Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • lts-team/packages/samba
  • thctlo/samba-lintianfix
  • arnaudr/samba
  • jrwren/samba
  • paride/samba
  • athos/samba
  • henrich/samba
  • cnotin/samba
  • mimi89999/samba
  • samba-team/samba
  • ahasenack/samba
  • jrtc27/samba
  • noel/samba
13 results
Show changes
Commits on Source (163)
Showing
with 249 additions and 78 deletions
include:
- /.gitlab-ci-default-runners.yml
.shared_runner_test:
# We need the more powerful n1-standard-2 runners
# in order to handle the lcov overhead.
#
# See .gitlab-ci-default-runners.yml for more details
tags:
- gitlab-org-docker
# Currently we're happy with the defaults
# From https://docs.gitlab.com/ee/user/gitlab_com/#shared-runners:
# From https://docs.gitlab.com/ee/ci/runners/hosted_runners/linux.html
#
# ...
#
# All your CI/CD jobs run on n1-standard-1 instances with 3.75GB of RAM, CoreOS
# and the latest Docker Engine installed. Instances provide 1 vCPU and 25GB of
# HDD disk space. The default region of the VMs is US East1. Each instance is
# used only for one job, this ensures any sensitive data left on the system can’t
# be accessed by other people their CI jobs.
#
# The gitlab-shared-runners-manager-X.gitlab.com fleet of runners are dedicated
# for GitLab projects as well as community forks of them. They use a slightly
# larger machine type (n1-standard-2) and have a bigger SSD disk size. They don’t
# run untagged jobs and unlike the general fleet of shared runners, the instances
# are re-used up to 40 times.
#
# ...
#
# The n1-standard-1 runners seem to be tagged with 'docker' together with 'gce'.
#
# The more powerful n1-standard-2 runners seem to be tagged with
# 'gitlab-org-docker' or some with just 'gitlab-org'.
#
# Runner Tag vCPUs Memory Storage
# saas-linux-small-amd64 2 8 GB 25 GB
#
# Our current private runner 'docker', 'samba-ci-private', 'shared' and
# 'ubuntu2204'. It runs with an ubuntu2204 kernel (5.15) and provides an
# ext4 filesystem and similar RAM as the n1-standard-2 runners.
# ext4 filesystem, 2 CPU and 4 GB (shared tag) 8G (samba-ci-private tag) RAM.
#
.shared_runner_build:
# We use n1-standard-1 shared runners by default.
#
# There are currently 5 shared runners with 'docker' and 'gce',
# while there are only 2 provising 'docker' together with 'shared'.
# We use saas-linux-small-amd64 shared runners by default.
# We avoid adding explicit tags for them in order
# to work with potential changes in future
#
# We used to fallback to our private runner if the docker+shared runners
# were busy, but now that we use the 5 docker+gce runners, we try to only
# use shared runners without a fallback to our private runner!
# Lets see how that will work out.
tags:
- docker
- gce
# In order to generate valid yaml, we define a dummy variable...
variables:
SAMBA_SHARED_RUNNER_BUILD_DUMMY_VARIABLE: shared_runner_build
.shared_runner_test:
# Currently we're fine using the n1-standard-1 runners also for testing
# We use saas-linux-small-amd64 shared runners by default.
extends: .shared_runner_build
.private_runner_test:
......
......@@ -47,7 +47,7 @@ variables:
# Set this to the contents of bootstrap/sha1sum.txt
# which is generated by bootstrap/template.py --render
#
SAMBA_CI_CONTAINER_TAG: 9a406973474a7903fe7fd6215226660911ed73c0
SAMBA_CI_CONTAINER_TAG: b078783e082ead539940faaa644567bf4ed67f67
#
# We use the ubuntu2204 image as default as
# it matches what we have on atb-devel-224
......@@ -112,8 +112,14 @@ include:
before_script:
- uname -a
- ls -l /sys/module/
- ls -l /sys/kernel/security/
- if [ -e /sys/kernel/security/lsm ]; then cat /sys/kernel/security/lsm ; echo; fi
- if [ -e /proc/config.gz ]; then sudo zcat /proc/config.gz; echo; fi
- lsb_release -a
- cat /etc/os-release
- id
- cat /proc/self/status
- lscpu
- cat /proc/cpuinfo
- mount
......@@ -141,6 +147,7 @@ include:
- ccache -s
# We are already running .gitlab-ci directives from this repo, remove additional checks that break our CI
- git config --global --add safe.directory `pwd`
- git config --global --add safe.directory /builds/samba-team/devel/samba/.git
after_script:
- mount
- df -h
......
