-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release Announcements ==================== This is the third preview release of Samba 3.2.0. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Please be aware that Samba is now distributed under the version 3 of the new GNU General Public License. You may refer to the COPYING file that accompanies these release notes for further licensing details. Major enhancements in Samba 3.2.0 include: File Serving: o Use of IDL generated parsing layer for several DCE/RPC interfaces. o Removal of the 1024 byte limit on pathnames and 256 byte limit on filename components to honor the MAX_PATH setting from the host OS. o Introduction of a registry based configuration system. o Improved CIFS Unix Extensions support. o Experimental support for file serving clusters. o Support for IPv6 in the server, and client tools and libraries. o Support for storing alternate data streams in xattrs. o Encrypted SMB transport in client tools and libraries, and server. o Support for Vista clients authenticating via Kerberos. Winbind and Active Directory Integration: o Full support for Windows 2003 cross-forest, transitive trusts and one-way domain trusts. o Support for userPrincipalName logons via pam_winbind and NSS lookups. o Expansion of nested domain groups via NSS calls. o Support for Active Directory LDAP Signing policy. o New LGPL Winbind client library (libwbclient.so). Joining: o New NetApi library for domain join related queries (libnetapi.so) and example GTK+ Domain join gui. o New client and server support for remotely joining and unjoining Domains. o Support for joining into Windows 2008 domains. Users & Groups: o New ldb backend for local group mapping tables o Raised level of security defaults for authentication operations. Documentation: o Inclusion of an HTML version of the 3rd edition of "Using Samba" from O'Reilly Publishing. Now Licensed under the GNU GPLv3 =============================== The Samba Team has adopted the Version 3 of the GNU General Public License for the 3.2 and later releases. The GPLv3 is the updated version of the GPLv2 license under which Samba is currently distributed. It has been updated to improve compatibility with other licenses and to make it easier to adopt internationally, and is an improved version of the license to better suit the needs of Free Software in the 21st Century. The original announcement is available on-line at http://news.samba.org/announcements/samba_gplv3/ New Security Defaults for Authentication ======================================= Support for LanMan passwords is now disabled in both client and server applications. Additionally, clear text authentication requests are disabled by default in client utilities such as smbclient and all libsmbclient based applications. This will affect connection both to and from hosts running DOS, Windows 9x/ME, and OS/2. Please refer to the "Changes" section for details on the exact parameters that were updated. Registry Configuration Backend ============================= Samba is now able to use a registry based configuration backed to supplement smb.conf settings. This feature may be enabled by setting "config backend = registry" in the [global] section of smb.conf for a registry only configuration, or by specifying "include = registry" to include global options from registry for a mixed setup. The new parameter "registry shares = yes" in the [global] section of smb.conf can be used to activate share definitions from registry. These shares are loaded on demand by the server. Registry shares are automatically activated by the global registry options above. The configuration stored in registry can be conveniently managed using the "net conf" command. More information may be obtained from the smb.conf(5) and net(8) man pages. Removed Features =============== Both the Python bindings and the libmsrpc shared library have been removed from the tree due to lack of an official maintainer. As smbfs is no longer supported in current kernel versions, smbmount has been removed in this Samba version. Please use cifs (mount.cifs) instead. See examples/scripts/mount/mount.smbfs as an example for a wrapper which calls mount.cifs instead of smbmount/mount.smbfs. Modified API for libsmbclient ============================================================================= Maintaining ABI compatibility for libsmbclient has become increasingly difficult to accomplish, while also keeping the code organization such that it is easily readable. Towards the goal of maintaining ABI compatibility and also keeping the code easy to maintain and enhance, the API has been enhanced. In particular, the fields in the SMBCCTX context structure are no longer intended to be read/write by the user, and are marked as deprecated. An application that previously accessed the members of the SMBCCTX context structure will now encounter warnings if recompiled. This is intentional, to encourage implementation of the small changes required for the new interface. The number of changes is expected to be quite small for the vast majority of applications, and no changes need be made for many applications. The changes required for KDE (konqueror) to conform to the new interface, for example, are only four lines in only one file. Instead of the application manually changing or reading values in the context structure, there are now setter and getter functions for each configurable member in that structure. Similarly, the smbc_option_get() and smbc_option_set() functions are deprecated in favor of the setter/getter interface. The setters and getters are all documented in libsmbclient.h