATTR_LINK: ++ result = extattr_get_link(arg.param.path, attr->namespace, attr->name, NULL, 0); ++ break; ++ case EXTATTR_FDES: ++ result = extattr_get_fd(arg.param.filedes, attr->namespace, attr->name, NULL, 0); ++ break; ++#endif ++ default: ++ errno = ENOSYS; ++ return -1; ++ } ++ ++ if(result < 0) { ++ errno = EINVAL; ++ return -1; ++ } ++ ++ return result; ++} ++ ++ ++/* ++ * The list of names is returned as an unordered array of NULL-terminated ++ * character strings (attribute names are separated by NULL characters), ++ * like this: ++ * user.name1\0system.name1\0user.name2\0 ++ * ++ * Filesystems like ext2, ext3 and XFS which implement POSIX ACLs using ++ * extended attributes, might return a list like this: ++ * system.posix_acl_access\0system.posix_acl_default\0 ++ */ ++/* ++ * The extattr_list_file() returns a list of attributes present in the ++ * requested namespace. Each list entry consists of a single byte containing ++ * the length of the attribute name, followed by the attribute name. The ++ * attribute name is not terminated by ASCII 0 (nul). ++*/ ++ ++static ssize_t freebsd_extattr_list(extattr_arg arg, enum extattr_mode extattr_mode, char *list, size_t size) ++{ ++ ssize_t list_size, total_size = 0; ++ char *p, *q, *list_end; ++ int len; ++ /* ++ Ignore all but user namespace when we are not root or in jail ++ See: https://bugzilla.samba.org/show_bug.cgi?id=10247 ++ */ ++ bool as_root = (geteuid() == 0); ++ ++ int ns = (extattr_mode == FREEBSD_EXTATTR_SECURE && as_root) ? 1 : 2; ++ ++ /* Iterate through extattr(2) namespaces */ ++ for(; ns < ARRAY_SIZE(extattr); ns++) { ++ switch(arg.method) { ++#if defined(HAVE_XATTR_EXTATTR) ++ case EXTATTR_FILE: ++ list_size = extattr_list_file(arg.param.path, extattr[ns].namespace, list, size); ++ break; ++ case EXTATTR_LINK: ++ list_size = extattr_list_link(arg.param.path, extattr[ns].namespace, list, size); ++ break; ++ case EXTATTR_FDES: ++ list_size = extattr_list_fd(arg.param.filedes, extattr[ns].namespace, list, size); ++ break; ++#endif ++ default: ++ errno = ENOSYS; ++ return -1; ++ } ++ /* Some error happend. Errno should be set by the previous call */ ++ if(list_size < 0) ++ return -1; ++ /* No attributes in this namespace */ ++ if(list_size == 0) ++ continue; ++ /* ++ Call with an empty buffer may be used to calculate ++ necessary buffer size. ++ */ ++ if(list == NULL) { ++ /* ++ XXX: Unfortunately, we can't say, how many attributes were ++ returned, so here is the potential problem with the emulation. ++ */ ++ if(extattr_mode == FREEBSD_EXTATTR_LEGACY) { ++ /* ++ Take the worse case of one char attribute names - ++ two bytes per name plus one more for sanity. ++ */ ++ total_size += list_size + (list_size/2 + 1)*extattr[ns].data.len; ++ } ++ else { ++ total_size += list_size; ++ } ++ continue; ++ } ++ ++ if(extattr_mode == FREEBSD_EXTATTR_LEGACY) { ++ /* Count necessary offset to fit namespace prefixes */ ++ int extra_len = 0; ++ uint16_t flags; ++ list_end = list + list_size; ++ for(list_size = 0, p = q = list; p < list_end; p += len) { ++ len = p[0] + 1; ++ (void)strlcpy(q, p + 1, len); ++ flags = freebsd_map_attrname(q); ++ /* Skip secure attributes for non-root user */ ++ if(extattr_mode != FREEBSD_EXTATTR_SECURE && !as_root && flags > EXTATTR_USER) { ++ continue; ++ } ++ if(flags <= EXTATTR_USER) { ++ /* Don't count trailing '\0' */ ++ extra_len += extattr[ns].data.len; ++ } ++ list_size += len; ++ q += len; ++ } ++ total_size += list_size + extra_len; ++ /* Buffer is too small to fit the results */ ++ if(total_size > size) { ++ errno = ERANGE; ++ return -1; ++ } ++ /* Shift results backwards, so we can prepend prefixes */ ++ list_end = list + extra_len; ++ p = (char*)memmove(list_end, list, list_size); ++ /* ++ We enter the loop with `p` pointing to the shifted list and ++ `extra_len` having the total margin between `list` and `p` ++ */ ++ for(list_end += list_size; p < list_end; p += len) { ++ len = strlen(p) + 1; ++ flags = freebsd_map_attrname(p); ++ if(flags <= EXTATTR_USER) { ++ /* Add namespace prefix */ ++ (void)strncpy(list, extattr[ns].name, extattr[ns].data.len); ++ list += extattr[ns].data.len; ++ } ++ /* Append attribute name */ ++ (void)strlcpy(list, p, len); ++ list += len; ++ } ++ } ++ else { ++ /* Convert UCSD strings into nul-terminated strings */ ++ for(list_end = list + list_size; list < list_end; list += len) { ++ len = list[0] + 1; ++ (void)strlcpy(list, list + 1, len); ++ } ++ total_size += list_size; ++ } ++ } ++ return total_size; ++} ++ ++/* ++static ssize_t freebsd_getxattr_size(vfs_handle_struct *handle, ++ const struct smb_filename *smb_fname, ++ const char *name) ++{ ++ struct freebsd_handle_data *data; ++ extattr_arg arg = { EXTATTR_FILE, smb_fname->base_name }; ++ extattr_attr attr; ++ ++ ++ SMB_VFS_HANDLE_GET_DATA(handle, data, ++ struct freebsd_handle_data, ++ return -1); ++ ++ if(!freebsd_map_xattr(data->extattr_mode, name, &attr)) { ++ errno = EINVAL; ++ return -1; ++ } ++ ++ if(data->extattr_mode != FREEBSD_EXTATTR_SECURE && geteuid() != 0 && attr.data.flags > EXTATTR_USER) { ++ errno = ENOATTR; ++ return -1; ++ } ++ ++ return extattr_size(arg, &attr); ++} ++*/ ++ ++/* VFS entries */ ++static ssize_t freebsd_getxattr(vfs_handle_struct *handle, ++ const struct smb_filename *smb_fname, ++ const char *name, ++ void *value, ++ size_t size) ++{ ++#if defined(HAVE_XATTR_EXTATTR) ++ struct freebsd_handle_data *data; ++ extattr_arg arg = { EXTATTR_FILE, .param.path = smb_fname->base_name }; ++ extattr_attr attr; ++ ssize_t res; ++ ++ SMB_VFS_HANDLE_GET_DATA(handle, data, ++ struct freebsd_handle_data, ++ return -1); ++ ++ if(!freebsd_map_xattr(data->extattr_mode, name, &attr)) { ++ errno = EINVAL; ++ return -1; ++ } ++ ++ /* Filter out 'secure' entries */ ++ if(data->extattr_mode != FREEBSD_EXTATTR_SECURE && geteuid() != 0 && attr.data.flags > EXTATTR_USER) { ++ errno = ENOATTR; ++ return -1; ++ } ++ ++ /* ++ * The BSD implementation has a nasty habit of silently truncating ++ * the returned value to the size of the buffer, so we have to check ++ * that the buffer is large enough to fit the returned value. ++ */ ++ if((res=extattr_size(arg, &attr)) < 0) { ++ return -1; ++ } ++ ++ if (size == 0) { ++ return res; ++ } ++ else if (res > size) { ++ errno = ERANGE; ++ return -1; ++ } ++ ++ if((res=extattr_get_file(smb_fname->base_name, attr.namespace, attr.name, value, size)) >= 0) { ++ return res; ++ } ++ return -1; ++#else ++ errno = ENOSYS; ++ return -1; ++#endif ++} ++ ++ ++static ssize_t freebsd_fgetxattr(vfs_handle_struct *handle, ++ struct files_struct *fsp, const char *name, ++ void *value, size_t size) ++{ ++#if defined(HAVE_XATTR_EXTATTR) ++ struct freebsd_handle_data *data; ++ extattr_arg arg = { EXTATTR_FDES, .param.filedes = fsp->fh->fd }; ++ extattr_attr attr; ++ ssize_t res; ++ ++ SMB_VFS_HANDLE_GET_DATA(handle, data, ++ struct freebsd_handle_data, ++ return -1); ++ ++ if(!freebsd_map_xattr(data->extattr_mode, name, &attr)) { ++ errno = EINVAL; ++ return -1; ++ } ++ ++ /* Filter out 'secure' entries */ ++ if(data->extattr_mode != FREEBSD_EXTATTR_SECURE && geteuid() != 0 && attr.data.flags > EXTATTR_USER) { ++ errno = ENOATTR; ++ return -1; ++ } ++ ++ /* ++ * The BSD implementation has a nasty habit of silently truncating ++ * the returned value to the size of the buffer, so we have to check ++ * that the buffer is large enough to fit the returned value. ++ */ ++ if((res=extattr_size(arg, &attr)) < 0) { ++ return -1; ++ } ++ ++ if (size == 0) { ++ return res; ++ } ++ else if (res > size) { ++ errno = ERANGE; ++ return -1; ++ } ++ ++ if((res=extattr_get_fd(fsp->fh->fd, attr.namespace, attr.name, value, size)) >= 0) { ++ return res; ++ } ++ return -1; ++#else ++ errno = ENOSYS; ++ return -1; ++#endif ++} ++ ++ ++static ssize_t freebsd_listxattr(vfs_handle_struct *handle, ++ const struct smb_filename *smb_fname, ++ char *list, ++ size_t size) ++{ ++#if defined(HAVE_XATTR_EXTATTR) ++ struct freebsd_handle_data *data; ++ ++ SMB_VFS_HANDLE_GET_DATA(handle, data, ++ struct freebsd_handle_data, ++ return -1); ++ ++ extattr_arg arg = { EXTATTR_FILE, .param.path = smb_fname->base_name }; ++ ++ return freebsd_extattr_list(arg, data->extattr_mode, list, size); ++#else ++ errno = ENOSYS; ++ return -1; ++#endif ++} ++ ++ ++static ssize_t freebsd_flistxattr(vfs_handle_struct *handle, ++ struct files_struct *fsp, char *list, ++ size_t size) ++{ ++#if defined(HAVE_XATTR_EXTATTR) ++ struct freebsd_handle_data *data; ++ extattr_arg arg = { EXTATTR_FDES, .param.filedes = fsp->fh->fd }; ++ ++ SMB_VFS_HANDLE_GET_DATA(handle, data, ++ struct freebsd_handle_data, ++ return -1); ++ ++ return freebsd_extattr_list(arg, data->extattr_mode, list, size); ++#else ++ errno = ENOSYS; ++ return -1; ++#endif ++} ++ ++static int freebsd_removexattr(vfs_handle_struct *handle, ++ const struct smb_filename *smb_fname, ++ const char *name) ++{ ++#if defined(HAVE_XATTR_EXTATTR) ++ struct freebsd_handle_data *data; ++ extattr_attr attr; ++ ++ SMB_VFS_HANDLE_GET_DATA(handle, data, ++ struct freebsd_handle_data, ++ return -1); ++ ++ ++ /* Filter out 'secure' entries */ ++ if(data->extattr_mode != FREEBSD_EXTATTR_SECURE && geteuid() != 0 && attr.data.flags > EXTATTR_USER) { ++ errno = ENOATTR; ++ return -1; ++ } ++ ++ return extattr_delete_file(smb_fname->base_name, attr.namespace, attr.name); ++#else ++ errno = ENOSYS; ++ return -1; ++#endif ++} ++ ++ ++static int freebsd_fremovexattr(vfs_handle_struct *handle, ++ struct files_struct *fsp, const char *name) ++{ ++#if defined(HAVE_XATTR_EXTATTR) ++ struct