......@@ -27,7 +27,7 @@ SAMBA_COPYRIGHT_STRING="Copyright Andrew Tridgell and the Samba Team 1992-2024"
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=20
SAMBA_VERSION_RELEASE=1
SAMBA_VERSION_RELEASE=2
########################################################
# If a official release has a serious bug #
......
==============================
Release Notes for Samba 4.20.2
June 19, 2024
==============================
This is the latest stable release of the Samba 4.20 release series.
Changes since 4.20.1
--------------------
o Jeremy Allison <jra@samba.org>
* BUG 15662: vfs_widelinks with DFS shares breaks case insensitivity.
o Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* BUG 13213: Samba build is not reproducible.
* BUG 15569: ldb qsort might r/w out of bounds with an intransitive compare
function.
* BUG 15625: Many qsort() comparison functions are non-transitive, which can
lead to out-of-bounds access in some circumstances.
o Andrew Bartlett <abartlet@samba.org>
* BUG 15638: Need to change gitlab-ci.yml tags in all branches to avoid CI
bill.
* BUG 15654: We have added new options --vendor-name and --vendor-patch-
revision arguments to ./configure to allow distributions and packagers to
put their name in the Samba version string so that when debugging Samba the
source of the binary is obvious.
o Günther Deschner <gd@samba.org>
* BUG 15665: CTDB RADOS mutex helper misses namespace support.
o Stefan Metzmacher <metze@samba.org>
* BUG 13019: Dynamic DNS updates with the internal DNS are not working.
* BUG 14981: netr_LogonSamLogonEx returns NR_STATUS_ACCESS_DENIED with
SysvolReady=0.
* BUG 15412: Anonymous smb3 signing/encryption should be allowed (similar to
Windows Server 2022).
* BUG 15573: Panic in dreplsrv_op_pull_source_apply_changes_trigger.
* BUG 15620: s4:nbt_server: does not provide unexpected handling, so winbindd
can't use nmb requests instead cldap.
* BUG 15642: winbindd, net ads join and other things don't work on an ipv6
only host.
* BUG 15659: Segmentation fault when deleting files in vfs_recycle.
* BUG 15664: Panic in vfs_offload_token_db_fetch_fsp().
* BUG 15666: "client use kerberos" and --use-kerberos is ignored for the
machine account.
o Noel Power <noel.power@suse.com>
* BUG 15435: Regression DFS not working with widelinks = true.
o Andreas Schneider <asn@samba.org>
* BUG 15633: samba-gpupdate - Invalid NtVer in netlogon_samlogon_response.
* BUG 15653: idmap_ad creates an incorrect local krb5.conf in case of trusted
domain lookups.
* BUG 15660: The images don't build after the git security release and CentOS
8 Stream is EOL.
#######################################
Reporting bugs & Development Discussion
#######################################
Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical:matrix.org matrix room, or
#samba-technical IRC channel on irc.libera.chat.
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
be filed under the Samba 4.1 and newer product in the project's Bugzilla
database (https://bugzilla.samba.org/).
======================================================================
== Our Code, Our Bugs, Our Responsibility.
== The Samba Team
======================================================================
Release notes for older releases follow:
----------------------------------------
==============================
Release Notes for Samba 4.20.1
May 08, 2024
......@@ -51,8 +134,7 @@ database (https://bugzilla.samba.org/).
======================================================================
Release notes for older releases follow:
----------------------------------------
----------------------------------------------------------------------
==============================
Release Notes for Samba 4.20.0
March 27, 2024
......
......@@ -146,6 +146,11 @@ _PUBLIC_ enum credentials_use_kerberos cli_credentials_get_kerberos_state(struct
return creds->kerberos_state;
}
_PUBLIC_ enum credentials_obtained cli_credentials_get_kerberos_state_obtained(struct cli_credentials *creds)
{
return creds->kerberos_state_obtained;
}
_PUBLIC_ const char *cli_credentials_get_forced_sasl_mech(struct cli_credentials *creds)
{
return creds->forced_sasl_mech;
......
