diff --git a/samba-4.1.7-Make_daemons_systemd_aware.patch b/samba-4.1.7-Make_daemons_systemd_aware.patch new file mode 100644 index 0000000..dea0af3 --- /dev/null +++ b/samba-4.1.7-Make_daemons_systemd_aware.patch @@ -0,0 +1,748 @@ +From 4be15cc68a49b353f1f2f4f198b968098bee4d83 Mon Sep 17 00:00:00 2001 +From: Alexander Bokovoy +Date: Tue, 25 Mar 2014 12:53:04 +0200 +Subject: [PATCH 1/5] add systemd integration + +Add --with-systemd / --without-systemd options to check whether +libsystemd-daemon library is available and use it to report service +startup status to systemd for smbd/winbindd/nmbd and AD DC. + +The problem it solves is correct reporting of the Samba services +at the point when they are ready to serve clients, important for +high availability software integration. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517 + +Signed-off-by: Alexander Bokovoy +Reviewed-by: Andreas Schneider + +(cherry picked from commit 54b5d9a7384ae27b2a26586ff909128427c05abe) +--- + lib/util/become_daemon.c | 37 ++++++++++++++++++++++++++++++++++++- + lib/util/samba_util.h | 12 ++++++++++++ + lib/util/wscript_build | 2 +- + packaging/systemd/nmb.service | 3 ++- + packaging/systemd/samba.service | 3 ++- + packaging/systemd/smb.service | 3 ++- + packaging/systemd/winbind.service | 3 ++- + source3/nmbd/nmbd.c | 4 ++++ + source3/smbd/server.c | 4 ++++ + source3/winbindd/winbindd.c | 5 +++++ + source4/smbd/server.c | 4 ++++ + wscript | 27 +++++++++++++++++++++++---- + 12 files changed, 97 insertions(+), 10 deletions(-) + +diff --git a/lib/util/become_daemon.c b/lib/util/become_daemon.c +index 2ca0478..35c8b32 100644 +--- a/lib/util/become_daemon.c ++++ b/lib/util/become_daemon.c +@@ -24,6 +24,9 @@ + #include "includes.h" + #include "system/filesys.h" + #include "system/locale.h" ++#if HAVE_SYSTEMD ++#include ++#endif + + /******************************************************************* + Close the low 3 fd's and open dev/null in their place. +@@ -75,8 +78,13 @@ _PUBLIC_ void close_low_fds(bool stdin_too, bool stdout_too, bool stderr_too) + + _PUBLIC_ void become_daemon(bool do_fork, bool no_process_group, bool log_stdout) + { ++ pid_t newpid; + if (do_fork) { +- if (fork()) { ++ newpid = fork(); ++ if (newpid) { ++#if HAVE_SYSTEMD ++ sd_notifyf(0, "READY=0\nSTATUS=Starting process...\nMAINPID=%lu", (unsigned long) newpid); ++#endif /* HAVE_SYSTEMD */ + _exit(0); + } + } +@@ -100,3 +108,30 @@ _PUBLIC_ void become_daemon(bool do_fork, bool no_process_group, bool log_stdout + * never close stderr (but debug might dup it onto a log file) */ + close_low_fds(do_fork, !log_stdout, false); + } ++ ++_PUBLIC_ void exit_daemon(const char *msg, int error) ++{ ++#ifdef HAVE_SYSTEMD ++ if (msg == NULL) { ++ msg = strerror(error); ++ } ++ ++ sd_notifyf(0, "STATUS=daemon failed to start: %s\n" ++ "ERRNO=%i", ++ msg, ++ error); ++#endif ++ DEBUG(0, ("STATUS=daemon failed to start: %s, error code %d\n", msg, error)); ++ exit(1); ++} ++ ++_PUBLIC_ void daemon_ready(const char *daemon) ++{ ++ if (daemon == NULL) { ++ daemon = "Samba"; ++ } ++#ifdef HAVE_SYSTEMD ++ sd_notifyf(0, "READY=1\nSTATUS=%s: ready to serve connections...", daemon); ++#endif ++ DEBUG(0, ("STATUS=daemon '%s' finished starting up and ready to serve connections", daemon)); ++} +diff --git a/lib/util/samba_util.h