freebsd_handle_data *data; ++ extattr_attr attr; ++ ++ SMB_VFS_HANDLE_GET_DATA(handle, data, ++ struct freebsd_handle_data, ++ return -1); ++ ++ if(!freebsd_map_xattr(data->extattr_mode, name, &attr)) { ++ errno = EINVAL; ++ return -1; ++ } ++ ++ /* Filter out 'secure' entries */ ++ if(data->extattr_mode != FREEBSD_EXTATTR_SECURE && geteuid() != 0 && attr.data.flags > EXTATTR_USER) { ++ errno = ENOATTR; ++ return -1; ++ } ++ ++ return extattr_delete_fd(fsp->fh->fd, attr.namespace, attr.name); ++#else ++ errno = ENOSYS; ++ return -1; ++#endif ++} ++ ++ ++static int freebsd_setxattr(vfs_handle_struct *handle, ++ const struct smb_filename *smb_fname, ++ const char *name, ++ const void *value, ++ size_t size, ++ int flags) ++{ ++#if defined(HAVE_XATTR_EXTATTR) ++ struct freebsd_handle_data *data; ++ extattr_attr attr; ++ ssize_t res; ++ ++ SMB_VFS_HANDLE_GET_DATA(handle, data, ++ struct freebsd_handle_data, ++ return -1); ++ ++ if(!freebsd_map_xattr(data->extattr_mode, name, &attr)) { ++ errno = EINVAL; ++ return -1; ++ } ++ ++ /* Filter out 'secure' entries */ ++ if(data->extattr_mode != FREEBSD_EXTATTR_SECURE && geteuid() != 0 && attr.data.flags > EXTATTR_USER) { ++ errno = ENOATTR; ++ return -1; ++ } ++ ++ if (flags) { ++ extattr_arg arg = { EXTATTR_FILE, .param.path = smb_fname->base_name }; ++ /* Check attribute existence */ ++ res = extattr_size(arg, &attr); ++ if (res < 0) { ++ /* REPLACE attribute, that doesn't exist */ ++ if ((flags & XATTR_REPLACE) && errno == ENOATTR) { ++ errno = ENOATTR; ++ return -1; ++ } ++ /* Ignore other errors */ ++ } ++ else { ++ /* CREATE attribute, that already exists */ ++ if (flags & XATTR_CREATE) { ++ errno = EEXIST; ++ return -1; ++ } ++ } ++ } ++ res = extattr_set_file(smb_fname->base_name, attr.namespace, attr.name, value, size); ++ ++ return (res >= 0) ? 0 : -1; ++#else ++ errno = ENOSYS; ++ return -1; ++#endif ++} ++ ++ ++static int freebsd_fsetxattr(vfs_handle_struct *handle, struct files_struct *fsp, ++ const char *name, const void *value, size_t size, ++ int flags) ++{ ++#if defined(HAVE_XATTR_EXTATTR) ++ struct freebsd_handle_data *data; ++ extattr_attr attr; ++ ssize_t res; ++ ++ SMB_VFS_HANDLE_GET_DATA(handle, data, ++ struct freebsd_handle_data, ++ return -1); ++ ++ if(!freebsd_map_xattr(data->extattr_mode, name, &attr)) { ++ errno = EINVAL; ++ return -1; ++ } ++ ++ /* Filter out 'secure' entries */ ++ if(data->extattr_mode != FREEBSD_EXTATTR_SECURE && geteuid() != 0 && attr.data.flags > EXTATTR_USER) { ++ errno = ENOATTR; ++ return -1; ++ } ++ ++ if (flags) { ++ extattr_arg arg = { EXTATTR_FDES, .param.filedes = fsp->fh->fd }; ++ /* Check attribute existence */ ++ res = extattr_size(arg, &attr); ++ if (res < 0) { ++ /* REPLACE attribute, that doesn't exist */ ++ if ((flags & XATTR_REPLACE) && errno == ENOATTR) { ++ errno = ENOATTR; ++ return -1; ++ } ++ /* Ignore other errors */ ++ } ++ else { ++ /* CREATE attribute, that already exists */ ++ if (flags & XATTR_CREATE) { ++ errno = EEXIST; ++ return -1; ++ } ++ } ++ } ++ ++ res = extattr_set_fd(fsp->fh->fd, attr.namespace, attr.name, value, size); ++ ++ return (res >= 0) ? 0 : -1; ++#else ++ errno = ENOSYS; ++ return -1; ++#endif ++} ++ ++static int freebsd_connect(vfs_handle_struct *handle, const char *service, ++ const char *user) ++{ ++ struct freebsd_handle_data *data; ++ int enumval, saved_errno; ++ ++ int ret = SMB_VFS_NEXT_CONNECT(handle, service, user); ++ ++ if (ret < 0) { ++ return ret; ++ } ++ ++ data = talloc_zero(handle->conn, struct freebsd_handle_data); ++ if (!data) { ++ saved_errno = errno; ++ SMB_VFS_NEXT_DISCONNECT(handle); ++ DEBUG(0, ("talloc_zero() failed\n")); ++ errno = saved_errno; ++ return -1; ++ } ++ ++ enumval = lp_parm_enum(SNUM(handle->conn), "freebsd", ++ "extattr mode", extattr_mode_param, FREEBSD_EXTATTR_LEGACY); ++ if (enumval == -1) { ++ saved_errno = errno; ++ SMB_VFS_NEXT_DISCONNECT(handle); ++ DBG_DEBUG("value for freebsd: 'extattr mode' is unknown\n"); ++ errno = saved_errno; ++ return -1; ++ } ++ ++ if(freebsd_in_jail()) { ++ enumval = FREEBSD_EXTATTR_COMPAT; ++ DBG_WARNING("running in jail, enforcing 'compat' mode\n"); ++ } ++ ++ data->extattr_mode = (enum extattr_mode)enumval; ++ ++ SMB_VFS_HANDLE_SET_DATA(handle, data, NULL, ++ struct freebsd_handle_data, ++ return -1); ++ ++ DBG_DEBUG("connect to service[%s] with '%s' extattr mode\n", ++ service, extattr_mode_param[data->extattr_mode].name); ++ ++ return 0; ++} ++ ++static void freebsd_disconnect(vfs_handle_struct *handle) ++{ ++ SMB_VFS_NEXT_DISCONNECT(handle); ++} ++ ++/* VFS operations structure */ ++ ++struct vfs_fn_pointers freebsd_fns = { ++ /* Disk operations */ ++ ++ .connect_fn = freebsd_connect, ++ .disconnect_fn = freebsd_disconnect, ++ ++ /* EA operations. */ ++ .getxattr_fn = freebsd_getxattr, ++ .fgetxattr_fn = freebsd_fgetxattr, ++ .listxattr_fn = freebsd_listxattr, ++ .flistxattr_fn = freebsd_flistxattr, ++ .removexattr_fn = freebsd_removexattr, ++ .fremovexattr_fn = freebsd_fremovexattr, ++ .setxattr_fn = freebsd_setxattr, ++ .fsetxattr_fn = freebsd_fsetxattr, ++}; ++ ++static_decl_vfs; ++NTSTATUS vfs_freebsd_init(TALLOC_CTX *ctx) ++{ ++ NTSTATUS ret; ++ ++ ret = smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "freebsd", ++ &freebsd_fns); ++ ++ if (!NT_STATUS_IS_OK(ret)) { ++ return ret; ++ } ++ ++ vfs_freebsd_debug_level = debug_add_class("freebsd"); ++ if (vfs_freebsd_debug_level == -1) { ++ vfs_freebsd_debug_level = DBGC_VFS; ++ DEBUG(0, ("vfs_freebsd: Couldn't register custom debugging class!\n")); ++ } else { ++ DEBUG(10, ("vfs_freebsd: Debug class number of 'fileid': %d\n", vfs_freebsd_debug_level)); ++ } ++ ++ return ret; ++} +--- docs-xml/manpages/vfs_freebsd.8.xml.orig 2019-06-25 00:51:54 UTC ++++ docs-xml/manpages/vfs_freebsd.8.xml +@@ -0,0 +1,169 @@ ++ ++ ++ ++ ++ ++ vfs_freebsd ++ 8 ++ Samba ++ System Administration tools ++ &doc.version; ++ ++ ++ ++ vfs_freebsd ++ FreeBSD-specific VFS functions ++ ++ ++ ++ ++ vfs objects = freebsd ++ ++ ++ ++ ++ DESCRIPTION ++ ++ This VFS module is part of the samba ++ 7 suite. ++ ++ The vfs_freebsd module implements some of the FreeBSD-specific VFS functions. ++ ++ This module is stackable. ++ ++ ++ ++ ++ OPTIONS ++ ++ ++ ++ ++ freebsd:extattr mode=[legacy|compat|secure] ++ ++ This parameter defines how the emulation of the Linux attr(5) extended attributes ++ is performed through the FreeBSD native extattr(9) system calls. ++ ++ Currently the security, system, ++ trusted and user extended attribute(xattr) ++ classes are defined in Linux. Contrary FreeBSD has only USER ++ and SYSTEM extended attribute(extattr) namespaces, so mapping ++ of one set into another isn't straightforward and can be done in different ways. ++ ++ Historically the Samba(7) built-in xattr mapping implementation simply converted ++ system and user xattr into corresponding ++ SYSTEM and USER extattr namespaces, dropping ++ the class prefix name with the separating dot and using attribute name only within the ++ mapped namespace. It also rejected any other xattr classes, like security ++ and trusted as invalid. Such behavior in particular broke AD ++ provisioning on UFS2 file systems as essential security.NTACL ++ xattr was rejected as invalid. ++ ++ This module tries to address this problem and provide secure, where it's possible, ++ way to map Linux xattr into FreeBSD's extattr. ++ ++ When mode is set to the legacy (default) ++ then modified version of built-in mapping is used, where system xattr ++ is mapped into SYSTEM namespace, while secure, trusted ++ and user xattr are all mapped into the USER namespace, dropping class ++ prefixes and mix them all together. This is the way how Samba FreeBSD ports were patched ++ up to the 4.9 version and that created multiple potential security issues. This mode is aimed for ++ the compatibility with the legacy installations only and should be avoided in new setups. ++ ++ The compat mode is mostly designed for the jailed environments, ++ where it's not possible to write extattrs into the secure SYSTEM namespace, so all four ++ classes are mapped into the USER namespace. To preserve information about origin of the ++ extended attribute it is stored together with the class preffix in the class.attribute ++ format. ++ ++ The secure mode is meant for storing extended attributes in a secure ++ manner, so that security, system and trusted ++ are stored in the SYSTEM namespace, which can be modified only by root. ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ Attributes mapping ++ ++ ++ ++ ++ built-in ++ legacy ++ compat/jail ++ secure ++ ++ ++ ++ ++ user ++ USER; attribute ++ USER; attribute ++ USER; user.attribute ++ USER; user.attribute ++ ++ ++ system ++ SYSTEM; attribute ++ SYSTEM; attribute ++ USER; system.attribute ++ SYSTEM; system.attribute ++ ++ ++ trusted ++ FAIL ++ USER; attribute ++ USER; trusted.attribute ++ SYSTEM; trusted.attribute ++ ++ ++ security ++ FAIL ++ USER; attribute ++ USER; security.attribute ++ SYSTEM; security.attribute ++ ++ ++ ++