......@@ -267,6 +267,7 @@ const char *cli_credentials_get_impersonate_principal(struct cli_credentials *cr
const char *cli_credentials_get_self_service(struct cli_credentials *cred);
const char *cli_credentials_get_target_service(struct cli_credentials *cred);
enum credentials_use_kerberos cli_credentials_get_kerberos_state(struct cli_credentials *creds);
enum credentials_obtained cli_credentials_get_kerberos_state_obtained(struct cli_credentials *creds);
const char *cli_credentials_get_forced_sasl_mech(struct cli_credentials *cred);
enum credentials_krb_forwardable cli_credentials_get_krb_forwardable(struct cli_credentials *creds);
NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
......
......@@ -370,13 +370,17 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account_db_ctx(struct cli_credenti
}
if (secrets_tdb_password_more_recent) {
enum credentials_use_kerberos use_kerberos =
CRED_USE_KERBEROS_DISABLED;
char *machine_account = talloc_asprintf(tmp_ctx, "%s$", lpcfg_netbios_name(lp_ctx));
cli_credentials_set_password(cred, secrets_tdb_password, CRED_SPECIFIED);
cli_credentials_set_old_password(cred, secrets_tdb_old_password, CRED_SPECIFIED);
cli_credentials_set_domain(cred, domain, CRED_SPECIFIED);
if (strequal(domain, lpcfg_workgroup(lp_ctx))) {
enum credentials_use_kerberos use_kerberos =
cli_credentials_get_kerberos_state(cred);
enum credentials_obtained use_kerberos_obtained =
cli_credentials_get_kerberos_state_obtained(cred);
bool is_ad = false;
cli_credentials_set_realm(cred, lpcfg_realm(lp_ctx), CRED_SPECIFIED);
switch (server_role) {
......@@ -388,13 +392,28 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account_db_ctx(struct cli_credenti
FALL_THROUGH;
case ROLE_ACTIVE_DIRECTORY_DC:
case ROLE_IPA_DC:
use_kerberos = CRED_USE_KERBEROS_DESIRED;
is_ad = true;
break;
}
if (use_kerberos != CRED_USE_KERBEROS_DESIRED || is_ad) {
/*
* Keep an explicit selection
*
* For AD domains we also keep
* CRED_USE_KERBEROS_DESIRED
*/
} else if (use_kerberos_obtained <= CRED_SMB_CONF) {
/*
* Disable kerberos by default within
* an NT4 domain.
*/
cli_credentials_set_kerberos_state(cred,
CRED_USE_KERBEROS_DISABLED,
CRED_SMB_CONF);
}
}
cli_credentials_set_kerberos_state(cred,
use_kerberos,
CRED_SPECIFIED);
cli_credentials_set_username(cred, machine_account, CRED_SPECIFIED);
cli_credentials_set_password_last_changed_time(cred, secrets_tdb_lct);
cli_credentials_set_secure_channel_type(cred, secrets_tdb_secure_channel_type);
......
......@@ -227,6 +227,8 @@ static void torture_creds_krb5_state(void **state)
TALLOC_CTX *mem_ctx = *state;
struct cli_credentials *creds = NULL;
struct loadparm_context *lp_ctx = NULL;
enum credentials_obtained kerberos_state_obtained;
enum credentials_use_kerberos kerberos_state;
bool ok;
lp_ctx = loadparm_init_global(true);
......@@ -234,18 +236,27 @@ static void torture_creds_krb5_state(void **state)
creds = cli_credentials_init(mem_ctx);
assert_non_null(creds);
assert_int_equal(creds->kerberos_state_obtained, CRED_UNINITIALISED);
assert_int_equal(creds->kerberos_state, CRED_USE_KERBEROS_DESIRED);
kerberos_state_obtained =
cli_credentials_get_kerberos_state_obtained(creds);
kerberos_state = cli_credentials_get_kerberos_state(creds);
assert_int_equal(kerberos_state_obtained, CRED_UNINITIALISED);
assert_int_equal(kerberos_state, CRED_USE_KERBEROS_DESIRED);
ok = cli_credentials_set_conf(creds, lp_ctx);
assert_true(ok);
assert_int_equal(creds->kerberos_state_obtained, CRED_SMB_CONF);
assert_int_equal(creds->kerberos_state, CRED_USE_KERBEROS_DESIRED);