b/lib/util/samba_util.h +index f52347e..2996710 100644 +--- a/lib/util/samba_util.h ++++ b/lib/util/samba_util.h +@@ -842,6 +842,18 @@ _PUBLIC_ void close_low_fds(bool stdin_too, bool stdout_too, bool stderr_too); + _PUBLIC_ void become_daemon(bool do_fork, bool no_process_group, bool log_stdout); + + /** ++ Exit daemon and print error message to the log at level 0 ++ Optionally report failure to systemd if systemd integration is enabled ++**/ ++_PUBLIC_ void exit_daemon(const char *msg, int error); ++ ++/** ++ Report that the daemon is ready to serve connections to the log at level 0 ++ Optionally report status to systemd if systemd integration is enabled ++**/ ++_PUBLIC_ void daemon_ready(const char *daemon); ++ ++/** + * @brief Get a password from the console. + * + * You should make sure that the buffer is an empty string! +diff --git a/lib/util/wscript_build b/lib/util/wscript_build +index 39a1613..5087116 100755 +--- a/lib/util/wscript_build ++++ b/lib/util/wscript_build +@@ -10,7 +10,7 @@ bld.SAMBA_LIBRARY('samba-util', + server_id.c dprintf.c parmlist.c bitmap.c pidfile.c + tevent_debug.c util_process.c''', + deps='DYNCONFIG', +- public_deps='talloc tevent execinfo uid_wrapper pthread LIBCRYPTO charset util_setid', ++ public_deps='talloc tevent execinfo uid_wrapper pthread LIBCRYPTO charset util_setid systemd-daemon', + public_headers='debug.h attr.h byteorder.h data_blob.h memory.h safe_string.h time.h talloc_stack.h xfile.h dlinklist.h samba_util.h string_wrappers.h', + header_path= [ ('dlinklist.h samba_util.h', '.'), ('*', 'util') ], + local_include=False, +diff --git a/packaging/systemd/nmb.service b/packaging/systemd/nmb.service +index e5e81a1..3d71a7d 100644 +--- a/packaging/systemd/nmb.service ++++ b/packaging/systemd/nmb.service +@@ -3,7 +3,8 @@ Description=Samba NMB Daemon + After=syslog.target network.target + + [Service] +-Type=forking ++Type=notify ++NotifyAccess=all + PIDFile=/run/nmbd.pid + EnvironmentFile=-/etc/sysconfig/samba + ExecStart=/usr/sbin/nmbd $NMBDOPTIONS +diff --git a/packaging/systemd/samba.service b/packaging/systemd/samba.service +index e2878d1..824f89c 100644 +--- a/packaging/systemd/samba.service ++++ b/packaging/systemd/samba.service +@@ -3,7 +3,8 @@ Description=Samba AD Daemon + After=syslog.target network.target + + [Service] +-Type=forking ++Type=notify ++NotifyAccess=all + PIDFile=/run/samba.pid + LimitNOFILE=16384 + EnvironmentFile=-/etc/sysconfig/samba +diff --git a/packaging/systemd/smb.service b/packaging/systemd/smb.service +index d0d945a..9810891 100644 +--- a/packaging/systemd/smb.service ++++ b/packaging/systemd/smb.service +@@ -3,7 +3,8 @@ Description=Samba SMB Daemon + After=syslog.target network.target nmb.service winbind.service + + [Service] +-Type=forking ++Type=notify ++NotifyAccess=all + PIDFile=/run/smbd.pid + LimitNOFILE=16384 + EnvironmentFile=-/etc/sysconfig/samba +diff --git a/packaging/systemd/winbind.service b/packaging/systemd/winbind.service +index eff266f..f711a17 100644 +--- a/packaging/systemd/winbind.service ++++ b/packaging/systemd/winbind.service +@@ -3,7 +3,8 @@ Description=Samba Winbind Daemon + After=syslog.target network.target nmb.service + + [Service] +-Type=forking ++Type=notify ++NotifyAccess=all + PIDFile=/run/winbindd.pid + EnvironmentFile=-/etc/sysconfig/samba + ExecStart=/usr/sbin/winbindd "$WINBINDOPTIONS" +diff --git a/source3/nmbd/nmbd.c b/source3/nmbd/nmbd.c +index ec0e7d0..aced774 100644 +--- a/source3/nmbd/nmbd.c ++++ b/source3/nmbd/nmbd.c +@@ -1088,6 +1088,10 @@ static bool open_sockets(bool isdaemon, int port) + exit(1); + } + ++ if (is_daemon && !opt_interactive) { ++ daemon_ready("nmbd"); ++ } ++ + TALLOC_FREE(frame); + process(msg); + +diff --git a/source3/smbd/server.c b/source3/smbd/server.c +index d3cd33e..b2a9d8f 100644 +--- a/source3/smbd/server.c ++++ b/source3/smbd/server.c +@@ -1489,6 +1489,10 @@ extern void build_options(bool screen); + exit(1); + } + ++ if (is_daemon && !interactive) { ++ daemon_ready("smbd"); ++ } ++ + /* only start other daemons if we are running as a daemon + * -- bad things will happen if smbd is launched via inetd + * and we fork a copy of ourselves here */ +diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c +index 50573ac..61c1dbc 100644 +--- a/source3/winbindd/winbindd.c ++++ b/source3/winbindd/winbindd.c +@@ -1581,6 +1581,11 @@ int main(int argc, char **argv, char **envp) + } + + TALLOC_FREE(frame); ++ ++ if (!interactive) { ++ daemon_ready("winbindd"); ++ } ++ + /* Loop waiting for requests */ + while (1) { + frame = talloc_stackframe(); +diff --git a/source4/smbd/server.c b/source4/smbd/server.c +index 37aac62..3a23190 100644 +--- a/source4/smbd/server.c ++++ b/source4/smbd/server.c +@@ -498,6 +498,10 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[ + return 1; + } + ++ if (opt_daemon) { ++ daemon_ready("samba"); ++ } ++ + /* wait for events - this is where smbd sits for most of its + life */ + tevent_loop_wait(event_ctx); +diff --git a/wscript b/wscript +index 83c82e3..2f02c6e 100644 +--- a/wscript ++++ b/wscript +@@ -64,8 +64,15 @@ def set_options(opt): + help=("Disable Position Independent Executable builds"), + action="store_false", dest='enable_pie') + +- gr = opt.option_group('developer options') ++ opt.add_option('--with-systemd', ++ help=("Enable systemd integration"), ++ action='store_true', dest='enable_systemd') ++ ++ opt.add_option('--without-systemd', ++ help=("Disable systemd integration"), ++ action='store_false', dest='enable_systemd') + ++ gr = opt.option_group('developer options') + + opt.tool_options('python') # options for disabling pyc or pyo compilation + # enable options related to building python extensions +@@ -162,11 +169,8 @@ def configure(conf): + if not conf.CHECK_CODE('#include "tests/summary.c"', + define='SUMMARY_PASSES', + addmain=False, +- execute=True, + msg='Checking configure summary'): + raise Utils.WafError('configure summary failed') +- +- conf.SAMBA_CONFIG_H('include/config.h') + + if Options.options.enable_pie != False: + if Options.options.enable_pie == True: +@@ -178,6 +182,21 @@ def configure(conf): + msg="Checking compiler for PIE support"): + conf.env['ENABLE_PIE'] = True + ++ if Options.options.enable_systemd != False: ++ conf.check_cfg(package='libsystemd-daemon', args='--cflags --libs', ++ msg='Checking for libsystemd-daemon', uselib_store="SYSTEMD-DAEMON") ++ conf.CHECK_HEADERS('systemd/sd-daemon.h', lib='systemd-daemon') ++ conf.CHECK_LIB('systemd-daemon', shlib=True) ++ ++ if conf.CONFIG_SET('HAVE_SYSTEMD_SD_DAEMON_H'): ++ conf.DEFINE('HAVE_SYSTEMD', '1') ++ conf.env['ENABLE_SYSTEMD'] = True ++ else: ++ conf.SET_TARGET_TYPE('systemd-daemon', 'EMPTY') ++ conf.undefine('HAVE_SYSTEMD') ++ ++ conf.SAMBA_CONFIG_H('include/config.h') ++ + def etags(ctx): + '''build TAGS file using etags''' + import Utils +-- +1.8.5.3 + + +From a6250f706655bd8fda81fe15ccc9441f7d4e1c84 Mon Sep 17 00:00:00 2001 +From: Alexander Bokovoy +Date: Wed, 26 Mar 2014 10:56:12 +0200 +Subject: [PATCH 2/5] smbd: use exit_daemon() to support reporting to systemd + from smbd + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517 + +Signed-off-by: Alexander Bokovoy +Reviewed-by: Andreas Schneider +--- + source3/smbd/server.c | 44 +++++++++++++++++++------------------------- + 1 file changed, 19 insertions(+), 25 deletions(-) + +diff --git a/source3/smbd/server.c b/source3/smbd/server.c +index b2a9d8f..34c949d 100644 +--- a/source3/smbd/server.c ++++ b/source3/smbd/server.c +@@ -1314,8 +1314,7 @@ extern void build_options(bool screen); + ev_ctx, + false); + if (!NT_STATUS_IS_OK(status)) { +- DEBUG(0,("reinit_after_fork() failed\n")); +- exit(1); ++ exit_daemon("reinit_after_fork() failed", map_errno_from_nt_status(status)); + } + + if (!interactive) { +@@ -1326,8 +1325,7 @@ extern void build_options(bool screen); + */ + status = init_before_fork(); + if (!NT_STATUS_IS_OK(status)) { +- DEBUG(0, ("init_before_fork failed: %s\n", nt_errstr(status))); +- exit(1); ++ exit_daemon(nt_errstr(status), map_errno_from_nt_status(status)); + } + } + +@@ -1360,7 +1358,7 @@ extern void build_options(bool screen); + /* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */ + + if (smbd_memcache() == NULL) { +- exit(1); ++ exit_daemon("no memcache available", EACCES); + } + + memcache_set_global(smbd_memcache()); +@@ -1372,69 +1370,65 @@ extern void build_options(bool screen); + exit(1); + + if (!secrets_init()) { +- DEBUG(0, ("ERROR: smbd can not open secrets.tdb\n")); +- exit(1); ++ exit_daemon("smbd can not open secrets.tdb", EACCES); + } + + if (lp_server_role() == ROLE_DOMAIN_BDC || lp_server_role() == ROLE_DOMAIN_PDC) { + struct loadparm_context *lp_ctx = loadparm_init_s3(NULL, loadparm_s3_helpers()); + if (!open_schannel_session_store(NULL, lp_ctx)) { +- DEBUG(0,("ERROR: Samba cannot open schannel store for secured NETLOGON operations.\n")); +- exit(1); ++ exit_daemon("ERROR: Samba cannot open schannel store for secured NETLOGON operations.", EACCES); + } + TALLOC_FREE(lp_ctx); + } + + if(!get_global_sam_sid()) { +- DEBUG(0,("ERROR: Samba cannot create a SAM SID.\n")); +- exit(1); ++ exit_daemon("Samba cannot create a SAM SID", EACCES); + } + + server_id = messaging_server_id(msg_ctx); + status = smbXsrv_version_global_init(&server_id); + if (!NT_STATUS_IS_OK(status)) { +- exit(1); ++ exit_daemon("Samba cannot init server context", EACCES); + } + + status = smbXsrv_session_global_init(); + if (!NT_STATUS_IS_OK(status)) { +- exit(1); ++ exit_daemon("Samba cannot init session context", EACCES); + } + + status = smbXsrv_tcon_global_init(); + if (!NT_STATUS_IS_OK(status)) { +- exit(1); ++ exit_daemon("Samba cannot init tcon context", EACCES); + } + + if (!locking_init()) +- exit(1); ++ exit_daemon("Samba cannot init locking", EACCES); + + if (!messaging_tdb_parent_init(ev_ctx)) { +- exit(1); ++ exit_daemon("Samba cannot init TDB messaging", EACCES); + } + + if (!smbd_parent_notify_init(NULL, msg_ctx, ev_ctx)) { +- exit(1); ++ exit_daemon("Samba cannot init notification", EACCES); + } + + if (!smbd_scavenger_init(NULL, msg_ctx, ev_ctx)) { +- exit(1); ++ exit_daemon("Samba cannot init scavenging", EACCES); + } + + if (!serverid_parent_init(ev_ctx)) { +- exit(1); ++ exit_daemon("Samba cannot init server id", EACCES); + } + + if (!W_ERROR_IS_OK(registry_init_full())) +- exit(1); ++ exit_daemon("Samba cannot init registry", EACCES); + + /* Open the share_info.tdb here, so we don't have to open + after the fork on every single connection. This is a small + performance improvment and reduces the total number of system + fds used. */ + if (!share_info_db_init()) { +- DEBUG(0,("ERROR: failed to load share info db.\n")); +- exit(1); ++ exit_daemon("ERROR: failed to load share info db.", EACCES); + } + + status = init_system_session_info(); +@@ -1455,7 +1449,7 @@ extern void build_options(bool screen); + } + status = smbXsrv_open_global_init(); + if (!NT_STATUS_IS_OK(status)) { +- exit(1); ++ exit_daemon("Samba cannot init global open", map_errno_from_nt_status(status)); + } + + /* This MUST be done before start_epmd() because otherwise +@@ -1486,7 +1480,7 @@ extern void build_options(bool screen); + } + + if (!dcesrv_ep_setup(ev_ctx, msg_ctx)) { +- exit(1); ++ exit_daemon("Samba cannot setup ep pipe", EACCES); + } + + if (is_daemon && !interactive) { +@@ -1507,7 +1501,7 @@ extern void build_options(bool screen); + bool bgq = lp_parm_bool(-1, "smbd", "backgroundqueue", true); + + if (!printing_subsystem_init(ev_ctx, msg_ctx, true, bgq)) { +- exit(1); ++ exit_daemon("Samba failed to init printing subsystem", EACCES); + } + } + } else if (!lp__disable_spoolss() && +-- +1.8.5.3 + + +From 580933198c1da02ad668b32f68bfeac833d97980 Mon Sep 17 00:00:00 2001 +From: Alexander Bokovoy +Date: Wed, 26 Mar 2014 11:34:56 +0200 +Subject: [PATCH 3/5] nmbd: use exit_daemon() to report status to systemd + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517 + +Signed-off-by: Alexander Bokovoy +Reviewed-by: Andreas Schneider + +(cherry picked from commit a54e94559b5ebabbb8c5c938fdf159efceff39e6) +--- + source3/nmbd/nmbd.c | 39 ++++++++++++++------------------------- + 1 file changed, 14 insertions(+), 25 deletions(-) + +diff --git a/source3/nmbd/nmbd.c b/source3/nmbd/nmbd.c +index aced774..dc2d4c7 100644 +--- a/source3/nmbd/nmbd.c ++++ b/source3/nmbd/nmbd.c +@@ -966,16 +966,12 @@ static bool open_sockets(bool isdaemon, int port) + + ok = directory_create_or_exist(lp_lockdir(), geteuid(), 0755); + if (!ok) { +- DEBUG(0, ("Failed to create directory %s for lock files - %s\n", +- lp_lockdir(), strerror(errno))); +- exit(1); ++ exit_daemon("Failed to create directory for lock files, check 'lock directory'", errno); + } + + ok = directory_create_or_exist(lp_piddir(), geteuid(), 0755); + if (!ok) { +- DEBUG(0, ("Failed to create directory %s for pid files - %s\n", +- lp_piddir(), strerror(errno))); +- exit(1); ++ exit_daemon("Failed to create directory for pid files, check 'pid directory'", errno); + } + + pidfile_create(lp_piddir(), "nmbd"); +@@ -984,8 +980,7 @@ static bool open_sockets(bool isdaemon, int port) + false); + + if (!NT_STATUS_IS_OK(status)) { +- DEBUG(0,("reinit_after_fork() failed\n")); +- exit(1); ++ exit_daemon("reinit_after_fork() failed", map_errno_from_nt_status(status)); + } + + /* +@@ -995,16 +990,15 @@ static bool open_sockets(bool isdaemon, int port) + */ + status = init_before_fork(); + if (!NT_STATUS_IS_OK(status)) { +- DEBUG(0, ("init_before_fork failed: %s\n", nt_errstr(status))); +- exit(1); ++ exit_daemon(nt_errstr(status), map_errno_from_nt_status(status)); + } + + if (!nmbd_setup_sig_term_handler(msg)) +- exit(1); ++ exit_daemon("NMBD failed to setup signal handler", EINVAL); + if (!nmbd_setup_stdin_handler(msg, !Fork)) +- exit(1); ++ exit_daemon("NMBD failed to setup stdin handler", EINVAL); + if (!nmbd_setup_sig_hup_handler(msg)) +- exit(1); ++ exit_daemon("NMBD failed to setup SIGHUP handler", EINVAL); + + /* get broadcast messages */ + +@@ -1012,8 +1006,7 @@ static bool open_sockets(bool isdaemon, int port) + FLAG_MSG_GENERAL | + FLAG_MSG_NMBD | + FLAG_MSG_DBWRAP)) { +- DEBUG(1, ("Could not register myself in serverid.tdb\n")); +- exit(1); ++ exit_daemon("Could not register NMBD process in serverid.tdb", EACCES); + } + + messaging_register(msg, NULL, MSG_FORCE_ELECTION, +@@ -1044,9 +1037,8 @@ static bool open_sockets(bool isdaemon, int port) + + /* Create an nmbd subnet record for each of the above. */ + if( False == create_subnets() ) { +- DEBUG(0,("ERROR: Failed when creating subnet lists. Exiting.\n")); + kill_async_dns_child(); +- exit(1); ++ exit_daemon("NMBD failed when creating subnet lists", EACCES); + } + + /* Load in any static local names. */ +@@ -1058,9 +1050,8 @@ static bool open_sockets(bool isdaemon, int port) + + /* If we are acting as a WINS server, initialise data structures. */ + if( !initialise_wins() ) { +- DEBUG( 0, ( "nmbd: Failed when initialising WINS server.\n" ) ); + kill_async_dns_child(); +- exit(1); ++ exit_daemon( "NMBD failed when initialising WINS server.", EACCES); + } + + /* +@@ -1072,21 +1063,19 @@ static bool open_sockets(bool isdaemon, int port) + */ + + if( False == register_my_workgroup_and_names() ) { +- DEBUG(0,("ERROR: Failed when creating my my workgroup. Exiting.\n")); + kill_async_dns_child(); +- exit(1); ++ exit_daemon( "NMBD failed when creating my workgroup.", EACCES); + } + + if (!initialize_nmbd_proxy_logon()) { +- DEBUG(0,("ERROR: Failed setup nmbd_proxy_logon.\n")); + kill_async_dns_child(); +- exit(1); ++ exit_daemon( "NMBD failed to setup nmbd_proxy_logon.", EACCES); + } + + if (!nmbd_init_packet_server()) { + kill_async_dns_child(); +- exit(1); +- } ++ exit_daemon( "NMBD failed to setup packet server.", EACCES); ++ } + + if (is_daemon && !opt_interactive) { + daemon_ready("nmbd"); +-- +1.8.5.3 + + +From 1067bdd3e590d5ab880044456c667e3663d99c95 Mon Sep 17 00:00:00 2001 +From: Alexander Bokovoy +Date: Wed, 26 Mar 2014 11:45:21 +0200 +Subject: [PATCH 4/5] winbindd: use exit_daemon() to pass startup status to + systemd + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517 + +Signed-off-by: Alexander Bokovoy +Reviewed-by: Andreas Schneider +(cherry picked from commit 91013315c9fa946bf85c85df0ccd40a803f3dc6f) +--- + source3/winbindd/winbindd.c | 13 ++++--------- + 1 file changed, 4 insertions(+), 9 deletions(-) + +diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c +index 61c1dbc..68ffd7e 100644 +--- a/source3/winbindd/winbindd.c ++++ b/source3/winbindd/winbindd.c +@@ -1543,8 +1543,7 @@ int main(int