Initial check-in of scripts.

Author: jarrpa

README.md

@@ -1,2 +1,18 @@
 # samba-hacking
 A collection of utility scripts for hacking Samba.
+
+## General Hacking
+
+* **wafbuild.sh:** Store my usual configure parameters. Distclean, reconfigure, rebuild.
+
+## Clustered Hacking
+
+* **enlighten.sh:** Distribute working repository (on my laptop) to remote nodes via SSH + rsync.
+* **rebirth.sh:** Kill and restart Samba processes.
+
+## Witness Hacking
+
+* **resource-change.sh:** Trigger a Witness resource change notification.
+* **wisdom.sh:** Hack to allow source4 samba to read AD credentials stored in CTDB.
+* **witness-me.sh:** Script to monitor Samba, Witness, and CTDB.
+

enlighten.sh

@@ -0,0 +1,133 @@
+#!/bin/bash
+
+# enlighten.sh
+#
+# A clustered Samba hacking script to synchronize the code repositories on the
+# cluster nodes.
+
+DEFAULT_NODES="ganesh buddhi riddhi siddhi"
+
+get_help() {
+echo "USAGE: enlighten.sh [-bcf] [<node> ...]
+
+A clustered Samba hacking script to synchronize the code repositories on the
+cluster nodes. By default, this script only tries to update the code on remote
+nodes via rsync. Nodes are specified as a space-separated list of names or IP
+address. If no nodes are specified, the following list is used:
+
+$DEFAULT_NODES
+
+Options:
+ -b, --build
+	Run a Samba build on the first node before distributing the repo to the
+	other nodes.
+
+ -c, --configure
+	Clean the repo, run configure, and do a Samba build. Implies --build.
+
+ -f, --force
+	Normally, this script attempts to synchronize the repositories using an
+	rsync batched write. This can be really finnicky if you change anything
+	on the remote repositories. Use --force to perform a full, non-batched
+	rsync on every node. This is much slower but will usually succeed.
+"
+}
+
+BUILD=false
+FORCE=false
+CMD="make -j4"
+
+
+while [[ $# > 0 ]]; do
+  ARG="$1"
+
+  if [[ ${ARG:0:1} != "-" ]]; then
+    break
+  fi
+
+  OPTS=()
+
+  if [[ ${#ARG} -gt 2 && ${ARG:0:2} != "--" && ${ARG:0:1} == "-" ]]; then
+    for (( i=1; i<${#ARG}; i++ )); do
+      OPTS+=("-${ARG:$i:1}")
+    done
+  else
+    OPTS+=($ARG)
+  fi
+
+  for OPT in "${OPTS[@]}"; do
+    case $OPT in
+      -b|--build)
+      BUILD=true
+      shift
+      ;;
+      -f|--force)
+      FORCE=true
+      shift
+      ;;
+      -c|--configure)
+      BUILD=true
+      CMD="./wafbuild.sh"
+      shift
+      ;;
+      *)
+      echo "Unknown option: $OPT"
+      get_help
+      exit
+      ;;
+    esac
+  done
+done
+
+nodes=${@:-"$DEFAULT_NODES"}
+
+echo "BUILD: $BUILD"
+echo "FORCE: $FORCE"
+echo "CMD..: $CMD"
+echo "NODES: $nodes"
+
+exit
+
+rm -rf rsync-batch*; rm -rf ../samba-rsync/rsync-batch*
+if $FORCE; then
+  rsync -rltvD . ../samba-rsync >/dev/null
+else
+  rsync --write-batch=rsync-batch -rltvD . ../samba-rsync >/dev/null
+fi
+
+sync_repo() {
+    echo "Syncing $1..."
+    ssh $1 "rm -rf rsync_batch*; rm -rf samba/rsync-batch* >/dev/null"
+
+    if $FORCE; then
+      rsync -rltvD . $1:samba >/dev/null
+    else
+      scp -q rsync-batch* $1:
+      ssh $1 "./rsync-batch.sh samba >/dev/null"
+    fi
+}
+
+if $BUILD; then
+  head=$(echo "$nodes" | awk '{ print $1 }')
+  others=${nodes#$head }
+
+  echo "Syncing $head..."
+  sync_repo $head
+
+  echo "Running command [$CMD] on $head..."
+  ssh $head "cd samba; $CMD"
+  ret=$?
+
+  if [ $ret == 0 ]; then
+    if $FORCE; then
+      FFLAG="f"
+    else
+      FFLAG=""
+    fi
+    ssh $head "cd samba; ./enlighten.sh -${FFLAG} ${others}"
+  fi
+else
+  for n in $nodes; do
+    sync_repo $n
+  done
+fi