kerberos_state_obtained =
cli_credentials_get_kerberos_state_obtained(creds);
kerberos_state = cli_credentials_get_kerberos_state(creds);
assert_int_equal(kerberos_state_obtained, CRED_SMB_CONF);
assert_int_equal(kerberos_state, CRED_USE_KERBEROS_DESIRED);
ok = cli_credentials_guess(creds, lp_ctx);
assert_true(ok);
assert_int_equal(creds->kerberos_state_obtained, CRED_SMB_CONF);
assert_int_equal(creds->kerberos_state, CRED_USE_KERBEROS_DESIRED);
kerberos_state_obtained =
cli_credentials_get_kerberos_state_obtained(creds);
kerberos_state = cli_credentials_get_kerberos_state(creds);
assert_int_equal(kerberos_state_obtained, CRED_SMB_CONF);
assert_int_equal(kerberos_state, CRED_USE_KERBEROS_DESIRED);
assert_int_equal(creds->ccache_obtained, CRED_GUESS_FILE);
assert_non_null(creds->ccache);
......@@ -253,15 +264,21 @@ static void torture_creds_krb5_state(void **state)
CRED_USE_KERBEROS_REQUIRED,
CRED_SPECIFIED);
assert_true(ok);
assert_int_equal(creds->kerberos_state_obtained, CRED_SPECIFIED);
assert_int_equal(creds->kerberos_state, CRED_USE_KERBEROS_REQUIRED);
kerberos_state_obtained =
cli_credentials_get_kerberos_state_obtained(creds);
kerberos_state = cli_credentials_get_kerberos_state(creds);
assert_int_equal(kerberos_state_obtained, CRED_SPECIFIED);
assert_int_equal(kerberos_state, CRED_USE_KERBEROS_REQUIRED);
ok = cli_credentials_set_kerberos_state(creds,
CRED_USE_KERBEROS_DISABLED,
CRED_SMB_CONF);
assert_false(ok);
assert_int_equal(creds->kerberos_state_obtained, CRED_SPECIFIED);
assert_int_equal(creds->kerberos_state, CRED_USE_KERBEROS_REQUIRED);
kerberos_state_obtained =
cli_credentials_get_kerberos_state_obtained(creds);
kerberos_state = cli_credentials_get_kerberos_state(creds);
assert_int_equal(kerberos_state_obtained, CRED_SPECIFIED);
assert_int_equal(kerberos_state, CRED_USE_KERBEROS_REQUIRED);
}
......
......@@ -1103,7 +1103,7 @@ _PUBLIC_ const struct gensec_critical_sizes *gensec_interface_version(void)
}
static int sort_gensec(const struct gensec_security_ops **gs1, const struct gensec_security_ops **gs2) {
return (*gs2)->priority - (*gs1)->priority;
return NUMERIC_CMP((*gs2)->priority, (*gs1)->priority);
}
int gensec_setting_int(struct gensec_settings *settings, const char *mechanism, const char *name, int default_value)
......
......@@ -6,9 +6,7 @@
# We need to make sure we only use gitlab.com
# runners and not our own runners, as our current runners
# don't allow 'docker build ...' to run.
- docker
- gce
- shared
- saas-linux-small-amd64
variables:
SAMBA_CI_IS_BROKEN_IMAGE: "no"
SAMBA_CI_TEST_JOB: "samba-o3"
......@@ -47,7 +45,7 @@
diff -u bootstrap/sha1sum.txt /tmp/sha1sum-template.txt
# run smoke test with samba-o3 or samba-fuzz
podman run --volume $(pwd):/src:ro ${ci_image_name} \
/bin/bash -c "git clone /src samba && cd samba && export PKG_CONFIG_PATH=/usr/lib64/compat-gnutls34/pkgconfig:/usr/lib64/compat-nettle32/pkgconfig && script/autobuild.py ${SAMBA_CI_TEST_JOB} --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase"
/bin/bash -c "git config --global --add safe.directory /src/.git && git clone /src samba && cd samba && export PKG_CONFIG_PATH=/usr/lib64/compat-gnutls34/pkgconfig:/usr/lib64/compat-nettle32/pkgconfig && script/autobuild.py ${SAMBA_CI_TEST_JOB} --verbose --nocleanup --keeplogs --tail --testbase /tmp/samba-testbase"
podman tag ${ci_image_name} ${ci_image_path}:${SAMBA_CI_CONTAINER_TAG}
podman tag ${ci_image_name} ${ci_image_path}:${timestamp_tag}
# We build all images, but only upload is it's not marked as broken
......
