Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
|
|
Previously, only one fd handler was being called per main message loop
in all smbd child processes.
In the case where multiple fds are available for reading the fd
corresponding to the event closest to the beginning of the event list
would be run. Obviously this is arbitrary and could cause unfairness.
Usually, the first event fd is the network socket, meaning heavy load
of client requests can starve out other fd events such as oplock
or notify upcalls from the kernel.
In this patch, I have changed the behavior of run_events() to unset
any fd that it has already called a handler function, as well
as decrement the number of fds that were returned from select().
This allows the caller of run_events() to iterate it, until all
available fds have been handled.
I then changed the main loop in smbd child processes to iterate
run_events(). This way, all available fds are handled on each wake
of select, while still checking for timed or signalled events between
each handler function call. I also added an explicit check for
EINTR from select(), which previously was masked by the fact that
run_events() would handle any signal event before the return code
was checked.
This required a signature change to run_events() but all other callers
should have no change in their behavior. I also fixed a bug in
run_events() where it could be called with a selrtn value of -1,
doing unecessary looping through the fd_event list when no fds were
available.
Also, remove the temporary echo handler hack, as all fds should be
treated fairly now.
|
|
Guenther
|
|
This is supposed to improve the winbind reconnect time after an ip address
has been moved away from a box. Any kind of HA scenario will benefit from
this, because winbindd does not have to wait for the TCP timeout to kick in
when a local IP address has been dropped and DC replies are not received
anymore.
|
|
Giving the parent pid to reinit_after_fork is not a good idea....
None of the other callers do this, checked it.
|
|
|
|
metze
|
|
metze
|
|
Guenther
|
|
|
|
Andreas, please check.
Guenther
|
|
If log file is set in the config file, we should create the log files of
the winbind child processes in the same directory.
|
|
|
|
|
|
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time
as follows:
ccache build w/o patch
real 4m21.529s
ccache build with patch
real 3m6.402s
pch build w/o patch
real 4m26.318s
pch build with patch
real 3m6.932s
Guenther
|
|
|
|
|
|
The main problem is that we call CatchChild() within the
parent winbindd, which overwrites the signal handler
that was registered by winbindd_setup_sig_chld_handler().
That means winbindd_sig_chld_handler() and winbind_child_died()
are never triggered when a winbindd domain child dies.
As a result will get "broken pipe" for all requests to that domain.
To reduce the risk of similar bugs in future we call
CatchChild() in winbindd_reinit_after_fork() now.
We also use a full winbindd_reinit_after_fork() in the
cache validation child now instead instead of just resetting
the SIGCHLD handler by hand. This will also fix possible
tdb problems on systems without pread/pwrite and disabled mmap
as we now correctly reopen the tdb handle for the child.
metze
|
|
metze
|
|
reported by valgrind
The timeval passed to event_add_to_select_args() must be initialized
as event_add_to_select_args() uses a timeval_min() on this and next_event.
|
|
|
|
|
|
|
|
|
|
|
|
The machine password handler has code to deal with every node in the cluster
trying to change the machine password at the same time. However, it is not very
nice to the DC if everyone tries this simultaneously. This adds a random 0-255
second offset to our timed event. When this fires a bit later than strictly
calculated, someone else might have stepped in and have already changed it. The
timed event handler will handle this gracefully, it won't even try to do it
again.
|
|
When there is a temporary problem changing passwords we flooded the DC with
pwchange requests. This gives the DC a 60-second break to recover.
|
|
Someone else might have come in between and changed the password since we
created that timed request
|
|
|
|
|
|
change chain was broken.
Guenther
|
|
This reverts commit 20a8ea91e10af167067cc794a251265aaf489e75.
Ooops, this should not have been committed.
|
|
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Bo Yang <boyang@samba.org>
|
|
This shrinks the memory footprint of an idle client by 5592 bytes to 60 bytes
on my 32-bit box.
|
|
Same comment as in baa6084378e530b: This is just a preparatory checkin.
Volker
|
|
|
|
|
|
|
|
|
|
|
|
In itself, this is pretty pointless. But in the next steps I'll convert the
winbind internal communication to wb_reqtrans which allocates the request
properly. This minimizes the later diff.
Volker
|
|
When we run out of file descriptors for some reason, every new
connection forks a child that immediately panics causing smbd to
coredump. This seems unnecessarily harsh; with this code change we
now catch that error and merely log a message about it and exit
without the core dump.
Signed-off-by: Tim Prouty <tprouty@samba.org>
|
|
trusted domains
Signed-off-by: Bo Yang <boyang@samba.org>
|
|
|