samba-technical@lists.samba.org
[Top] [All Lists]

[PATCH] Don't send MSG_WINBIND_ONLINE to idmap_child() in any child proc

Subject: [PATCH] Don't send MSG_WINBIND_ONLINE to idmap_child() in any child process
From: boyang
Date: Tue, 13 Jan 2009 17:59:39 +0800
Hi, everyone:
     If the trusted domain cannot go online, fork_child_dc_connect()
will be invoked periodically to fork() one child process, trying to
connect to DC.  look, fork_child_dc_connect() ---> getdcs() --->
get_dc_name_via_netlogon() ---> cm_connect_netlogon() --->
init_dc_connection() ---> cm_open_connection ---> set_domain_online(),
here send MSG_WINBIND_ONLINE to idmap_child(). It causes
MSG_WINBIND_ONLINE being sent to idmap_child() periodically, which cause
idmap child to fork and connect to the primary domain'DC even primary
domain is already online. :-)  It is very expensive, we must not want to
do that....

Please review the patches!
Thanks!

Best
    Regards
BoYang
>From 4b3aaca25e969e0fac1f55c22a1f0569d503c77f Mon Sep 17 00:00:00 2001
From: Bo Yang <boyang@xxxxxxxxxx>
Date: Tue, 13 Jan 2009 17:02:13 +0800
Subject: [PATCH] Don't send MSG_WINBIND_ONLINE to idmap_child() in child 
process.

Signed-off-by: Bo Yang <boyang@xxxxxxxxxx>
---
 source3/lib/messages.c           |    4 ++++
 source3/winbindd/winbindd_cm.c   |    2 +-
 source3/winbindd/winbindd_dual.c |   24 ++++++++++++++++++++++++
 3 files changed, 29 insertions(+), 1 deletions(-)

diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 4e5659d..0db502b 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -216,7 +216,7 @@ static bool fork_child_dc_connect(struct winbindd_domain 
*domain)
        if (!override_logfile) {
                if (asprintf(&lfile, "%s/log.winbindd-dc-connect", 
get_dyn_LOGFILEBASE()) == -1) {
                        DEBUG(0, ("fork_child_dc_connect: out of memory.\n"));
-                       return false;
+                       _exit(0);
                }
        }
 
diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c
index 9f91153..79d7671 100644
--- a/source3/winbindd/winbindd_dual.c
+++ b/source3/winbindd/winbindd_dual.c
@@ -1203,6 +1203,22 @@ bool winbindd_reinit_after_fork(const char *logfilename)
                TALLOC_FREE(cl->lockout_policy_event);
                TALLOC_FREE(cl->machine_password_change_event);
         }
+       /*
+        * This is a little tricky, we don't want child
+        * to send MSG_WINBIND_ONLINE to idmap_child().
+        * If we are in the child of trusted domain or
+        * in the process created by fork_child_dc_connect().
+        * And the trusted domain cannot go online,
+        * fork_child_dc_connection() sends MSG_WINBIND_ONLINE 
+        * periodically to idmap_child().
+        * look, fork_child_dc_connect() ---> getdcs() --->
+        * get_dc_name_via_netlogon() ---> cm_connect_netlogon()
+        * ---> init_dc_connection() ---> cm_open_connection --->
+        * set_domain_online(), here send MSG_WINBIND_ONLINE to
+        * idmap_child().
+        */
+       cl = idmap_child();
+       cl->pid = 0;
 
        return true;
 }
@@ -1296,6 +1312,14 @@ static bool fork_domain_child(struct winbindd_child 
*child)
                        }
                }
        }
+       
+       /*
+        * We are in idmap child, make sure that we set the
+        * check_online_event to bring primary domain online.
+        */
+       if (child == idmap_child()) {
+               set_domain_online_request(primary_domain);
+       }
 
        /* We might be in the idmap child...*/
        if (child->domain && !(child->domain->internal) &&
-- 
1.5.3

>From b043616ee3a80eeb8ff09aa364a33eb39ed2e24e Mon Sep 17 00:00:00 2001
From: Bo Yang <boyang@xxxxxxxxxx>
Date: Tue, 13 Jan 2009 17:33:26 +0800
Subject: [PATCH] Don't send MSG_WINBIND_ONLINE to idmap_child() in child 
process.