......@@ -241,6 +241,9 @@ CENTOS8S_YUM_BOOTSTRAP = r"""
{GENERATED_MARKER}
set -xueo pipefail
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
yum update -y
yum install -y dnf-plugins-core
yum install -y epel-release
......
......@@ -7,6 +7,9 @@
set -xueo pipefail
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
yum update -y
yum install -y dnf-plugins-core
yum install -y epel-release
......
9a406973474a7903fe7fd6215226660911ed73c0
b078783e082ead539940faaa644567bf4ed67f67
......@@ -81,7 +81,9 @@ def SAMBA_PIDL(bld, pname, source,
else:
cc = 'CC="%s"' % bld.CONFIG_GET("CC")
t = bld(rule='cd ${PIDL_LAUNCH_DIR} && %s%s %s ${PERL} ${PIDL} --quiet ${OPTIONS} --outputdir ${OUTPUTDIR} -- "${IDLSRC}"' % (pidl_dev, cpp, cc),
t = bld(rule=('cd ${PIDL_LAUNCH_DIR} && PERL_HASH_SEED=0 %s%s %s ${PERL} '
'${PIDL} --quiet ${OPTIONS} --outputdir ${OUTPUTDIR} -- "${IDLSRC}"' %
(pidl_dev, cpp, cc)),
ext_out = '.c',
before = 'c',
update_outputs = True,
......
......@@ -24,7 +24,7 @@ Build.BuildContext.CHECK_CMOCKA = CHECK_CMOCKA
@conf
def CHECK_SOCKET_WRAPPER(conf):
return conf.CHECK_BUNDLED_SYSTEM_PKG('socket_wrapper', minversion='1.4.2')
return conf.CHECK_BUNDLED_SYSTEM_PKG('socket_wrapper', minversion='1.4.3')
Build.BuildContext.CHECK_SOCKET_WRAPPER = CHECK_SOCKET_WRAPPER
@conf
......@@ -39,7 +39,7 @@ Build.BuildContext.CHECK_RESOLV_WRAPPER = CHECK_RESOLV_WRAPPER
@conf
def CHECK_UID_WRAPPER(conf):
return conf.CHECK_BUNDLED_SYSTEM_PKG('uid_wrapper', minversion='1.3.0')
return conf.CHECK_BUNDLED_SYSTEM_PKG('uid_wrapper', minversion='1.3.1')
Build.BuildContext.CHECK_UID_WRAPPER = CHECK_UID_WRAPPER
@conf
......
......@@ -253,6 +253,11 @@ def samba_version_file(version_file, path, env=None, is_install=True):
print("Failed to parse line %s from %s" % (line, version_file))
raise
if "SAMBA_VERSION_VENDOR_SUFFIX" in env:
version_dict["SAMBA_VERSION_VENDOR_SUFFIX"] = env.SAMBA_VERSION_VENDOR_SUFFIX
if "SAMBA_VERSION_VENDOR_PATCH" in env:
version_dict["SAMBA_VERSION_VENDOR_PATCH"] = str(env.SAMBA_VERSION_VENDOR_PATCH)
return SambaVersion(version_dict, path, env=env, is_install=is_install)
......
......@@ -29,12 +29,14 @@
<manvolnum>5</manvolnum></citerefentry>:
</para>
<screen format="linespecific">
cluster lock = !ctdb_mutex_ceph_rados_helper [Cluster] [User] [Pool] [Object]
cluster lock = !ctdb_mutex_ceph_rados_helper [Cluster] [User] [Pool] [Object] [Timeout] [-n Namespace]
Cluster: Ceph cluster name (e.g. ceph)
User: Ceph cluster user name (e.g. client.admin)
Pool: Ceph RADOS pool name
Object: Ceph RADOS object name
Timeout: Ceph RADOS lock duration in seconds (optional)
Namespace: Ceph RADOS pool namespace (optional)
</screen>
<para>
The Ceph cluster <parameter>Cluster</parameter> must be up and running,
......