argc, char **argv, char **envp) + winbind_event_context(), + false); + if (!NT_STATUS_IS_OK(status)) { +- DEBUG(0,("reinit_after_fork() failed\n")); +- exit(1); ++ exit_daemon("Winbindd reinit_after_fork() failed", map_errno_from_nt_status(status)); + } + + /* +@@ -1554,17 +1553,14 @@ int main(int argc, char **argv, char **envp) + */ + status = init_before_fork(); + if (!NT_STATUS_IS_OK(status)) { +- DEBUG(0, ("init_before_fork failed: %s\n", nt_errstr(status))); +- exit(1); ++ exit_daemon(nt_errstr(status), map_errno_from_nt_status(status)); + } + + winbindd_register_handlers(winbind_messaging_context(), !Fork); + + status = init_system_session_info(); + if (!NT_STATUS_IS_OK(status)) { +- DEBUG(1, ("ERROR: failed to setup system user info: %s.\n", +- nt_errstr(status))); +- exit(1); ++ exit_daemon("Winbindd failed to setup system user info", map_errno_from_nt_status(status)); + } + + rpc_lsarpc_init(NULL); +@@ -1576,8 +1572,7 @@ int main(int argc, char **argv, char **envp) + /* setup listen sockets */ + + if (!winbindd_setup_listeners()) { +- DEBUG(0,("winbindd_setup_listeners() failed\n")); +- exit(1); ++ exit_daemon("Winbindd failed to setup listeners", EPIPE); + } + + TALLOC_FREE(frame); +-- +1.8.5.3 + + +From 037b9fd66e777571e2c963945e41535371b4683e Mon Sep 17 00:00:00 2001 +From: Alexander Bokovoy +Date: Wed, 26 Mar 2014 12:30:30 +0200 +Subject: [PATCH 5/5] ad-dc: use exit_daemon() to communicate status of startup + to systemd + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=10517 + +Signed-off-by: Alexander Bokovoy +Reviewed-by: Andreas Schneider +(cherry picked from commit a343303cbcd5af303455843ebf202e2f30daf3a6) +--- + source4/smbd/server.c | 19 +++++++------------ + 1 file changed, 7 insertions(+), 12 deletions(-) + +diff --git a/source4/smbd/server.c b/source4/smbd/server.c +index 3a23190..d5d9d9c 100644 +--- a/source4/smbd/server.c ++++ b/source4/smbd/server.c +@@ -398,15 +398,13 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[ + + if (lpcfg_server_role(cmdline_lp_ctx) == ROLE_ACTIVE_DIRECTORY_DC) { + if (!open_schannel_session_store(talloc_autofree_context(), cmdline_lp_ctx)) { +- DEBUG(0,("ERROR: Samba cannot open schannel store for secured NETLOGON operations.\n")); +- exit(1); ++ exit_daemon("Samba cannot open schannel store for secured NETLOGON operations.", EACCES); + } + } + + /* make sure we won't go through nss_winbind */ + if (!winbind_off()) { +- DEBUG(0,("Failed to disable recusive winbindd calls. Exiting.\n")); +- exit(1); ++ exit_daemon("Samba failed to disable recusive winbindd calls.", EACCES); + } + + gensec_init(); /* FIXME: */ +@@ -431,8 +429,7 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[ + event_ctx = s4_event_context_init(talloc_autofree_context()); + + if (event_ctx == NULL) { +- DEBUG(0,("Initializing event context failed\n")); +- return 1; ++ exit_daemon("Initializing event context failed", EACCES); + } + + if (opt_interactive) { +@@ -449,7 +446,7 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[ + #endif + + if (fstat(0, &st) != 0) { +- exit(1); ++ exit_daemon("Samba failed to set standard input handler", ENOTTY); + } + + if (S_ISFIFO(st.st_mode) || S_ISSOCK(st.st_mode)) { +@@ -478,15 +475,14 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[ + DEBUG(0, ("At this time the 