under these comment blocks: Getters and setters for CONFIGURATION Getters and setters for OPTIONS Getters and setters for FUNCTIONS Callable functions for files Callable functions for directories Callable functions applicable to both files and directories Example changes that may be required to eliminate "deprecated" warnings: /* Set the debug level */ context->debug = 99; changes to: smbc_setDebug(context, 99); /* Specify the authentication callback function */ context->callbacks.auth_fn = auth_smbc_get_data; changes to: smbc_setFunctionAuthData(context, auth_smbc_get_data); /* Specify the new-style authentication callback with context parameter */ smbc_option_set("auth_function", auth_smbc_get_data_with_ctx); changes to: smbc_setFunctionAuthDataWithContext(context, auth_smbc_get_data_with_ctx); /* Set kerberos flags */ context->flags = (SMB_CTX_FLAG_USE_KERBEROS | SMB_CTX_FLAG_FALLBACK_AFTER_KERBEROS); changes to: smbc_setOptionUseKerberos(context, 1); smbc_setOptionFallbackAfterKerberos(context, 1); ===============Download Details =============== The uncompressed tarballs and patch files have been signed using GnuPG (ID 6568B7EA). The source code can be downloaded from: http://download.samba.org/samba/ftp/pre/ The release notes are available online at: http://www.samba.org/samba/ftp/pre/WHATSNEW-3-2-0pre3.txt Binary packages will be made available on a volunteer basis from http://download.samba.org/samba/ftp/Binary_Packages/ Our Code, Our Bugs, Our Responsibility. (https://bugzilla.samba.org/) --Enjoy The Samba Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIEfBlKGi9fisXk1ERAugoAJ9ukVVSkr21TINK5S6YBmdetXDe9QCgnxxI CsGQfuDLfhHaUTF77sm4EiM=0x6w -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Release Announcements ==================== This is the third preview release of Samba 3.2.0. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Please be aware that Samba is now distributed under the version 3 of the new GNU General Public License. You may refer to the COPYING file that accompanies these release notes for further licensing details. Major enhancements in Samba 3.2.0 include: File Serving: o Use of IDL generated parsing layer for several DCE/RPC interfaces. o Removal of the 1024 byte limit on pathnames and 256 byte limit on filename components to honor the MAX_PATH setting from the host OS. o Introduction of a registry based configuration system. o Improved CIFS Unix Extensions support. o Experimental support for file serving clusters. o Support for IPv6 in the server, and client tools and libraries. o Support for storing alternate data streams in xattrs. o Encrypted SMB transport in client tools and libraries, and server. o Support for Vista clients authenticating via Kerberos. Winbind and Active Directory Integration: o Full support for Windows 2003 cross-forest, transitive trusts and one-way domain trusts. o Support for userPrincipalName logons via pam_winbind and NSS lookups. o Expansion of nested domain groups via NSS calls. o Support for Active Directory LDAP Signing policy. o New LGPL Winbind client library (libwbclient.so). Joining: o New NetApi library for domain join related queries (libnetapi.so) and example GTK+ Domain join gui. o New client and server support for remotely joining and unjoining Domains. o Support for joining into Windows 2008 domains. Users & Groups: o New ldb backend for local group mapping tables o Raised level of security defaults for authentication operations. Documentation: o Inclusion of an HTML version of the 3rd edition of "Using Samba" from O''Reilly Publishing. Now Licensed under the GNU GPLv3 =============================== The Samba Team has adopted the Version 3 of the GNU General Public License for the 3.2 and later releases. The GPLv3 is the updated version of the GPLv2 license under which Samba is currently distributed. It has been updated to improve compatibility with other licenses and to make it easier to adopt internationally, and is an improved version of the license to better suit the needs of Free Software in the 21st Century. The original announcement is available on-line at http://news.samba.org/announcements/samba_gplv3/ New Security Defaults for Authentication ======================================= Support for LanMan passwords is now disabled in both client and server applications. Additionally, clear text authentication requests are disabled by default in client utilities such as smbclient and all libsmbclient based applications. This will affect connection both to and from hosts running DOS, Windows 9x/ME, and OS/2. Please refer to the "Changes" section for details on the exact parameters that were updated. Registry Configuration Backend ============================= Samba is now able to use a registry based configuration backed to supplement smb.conf settings. This feature may be enabled by setting "config backend = registry" in the [global] section of smb.conf for a registry only configuration, or by specifying "include = registry" to include global options from registry for a mixed setup. The new parameter "registry shares = yes" in the [global] section of smb.conf can be used to activate share definitions from registry. These shares are loaded on demand by the server. Registry shares are automatically activated by the global registry options above. The configuration stored in registry can be conveniently managed using the "net conf" command. More information may be obtained from the smb.conf(5) and net(8) man pages. Removed Features =============== Both the Python bindings and the libmsrpc shared library have been removed from the tree due to lack of an official