++ ++ ++ ++ EXAMPLES ++ ++ Use secure method of setting extended attributes on the share: ++ ++ ++ ++ freebsd ++ secure ++ ++ ++ ++ ++ ++ VERSION ++ ++ This man page is part of version &doc.version; of the Samba suite. ++ ++ ++ ++ ++ AUTHOR ++ ++ The original Samba software and related utilities ++ were created by Andrew Tridgell. Samba is now developed ++ by the Samba Team as an Open Source project similar ++ to the way the Linux kernel is developed. ++ ++ This module was written by Timur I. Bakeyev ++ ++ ++ ++ Index: files/pkg-message.in =================================================================== --- files/pkg-message.in +++ files/pkg-message.in @@ -0,0 +1,24 @@ +[ +{ type: install + message: </dev/null 2>&1; then + echo "OK" + else + echo "FAILED" + return 1 + fi +} + +samba_server_prestart() { + # Make sure we have our RUNDIR, even if it's on a tmpfs + if [ -d "${samba_server_piddir}" -o ! -e "${samba_server_piddir}" ]; then + install -d -m 0755 "${samba_server_piddir}" + fi + # https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200186 + if [ -d "${samba_server_privatedir}" -o ! -e "${samba_server_privatedir}" ]; then + install -d -m 0700 "${samba_server_privatedir}" + fi + samba_server_checkconfig +} + +samba_server_rcvar_cmd() { + local name rcvar + rcvar=${name}_enable + # Prevent recursive calling + unset "${rc_arg}_cmd" "${rc_arg}_precmd" "${rc_arg}_postcmd" + # Check master variable + run_rc_command "${_rc_prefix}${rc_arg}" ${rc_extra_args} + # Check dependent variables + for name in ${samba_daemons}; do + # XXX + rcvars=''; v='' + rcvar=${name}_enable + run_rc_command "${_rc_prefix}${rc_arg}" ${rc_extra_args} + done +} + +samba_server_reload_cmd() { + local name rcvar command pidfile force_run + # Prevent recursive calling + unset "${rc_arg}_cmd" "${rc_arg}_precmd" "${rc_arg}_postcmd" + # Ignore rcvar and run command + if [ -n "${_rc_prefix}" -a "${_rc_prefix}" = "one" ] || [ -n "${rc_force}" ] || [ -n "${rc_fast}" ]; then + force_run=yes + fi + # Apply to all daemons + for name in ${samba_daemons}; do + rcvar=${name}_enable + command="%%PREFIX%%/sbin/${name}" + pidfile="${samba_server_piddir}/${name}.pid" + # Daemon should be enabled and running + if ( [ -n "${rcvar}" ] && checkyesno "${rcvar}" ) || [ -n "$force_run" ]; then + if [ -n "$(check_pidfile "${pidfile}" "${command}")" ]; then + debug "reloading ${name} configuration" + echo "Reloading ${name}." + ${smbcontrol_command} "${name}" 'reload-config' ${command_args} >/dev/null 2>&1 + fi + fi + done +} + +samba_server_cmd() { + local name rcvar rcvars v command pidfile samba_daemons result force_run + # Prevent recursive calling + unset "${rc_arg}_cmd" "${rc_arg}_precmd" "${rc_arg}_postcmd" + # Stop processes in the reverse order + if [ "${rc_arg}" = "stop" ] ; then + samba_daemons=$(reverse_list ${samba_daemons}) + fi + # Ignore rcvar and run command + if [ -n "${_rc_prefix}" -a "${_rc_prefix}" = "one" ] || [ -n "${rc_force}" ] || [ -n "${rc_fast}" ]; then + force_run=yes + fi + # Assume success + result=0 + # Apply to all daemons + for name in ${samba_daemons}; do + # XXX + rcvars=''; v='' + rcvar=${name}_enable + command="%%PREFIX%%/sbin/${name}" + pidfile="${samba_server_piddir}/${name}.pid" + # Daemon should be enabled and running + if ( [ -n "${rcvar}" ] && checkyesno "${rcvar}" ) || [ -n "$force_run" ]; then + run_rc_command "${_rc_prefix}${rc_arg}" ${rc_extra_args} + # If any of the commands failed, take it as a global result + result=$((${result} || $?)) + fi + done + return ${result} +} + +samba_server_config_init() { + local name + # Load configuration + load_rc_config "${name}" + # Defaults + samba_server_enable=${samba_server_enable:=NO} + samba_server_config=${samba_server_config=${samba_server_config_default}} + samba_server_configfile_arg=${samba_server_config:+--configfile="${samba_server_config}"} #" + #testparm_command="%%PREFIX%%/bin/samba-tool testparm --suppress-prompt --verbose ${samba_server_configfile_arg}" + testparm_command="%%PREFIX%%/bin/testparm --suppress-prompt --verbose ${samba_server_config}" + # Determine what daemons are necessary to run Samba in the current role + samba_server_role=$(${testparm_command} --parameter-name='server role' 2>/dev/null) + case "${samba_server_role}" in + active\ directory\ domain\ controller) + samba_daemons="samba" + ;; + auto|*) + samba_daemons="nmbd smbd winbindd" + ;; + esac + # Load daemons configuration + for name in ${samba_daemons}; do + load_rc_config "${name}" + # If samba_server_enable is 'YES' + if [ -n "${rcvar}" ] && checkyesno "${rcvar}"; then + if [ "${name}" != "winbindd" ]; then + # Set variable to 'YES' only if it is unset + eval ${name}_enable=\${${name}_enable-YES} + else + # Winbindd + samba_server_idmap=$(${testparm_command} --parameter-name='idmap uid' 2>/dev/null) + if [ -n "${samba_server_idmap}" ]; then + winbindd_enable="YES" + fi + fi + fi + # If variable is empty, set it to 'NO' + eval ${name}_enable=\${${name}_enable:-NO} + done + # Fetch parameters from configuration file + samba_server_lockdir="$(${testparm_command} --parameter-name='lock directory' 2>/dev/null)" + samba_server_lockdir=${samba_server_lockdir:=%%SAMBA4_LOCKDIR%%} + samba_server_piddir="$(${testparm_command} --parameter-name='pid directory' 2>/dev/null)" + samba_server_piddir=${samba_server_piddir:=%%SAMBA4_RUNDIR%%} + samba_server_privatedir="$(${testparm_command} --parameter-name='private dir' 2>/dev/null)" + samba_server_privatedir=${samba_server_privatedir:=%%SAMBA4_PRIVATEDIR%%} +} + +# Load configuration variables +samba_server_config_init +# Common flags +command_args=${samba_server_configfile_arg} +samba_flags=${samba_flags="--daemon"} +nmbd_flags=${nmbd_flags="--daemon"} +smbd_flags=${smbd_flags="--daemon"} +winbindd_flags=${winbindd_flags="--daemon"} +# Requirements +required_files="${samba_server_config}" +required_dirs="${samba_server_lockdir}" + +run_rc_command "$1" Index: pkg-descr =================================================================== --- pkg-descr +++ pkg-descr @@ -0,0 +1,8 @@ +Samba4 is an attempt to implement an Active Directory compatible Domain +Controller. + +In short, you can join a WinNT, Win2000, WinXP or Win 2003 - 2016 member +server to a Samba4 domain, and it will behave much as it does in AD, +including Kerberos domain logins where applicable. + +WWW: https://www.samba.org/ Index: pkg-plist =================================================================== --- pkg-plist +++ pkg-plist @@ -0,0 +1,1124 @@ +bin/cifsdd +bin/dbwrap_tool +bin/dumpmscat +bin/findsmb +bin/gentest +bin/locktest +bin/masktest +bin/mdfind +bin/mvxattr +bin/ndrdump +bin/net +bin/nmblookup +bin/ntlm_auth +bin/oLschema2ldif +bin/pdbedit +bin/profiles +bin/regdiff +bin/regpatch +bin/regshell +bin/regtree +bin/rpcclient +bin/samba-regedit +%%AD_DC%%bin/samba-tool +bin/sharesec +bin/smbcacls +bin/smbclient +bin/smbcontrol +bin/smbcquotas +bin/smbget +bin/smbpasswd +bin/smbspool +bin/smbstatus +bin/smbtar +%%SAMBA4_PYTHON%%bin/smbtorture +bin/smbtree +bin/testparm +bin/wbinfo +sbin/eventlogadm +sbin/nmbd +%%AD_DC%%sbin/samba_downgrade_db +sbin/smbd +sbin/winbindd +%%AD_DC%%sbin/samba +%%AD_DC%%sbin/samba_dnsupdate +%%AD_DC%%sbin/samba-gpupdate +%%AD_DC%%sbin/samba_kcc +%%AD_DC%%sbin/samba_spnupdate +%%AD_DC%%sbin/samba_upgradedns +include/samba4/charset.h +include/samba4/core/doserr.h +include/samba4/core/error.h +include/samba4/core/hresult.h +include/samba4/core/ntstatus_gen.h +include/samba4/core/ntstatus.h +include/samba4/core/werror_gen.h +include/samba4/core/werror.h +include/samba4/credentials.h +include/samba4/dcerpc.h +include/samba4/dcesrv_core.h +%%AD_DC%%include/samba4/dcerpc_server.h +%%LDAP%%include/samba4/smb_ldap.h +%%LDAP%%include/samba4/smbldap.h +include/samba4/domain_credentials.h +include/samba4/gen_ndr/atsvc.h +include/samba4/gen_ndr/auth.h +include/samba4/gen_ndr/dcerpc.h +include/samba4/gen_ndr/drsblobs.h +include/samba4/gen_ndr/drsuapi.h +include/samba4/gen_ndr/krb5pac.h +include/samba4/gen_ndr/lsa.h +include/samba4/gen_ndr/misc.h +include/samba4/gen_ndr/nbt.h +include/samba4/gen_ndr/ndr_atsvc.h +include/samba4/gen_ndr/ndr_dcerpc.h +include/samba4/gen_ndr/ndr_drsblobs.h +include/samba4/gen_ndr/ndr_drsuapi.h +include/samba4/gen_ndr/ndr_krb5pac.h +include/samba4/gen_ndr/ndr_misc.h +include/samba4/gen_ndr/ndr_nbt.h +include/samba4/gen_ndr/ndr_samr_c.h +include/samba4/gen_ndr/ndr_samr.h +include/samba4/gen_ndr/ndr_svcctl_c.h +include/samba4/gen_ndr/ndr_svcctl.h +include/samba4/gen_ndr/netlogon.h +include/samba4/gen_ndr/samr.h +include/samba4/gen_ndr/security.h +include/samba4/gen_ndr/server_id.h +include/samba4/gen_ndr/svcctl.h +include/samba4/ldb_wrap.h +include/samba4/libsmbclient.h +include/samba4/lookup_sid.h +include/samba4/machine_sid.h +include/samba4/ndr.h +include/samba4/ndr/ndr_dcerpc.h +include/samba4/ndr/ndr_drsblobs.h +include/samba4/ndr/ndr_drsuapi.h +include/samba4/ndr/ndr_krb5pac.h +include/samba4/ndr/ndr_nbt.h +include/samba4/ndr/ndr_svcctl.h +include/samba4/netapi.h +include/samba4/param.h +include/samba4/passdb.h +%%SAMBA4_PYTHON%%include/samba4/policy.h +include/samba4/rpc_common.h +include/samba4/samba/session.h +include/samba4/samba/version.h +include/samba4/share.h +include/samba4/smb2_lease_struct.h +include/samba4/smbconf.h +include/samba4/tdr.h +include/samba4/tsocket_internal.h +include/samba4/tsocket.h +include/samba4/util_ldb.h +include/samba4/util/attr.h +include/samba4/util/blocking.h +include/samba4/util/byteorder.h +include/samba4/util/data_blob.h +include/samba4/util/debug.h +include/samba4/util/discard.h +include/samba4/util/fault.h +include/samba4/util/genrand.h +include/samba4/util/idtree_random.h +include/samba4/util/idtree.h +include/samba4/util/signal.h +include/samba4/util/string_wrappers.h +include/samba4/util/substitute.h +include/samba4/util/tevent_ntstatus.h +include/samba4/util/tevent_unix.h +include/samba4/util/tevent_werror.h +include/samba4/util/tfork.h +include/samba4/util/time.h +include/samba4/wbclient.h +@dir include/samba4/util +@dir include/samba4/samba +@dir include/samba4/ndr +@dir