rebirth.sh

@@ -0,0 +1,112 @@
+#!/bin/bash
+
+# rebirth.sh
+#
+# A clustered Samba hacking script to kill and restart Samba processes on the
+# cluster nodes. This script should be run locally on the individual nodes.
+
+TIMEOUT_SECS=0
+DEFAULT_PROCS="ctdbd samba smbd nmbd winbindd"
+
+get_help() {
+echo "USAGE: rebirth.sh [<process> ...]
+
+A clustered Samba hacking script to kill and restart Samba processes on the
+cluster nodes. This script should be run locally on the individual nodes.
+Processes to be killed and restarted can be specified by name as parameters on
+the command line. By default, the following list of processes is defined:
+
+$DEFAULT_PROCS
+"
+}
+
+PROCS=""
+RESTART_SAMBA=false
+RESTART_CTDB=false
+RESTART_WB=false
+
+while [[ $# > 0 ]]; do
+  PROG="$1"
+
+  case $PROG in
+  ctdb|ctdbd)
+    PROCS="$PROCS ctdbd"
+    ;;
+  samba|smb|smbd)
+    PROCS="$PROCS samba smbd nmbd"
+    ;;
+  winbind|winbindd|wb)
+    PROCS="$PROCS winbindd"
+    ;;
+  all)
+    PROCS=""
+    ;;
+  *)
+    echo "Unknown process: " $PROC
+    get_help
+    exit 1
+  esac
+
+  shift
+done
+
+PROCS=${PROCS:-"$DEFAULT_PROCS"}
+
+if [[ $PROCS == *"samba"* ]] || [[ $PROCS == *"smbd"* ]] || [[ $PROCS == *"nmbd"* ]]; then
+  RESTART_SAMBA=true
+fi
+if [[ $PROCS == *"ctdbd"* ]]; then
+  RESTART_CTDB=true
+fi
+if [[ $PROCS == *"winbindd"* ]]; then
+  RESTART_WB=true
+fi
+
+echo "Killing processes [$PROCS]"
+killall -9 $PROCS >/dev/null 2>&1
+killall -9 $PROCS >/dev/null 2>&1
+
+if $RESTART_SAMBA; then
+  rm -rf /var/run/witnessd.pid
+fi
+
+mkdir -p /var/run/samba
+mkdir -p /var/run/ctdb
+
+if $RESTART_CTDB; then
+  echo -n "Starting CTDB"
+  bin/default/ctdb/ctdbd --reclock /data/lock-mnt/reclock --pidfile /var/run/ctdb/ctdbd.pid --event-script-dir ctdb/config/events.d/ --public-addresses=/etc/ctdb/public_addresses
+  N=0
+  STATUS=$(bin/default/ctdb/ctdb status 2>&1)
+  NSTATUS=$(echo "$STATUS" | grep "THIS NODE" | awk '{ print $3 }')
+  until [ "$NSTATUS" == "OK" ] || [ "$NSTATUS" == *"BANNED"* ] || [ "$STATUS" == *"Errno"* ] || [ $N -ge $TIMEOUT_SECS ]; do
+    echo -n "."
+    (( N++ ))
+    sleep 1
+    STATUS=$(bin/default/ctdb/ctdb status 2>&1)
+    NSTATUS=$(echo "$STATUS" | grep "THIS NODE" | awk '{ print $3 }')
+    #echo -n "$NSTATUS"
+  done
+  if [ "$NSTATUS" == *"BANNED"* ]; then 
+    echo -e "BANNED?!\nCTDB failed to start, check logs."
+    exit 1
+  fi
+  if [ $N -ge $TIMEOUT_SECS ]; then 
+    echo -e "TIMEOUT!\nCTDB failed to start, check logs."
+    exit 1
+  fi
+  if [ "$STATUS" == *"Errno"* ]; then 
+    echo -e "ERROR!!\nCTDB failed to start, check logs."
+    echo "$STATUS"
+    exit 1
+  fi
+  echo "OK!"
+fi
+
+if $RESTART_SAMBA || $RESTART_WB; then
+  echo "Starting Samba daemons"
+  bin/samba >/dev/null 2>&1
+fi
+
+echo "Done."
+

