From a612393243e0929ddd8faf7f8c0e9d75f1921a86 Mon Sep 17 00:00:00 2001 From: Anoop C S Date: Wed, 14 Aug 2024 19:47:35 +0530 Subject: [PATCH 1/3] source3/script: Fix installation of winbind_ctdb_updatekeytab.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit winbind_ctdb_updatekeytab.sh assumes the presence `onnode` utility to execute `net ads` command on all nodes in the cluster. But `onnode` is only built when configured with clustering support. Therefore perform the script installation only with ctdb configuration. Also fix the installation path to /usr/share/ctdb/scripts. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15689 Signed-off-by: Anoop C S Reviewed-by: Andreas Schneider Reviewed-by: Guenther Deschner Reviewed-by: Pavel Filipenský (cherry picked from commit 3929fdae1a13ab029e173ce53598d3fa6cf40e9c) --- source3/script/wscript_build | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/source3/script/wscript_build b/source3/script/wscript_build index 2b0643b0876..bc451497298 100644 --- a/source3/script/wscript_build +++ b/source3/script/wscript_build @@ -6,7 +6,9 @@ bld.INSTALL_FILES('${BINDIR}', 'smbtar', chmod=MODE_755, flat=True) bld.INSTALL_FILES('${BINDIR}', 'samba-log-parser', chmod=MODE_755, flat=True) -bld.INSTALL_FILES('${DATADIR}', 'winbind_ctdb_updatekeytab.sh', chmod=MODE_755, flat=True) +if conf.env.with_ctdb: + bld.INSTALL_FILES(bld.env.CTDB_DATADIR+"/scripts", + 'winbind_ctdb_updatekeytab.sh', chmod=MODE_755, flat=True) # Callout scripts for use in selftest environment bld.SAMBA_SCRIPT('smbaddshare', pattern='smbaddshare', installdir='.') -- 2.45.2 From 8f63bfe4e5bab70094f0b3e1af0ba8f478d6d243 Mon Sep 17 00:00:00 2001 From: Anoop C S Date: Wed, 14 Aug 2024 19:49:04 +0530 Subject: [PATCH 2/3] docs-xml: Fix script location in syncmachinepasswordscript.xml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Update the change in installation path for winbind_ctdb_updatekeytab.sh from SAMBA_DATADIR to newly defined CTDB_DATADIR. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15689 Signed-off-by: Anoop C S Reviewed-by: Andreas Schneider Reviewed-by: Guenther Deschner Reviewed-by: Pavel Filipenský Autobuild-User(master): Anoop C S Autobuild-Date(master): Fri Aug 16 09:49:30 UTC 2024 on atb-devel-224 (cherry picked from commit 31c9352099f5efeb88d27c603ec2dbfaf98b300d) --- docs-xml/generate-pathconf-entities.sh | 1 + docs-xml/smbdotconf/security/syncmachinepasswordscript.xml | 4 ++-- dynconfig/wscript | 5 +++++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/docs-xml/generate-pathconf-entities.sh b/docs-xml/generate-pathconf-entities.sh index 6c0c31a3522..1b689a8a23f 100755 --- a/docs-xml/generate-pathconf-entities.sh +++ b/docs-xml/generate-pathconf-entities.sh @@ -17,5 +17,6 @@ echo " + " diff --git a/docs-xml/smbdotconf/security/syncmachinepasswordscript.xml b/docs-xml/smbdotconf/security/syncmachinepasswordscript.xml index 9a7731930d5..df98610cf36 100644 --- a/docs-xml/smbdotconf/security/syncmachinepasswordscript.xml +++ b/docs-xml/smbdotconf/security/syncmachinepasswordscript.xml @@ -11,7 +11,7 @@ If keytabs should be generated in clustered environments it is recommended to update them on all nodes. - You can set the config option to &pathconfig.SAMBA_DATADIR;/scripts/winbind_ctdb_updatekeytab.sh in clustering case. + You can set the config option to &pathconfig.CTDB_DATADIR;/scripts/winbind_ctdb_updatekeytab.sh in clustering case. It is also needed to activate the 46.update-keytabs.script in ctdb, it re-creates the keytab during the ctdb recovered event: @@ -22,5 +22,5 @@ -&pathconfig.SAMBA_DATADIR;/scripts/winbind_ctdb_updatekeytab.sh +&pathconfig.CTDB_DATADIR;/scripts/winbind_ctdb_updatekeytab.sh diff --git a/dynconfig/wscript b/dynconfig/wscript index 2041d881546..a784dac4e6c 100644 --- a/dynconfig/wscript +++ b/dynconfig/wscript @@ -105,6 +105,11 @@ dynconfig = { 'FHS-PATH': '${DATADIR}', 'OVERWRITE': True, }, + 'CTDB_DATADIR' : { + 'STD-PATH': '${DATADIR}/ctdb', + 'FHS-PATH': '${DATADIR}/ctdb', + 'OVERWRITE': True, + }, 'SAMBA_DATADIR' : { 'STD-PATH': '${DATADIR}/samba', 'FHS-PATH': '${DATADIR}/samba', -- 2.45.2 From 93b737e3953a457f6d3113eeb849ff18211c1baa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20Filipensk=C3=BD?= Date: Fri, 16 Aug 2024 16:37:32 +0200 Subject: [PATCH 3/3] s3:libads: Do not print error message for a default configuration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit BUG: https://bugzilla.samba.org/show_bug.cgi?id=15689 Signed-off-by: Pavel Filipenský Reviewed-by: Andreas Schneider Autobuild-User(master): Pavel Filipensky Autobuild-Date(master): Mon Aug 19 13:21:08 UTC 2024 on atb-devel-224 (cherry picked from commit f1cd250a6fd7e0571bd22493c838d6c12c2adf5b) --- source3/libads/kerberos_keytab.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c index e2fcee634b4..6ede567b75f 100644 --- a/source3/libads/kerberos_keytab.c +++ b/source3/libads/kerberos_keytab.c @@ -838,8 +838,9 @@ static bool pw2kt_default_keytab_name(char *name_str, size_t name_size) break; default: - DBG_ERR("Invalid kerberos method set (%d)\n", - lp_kerberos_method()); + DBG_NOTICE("'kerberos method' is 'secrets only' but " + "'sync machine password to keytab' is not set " + "==> no keytab will be generated.\n"); return false; } -- 2.45.2