include/samba4/gen_ndr +@dir include/samba4/core +@dir include/samba4 +lib/samba4/libdcerpc-binding.so +lib/samba4/libdcerpc-binding.so.0 +lib/samba4/libdcerpc-samr.so +lib/samba4/libdcerpc-samr.so.0 +lib/samba4/libdcerpc-server-core.so +lib/samba4/libdcerpc-server-core.so.0 +%%AD_DC%%lib/samba4/libdcerpc-server.so +%%AD_DC%%lib/samba4/libdcerpc-server.so.0 +lib/samba4/libdcerpc.so +lib/samba4/libdcerpc.so.0 +lib/samba4/libndr-krb5pac.so +lib/samba4/libndr-krb5pac.so.0 +lib/samba4/libndr-nbt.so +lib/samba4/libndr-nbt.so.0 +lib/samba4/libndr-standard.so +lib/samba4/libndr-standard.so.0 +lib/samba4/libndr.so +lib/samba4/libndr.so.1 +lib/samba4/libnetapi.so +lib/samba4/libnetapi.so.0 +lib/samba4/libsamba-credentials.so +lib/samba4/libsamba-credentials.so.0 +lib/samba4/libsamba-errors.so +lib/samba4/libsamba-errors.so.1 +lib/samba4/libsamba-hostconfig.so +lib/samba4/libsamba-hostconfig.so.0 +lib/samba4/libsamba-passdb.so +lib/samba4/libsamba-passdb.so.0 +%%SAMBA4_PYTHON%%lib/samba4/libsamba-policy.so +%%SAMBA4_PYTHON%%lib/samba4/libsamba-policy.so.0 +lib/samba4/libsamba-util.so +lib/samba4/libsamba-util.so.0 +lib/samba4/libsamdb.so +lib/samba4/libsamdb.so.0 +lib/samba4/libsmbclient.so +lib/samba4/libsmbclient.so.0 +lib/samba4/libsmbconf.so +lib/samba4/libsmbconf.so.0 +%%LDAP%%lib/samba4/libsmbldap.so +%%LDAP%%lib/samba4/libsmbldap.so.2 +lib/samba4/libtevent-util.so +lib/samba4/libtevent-util.so.0 +lib/samba4/libwbclient.so +lib/samba4/libwbclient.so.0 +lib/nss_winbind.so.1 +lib/nss_wins.so.1 +lib/pam_winbind.so +%%CUPS%%libexec/samba/smbspool_krb5_wrapper +%%AD_DC%%lib/samba4/private/libdlz-bind9-for-torture-samba4.so +%%AD_DC%%lib/samba4/private/libposix-eadb-samba4.so +%%AD_DC%%lib/samba4/private/libprocess-model-samba4.so +%%AD_DC%%lib/samba4/private/libservice-samba4.so +lib/samba4/private/libCHARSET3-samba4.so +%%AD_DC%%%%GSSAPI_BUILTIN%%lib/samba4/private/libHDB-SAMBA4-samba4.so +lib/samba4/private/libLIBWBCLIENT-OLD-samba4.so +lib/samba4/private/libMESSAGING-samba4.so +lib/samba4/private/libMESSAGING-SEND-samba4.so +lib/samba4/private/libaddns-samba4.so +lib/samba4/private/libads-samba4.so +%%GSSAPI_BUILTIN%%lib/samba4/private/libasn1-samba4.so.8 +lib/samba4/private/libasn1util-samba4.so +lib/samba4/private/libauth-samba4.so +lib/samba4/private/libauth-unix-token-samba4.so +lib/samba4/private/libauth4-samba4.so +lib/samba4/private/libauthkrb5-samba4.so +lib/samba4/private/libcli-cldap-samba4.so +lib/samba4/private/libcli-ldap-common-samba4.so +lib/samba4/private/libcli-ldap-samba4.so +lib/samba4/private/libcli-nbt-samba4.so +lib/samba4/private/libcli-smb-common-samba4.so +lib/samba4/private/libclidns-samba4.so +lib/samba4/private/libcli-spoolss-samba4.so +lib/samba4/private/libcliauth-samba4.so +lib/samba4/private/libcluster-samba4.so +lib/samba4/private/libcmdline-contexts-samba4.so +lib/samba4/private/libcmdline-credentials-samba4.so +%%GSSAPI_BUILTIN%%lib/samba4/private/libcom_err-samba4.so.0 +lib/samba4/private/libcommon-auth-samba4.so +%%AD_DC%%lib/samba4/private/libdb-glue-samba4.so +lib/samba4/private/libdbwrap-samba4.so +lib/samba4/private/libdcerpc-samba-samba4.so +lib/samba4/private/libdcerpc-samba4.so +%%AD_DC%%lib/samba4/private/libdfs-server-ad-samba4.so +%%AD_DC%%lib/samba4/private/libdnsserver-common-samba4.so +lib/samba4/private/libdsdb-module-samba4.so +%%AD_DC%%lib/samba4/private/libdsdb-garbage-collect-tombstones-samba4.so +lib/samba4/private/libevents-samba4.so +lib/samba4/private/libflag-mapping-samba4.so +lib/samba4/private/libgenrand-samba4.so +lib/samba4/private/libgensec-samba4.so +lib/samba4/private/libgpext-samba4.so +lib/samba4/private/libgpo-samba4.so +lib/samba4/private/libgse-samba4.so +%%GSSAPI_BUILTIN%%lib/samba4/private/libgssapi-samba4.so.2 +%%GSSAPI_BUILTIN%%lib/samba4/private/libhcrypto-samba4.so.5 +%%GSSAPI_BUILTIN%%lib/samba4/private/libhdb-samba4.so.11 +%%GSSAPI_BUILTIN%%lib/samba4/private/libheimbase-samba4.so.1 +%%GSSAPI_BUILTIN%%lib/samba4/private/libheimntlm-samba4.so.1 +lib/samba4/private/libhttp-samba4.so +%%GSSAPI_BUILTIN%%lib/samba4/private/libhx509-samba4.so.5 +lib/samba4/private/libidmap-samba4.so +lib/samba4/private/libinterfaces-samba4.so +lib/samba4/private/libiov-buf-samba4.so +%%GSSAPI_BUILTIN%%lib/samba4/private/libkdc-samba4.so.2 +%%GSSAPI_BUILTIN%%lib/samba4/private/libkrb5-samba4.so.26 +lib/samba4/private/libkrb5samba-samba4.so +lib/samba4/private/libldbsamba-samba4.so +lib/samba4/private/liblibcli-lsa3-samba4.so +lib/samba4/private/liblibcli-netlogon3-samba4.so +lib/samba4/private/liblibsmb-samba4.so +lib/samba4/private/libmessages-dgm-samba4.so +lib/samba4/private/libmessages-util-samba4.so +lib/samba4/private/libmscat-samba4.so +lib/samba4/private/libmsghdr-samba4.so +lib/samba4/private/libmsrpc3-samba4.so +lib/samba4/private/libndr-samba-samba4.so +lib/samba4/private/libndr-samba4.so +lib/samba4/private/libnet-keytab-samba4.so +lib/samba4/private/libnetif-samba4.so +lib/samba4/private/libnpa-tstream-samba4.so +lib/samba4/private/libnss-info-samba4.so +%%AD_DC%%lib/samba4/private/libpac-samba4.so +lib/samba4/private/libpopt-samba3-cmdline-samba4.so +lib/samba4/private/libpopt-samba3-samba4.so +lib/samba4/private/libprinter-driver-samba4.so +lib/samba4/private/libprinting-migrate-samba4.so +lib/samba4/private/libregistry-samba4.so +lib/samba4/private/libreplace-samba4.so +%%GSSAPI_BUILTIN%%lib/samba4/private/libroken-samba4.so.19 +lib/samba4/private/libsamba-cluster-support-samba4.so +lib/samba4/private/libsamba-debug-samba4.so +lib/samba4/private/libsamba-modules-samba4.so +%%SAMBA4_PYTHON%%lib/samba4/private/libsamba-net-samba4.so +%%SAMBA4_PYTHON%%lib/samba4/private/libsamba-python-samba4.so +lib/samba4/private/libsamba-security-samba4.so +lib/samba4/private/libsamba-sockets-samba4.so +lib/samba4/private/libsamba3-util-samba4.so +lib/samba4/private/libsamdb-common-samba4.so +%%AD_DC%%lib/samba4/private/libscavenge-dns-records-samba4.so +lib/samba4/private/libsecrets3-samba4.so +lib/samba4/private/libserver-id-db-samba4.so +lib/samba4/private/libserver-role-samba4.so +lib/samba4/private/libshares-samba4.so +lib/samba4/private/libsmb-transport-samba4.so +lib/samba4/private/libsmbclient-raw-samba4.so +lib/samba4/private/libsmbd-base-samba4.so +lib/samba4/private/libsmbd-conn-samba4.so +lib/samba4/private/libsmbd-shim-samba4.so +%%LDAP%%lib/samba4/private/libsmbldaphelper-samba4.so +lib/samba4/private/libsmbpasswdparser-samba4.so +lib/samba4/private/libsocket-blocking-samba4.so +lib/samba4/private/libsys-rw-samba4.so +lib/samba4/private/libtalloc-report-printf-samba4.so +lib/samba4/private/libtalloc-report-samba4.so +lib/samba4/private/libtdb-wrap-samba4.so +lib/samba4/private/libtime-basic-samba4.so +lib/samba4/private/libtorture-samba4.so +lib/samba4/private/libtrusts-util-samba4.so +lib/samba4/private/libutil-cmdline-samba4.so +lib/samba4/private/libutil-reg-samba4.so +lib/samba4/private/libutil-setid-samba4.so +lib/samba4/private/libutil-tdb-samba4.so +lib/samba4/private/libwinbind-client-samba4.so +%%GSSAPI_BUILTIN%%lib/samba4/private/libwind-samba4.so.0 +lib/samba4/private/libxattr-tdb-samba4.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/bind9/dlz_bind9.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/bind9/dlz_bind9_9.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/bind9/dlz_bind9_10.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/bind9/dlz_bind9_11.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/bind9/dlz_bind9_12.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/bind9/dlz_bind9_13.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/bind9/dlz_bind9_14.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/bind9/dlz_bind9_16.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/gensec/krb5.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/krb5/winbind_krb5_locator.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/acl.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/aclread.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/anr.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/audit_log.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/descriptor.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/dirsync.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/dns_notify.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/dsdb_notification.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/encrypted_secrets.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/extended_dn_in.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/extended_dn_out.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/extended_dn_store.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/group_audit_log.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/ildap.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/instancetype.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/lazy_commit.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/ldbsamba_extensions.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/linked_attributes.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/new_partition.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/objectclass_attrs.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/objectclass.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/objectguid.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/operational.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/partition.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/password_hash.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/ranged_results.