Signed-off-by: Bo Yang <boyang@xxxxxxxxxx>
---
 source/nsswitch/winbindd_dual.c |   24 ++++++++++++++++++++++++
 1 files changed, 24 insertions(+), 0 deletions(-)

diff --git a/source/nsswitch/winbindd_dual.c b/source/nsswitch/winbindd_dual.c
index f976eba..988984c 100644
--- a/source/nsswitch/winbindd_dual.c
+++ b/source/nsswitch/winbindd_dual.c
@@ -972,6 +972,22 @@ bool winbindd_reinit_after_fork(const char *logfile)
                }
                TALLOC_FREE(cl->lockout_policy_event);
        }
+       /*
+        * This is a little tricky, we don't want child
+        * to send MSG_WINBIND_ONLINE to idmap_child().
+        * If we are in the child of trusted domain or
+        * in the process created by fork_child_dc_connect().
+        * And the trusted domain cannot go online,
+        * fork_child_dc_connection() sends MSG_WINBIND_ONLINE 
+        * periodically to idmap_child().
+        * look, fork_child_dc_connect() ---> getdcs() --->
+        * get_dc_name_via_netlogon() ---> cm_connect_netlogon()
+        * ---> init_dc_connection() ---> cm_open_connection --->
+        * set_domain_online(), here send MSG_WINBIND_ONLINE to
+        * idmap_child().
+        */
+       cl = idmap_child();
+       cl->pid = 0;
 
        return true;
 }
@@ -1063,6 +1079,14 @@ static BOOL fork_domain_child(struct winbindd_child 
*child)
                }
        }
 
+       /*
+        * We are in idmap child, make sure that we set the
+        * check_online_event to bring primary domain online.
+        */
+       if (child == idmap_child()) {
+               set_domain_online_request(primary_domain);
+       }
+
        /* We might be in the idmap child...*/
        if (child->domain && !(child->domain->internal) &&
            lp_winbind_offline_logon()) {
-- 
1.5.3

>From e53067765ee317eff364646e8c53666bb371be3b Mon Sep 17 00:00:00 2001
From: Bo Yang <boyang@xxxxxxxxxx>
Date: Tue, 13 Jan 2009 17:49:14 +0800
Subject: [PATCH] Don't send MSG_WINBIND_ONLINE to idmap_child() in child 
process.

Signed-off-by: Bo Yang <boyang@xxxxxxxxxx>
---
 source/winbindd/winbindd_cm.c   |    2 +-
 source/winbindd/winbindd_dual.c |   24 ++++++++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletions(-)

diff --git a/source/winbindd/winbindd_cm.c b/source/winbindd/winbindd_cm.c
index 3996e48..4d21147 100644
--- a/source/winbindd/winbindd_cm.c
+++ b/source/winbindd/winbindd_cm.c
@@ -203,7 +203,7 @@ static bool fork_child_dc_connect(struct winbindd_domain 
*domain)
        if (!override_logfile) {
                if (asprintf(&lfile, "%s/log.winbindd-dc-connect", 
get_dyn_LOGFILEBASE()) == -1) {
                        DEBUG(0, ("fork_child_dc_connect: out of memory!\n"));
-                       return false;
+                       _exit(0);
                }
        }
 
diff --git a/source/winbindd/winbindd_dual.c b/source/winbindd/winbindd_dual.c
index c0a62eb..9d326e5 100644
--- a/source/winbindd/winbindd_dual.c
+++ b/source/winbindd/winbindd_dual.c
@@ -1102,6 +1102,22 @@ bool winbindd_reinit_after_fork(const char *logfilename)
                }
                TALLOC_FREE(cl->lockout_policy_event);
         }
+       /*
+        * This is a little tricky, we don't want child
+        * to send MSG_WINBIND_ONLINE to idmap_child().
+        * If we are in the child of trusted domain or
+        * in the process created by fork_child_dc_connect().
+        * And the trusted domain cannot go online,
+        * fork_child_dc_connection() sends MSG_WINBIND_ONLINE 
+        * periodically to idmap_child().
+        * look, fork_child_dc_connect() ---> getdcs() --->
+        * get_dc_name_via_netlogon() ---> cm_connect_netlogon()
+        * ---> init_dc_connection() ---> cm_open_connection --->
+        * set_domain_online(), here send MSG_WINBIND_ONLINE to
+        * idmap_child().
+        */
+       cl = idmap_child();
+       cl->pid = 0;
 