maintainer. As smbfs is no longer supported in current kernel versions, smbmount has been removed in this Samba version. Please use cifs (mount.cifs) instead. See examples/scripts/mount/mount.smbfs as an example for a wrapper which calls mount.cifs instead of smbmount/mount.smbfs. Modified API for libsmbclient ============================================================================= Maintaining ABI compatibility for libsmbclient has become increasingly difficult to accomplish, while also keeping the code organization such that it is easily readable. Towards the goal of maintaining ABI compatibility and also keeping the code easy to maintain and enhance, the API has been enhanced. In particular, the fields in the SMBCCTX context structure are no longer intended to be read/write by the user, and are marked as deprecated. An application that previously accessed the members of the SMBCCTX context structure will now encounter warnings if recompiled. This is intentional, to encourage implementation of the small changes required for the new interface. The number of changes is expected to be quite small for the vast majority of applications, and no changes need be made for many applications. The changes required for KDE (konqueror) to conform to the new interface, for example, are only four lines in only one file. Instead of the application manually changing or reading values in the context structure, there are now setter and getter functions for each configurable member in that structure. Similarly, the smbc_option_get() and smbc_option_set() functions are deprecated in favor of the setter/getter interface. The setters and getters are all documented in libsmbclient.h under these comment blocks: Getters and setters for CONFIGURATION Getters and setters for OPTIONS Getters and setters for FUNCTIONS Callable functions for files Callable functions for directories Callable functions applicable to both files and directories Example changes that may be required to eliminate "deprecated" warnings: /* Set the debug level */ context->debug = 99; changes to: smbc_setDebug(context, 99); /* Specify the authentication callback function */ context->callbacks.auth_fn = auth_smbc_get_data; changes to: smbc_setFunctionAuthData(context, auth_smbc_get_data); /* Specify the new-style authentication callback with context parameter */ smbc_option_set("auth_function", auth_smbc_get_data_with_ctx); changes to: smbc_setFunctionAuthDataWithContext(context, auth_smbc_get_data_with_ctx); /* Set kerberos flags */ context->flags = (SMB_CTX_FLAG_USE_KERBEROS | SMB_CTX_FLAG_FALLBACK_AFTER_KERBEROS); changes to: smbc_setOptionUseKerberos(context, 1); smbc_setOptionFallbackAfterKerberos(context, 1); ===============Download Details =============== The uncompressed tarballs and patch files have been signed using GnuPG (ID 6568B7EA). The source code can be downloaded from: http://download.samba.org/samba/ftp/pre/ The release notes are available online at: http://www.samba.org/samba/ftp/pre/WHATSNEW-3-2-0pre3.txt Binary packages will be made available on a volunteer basis from http://download.samba.org/samba/ftp/Binary_Packages/ Our Code, Our Bugs, Our Responsibility. (https://bugzilla.samba.org/) --Enjoy The Samba Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIEfBlKGi9fisXk1ERAugoAJ9ukVVSkr21TINK5S6YBmdetXDe9QCgnxxI CsGQfuDLfhHaUTF77sm4EiM=0x6w -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Karolin Seeger wrote:> Release Announcements > ====================> > This is the third preview release of Samba 3.2.0. This is *not* > intended for production environments and is designed for testing > purposes only. Please report any defects via the Samba bug reporting > system at https://bugzilla.samba.org/.Thanks Karolin. Great work! cheers, jerry -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIEfKNIR7qMdg1EfYRAmPrAJ9vvpxzJIJS297jsaYKFR/E3OMCrACg6jKZ dLCP24qmRrj5yNagEx0kNio=SYnK -----END PGP SIGNATURE-----
On Fri, Apr 25, 2008 at 10:55 AM, Karolin Seeger <ks@sernet.de> wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Release Announcements > ====================> > This is the third preview release of Samba 3.2.0. This is *not* > intended for production environments and is designed for testing > purposes only. Please report any defects via the Samba bug reporting > system at https://bugzilla.samba.org/. ><snip>> Major enhancements in Samba 3.2.0 include: > > File Serving: > o Use of IDL generated parsing layer for several DCE/RPC > interfaces. > o Removal of the 1024 byte limit on pathnames and 256 byte limit on > filename components to honor the MAX_PATH setting from the host OS.Can someone explain that some more. Is that a tightening or loosing of the restriction? Or point me do a discussion about how it was decided to do this? === My concern IIRC MAX_PATH is 512 under Windows, but it is a lie that cannot be trusted. It is just the limit for the old API. The new Unicode APIs do not honor that define. I'm concerned this may be true of other filesystems / OSes. In particular with Robocopy that comes with Windows 2003 Resource Kit you can work with pathnames up to 32K I believe it is. (See the Robocopy release notes for details). A lot of tools are still restricted to 512 chars, but I am fairly confident that 512 is no longer a fundamental limitation with newer Windows products. Greg -- Greg Freemyer Litigation Triage Solutions Specialist http://www.linkedin.com/in/gregfreemyer First 99 Days Litigation White Paper - http://www.norcrossgroup.com/forms/whitepapers/99%20Days%20whitepaper.pdf The Norcross Group The Intersection of Evidence & Technology http://www.norcrossgroup.com