resource-change.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+
+#!/bin/bash
+
+BROADCAST=""
+RESOURCE=""
+STATE=""
+
+while [[ $# > 0 ]]; do
+  ARG="$1"
+
+  case $ARG in
+  -n|--nodes)
+    BROADCAST="/root/samba/bin/default/ctdb/onnode -p $2 "
+    shift
+    ;;
+  --)
+    ;;
+  *)
+    RESOURCE=$1
+    STATE=$2
+    if [[ "x$RESOURCE" == "x" ]] || [[ "x$STATE" == "x" ]]; then
+      echo "Invalid parameters: RESOURCE[$RESOURCE] STATE[$STATE]"
+      exit 1
+    fi
+    shift
+  esac
+  shift
+done
+
+${BROADCAST}/root/samba/bin/smbcontrol witnessd witnessnotify change $RESOURCE $STATE

wafbuild.sh

@@ -0,0 +1,32 @@
+PDB_SHARED_MODULES="pdb_ads,pdb_tdbsam,pdb_smbpasswd,pdb_wbc_sam"
+IDMAP_SHARED_MODULES="idmap_ipa,idmap_rid,idmap_ad,idmap_adex,idmap_hash,idmap_tdb2,idmap_ldap"
+GPEXT_SHARED_MODULES="gpext_security,gpext_registry,gpext_scripts"
+VFS_SHARED_MODULES="vfs_glusterfs"
+
+CONFIGURE_OPTS=" \
+                --prefix=/root/samba/ \
+                --localstatedir=/var \
+                --sysconfdir=/etc \
+                --with-lockdir=/var/lib/samba \
+                --with-piddir=/var/run \
+                --with-privatedir=/etc/samba \
+                --with-statedir=/var/lib/samba \
+                --with-cachedir=/var/lib/samba \
+                --with-quotas \
+                --with-pam \
+                --with-shared-modules=$IDMAP_SHARED_MODULES,$PDB_SHARED_MODULES,$GPEXT_SHARED_MODULES,$VFS_SHARED_MODULES \
+                --with-ads \
+                --with-dnsupdate \
+                --enable-developer \
+                --with-aio-support \
+                --with-logfilebase=/var/log/samba \
+                --enable-selftest \
+                --with-selftest-prefix=./st \
+                --enable-fhs \
+                --with-cluster-support \
+                $@"
+#                --libdir=/usr/lib64 \
+#                --mandir=/usr/share/man \
+#                --with-modulesdir=/usr/lib64/samba \
+
+make distclean && ./buildtools/bin/waf configure $CONFIGURE_OPTS && make -j4

wisdom.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+bin/default/ctdb/ctdb catdb secrets.tdb | grep -v "dmaster\|rsn\|Dumped" | sed -e 's/key/{\nkey/' -e 's/^$/}/' >foodb
+rm -f /etc/samba/secrets.*
+tdbrestore /etc/samba/secrets.tdb <foodb

witness-me.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+SHOW_LOG=""
+
+while [[ $# > 0 ]]; do
+  OPT="$1"
+
+  case $OPT in
+  -l|--log)
+    SHOW_LOG="echo; echo '==== /var/log/samba/log.samba ====='; tail -25 /var/log/samba/log.samba"
+    ;;
+  *)
+    echo "Unknown opt: " $OPT
+    exit 1
+  esac
+
+  shift
+done
+
+function WPID() {
+  if [ -e /var/run/witnessd.pid ]; then
+    echo "Witness PID: $(cat /var/run/witnessd.pid)"
+  else
+    echo "Witness PID: NONE"
+  fi
+}
+
+#watch -n 1 "bin/smbstatus -S; echo; netstat -4dnp | grep \":1024\" | grep samba | awk '{print \"PID: \" substr(\$7, 0, index(\$7, \"/\")-1) \" RPC (Witness) Conn: \" substr(\$4, 0, index(\$4,\":\")-1)}' | uniq; echo; bin/default/ctdb/ctdb status; bin/default/ctdb/ctdb ip; $SHOW_LOG"
+watch -tn 1 "bin/smbstatus -p; echo `WPID`; echo; bin/default/ctdb/ctdb status; bin/default/ctdb/ctdb ip; $SHOW_LOG"