'samba' binary should only be used for either:\n")); + DEBUGADD(0, ("'server role = active directory domain controller' or to access the ntvfs file server with 'server services = +smb' or the rpc proxy with 'dcerpc endpoint servers = remote'\n")); + DEBUGADD(0, ("You should start smbd/nmbd/winbindd instead for domain member and standalone file server tasks\n")); +- exit(1); ++ exit_daemon("Samba detected misconfigured 'server role' and exited. Check logs for details", EINVAL); + }; + + prime_ldb_databases(event_ctx); + + status = setup_parent_messaging(event_ctx, cmdline_lp_ctx); + if (!NT_STATUS_IS_OK(status)) { +- DEBUG(0,("Failed to setup parent messaging - %s\n", nt_errstr(status))); +- return 1; ++ exit_daemon("Samba failed to setup parent messaging", NT_STATUS_V(status)); + } + + DEBUG(0,("%s: using '%s' process model\n", binary_name, model)); +@@ -494,8 +490,7 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[ + status = server_service_startup(event_ctx, cmdline_lp_ctx, model, + lpcfg_server_services(cmdline_lp_ctx)); + if (!NT_STATUS_IS_OK(status)) { +- DEBUG(0,("Starting Services failed - %s\n", nt_errstr(status))); +- return 1; ++ exit_daemon("Samba failed to start services", NT_STATUS_V(status)); + } + + if (opt_daemon) { +-- +1.8.5.3 + diff --git a/samba.spec b/samba.spec index f48457e..ab2203b 100644 --- a/samba.spec +++ b/samba.spec @@ -1,7 +1,7 @@ # Set --with testsuite or %bcond_without to run the Samba torture testsuite. %bcond_with testsuite -%define main_release 2 +%define main_release 3 %define samba_version 4.1.6 %define talloc_version 2.0.8 @@ -86,6 +86,7 @@ Source200: README.dc Source201: README.downgrade Patch0: samba-4.1.7-fix_pidl_install.patch +Patch1: samba-4.1.7-Make_daemons_systemd_aware.patch BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) @@ -136,6 +137,7 @@ BuildRequires: python-devel BuildRequires: python-tevent BuildRequires: quota-devel BuildRequires: readline-devel +BuildRequires: systemd-devel BuildRequires: sed BuildRequires: zlib-devel >= 1.2.3 %if %{with_vfs_glusterfs} @@ -504,6 +506,7 @@ module necessary to communicate to the Winbind Daemon %setup -q -n samba-%{version}%{pre_release} %patch0 -p1 -b .samba-4.1.7-fix_pidl_install.patch +%patch1 -p1 -b .samba-4.1.7-Make_daemons_systemd_aware.patch %build %global _talloc_lib ,talloc,pytalloc,pytalloc-util @@ -587,8 +590,9 @@ LDFLAGS="-Wl,-z,relro,-z,now" \ --enable-selftest \ %endif %if ! %with_pam_smbpass - --without-pam_smbpass + --without-pam_smbpass \ %endif + --with-systemd make %{?_smp_mflags} @@ -644,7 +648,7 @@ install -m 0644 %{SOURCE200} packaging/README.dc-libs install -d -m 0755 %{buildroot}%{_unitdir} for i in nmb smb winbind ; do - cat packaging/systemd/$i.service | sed -e 's@Type=forking@Type=forking\nEnvironment=KRB5CCNAME=/run/samba/krb5cc_samba@g' >tmp$i.service + cat packaging/systemd/$i.service | sed -e 's@\[Service\]@[Service]\nEnvironment=KRB5CCNAME=FILE:/run/samba/krb5cc_samba@g' >tmp$i.service install -m 0644 tmp$i.service %{buildroot}%{_unitdir}/$i.service done @@ -1573,6 +1577,9 @@ rm -rf %{buildroot} %{_mandir}/man8/pam_winbind.8* %changelog +* Thu Apr 03 2014 - Andreas Schneider - 4.1.6-3 +- Add systemd integration to the service daemons. + * Tue Mar 18 2014 - Andreas Schneider - 4.1.6-2 - Created a samba-test-libs package.