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/repl_meta_data.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/resolve_oids.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/rootdse.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/samba_dsdb.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/samba_secrets.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/samba3sam.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/samba3sid.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/samldb.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/schema_data.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/schema_load.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/secrets_tdb_sync.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/show_deleted.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/subtree_delete.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/subtree_rename.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/tombstone_reanimate.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/unique_object_sids.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/update_keytab.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/vlv.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/ldb/wins_ldb.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/process_model/prefork.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/process_model/standard.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/service/cldap.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/service/dcerpc.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/service/dns_update.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/service/dns.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/service/drepl.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/service/kcc.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/service/kdc.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/service/ldap.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/service/nbtd.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/service/ntp_signd.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/service/s3fs.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/service/winbindd.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/service/wrepl.so +%%AD_DC%%%%SAMBA4_MODULEDIR%%/vfs/posix_eadb.so +%%SAMBA4_MODULEDIR%%/vfs/acl_tdb.so +%%SAMBA4_MODULEDIR%%/vfs/acl_xattr.so +%%SAMBA4_MODULEDIR%%/vfs/aio_fork.so +%%SAMBA4_MODULEDIR%%/vfs/aio_pthread.so +%%SAMBA4_MODULEDIR%%/vfs/audit.so +%%SAMBA4_MODULEDIR%%/vfs/cap.so +%%SAMBA4_MODULEDIR%%/vfs/catia.so +%%SAMBA4_MODULEDIR%%/vfs/commit.so +%%SAMBA4_MODULEDIR%%/vfs/crossrename.so +%%SAMBA4_MODULEDIR%%/vfs/default_quota.so +%%SAMBA4_MODULEDIR%%/vfs/dirsort.so +%%SAMBA4_MODULEDIR%%/vfs/expand_msdfs.so +%%SAMBA4_MODULEDIR%%/vfs/extd_audit.so +%%SAMBA4_MODULEDIR%%/vfs/fake_perms.so +%%SAMBA4_MODULEDIR%%/vfs/full_audit.so +%%SAMBA4_MODULEDIR%%/vfs/linux_xfs_sgid.so +%%SAMBA4_MODULEDIR%%/vfs/media_harmony.so +%%SAMBA4_MODULEDIR%%/vfs/offline.so +%%SAMBA4_MODULEDIR%%/vfs/preopen.so +%%SAMBA4_MODULEDIR%%/vfs/readahead.so +%%SAMBA4_MODULEDIR%%/vfs/readonly.so +%%SAMBA4_MODULEDIR%%/vfs/recycle.so +%%SAMBA4_MODULEDIR%%/vfs/shadow_copy.so +%%SAMBA4_MODULEDIR%%/vfs/shadow_copy2.so +%%SAMBA4_MODULEDIR%%/vfs/shell_snap.so +%%SAMBA4_MODULEDIR%%/vfs/streams_depot.so +%%SAMBA4_MODULEDIR%%/vfs/streams_xattr.so +%%SAMBA4_MODULEDIR%%/vfs/syncops.so +%%SAMBA4_MODULEDIR%%/vfs/time_audit.so +%%SAMBA4_MODULEDIR%%/vfs/unityed_media.so +%%SAMBA4_MODULEDIR%%/vfs/virusfilter.so +%%SAMBA4_MODULEDIR%%/vfs/worm.so +%%SAMBA4_MODULEDIR%%/vfs/xattr_tdb.so +%%SAMBA4_MODULEDIR%%/vfs/zfsacl.so +@dir %%SAMBA4_MODULEDIR%%/vfs +%%AD_DC%%@dir %%SAMBA4_MODULEDIR%%/service +%%AD_DC%%@dir %%SAMBA4_MODULEDIR%%/process_model +@dir %%SAMBA4_MODULEDIR%%/perfcount +@dir %%SAMBA4_MODULEDIR%%/pdb +@dir %%SAMBA4_MODULEDIR%%/nss_info +@dir %%SAMBA4_MODULEDIR%%/ldb +@dir %%SAMBA4_MODULEDIR%%/idmap +@dir %%SAMBA4_MODULEDIR%%/gpext +@dir %%SAMBA4_MODULEDIR%%/gensec +@dir %%SAMBA4_MODULEDIR%%/bind9 +@dir %%SAMBA4_MODULEDIR%%/auth +@dir %%SAMBA4_MODULEDIR%% +@dir lib/samba4/private +@dir lib/samba4 +%%PKGCONFIGDIR%%/dcerpc.pc +%%PKGCONFIGDIR%%/dcerpc_samr.pc +%%AD_DC%%%%PKGCONFIGDIR%%/dcerpc_server.pc +%%PKGCONFIGDIR%%/ndr.pc +%%PKGCONFIGDIR%%/ndr_krb5pac.pc +%%PKGCONFIGDIR%%/ndr_nbt.pc +%%PKGCONFIGDIR%%/ndr_standard.pc +%%PKGCONFIGDIR%%/netapi.pc +%%PKGCONFIGDIR%%/samba-credentials.pc +%%PKGCONFIGDIR%%/samba-hostconfig.pc +%%SAMBA4_PYTHON%%%%PKGCONFIGDIR%%/samba-policy.pc +%%PKGCONFIGDIR%%/samba-util.pc +%%PKGCONFIGDIR%%/samdb.pc +%%PKGCONFIGDIR%%/smbclient.pc +%%PKGCONFIGDIR%%/wbclient.pc +@comment Setup files +%%AD_DC%%%%DATADIR%%/setup/ad-schema/AD_DS_Attributes__Windows_Server_2012_R2.ldf +%%AD_DC%%%%DATADIR%%/setup/ad-schema/AD_DS_Attributes__Windows_Server_2016.ldf +%%AD_DC%%%%DATADIR%%/setup/ad-schema/AD_DS_Classes__Windows_Server_2012_R2.ldf +%%AD_DC%%%%DATADIR%%/setup/ad-schema/AD_DS_Classes__Windows_Server_2016.ldf +%%AD_DC%%%%DATADIR%%/setup/ad-schema/Attributes_for_AD_DS__Windows_Server_2008_R2.ldf +%%AD_DC%%%%DATADIR%%/setup/ad-schema/Attributes_for_AD_DS__Windows_Server_2012.ldf +%%AD_DC%%%%DATADIR%%/setup/ad-schema/Classes_for_AD_DS__Windows_Server_2008_R2.ldf +%%AD_DC%%%%DATADIR%%/setup/ad-schema/Classes_for_AD_DS__Windows_Server_2012.ldf +%%AD_DC%%%%DATADIR%%/setup/ad-schema/licence.txt +%%AD_DC%%%%DATADIR%%/setup/ad-schema/MS-AD_Schema_2K8_Attributes.txt +%%AD_DC%%%%DATADIR%%/setup/ad-schema/MS-AD_Schema_2K8_Classes.txt +%%AD_DC%%%%DATADIR%%/setup/ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt +%%AD_DC%%%%DATADIR%%/setup/ad-schema/MS-AD_Schema_2K8_R2_Classes.txt +%%AD_DC%%%%DATADIR%%/setup/adprep/fix-forest-rev.ldf +%%AD_DC%%%%DATADIR%%/setup/adprep/WindowsServerDocs/Forest-Wide-Updates.md +%%AD_DC%%%%DATADIR%%/setup/adprep/WindowsServerDocs/Sch49.ldf.diff +%%AD_DC%%%%DATADIR%%/setup/adprep/WindowsServerDocs/Sch50.ldf.diff +%%AD_DC%%%%DATADIR%%/setup/adprep/WindowsServerDocs/Sch51.ldf.diff +%%AD_DC%%%%DATADIR%%/setup/adprep/WindowsServerDocs/Sch57.ldf.diff +%%AD_DC%%%%DATADIR%%/setup/adprep/WindowsServerDocs/Sch59.ldf.diff +%%AD_DC%%%%DATADIR%%/setup/adprep/WindowsServerDocs/Schema-Updates.md +%%AD_DC%%%%DATADIR%%/setup/aggregate_schema.ldif +%%AD_DC%%%%DATADIR%%/setup/cn=samba.ldif +%%AD_DC%%%%DATADIR%%/setup/DB_CONFIG +%%AD_DC%%%%DATADIR%%/setup/display-specifiers/DisplaySpecifiers-Win2k0.txt +%%AD_DC%%%%DATADIR%%/setup/display-specifiers/DisplaySpecifiers-Win2k3.txt +%%AD_DC%%%%DATADIR%%/setup/display-specifiers/DisplaySpecifiers-Win2k3R2.txt +%%AD_DC%%%%DATADIR%%/setup/display-specifiers/DisplaySpecifiers-Win2k8.txt +%%AD_DC%%%%DATADIR%%/setup/display-specifiers/DisplaySpecifiers-Win2k8R2.txt +%%AD_DC%%%%DATADIR%%/setup/dns_update_list +%%AD_DC%%%%DATADIR%%/setup/extended-rights.ldif +%%AD_DC%%%%DATADIR%%/setup/fedorads-index.ldif +%%AD_DC%%%%DATADIR%%/setup/fedorads-linked-attributes.ldif +%%AD_DC%%%%DATADIR%%/setup/fedorads-pam.ldif +%%AD_DC%%%%DATADIR%%/setup/fedorads-samba.ldif +%%AD_DC%%%%DATADIR%%/setup/fedorads-sasl.ldif +%%AD_DC%%%%DATADIR%%/setup/idmap_init.ldif +%%AD_DC%%%%DATADIR%%/setup/krb5.conf +%%AD_DC%%%%DATADIR%%/setup/memberof.conf +%%AD_DC%%%%DATADIR%%/setup/mmr_serverids.conf +%%AD_DC%%%%DATADIR%%/setup/mmr_syncrepl.conf +%%AD_DC%%%%DATADIR%%/setup/modules.conf +%%AD_DC%%%%DATADIR%%/setup/named.conf +%%AD_DC%%%%DATADIR%%/setup/named.conf.dlz +%%AD_DC%%%%DATADIR%%/setup/named.conf.update +%%AD_DC%%%%DATADIR%%/setup/named.txt +%%AD_DC%%%%DATADIR%%/setup/olc_mmr.conf +%%AD_DC%%%%DATADIR%%/setup/olc_seed.ldif +%%AD_DC%%%%DATADIR%%/setup/olc_serverid.conf +%%AD_DC%%%%DATADIR%%/setup/olc_syncrepl_seed.conf +%%AD_DC%%%%DATADIR%%/setup/olc_syncrepl.conf +%%AD_DC%%%%DATADIR%%/setup/prefixMap.txt +%%AD_DC%%%%DATADIR%%/setup/provision_basedn_modify.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_basedn_options.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_basedn_references.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_basedn.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_computers_add.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_computers_modify.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_configuration_basedn.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_configuration_modify.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_configuration_references.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_configuration.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_dns_accounts_add.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_dns_add_samba.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_dnszones_add.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_dnszones_modify.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_dnszones_partitions.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_group_policy.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_init.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_partitions.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_privilege.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_rootdse_add.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_rootdse_modify.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_schema_basedn_modify.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_schema_basedn.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_self_join_config.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_self_join_modify_config.