        return true;
 }
@@ -1194,6 +1210,14 @@ static bool fork_domain_child(struct winbindd_child 
*child)
                        }
                }
        }
+       
+       /*
+        * We are in idmap child, make sure that we set the
+        * check_online_event to bring primary domain online.
+        */
+       if (child == idmap_child()) {
+               set_domain_online_request(primary_domain);
+       }
 
        /* We might be in the idmap child...*/
        if (child->domain && !(child->domain->internal) &&
-- 
1.5.3

>From 74c19866c12b9d13e04921464658c0ed0bb001b0 Mon Sep 17 00:00:00 2001
From: Bo Yang <boyang@xxxxxxxxxx>
Date: Tue, 13 Jan 2009 17:37:59 +0800
Subject: [PATCH] Don't send MSG_WINBIND_ONLINE to idmap_child() in child 
process.

Signed-off-by: Bo Yang <boyang@xxxxxxxxxx>
---
 source/winbindd/winbindd_cm.c   |    2 +-
 source/winbindd/winbindd_dual.c |   24 ++++++++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletions(-)

diff --git a/source/winbindd/winbindd_cm.c b/source/winbindd/winbindd_cm.c
index fa28bfa..70a1392 100644
--- a/source/winbindd/winbindd_cm.c
+++ b/source/winbindd/winbindd_cm.c
@@ -216,7 +216,7 @@ static bool fork_child_dc_connect(struct winbindd_domain 
*domain)
        if (!override_logfile) {
                if (asprintf(&lfile, "%s/log.winbindd-dc-connect", 
get_dyn_LOGFILEBASE()) == -1) {
                        DEBUG(0, ("fork_child_dc_connect: out of memory.\n"));
-                       return false;
+                       _exit(0);
                }
        }
 
diff --git a/source/winbindd/winbindd_dual.c b/source/winbindd/winbindd_dual.c
index a20b628..69f66c0 100644
--- a/source/winbindd/winbindd_dual.c
+++ b/source/winbindd/winbindd_dual.c
@@ -1203,6 +1203,22 @@ bool winbindd_reinit_after_fork(const char *logfilename)
                TALLOC_FREE(cl->lockout_policy_event);
                TALLOC_FREE(cl->machine_password_change_event);
         }
+       /*
+        * This is a little tricky, we don't want child
+        * to send MSG_WINBIND_ONLINE to idmap_child().
+        * If we are in the child of trusted domain or
+        * in the process created by fork_child_dc_connect().
+        * And the trusted domain cannot go online,
+        * fork_child_dc_connection() sends MSG_WINBIND_ONLINE 
+        * periodically to idmap_child().
+        * look, fork_child_dc_connect() ---> getdcs() --->
+        * get_dc_name_via_netlogon() ---> cm_connect_netlogon()
+        * ---> init_dc_connection() ---> cm_open_connection --->
+        * set_domain_online(), here send MSG_WINBIND_ONLINE to
+        * idmap_child().
+        */
+       cl = idmap_child();
+       cl->pid = 0;
 
        return true;
 }
@@ -1296,6 +1312,14 @@ static bool fork_domain_child(struct winbindd_child 
*child)
                        }
                }
        }
+       
+       /*
+        * We are in idmap child, make sure that we set the
+        * check_online_event to bring primary domain online.
+        */
+       if (child == idmap_child()) {
+               set_domain_online_request(primary_domain);
+       }
 
        /* We might be in the idmap child...*/
        if (child->domain && !(child->domain->internal) &&
-- 
1.5.3

Attachment: boyang.vcf
Description: Vcard

<Prev in Thread] Current Thread [Next in Thread>