summaryrefslogtreecommitdiff
path: root/source3/smbd/server.c
AgeCommit message (Collapse)AuthorFilesLines
2010-03-15s3:smbd: make sure we always have a valid talloc stackframeStefan Metzmacher1-0/+3
metze
2010-03-10s3: Fix a long-standing problem with recycled PIDsVolker Lendecke1-4/+35
When a samba server process dies hard, it has no chance to clean up its entries in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb. For locking.tdb and brlock.tdb Samba is robust by checking every time we read an entry from the database if the corresponding process still exists. If it does not exist anymore, the entry is deleted. This is not 100% failsafe though: On systems with a limited PID space there is a non-zero chance that between the smbd's death and the fresh access, the PID is recycled by another long-running process. This renders all files that had been locked by the killed smbd potentially unusable until the new process also dies. This patch is supposed to fix the problem the following way: Every process ID in every database is augmented by a random 64-bit number that is stored in a serverid.tdb. Whenever we need to check if a process still exists we know its PID and the 64-bit number. We look up the PID in serverid.tdb and compare the 64-bit number. If it's the same, the process still is a valid smbd holding the lock. If it is different, a new smbd has taken over. I believe this is safe against an smbd that has died hard and the PID has been taken over by a non-samba process. This process would not have registered itself with a fresh 64-bit number in serverid.tdb, so the old one still exists in serverid.tdb. We protect against this case by the parent smbd taking care of deregistering PIDs from serverid.tdb and the fact that serverid.tdb is CLEAR_IF_FIRST. CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not work when all smbds are restarted. For this, "net serverid wipe" has to be run before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up sessionid.tdb and connections.tdb. While there, this also cleans up overloading connections.tdb with all the process entries just for messaging_send_all(). Volker
2010-03-08Revert "Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail ↵Karolin Seeger1-8/+0
to respond to a read or write." This reverts commit a6ae7a552f851a399991262377cc0e062e40ac20. This fixes bug #7222 (All users have full rigths on all shares) (CVE-2010-0728). (cherry picked from commit 1c9494c76cc9686c61e0966f38528d3318f3176f)
2010-03-01s3: Abstract access to sessionid.tdb, similar to conn_tdb.cVolker Lendecke1-1/+2
2010-02-23s3: Consolidate server_id_self into the equivalent procid_self()Volker Lendecke1-1/+1
2010-02-05Fix trailing whitespace errors I added (sorry).Jeremy Allison1-3/+3
Jeremy.
2010-02-05s3-smbd: add a rate limited cleanup of brl, connections and locking dbAndrew Tridgell1-6/+42
On unclean shutdown we can end up with stale entries in the brlock, connections and locking db. Previously we would do the cleanup on every unclean exit, but that can cause smbd to be completely unavailable for several minutes when a large number of child smbd processes exit. This adds a rate limited cleanup of the databases, with the default that cleanup happens at most every 20s
2010-02-05s3-brlock: we don't need these MSG_SMB_UNLOCK calls nowAndrew Tridgell1-2/+0
These have been replaced with the min timeout in blocking.c
2010-01-26Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to ↵Jeremy Allison1-0/+8
respond to a read or write. Only works on Linux kernels 2.6.26 and above. Grants CAP_KILL capability to allow Linux threads under different euids to send signals to each other. Jeremy.
2009-08-26s3/smbd: open the share_info.tdb on startup instead of tconxSteven Danneman1-0/+9
This is a small performance optimization. Instead of opening the tdb on every smb connection in the forked child process, we now open it in the parent and share the fd. This also reduces the total fd usage in the system.
2009-08-07s3:smbd: move dptr globals into struct smbd_server_connectionStefan Metzmacher1-2/+0
metze
2009-07-17Fix bug #6564 - SetPrinter fails (panics) as non root.Jeremy Allison1-0/+1
Missing become_root()/unbecome_root() around reload_services. Jeremy.
2009-07-15Make gencache more stableVolker Lendecke1-0/+1
This provides a compromise between stability and performance: gencache is a persistent database these days that for performance reasons can not use tdb transactions for all writes. This patch splits up gencache into gencache.tdb and gencache_notrans.tdb. gencache_notrans is used with CLEAR_IF_FIRST, writes to it don't use transactions. By default every 5 minutes and when a program exits, all entries from _notrans.tdb are transferred to gencache.tdb in one transaction.
2009-06-22s3: forward MSG_DEBUG from smbd parent to all childrenAravind Srinivasan1-14/+25
Before 3.3, an smbcontrol debug message sent to the target "smbd" would actually be sent to all running processes including nmbd and winbindd. This behavior was changed in 3.3 so that the "smbd" target would only send a message to the process found in smbd.pid, while the "all" target would send a message to all processes. The ability to set the debug level of all processes within a single daemon, without specifying each pid is quite useful. This was implemented in winbindd in 065760ed. This patch does the same thing for smbd. Upon receiving a MSG_DEBUG the parent smbd will rebroadcast it to all of its children. The printing process has been added to the list of smbd child processes, and we now always track the number of smbd children regardless of the "max smbd processes" setting.
2009-06-18Fix bug 4699: Remove pidfile on clean shutdownVolker Lendecke1-0/+3
2009-06-17Fix bug #6476 - more then 3000 smbd-zombies in memoryJeremy Allison1-0/+12
We weren't reaping children in the [x]inetd case. Jeremy.