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_self_join_modify_schema.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_self_join_modify.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_self_join.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_users_add.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_users_modify.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_users.ldif +%%AD_DC%%%%DATADIR%%/setup/provision_well_known_sec_princ.ldif +%%AD_DC%%%%DATADIR%%/setup/provision.ldif +%%AD_DC%%%%DATADIR%%/setup/provision.reg +%%AD_DC%%%%DATADIR%%/setup/provision.zone +%%AD_DC%%%%DATADIR%%/setup/refint.conf +%%AD_DC%%%%DATADIR%%/setup/schema_samba4.ldif +%%AD_DC%%%%DATADIR%%/setup/schema-map-fedora-ds-1.0 +%%AD_DC%%%%DATADIR%%/setup/schema-map-openldap-2.3 +%%AD_DC%%%%DATADIR%%/setup/secrets_dns.ldif +%%AD_DC%%%%DATADIR%%/setup/secrets_init.ldif +%%AD_DC%%%%DATADIR%%/setup/secrets_sasl_ldap.ldif +%%AD_DC%%%%DATADIR%%/setup/secrets_simple_ldap.ldif +%%AD_DC%%%%DATADIR%%/setup/secrets.ldif +%%AD_DC%%%%DATADIR%%/setup/share.ldif +%%AD_DC%%%%DATADIR%%/setup/spn_update_list +%%AD_DC%%%%DATADIR%%/setup/ypServ30.ldif +%%AD_DC%%@dir %%DATADIR%%/setup/display-specifiers +%%AD_DC%%@dir %%DATADIR%%/setup/ad-schema +%%AD_DC%%@dir %%DATADIR%%/setup +%%AD_DC%%@dir %%DATADIR%% +@comment Man pages +man/man1/dbwrap_tool.1.gz +man/man1/findsmb.1.gz +man/man1/gentest.1.gz +man/man1/locktest.1.gz +man/man1/log2pcap.1.gz +man/man1/masktest.1.gz +man/man1/mdfind.1.gz +man/man1/mvxattr.1.gz +man/man1/ndrdump.1.gz +man/man1/nmblookup.1.gz +man/man1/ntlm_auth.1.gz +man/man1/oLschema2ldif.1.gz +man/man1/profiles.1.gz +man/man1/regdiff.1.gz +man/man1/regpatch.1.gz +man/man1/regshell.1.gz +man/man1/regtree.1.gz +man/man1/rpcclient.1.gz +man/man1/sharesec.1.gz +man/man1/smbcacls.1.gz +man/man1/smbclient.1.gz +man/man1/smbcontrol.1.gz +man/man1/smbcquotas.1.gz +man/man1/smbget.1.gz +man/man1/smbstatus.1.gz +man/man1/smbtar.1.gz +%%SAMBA4_PYTHON%%man/man1/smbtorture.1.gz +man/man1/smbtree.1.gz +man/man1/testparm.1.gz +man/man1/vfstest.1.gz +man/man1/wbinfo.1.gz +man/man5/lmhosts.5.gz +man/man5/pam_winbind.conf.5.gz +man/man5/smb.conf.5.gz +man/man5/smb4.conf.5.gz +man/man5/smbgetrc.5.gz +man/man5/smbpasswd.5.gz +man/man7/libsmbclient.7.gz +man/man7/samba.7.gz +man/man7/traffic_learner.7.gz +man/man7/traffic_replay.7.gz +man/man8/cifsdd.8.gz +man/man8/eventlogadm.8.gz +man/man8/idmap_ad.8.gz +man/man8/idmap_autorid.8.gz +man/man8/idmap_hash.8.gz +man/man8/idmap_ldap.8.gz +man/man8/idmap_nss.8.gz +man/man8/idmap_rfc2307.8.gz +man/man8/idmap_rid.8.gz +man/man8/idmap_script.8.gz +man/man8/idmap_tdb.8.gz +man/man8/idmap_tdb2.8.gz +man/man8/net.8.gz +man/man8/nmbd.8.gz +man/man8/pam_winbind.8.gz +man/man8/pdbedit.8.gz +man/man8/samba_downgrade_db.8.gz +man/man8/samba-gpupdate.8.gz +man/man8/samba-regedit.8.gz +man/man8/samba-tool.8.gz +man/man8/samba.8.gz +man/man8/smbd.8.gz +man/man8/smbpasswd.8.gz +man/man8/smbspool_krb5_wrapper.8.gz +man/man8/smbspool.8.gz +man/man8/vfs_acl_tdb.8.gz +man/man8/vfs_acl_xattr.8.gz +man/man8/vfs_aio_fork.8.gz +man/man8/vfs_aio_pthread.8.gz +man/man8/vfs_audit.8.gz +man/man8/vfs_cacheprime.8.gz +man/man8/vfs_cap.8.gz +man/man8/vfs_catia.8.gz +man/man8/vfs_commit.8.gz +man/man8/vfs_crossrename.8.gz +man/man8/vfs_default_quota.8.gz +man/man8/vfs_dirsort.8.gz +man/man8/vfs_extd_audit.8.gz +man/man8/vfs_fake_perms.8.gz +man/man8/vfs_freebsd.8.gz +man/man8/vfs_full_audit.8.gz +man/man8/vfs_linux_xfs_sgid.8.gz +man/man8/vfs_media_harmony.8.gz +man/man8/vfs_offline.8.gz +man/man8/vfs_preopen.8.gz +man/man8/vfs_readahead.8.gz +man/man8/vfs_readonly.8.gz +man/man8/vfs_recycle.8.gz +man/man8/vfs_shadow_copy.8.gz +man/man8/vfs_shadow_copy2.8.gz +man/man8/vfs_shell_snap.8.gz +man/man8/vfs_streams_depot.8.gz +man/man8/vfs_streams_xattr.8.gz +man/man8/vfs_syncops.8.gz +man/man8/vfs_time_audit.8.gz +man/man8/vfs_unityed_media.8.gz +man/man8/vfs_virusfilter.8.gz +man/man8/vfs_worm.8.gz +man/man8/vfs_xattr_tdb.8.gz +man/man8/vfs_zfsacl.8.gz +man/man8/winbind_krb5_locator.8.gz +man/man8/winbindd.8.gz +@dir %%SAMBA4_RUNDIR%% +@dir %%SAMBA4_LOGDIR%% +@dir %%SAMBA4_LOCKDIR%% +@dir %%SAMBA4_PRIVATEDIR%% +@dir %%SAMBA4_BINDDNSDIR%% +@comment Cluster +%%CLUSTER%%bin/ctdb +%%CLUSTER%%bin/ctdb_diagnostics +%%CLUSTER%%bin/ltdbtool +%%CLUSTER%%bin/onnode +%%CLUSTER%%bin/ping_pong +%%CLUSTER%%etc/ctdb/ctdb-crash-cleanup.sh +%%CLUSTER%%etc/ctdb/debug_locks.sh +%%CLUSTER%%etc/ctdb/debug-hung-script.sh +%%CLUSTER%%etc/ctdb/events/legacy/00.ctdb.script +%%CLUSTER%%etc/ctdb/events/legacy/01.reclock.script +%%CLUSTER%%etc/ctdb/events/legacy/05.system.script +%%CLUSTER%%etc/ctdb/events/legacy/10.interface.script +%%CLUSTER%%etc/ctdb/events/notification/README +%%CLUSTER%%etc/ctdb/functions +%%CLUSTER%%etc/ctdb/nfs-checks.d/00.portmapper.check +%%CLUSTER%%etc/ctdb/nfs-checks.d/10.status.check +%%CLUSTER%%etc/ctdb/nfs-checks.d/20.nfs.check +%%CLUSTER%%etc/ctdb/nfs-checks.d/30.nlockmgr.check +%%CLUSTER%%etc/ctdb/nfs-checks.d/40.mountd.check +%%CLUSTER%%etc/ctdb/nfs-checks.d/50.rquotad.check +%%CLUSTER%%etc/ctdb/nfs-checks.d/README +%%CLUSTER%%etc/ctdb/nfs-linux-kernel-callout +%%CLUSTER%%etc/ctdb/notify.sh +%%CLUSTER%%etc/ctdb/statd-callout +%%CLUSTER%%etc/sudoers.d/ctdb +%%CLUSTER%%lib/samba4/private/libctdb-event-client-samba4.so +%%CLUSTER%%libexec/ctdb/ctdb_killtcp +%%CLUSTER%%libexec/ctdb/ctdb_lock_helper +%%CLUSTER%%libexec/ctdb/ctdb_lvs +%%CLUSTER%%libexec/ctdb/ctdb_mutex_fcntl_helper +%%CLUSTER%%libexec/ctdb/ctdb_natgw +%%CLUSTER%%libexec/ctdb/ctdb_recovery_helper +%%CLUSTER%%libexec/ctdb/ctdb_takeover_helper +%%CLUSTER%%libexec/ctdb/ctdb-config +%%CLUSTER%%libexec/ctdb/ctdb-event +%%CLUSTER%%libexec/ctdb/ctdb-eventd +%%CLUSTER%%libexec/ctdb/ctdb-path +%%CLUSTER%%libexec/ctdb/smnotify +%%CLUSTER%%man/man1/ctdb_diagnostics.1.gz +%%CLUSTER%%man/man1/ctdb.1.gz +%%CLUSTER%%man/man1/ctdbd_wrapper.1.gz +%%CLUSTER%%man/man1/ctdbd.1.gz +%%CLUSTER%%man/man1/ltdbtool.1.gz +%%CLUSTER%%man/man1/onnode.1.gz +%%CLUSTER%%man/man1/ping_pong.1.gz +%%CLUSTER%%man/man5/ctdb-script.options.5.gz +%%CLUSTER%%man/man5/ctdb.conf.5.gz +%%CLUSTER%%man/man5/ctdb.sysconfig.5.gz +%%CLUSTER%%man/man7/ctdb-statistics.7.gz +%%CLUSTER%%man/man7/ctdb-tunables.7.gz +%%CLUSTER%%man/man7/ctdb.7.gz +%%CLUSTER%%sbin/ctdbd +%%CLUSTER%%sbin/ctdbd_wrapper +%%CLUSTER%%share/ctdb/events/legacy/00.ctdb.script +%%CLUSTER%%share/ctdb/events/legacy/01.reclock.script +%%CLUSTER%%share/ctdb/events/legacy/05.system.script +%%CLUSTER%%share/ctdb/events/legacy/06.nfs.script +%%CLUSTER%%share/ctdb/events/legacy/10.interface.script +%%CLUSTER%%share/ctdb/events/legacy/11.natgw.script +%%CLUSTER%%share/ctdb/events/legacy/11.routing.script +%%CLUSTER%%share/ctdb/events/legacy/13.per_ip_routing.script +%%CLUSTER%%share/ctdb/events/legacy/20.multipathd.script +%%CLUSTER%%share/ctdb/events/legacy/31.clamd.script +%%CLUSTER%%share/ctdb/events/legacy/40.vsftpd.script +%%CLUSTER%%share/ctdb/events/legacy/41.httpd.script +%%CLUSTER%%share/ctdb/events/legacy/49.winbind.script +%%CLUSTER%%share/ctdb/events/legacy/50.samba.script +%%CLUSTER%%share/ctdb/events/legacy/60.nfs.script +%%CLUSTER%%share/ctdb/events/legacy/70.iscsi.script +%%CLUSTER%%share/ctdb/events/legacy/91.lvs.script +%%CLUSTER%%@dir /var/lib/ctdb/volatile +%%CLUSTER%%@dir /var/lib/ctdb/state +%%CLUSTER%%@dir /var/lib/ctdb/persistent +%%CLUSTER%%@dir /var/lib/ctdb +%%CLUSTER%%@dir /var/lib +%%CLUSTER%%@dir /var/run/ctdb +@comment Python block +%%AD_DC%%%%PYTHON_SITELIBDIR%%/samba/dckeytab.so +%%AD_DC%%%%PYTHON_SITELIBDIR%%/samba/posix_eadb.so +%%AD_DC%%%%PYTHON_SITELIBDIR%%/samba/xattr_native.so +%%AD_DC%%%%PYTHON_SITELIBDIR%%/samba/xattr_tdb.so +%%PYTHON_SITELIBDIR%%/samba/__init__.py +%%PYTHON_SITELIBDIR%%/samba/_glue.so +%%PYTHON_SITELIBDIR%%/samba/_ldb.so +%%PYTHON_SITELIBDIR%%/samba/auth_util.py +%%PYTHON_SITELIBDIR%%/samba/auth.so +%%PYTHON_SITELIBDIR%%/samba/colour.py +%%PYTHON_SITELIBDIR%%/samba/common.py +%%PYTHON_SITELIBDIR%%/samba/compat.py +%%PYTHON_SITELIBDIR%%/samba/credentials.so +%%PYTHON_SITELIBDIR%%/samba/crypto.so +%%PYTHON_SITELIBDIR%%/samba/dbchecker.py +%%PYTHON_SITELIBDIR%%/samba/dcerpc/__init__.py +%%PYTHON_SITELIBDIR%%/samba/dcerpc/atsvc.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/auth.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/base.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/dcerpc.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/dfs.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/dns.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/dnsp.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/dnsserver.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/drsblobs.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/drsuapi.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/echo.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/epmapper.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/idmap.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/initshutdown.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/irpc.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/krb5pac.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/lsa.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/mdssvc.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/messaging.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/mgmt.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/misc.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/nbt.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/netlogon.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/ntlmssp.