ldap: Run the LDAP server with the default (typically standard) process model

This allows one LDAP socket to proceed if another fails, and reduces the impact of a crash becoming a DoS bug, as it only impacts one socket. This may mean we have a lot of idle tasks, but this should not be a big issue Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
author: Andrew Bartlett <abartlet@samba.org> 2016-10-17 13:55:42 +1300
committer: Stefan Metzmacher <metze@samba.org> 2017-07-02 17:35:20 +0200
commit: f4ce77857bb677ea612ad26d700960f913ff7bd8 (patch)
tree: 22b5bd85e1f9140685796f5accb9c32a512fb5c5 /source4/ldap_server
parent: 5ec724687e1a714b2effbfb47e997632e3346297 (diff)
download: samba-f4ce77857bb677ea612ad26d700960f913ff7bd8.tar.gz
1 files changed, 6 insertions, 3 deletions
diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
index 6a6053206b2..d9f24e0817c 100644
--- a/source4/ldap_server/ldap_server.c
+++ b/source4/ldap_server/ldap_server.c
@@ -1121,9 +1121,12 @@ static void ldapsrv_task_init(struct task_server *task)
 
 	task_server_set_title(task, "task[ldapsrv]");
 
-	/* run the ldap server as a single process */
-	model_ops = process_model_startup("single");
-	if (!model_ops) goto failed;
+	/*
+	 * Here we used to run the ldap server as a single process,
+	 * but we don't want transaction locks for one task in a write
+	 * blocking all other reads, so we go multi-process.
+	 */
+	model_ops = task->model_ops;
 
 	ldap_service = talloc_zero(task, struct ldapsrv_service);
 	if (ldap_service == NULL) goto failed;
author	Andrew Bartlett <abartlet@samba.org>	2016-10-17 13:55:42 +1300
committer	Stefan Metzmacher <metze@samba.org>	2017-07-02 17:35:20 +0200
commit	f4ce77857bb677ea612ad26d700960f913ff7bd8 (patch)
tree	22b5bd85e1f9140685796f5accb9c32a512fb5c5 /source4/ldap_server
parent	5ec724687e1a714b2effbfb47e997632e3346297 (diff)
download	samba-f4ce77857bb677ea612ad26d700960f913ff7bd8.tar.gz