2009-06-03s3:smbd: create a connection_struct in SMB2 Tree ConnectStefan Metzmacher1-0/+9
metze
2009-06-03s3:smbd: move tcon specific globals to struct smbd_server_connectionStefan Metzmacher1-5/+2
metze
2009-06-03s3:smbd: move more session specific globals to struct smbd_server_connectionStefan Metzmacher1-1/+3
metze
2009-06-03s3:smbd: move negprot related globals to struct smbd_server_connectionStefan Metzmacher1-2/+4
metze
2009-05-27s3: Allow child processes to exit gracefully if we are out of fdsMarc VanHeyningen1-6/+13
When we run out of file descriptors for some reason, every new connection forks a child that immediately panics causing smbd to coredump. This seems unnecessarily harsh; with this code change we now catch that error and merely log a message about it and exit without the core dump. Signed-off-by: Tim Prouty <tprouty@samba.org>
2009-03-23Use avahi to register _smb._tcp in smbdVolker Lendecke1-0/+11
2009-03-18s3:smbd: use tevent_loop_once() in the parent event loopStefan Metzmacher1-34/+5
metze
2009-03-18s3:smbd: don't exit the parent when we have no connectionsStefan Metzmacher1-7/+0
This code path can't really happen anymore, because launchd support was removed with commit e5a951325a6cac8567af3a66de6d2df577508ae4. But it's confusing to have that code there... metze
2009-02-27s3-spoolss: use DSPRINT flags instead of SPOOLS_DS flags.Günther Deschner1-1/+1
Guenther
2009-02-23More warning fixes for Solaris.Jeremy Allison1-1/+1
Jeremy.
2009-02-21Do not close an fd we know is -1Volker Lendecke1-1/+0
2009-02-20s3: Refactor of madvise() usage in c441f58dSteven Danneman1-7/+0
* move to reinit_after_fork() to protect all Samba daemons * only protect parent processes
2009-02-18S3: Stop creating SMBD cores when failing to create a pipe.todd stecher1-0/+4
This was uncovered when the MAX FD limit was hit, causing an instant core and invoking error reporting. This fix causes SMBD to exit, but without building a core.
2009-02-18S3: Allow SMBD processes to survive in low memory condidtionstodd stecher1-0/+7
This commit adds a configure argument which allows for setting MADV_PROTECT in the madvise() API. With this enabled the kernel won't kill SMBD when it's running low on memory.
2009-02-14Fix a valgrind errorVolker Lendecke1-1/+5
2009-01-29s3:smbd: make smbd_open_one_socket() staticMichael Adam1-3/+3
Michael
2009-01-29s3:smbd: ignore open_socket_in() failuresStefan Metzmacher1-1/+4
This restores the pre e0232934fbf69a9e72de1d9844b14d70b34a2d6a behavior. metze
2009-01-27s3:smbd: wait for new connection via fd eventsStefan Metzmacher1-211/+227
metze
2009-01-27s3:smbd: make mdns registration event driven.Stefan Metzmacher1-15/+10
metze
2009-01-27s3:smbd: make inetd code path more clearStefan Metzmacher1-24/+20
metze
2009-01-27s3:smbd: remove pointless respond_to_all_remaining_local_messages() functionStefan Metzmacher1-2/+0
This the process_kernel_oplock() function never response to messages, it only generates messages to ourself. metze
2009-01-27s3:smbd: use signal events for SIGTERM, SIGHUP and SIGCHLDStefan Metzmacher1-76/+51
metze
2009-01-27s3:smbd: move all code that handles a client connection into smbd_process()Stefan Metzmacher1-212/+0
metze
2009-01-27s3:smbd: we should setup the client socket in the same way in all code pathesStefan Metzmacher1-21/+15
We should behave the same in inetd, interactive and deamon modes. metze
2009-01-27s3:namecache: remove unused namecache_shutdown() functionStefan Metzmacher1-2/+0
metze
2009-01-22s3:smbd: we don't need to call message_dispatch() anymore it's event ↵Stefan Metzmacher1-3/+0
triggered now metze
2009-01-22s3: always call run_events() before and after sys_select()Stefan Metzmacher1-4/+8
And always setup the fd events. metze
2009-01-20Remove some unused codeVolker Lendecke1-3/+0
2009-01-16s3:cluster: fix ctdb ipv6 supportStefan Metzmacher1-3/+1
We need to use CTDB_CONTROL_TCP_CLIENT instead of CTDB_CONTROL_TCP_ADD. CTDB_CONTROL_TCP_CLIENT has support for 2 modes in newer ctdb versions: - with struct ctdb_control_tcp it only supports ipv4. - with struct ctdb_control_tcp_addr it supports ipv4 and ipv6. You need new header files which defines struct ctdb_control_tcp_addr, but at runtime it should be fine to work against older ctdb versions (<= 1.0.68). metze
2009-01-15s3: make better use of ccache by not including version.h in every C-file.Michael Adam1-1/+1
version.h changes rather frequently. Since it is included via includes.h, this means each C file will be a cache miss. This applies to the following situations: * When building a new package with a new Samba version * building in a git branch after calling mkversion.sh after a new commit (i.e. virtually always) This patch improves the situation in the following way: * remove inlude "version.h" from includes.h * Use samba_version_string() instead of SAMBA_VERSION_STRING in files that use no other macro from version.h instead of SAMBA_VERSION_STRING. * explicitly include "version.h" in those files that use more macros from "version.h" than just SAMBA_VERSION_STRING. Michael
2009-01-08s3:smbd: move all globals and static variables in globals.[ch]Stefan Metzmacher1-39/+23
The goal is to move all this variables into a big context structure. metze
2009-01-08s3:smbd: variables in a main() don't need to be staticStefan Metzmacher1-7/+7
metze
2009-01-08s3:smbd: open_sockets_smbd() don't need a static variable arrount atexit()Stefan Metzmacher1-7/+1
open_sockets_smbd() is only called once. metze
2009-01-05clean event context after child is forked.Bo Yang1-2/+5
Signed-off-by: Stefan Metzmacher <metze@samba.org>