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/preg.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/samr.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/security.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/server_id.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/smb_acl.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/spoolss.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/srvsvc.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/svcctl.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/unixinfo.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/winbind.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/windows_event_ids.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/winreg.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/winspool.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/witness.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/wkssvc.so +%%PYTHON_SITELIBDIR%%/samba/dcerpc/xattr.so +%%PYTHON_SITELIBDIR%%/samba/descriptor.py +%%PYTHON_SITELIBDIR%%/samba/dnsserver.py +%%PYTHON_SITELIBDIR%%/samba/domain_update.py +%%PYTHON_SITELIBDIR%%/samba/drs_utils.py +%%AD_DC%%%%PYTHON_SITELIBDIR%%/samba/dsdb_dns.so +%%AD_DC%%%%PYTHON_SITELIBDIR%%/samba/dsdb.so +%%PYTHON_SITELIBDIR%%/samba/emulate/__init__.py +%%PYTHON_SITELIBDIR%%/samba/emulate/traffic_packets.py +%%PYTHON_SITELIBDIR%%/samba/emulate/traffic.py +%%PYTHON_SITELIBDIR%%/samba/forest_update.py +%%PYTHON_SITELIBDIR%%/samba/gensec.so +%%PYTHON_SITELIBDIR%%/samba/getopt.py +%%PYTHON_SITELIBDIR%%/samba/gp_ext_loader.py +%%PYTHON_SITELIBDIR%%/samba/gp_parse/__init__.py +%%PYTHON_SITELIBDIR%%/samba/gp_parse/gp_aas.py +%%PYTHON_SITELIBDIR%%/samba/gp_parse/gp_csv.py +%%PYTHON_SITELIBDIR%%/samba/gp_parse/gp_inf.py +%%PYTHON_SITELIBDIR%%/samba/gp_parse/gp_ini.py +%%PYTHON_SITELIBDIR%%/samba/gp_parse/gp_pol.py +%%PYTHON_SITELIBDIR%%/samba/gp_sec_ext.py +%%PYTHON_SITELIBDIR%%/samba/gpclass.py +%%PYTHON_SITELIBDIR%%/samba/gpo.so +%%PYTHON_SITELIBDIR%%/samba/graph.py +%%PYTHON_SITELIBDIR%%/samba/hostconfig.py +%%PYTHON_SITELIBDIR%%/samba/idmap.py +%%PYTHON_SITELIBDIR%%/samba/join.py +%%PYTHON_SITELIBDIR%%/samba/kcc/__init__.py +%%PYTHON_SITELIBDIR%%/samba/kcc/debug.py +%%PYTHON_SITELIBDIR%%/samba/kcc/graph_utils.py +%%PYTHON_SITELIBDIR%%/samba/kcc/graph.py +%%PYTHON_SITELIBDIR%%/samba/kcc/kcc_utils.py +%%PYTHON_SITELIBDIR%%/samba/kcc/ldif_import_export.py +%%PYTHON_SITELIBDIR%%/samba/logger.py +%%PYTHON_SITELIBDIR%%/samba/mdb_util.py +%%PYTHON_SITELIBDIR%%/samba/messaging.so +%%PYTHON_SITELIBDIR%%/samba/ms_display_specifiers.py +%%PYTHON_SITELIBDIR%%/samba/ms_forest_updates_markdown.py +%%PYTHON_SITELIBDIR%%/samba/ms_schema_markdown.py +%%PYTHON_SITELIBDIR%%/samba/ms_schema.py +%%PYTHON_SITELIBDIR%%/samba/ndr.py +%%PYTHON_SITELIBDIR%%/samba/net.so +%%PYTHON_SITELIBDIR%%/samba/netbios.so +%%PYTHON_SITELIBDIR%%/samba/netcmd/__init__.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/common.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/computer.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/contact.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/dbcheck.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/delegation.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/dns.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/domain_backup.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/domain.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/drs.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/dsacl.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/forest.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/fsmo.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/gpo.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/group.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/ldapcmp.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/main.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/nettime.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/ntacl.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/ou.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/processes.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/pso.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/rodc.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/schema.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/sites.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/spn.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/testparm.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/user.py +%%PYTHON_SITELIBDIR%%/samba/netcmd/visualize.py +%%PYTHON_SITELIBDIR%%/samba/ntacls.py +%%PYTHON_SITELIBDIR%%/samba/ntstatus.so +%%PYTHON_SITELIBDIR%%/samba/param.so +%%PYTHON_SITELIBDIR%%/samba/policy.so +%%PYTHON_SITELIBDIR%%/samba/provision/__init__.py +%%PYTHON_SITELIBDIR%%/samba/provision/backend.py +%%PYTHON_SITELIBDIR%%/samba/provision/common.py +%%PYTHON_SITELIBDIR%%/samba/provision/kerberos_implementation.py +%%PYTHON_SITELIBDIR%%/samba/provision/kerberos.py +%%PYTHON_SITELIBDIR%%/samba/provision/sambadns.py +%%PYTHON_SITELIBDIR%%/samba/registry.so +%%PYTHON_SITELIBDIR%%/samba/remove_dc.py +%%PYTHON_SITELIBDIR%%/samba/samba3/__init__.py +%%PYTHON_SITELIBDIR%%/samba/samba3/libsmb_samba_internal.so +%%PYTHON_SITELIBDIR%%/samba/samba3/mdscli.so +%%PYTHON_SITELIBDIR%%/samba/samba3/param.so +%%PYTHON_SITELIBDIR%%/samba/samba3/passdb.so +%%PYTHON_SITELIBDIR%%/samba/samba3/smbd.so +%%PYTHON_SITELIBDIR%%/samba/samdb.py +%%PYTHON_SITELIBDIR%%/samba/schema.py +%%PYTHON_SITELIBDIR%%/samba/sd_utils.py +%%PYTHON_SITELIBDIR%%/samba/security.so +%%PYTHON_SITELIBDIR%%/samba/sites.py +%%PYTHON_SITELIBDIR%%/samba/subnets.py +%%PYTHON_SITELIBDIR%%/samba/subunit/__init__.py +%%PYTHON_SITELIBDIR%%/samba/subunit/run.py +%%PYTHON_SITELIBDIR%%/samba/tdb_util.py +%%PYTHON_SITELIBDIR%%/samba/tests/__init__.py +%%PYTHON_SITELIBDIR%%/samba/tests/audit_log_base.py +%%PYTHON_SITELIBDIR%%/samba/tests/audit_log_dsdb.py +%%PYTHON_SITELIBDIR%%/samba/tests/audit_log_pass_change.py +%%PYTHON_SITELIBDIR%%/samba/tests/auth_log_base.py +%%PYTHON_SITELIBDIR%%/samba/tests/auth_log_ncalrpc.py +%%PYTHON_SITELIBDIR%%/samba/tests/auth_log_netlogon_bad_creds.py +%%PYTHON_SITELIBDIR%%/samba/tests/auth_log_netlogon.py +%%PYTHON_SITELIBDIR%%/samba/tests/auth_log_pass_change.py +%%PYTHON_SITELIBDIR%%/samba/tests/auth_log_samlogon.py +%%PYTHON_SITELIBDIR%%/samba/tests/auth_log_winbind.py +%%PYTHON_SITELIBDIR%%/samba/tests/auth_log.py +%%PYTHON_SITELIBDIR%%/samba/tests/auth.py +%%PYTHON_SITELIBDIR%%/samba/tests/blackbox/__init__.py +%%PYTHON_SITELIBDIR%%/samba/tests/blackbox/bug13653.py +%%PYTHON_SITELIBDIR%%/samba/tests/blackbox/check_output.py +%%PYTHON_SITELIBDIR%%/samba/tests/blackbox/downgradedatabase.py +%%PYTHON_SITELIBDIR%%/samba/tests/blackbox/mdfind.py +%%PYTHON_SITELIBDIR%%/samba/tests/blackbox/ndrdump.py +%%PYTHON_SITELIBDIR%%/samba/tests/blackbox/netads_json.py +%%PYTHON_SITELIBDIR%%/samba/tests/blackbox/samba_dnsupdate.py +%%PYTHON_SITELIBDIR%%/samba/tests/blackbox/smbcontrol_process.py +%%PYTHON_SITELIBDIR%%/samba/tests/blackbox/smbcontrol.py +%%PYTHON_SITELIBDIR%%/samba/tests/blackbox/traffic_learner.py +%%PYTHON_SITELIBDIR%%/samba/tests/blackbox/traffic_replay.py +%%PYTHON_SITELIBDIR%%/samba/tests/blackbox/traffic_summary.py +%%PYTHON_SITELIBDIR%%/samba/tests/common.py +%%PYTHON_SITELIBDIR%%/samba/tests/complex_expressions.py +%%PYTHON_SITELIBDIR%%/samba/tests/core.py +%%PYTHON_SITELIBDIR%%/samba/tests/credentials.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/__init__.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/array.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/bare.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/dnsserver.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/integer.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/mdssvc.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/misc.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/raw_protocol.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/raw_testcase.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/registry.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/rpc_talloc.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/rpcecho.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/sam.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/srvsvc.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/string_tests.