......@@ -42,9 +42,18 @@
static char *progname = NULL;
static void usage(void)
{
fprintf(stderr, "Usage: %s <Ceph Cluster> <Ceph user> "
"<RADOS pool> <RADOS object> "
"[lock duration secs] [-n RADOS namespace]\n",
progname);
}
static int ctdb_mutex_rados_ctx_create(const char *ceph_cluster_name,
const char *ceph_auth_name,
const char *pool_name,
const char *namespace,
rados_t *_ceph_cluster,
rados_ioctx_t *_ioctx)
{
......@@ -87,6 +96,10 @@ static int ctdb_mutex_rados_ctx_create(const char *ceph_cluster_name,
return ret;
}
if (namespace != NULL) {
rados_ioctx_set_namespace(ioctx, namespace);
}
*_ceph_cluster = ceph_cluster;
*_ioctx = ioctx;
......@@ -145,6 +158,7 @@ struct ctdb_mutex_rados_state {
const char *ceph_cluster_name;
const char *ceph_auth_name;
const char *pool_name;
const char *namespace;
const char *object;
uint64_t lock_duration_s;
int ppid;
......@@ -295,15 +309,13 @@ static int ctdb_mutex_rados_mgr_reg(rados_t ceph_cluster)
int main(int argc, char *argv[])
{
int ret;
int opt;
struct ctdb_mutex_rados_state *cmr_state;
progname = argv[0];
if ((argc != 5) && (argc != 6)) {
fprintf(stderr, "Usage: %s <Ceph Cluster> <Ceph user> "
"<RADOS pool> <RADOS object> "
"[lock duration secs]\n",
progname);
if (argc < 5) {
usage();
ret = -EINVAL;
goto err_out;
}
......@@ -325,15 +337,36 @@ int main(int argc, char *argv[])
cmr_state->ceph_auth_name = argv[2];
cmr_state->pool_name = argv[3];
cmr_state->object = argv[4];
if (argc == 6) {
optind = 5;
while ((opt = getopt(argc, argv, "n:")) != -1) {
switch(opt) {
case 'n':
cmr_state->namespace = optarg;
break;
default:
usage();
ret = -EINVAL;
goto err_ctx_cleanup;
}
}
if (argv[optind] != NULL) {
/* optional lock duration provided */
char *endptr = NULL;
cmr_state->lock_duration_s = strtoull(argv[5], &endptr, 0);
if ((endptr == argv[5]) || (*endptr != '\0')) {
cmr_state->lock_duration_s = strtoull(argv[optind], &endptr, 0);
if ((endptr == argv[optind]) || (*endptr != '\0')) {
fprintf(stdout, CTDB_MUTEX_STATUS_ERROR);
ret = -EINVAL;
goto err_ctx_cleanup;
}
if (argv[++optind] != NULL) {
/* incorrect count or format for optional arguments */
usage();
ret = -EINVAL;
goto err_ctx_cleanup;
}
} else {
cmr_state->lock_duration_s
= CTDB_MUTEX_CEPH_LOCK_DURATION_SECS_DEFAULT;
......@@ -398,6 +431,7 @@ int main(int argc, char *argv[])
ret = ctdb_mutex_rados_ctx_create(cmr_state->ceph_cluster_name,
cmr_state->ceph_auth_name,
cmr_state->pool_name,
cmr_state->namespace,
&cmr_state->ceph_cluster,
&cmr_state->ioctx);
if (ret < 0) {
......
#!/usr/bin/env python
import os
def configure(conf):
AR32 = ['i386', 'i586', 'i686']
......@@ -27,5 +29,24 @@ def configure(conf):
conf.DEFINE('HAVE_WINEXE_CC_WIN64', 1);
break
source_date_epoch = os.environ.get('SOURCE_DATE_EPOCH')
if source_date_epoch is None:
# We use the version to make up the timestamp that will be
# embedded in winexe.exe, to keep the build reproducible.
#
# This is less evil than it sounds. According to Raymond Chen in
# https://devblogs.microsoft.com/oldnewthing/20180103-00/?p=97705
# since Windows 10 the timestamp has been randomised.
#
# The purpose of the timestamp in Windows PE files seems to be
# to make spotting ABI changes in DLLs quicker, for which a
# random number is just as good as a real time. The timestamp
# in .exe files is not used.
import samba_version
v = samba_version.load_version(env=conf.env)
version = (v.MAJOR << 16) | (v.MINOR << 8) | v.RELEASE
source_date_epoch = str(version)
conf.env.SOURCE_DATE_EPOCH = source_date_epoch
conf.DEFINE("WINEXE_LDFLAGS",
"-s -Wall -Wl,-Bstatic -Wl,-Bdynamic -luserenv")