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/testrpc.py +%%PYTHON_SITELIBDIR%%/samba/tests/dcerpc/unix.py +%%PYTHON_SITELIBDIR%%/samba/tests/dckeytab.py +%%PYTHON_SITELIBDIR%%/samba/tests/dns_base.py +%%PYTHON_SITELIBDIR%%/samba/tests/dns_forwarder_helpers/server.py +%%PYTHON_SITELIBDIR%%/samba/tests/dns_forwarder.py +%%PYTHON_SITELIBDIR%%/samba/tests/dns_invalid.py +%%PYTHON_SITELIBDIR%%/samba/tests/dns_packet.py +%%PYTHON_SITELIBDIR%%/samba/tests/dns_tkey.py +%%PYTHON_SITELIBDIR%%/samba/tests/dns_wildcard.py +%%PYTHON_SITELIBDIR%%/samba/tests/dns.py +%%PYTHON_SITELIBDIR%%/samba/tests/docs.py +%%PYTHON_SITELIBDIR%%/samba/tests/domain_backup_offline.py +%%PYTHON_SITELIBDIR%%/samba/tests/domain_backup.py +%%PYTHON_SITELIBDIR%%/samba/tests/dsdb_lock.py +%%PYTHON_SITELIBDIR%%/samba/tests/dsdb_schema_attributes.py +%%PYTHON_SITELIBDIR%%/samba/tests/dsdb.py +%%PYTHON_SITELIBDIR%%/samba/tests/emulate/__init__.py +%%PYTHON_SITELIBDIR%%/samba/tests/emulate/traffic_packet.py +%%PYTHON_SITELIBDIR%%/samba/tests/emulate/traffic.py +%%PYTHON_SITELIBDIR%%/samba/tests/encrypted_secrets.py +%%PYTHON_SITELIBDIR%%/samba/tests/gensec.py +%%PYTHON_SITELIBDIR%%/samba/tests/get_opt.py +%%PYTHON_SITELIBDIR%%/samba/tests/getdcname.py +%%PYTHON_SITELIBDIR%%/samba/tests/glue.py +%%PYTHON_SITELIBDIR%%/samba/tests/gpo.py +%%PYTHON_SITELIBDIR%%/samba/tests/graph.py +%%PYTHON_SITELIBDIR%%/samba/tests/group_audit.py +%%PYTHON_SITELIBDIR%%/samba/tests/hostconfig.py +%%PYTHON_SITELIBDIR%%/samba/tests/join.py +%%PYTHON_SITELIBDIR%%/samba/tests/kcc/__init__.py +%%PYTHON_SITELIBDIR%%/samba/tests/kcc/graph_utils.py +%%PYTHON_SITELIBDIR%%/samba/tests/kcc/graph.py +%%PYTHON_SITELIBDIR%%/samba/tests/kcc/kcc_utils.py +%%PYTHON_SITELIBDIR%%/samba/tests/kcc/ldif_import_export.py +%%PYTHON_SITELIBDIR%%/samba/tests/krb5_credentials.py +%%PYTHON_SITELIBDIR%%/samba/tests/ldap_raw.py +%%PYTHON_SITELIBDIR%%/samba/tests/ldap_referrals.py +%%PYTHON_SITELIBDIR%%/samba/tests/libsmb.py +%%PYTHON_SITELIBDIR%%/samba/tests/loadparm.py +%%PYTHON_SITELIBDIR%%/samba/tests/lsa_string.py +%%PYTHON_SITELIBDIR%%/samba/tests/messaging.py +%%PYTHON_SITELIBDIR%%/samba/tests/net_join_no_spnego.py +%%PYTHON_SITELIBDIR%%/samba/tests/net_join.py +%%PYTHON_SITELIBDIR%%/samba/tests/netbios.py +%%PYTHON_SITELIBDIR%%/samba/tests/netcmd.py +%%PYTHON_SITELIBDIR%%/samba/tests/netlogonsvc.py +%%PYTHON_SITELIBDIR%%/samba/tests/ntacls_backup.py +%%PYTHON_SITELIBDIR%%/samba/tests/ntacls.py +%%PYTHON_SITELIBDIR%%/samba/tests/ntlm_auth_base.py +%%PYTHON_SITELIBDIR%%/samba/tests/ntlm_auth_krb5.py +%%PYTHON_SITELIBDIR%%/samba/tests/ntlm_auth.py +%%PYTHON_SITELIBDIR%%/samba/tests/ntlmdisabled.py +%%PYTHON_SITELIBDIR%%/samba/tests/pam_winbind_chauthtok.py +%%PYTHON_SITELIBDIR%%/samba/tests/pam_winbind_warn_pwd_expire.py +%%PYTHON_SITELIBDIR%%/samba/tests/pam_winbind.py +%%PYTHON_SITELIBDIR%%/samba/tests/param.py +%%PYTHON_SITELIBDIR%%/samba/tests/password_hash_fl2003.py +%%PYTHON_SITELIBDIR%%/samba/tests/password_hash_fl2008.py +%%PYTHON_SITELIBDIR%%/samba/tests/password_hash_gpgme.py +%%PYTHON_SITELIBDIR%%/samba/tests/password_hash_ldap.py +%%PYTHON_SITELIBDIR%%/samba/tests/password_hash.py +%%PYTHON_SITELIBDIR%%/samba/tests/password_quality.py +%%PYTHON_SITELIBDIR%%/samba/tests/password_test.py +%%PYTHON_SITELIBDIR%%/samba/tests/policy.py +%%PYTHON_SITELIBDIR%%/samba/tests/posixacl.py +%%PYTHON_SITELIBDIR%%/samba/tests/prefork_restart.py +%%PYTHON_SITELIBDIR%%/samba/tests/process_limits.py +%%PYTHON_SITELIBDIR%%/samba/tests/provision.py +%%PYTHON_SITELIBDIR%%/samba/tests/pso.py +%%PYTHON_SITELIBDIR%%/samba/tests/py_credentials.py +%%PYTHON_SITELIBDIR%%/samba/tests/registry.py +%%PYTHON_SITELIBDIR%%/samba/tests/s3idmapdb.py +%%PYTHON_SITELIBDIR%%/samba/tests/s3param.py +%%PYTHON_SITELIBDIR%%/samba/tests/s3passdb.py +%%PYTHON_SITELIBDIR%%/samba/tests/s3registry.py +%%PYTHON_SITELIBDIR%%/samba/tests/s3windb.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/__init__.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/base.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/computer.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/contact.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/demote.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/dnscmd.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/drs_clone_dc_data_lmdb_size.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/dsacl.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/forest.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/fsmo.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/gpo.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/group.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/help.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/join_lmdb_size.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/join.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/ntacl.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/ou.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/passwordsettings.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/processes.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/promote_dc_lmdb_size.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/provision_lmdb_size.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/provision_password_check.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/rodc.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/schema.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/sites.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/timecmd.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/user_check_password_script.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/user_virtualCryptSHA.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/user_virtualCryptSHA_base.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/user_virtualCryptSHA_gpg.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/user_virtualCryptSHA_userPassword.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/user_wdigest.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/user.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/visualize_drs.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_tool/visualize.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba_upgradedns_lmdb.py +%%PYTHON_SITELIBDIR%%/samba/tests/samba3sam.py +%%PYTHON_SITELIBDIR%%/samba/tests/samdb_api.py +%%PYTHON_SITELIBDIR%%/samba/tests/samdb.py +%%PYTHON_SITELIBDIR%%/samba/tests/security.py +%%PYTHON_SITELIBDIR%%/samba/tests/segfault.py +%%PYTHON_SITELIBDIR%%/samba/tests/smb.py +%%PYTHON_SITELIBDIR%%/samba/tests/smbd_base.py +%%PYTHON_SITELIBDIR%%/samba/tests/smbd_fuzztest.py +%%PYTHON_SITELIBDIR%%/samba/tests/source.py +%%PYTHON_SITELIBDIR%%/samba/tests/strings.py +%%PYTHON_SITELIBDIR%%/samba/tests/subunitrun.py +%%PYTHON_SITELIBDIR%%/samba/tests/tdb_util.py +%%PYTHON_SITELIBDIR%%/samba/tests/upgrade.py +%%PYTHON_SITELIBDIR%%/samba/tests/upgradeprovision.py +%%PYTHON_SITELIBDIR%%/samba/tests/upgradeprovisionneeddc.py +%%PYTHON_SITELIBDIR%%/samba/tests/usage.py +%%PYTHON_SITELIBDIR%%/samba/tests/xattr.py +%%PYTHON_SITELIBDIR%%/samba/third_party/__init__.py +%%PYTHON_SITELIBDIR%%/samba/upgrade.py +%%PYTHON_SITELIBDIR%%/samba/upgradehelpers.py +%%PYTHON_SITELIBDIR%%/samba/uptodateness.py +%%PYTHON_SITELIBDIR%%/samba/werror.so +%%PYTHON_SITELIBDIR%%/samba/xattr.py +@dir %%PYTHON_SITELIBDIR%%/samba/tests/samba_tool +@dir %%PYTHON_SITELIBDIR%%/samba/tests/dcerpc +@dir %%PYTHON_SITELIBDIR%%/samba/tests/blackbox +@dir %%PYTHON_SITELIBDIR%%/samba/tests +@dir %%PYTHON_SITELIBDIR%%/samba/samba3 +@dir %%PYTHON_SITELIBDIR%%/samba/provision +@dir %%PYTHON_SITELIBDIR%%/samba/netcmd +@dir %%PYTHON_SITELIBDIR%%/samba/dcerpc +@dir %%PYTHON_SITELIBDIR%%/samba +@comment Use bundled libraries +%%SAMBA4_BUNDLED_CMOCKA%%lib/samba4/private/libcmocka-samba4.so +%%SAMBA4_BUNDLED_LDB%%%%SAMBA4_PYTHON%%%%PYTHON_SITELIBDIR%%/_ldb_text.py +%%SAMBA4_BUNDLED_LDB%%%%SAMBA4_PYTHON%%%%PYTHON_SITELIBDIR%%/ldb.so +%%SAMBA4_BUNDLED_LDB%%%%SAMBA4_PYTHON%%lib/samba4/private/libpyldb-util.so.2 +%%SAMBA4_BUNDLED_LDB%%bin/samba-ldbdump +%%SAMBA4_BUNDLED_LDB%%bin/samba-ldbadd +%%SAMBA4_BUNDLED_LDB%%bin/samba-ldbdel +%%SAMBA4_BUNDLED_LDB%%bin/samba-ldbedit +%%SAMBA4_BUNDLED_LDB%%bin/samba-ldbmodify +%%SAMBA4_BUNDLED_LDB%%bin/samba-ldbrename +%%SAMBA4_BUNDLED_LDB%%bin/samba-ldbsearch +%%SAMBA4_BUNDLED_LDB%%lib/samba4/private/libldb-cmdline-samba4.so +%%SAMBA4_BUNDLED_LDB%%lib/samba4/private/libldb-key-value-samba4.so +%%SAMBA4_BUNDLED_LDB%%lib/samba4/private/libldb-tdb-err-map-samba4.so +%%SAMBA4_BUNDLED_LDB%%lib/samba4/private/libldb-tdb-int-samba4.so +%%SAMBA4_BUNDLED_LDB%%lib/samba4/private/libldb.so.2 +%%AD_DC%%%%SAMBA4_BUNDLED_LDB%%%%SAMBA4_MODULEDIR%%/ldb/count_attrs.so +%%SAMBA4_BUNDLED_LDB%%%%SAMBA4_MODULEDIR%%/ldb/asq.so +%%SAMBA4_BUNDLED_LDB%%%%SAMBA4_MODULEDIR%%/ldb/ldb.so +%%SAMBA4_BUNDLED_LDB%%%%SAMBA4_MODULEDIR%%/ldb/paged_results.so +%%SAMBA4_BUNDLED_LDB%%%%SAMBA4_MODULEDIR%%/ldb/paged_searches.so +%%SAMBA4_BUNDLED_LDB%%%%SAMBA4_MODULEDIR%%/ldb/rdn_name.so +%%SAMBA4_BUNDLED_LDB%%%%SAMBA4_MODULEDIR%%/ldb/sample.so +%%SAMBA4_BUNDLED_LDB%%%%SAMBA4_MODULEDIR%%/ldb/server_sort.so +%%SAMBA4_BUNDLED_LDB%%%%SAMBA4_MODULEDIR%%/ldb/skel.so +%%SAMBA4_BUNDLED_LDB%%%%SAMBA4_MODULEDIR%%/ldb/tdb.so +%%SAMBA4_BUNDLED_TALLOC%%%%SAMBA4_PYTHON%%%%PYTHON_SITELIBDIR%%/talloc.so +%%SAMBA4_BUNDLED_TALLOC%%%%SAMBA4_PYTHON%%lib/samba4/private/libpytalloc-util.so.2 +%%SAMBA4_BUNDLED_TALLOC%%lib/samba4/private/libtalloc.so.2 +%%SAMBA4_BUNDLED_TALLOC%%man/man3/talloc.3.gz +%%SAMBA4_BUNDLED_TDB%%%%SAMBA4_PYTHON%%%%PYTHON_SITELIBDIR%%/_tdb_text.py +%%SAMBA4_BUNDLED_TDB%%%%SAMBA4_PYTHON%%%%PYTHON_SITELIBDIR%%/tdb.so +%%SAMBA4_BUNDLED_TDB%%bin/samba-tdbbackup +%%SAMBA4_BUNDLED_TDB%%bin/samba-tdbdump +%%SAMBA4_BUNDLED_TDB%%bin/samba-tdbrestore +%%SAMBA4_BUNDLED_TDB%%bin/samba-tdbtool +%%SAMBA4_BUNDLED_TDB%%lib/samba4/private/libtdb.so.1 +%%SAMBA4_BUNDLED_TEVENT%%%%SAMBA4_PYTHON%%%%PYTHON_SITELIBDIR%%/_tevent.so +%%SAMBA4_BUNDLED_TEVENT%%%%SAMBA4_PYTHON%%%%PYTHON_SITELIBDIR%%/tevent.py +%%SAMBA4_BUNDLED_TEVENT%%lib/samba4/private/libtevent.so.0 +%%SAMBA4_BUNDLED_LDB%%man/man1/samba-ldbadd.1.gz +%%SAMBA4_BUNDLED_LDB%%man/man1/samba-ldbdel.1.gz +%%SAMBA4_BUNDLED_LDB%%man/man1/samba-ldbedit.1.gz +%%SAMBA4_BUNDLED_LDB%%man/man1/samba-ldbmodify.1.gz +%%SAMBA4_BUNDLED_LDB%%man/man1/samba-ldbrename.1.gz +%%SAMBA4_BUNDLED_LDB%%man/man1/samba-ldbsearch.1.gz +%%SAMBA4_BUNDLED_TDB%%man/man8/samba-tdbbackup.8.gz +%%SAMBA4_BUNDLED_TDB%%man/man8/samba-tdbdump.8.gz +%%SAMBA4_BUNDLED_TDB%%man/man8/samba-tdbrestore.8.gz +%%SAMBA4_BUNDLED_TDB%%man/man8/samba-tdbtool.8.gz