Am 26.10.21 um 13:00 schrieb Eric Levy via samba:> Such observations may be, I hope, useful toward putting aside orthodox > perception, and framing the matter through broader clarity, I hope to > show that a wish to create a multiuser mount without a domain > controller is in principle rather sensible, and not, in the most > general case, diminished by many of the common objections.As I mentioned earlier most people in your situation and setup would opt for NFS with its limitations. Also as I said pam_mount would in the end result do what you want. So I think it very unlikely that this would be implemented in Samba.> > To close on a more concrete remark, NFS currently has limitations, as > stated previously, of its own, including the insistence on matching > numeric user identifiers, and lack of support for password > authentication. Features useful for Samba might be considered > separately from those available in NFS.Most people would use NFS in similar situations. They would restrict the NFS to be only mounted (or even only accessible) by clients that honour the requirement for Password auth. NFS can also support ACLs to make this more fine grained. I don't speak for the samba team. I just think your use case is just to small to really relevant. Or do others think different here? Regards Christian -- Dr. Christian Naumer Vice President Unit Head Bioprocess Development BRAIN Biotech AG Darmstaedter Str. 34-36, D-64673 Zwingenberg e-mail cn at brain-biotech.com, homepage www.brain-biotech.com phone +49-6251-9331-30 / fax +49-6251-9331-11 Sitz der Gesellschaft: Zwingenberg/Bergstrasse Registergericht AG Darmstadt, HRB 24758 Vorstand: Adriaan Moelker (Vorstandsvorsitzender), Lukas Linnig Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen
> Most people would use NFS in similar situations. They would restrict > the > NFS to be only mounted (or even only accessible) by clients that > honour > the requirement for Password auth. NFS can also support ACLs to make > this more fine grained.I'm not aware this is possible, and I believe even if it is possible in general, it is not supported by my NAS appliance. However, I would like to review any references on the subject if you have any.> I don't speak for the samba team. I just think your use case is just > to > small to really relevant. > > Or do others think different here?I am happy to learn the views of the team. My assumption has been that the use case would have been very small when the assumptions and decisions were originally created many decades ago, but that it is consistently expanding through the ongoing evolution of technology, for example, through SMB, SOHO, IoT, and so. Thus, as I have argued, it is now sensible to consider including support in future development.
> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > cn--- via samba > Verzonden: dinsdag 26 oktober 2021 13:23 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] domain-free multi-user use cases > > Am 26.10.21 um 13:00 schrieb Eric Levy via samba: > > > Such observations may be, I hope, useful toward putting > aside orthodox > > perception, and framing the matter through broader clarity, > I hope to > > show that a wish to create a multiuser mount without a domain > > controller is in principle rather sensible, and not, in the most > > general case, diminished by many of the common objections. > > As I mentioned earlier most people in your situation and > setup would opt > for NFS with its limitations. Also as I said pam_mount would > in the end > result do what you want. So I think it very unlikely that > this would be > implemented in Samba. > > > > > > To close on a more concrete remark, NFS currently has > limitations, as > > stated previously, of its own, including the insistence on matching > > numeric user identifiers, and lack of support for password > > authentication. Features useful for Samba might be considered > > separately from those available in NFS. > > Most people would use NFS in similar situations. They would > restrict the NFS to be only mounted (or even only accessible) by clients > that honour the requirement for Password auth. NFS can also support ACLsto make> this more fine grained. > > > I don't speak for the samba team. I just think your use case > is just to small to really relevant. > > Or do others think different here?Im still trying to understand what he exactly is saying. :-/ but thats me mostly. But if i only take these 2 alinea's> > To close on a more concrete remark, NFS currently has > limitations, as > > stated previously, of its own, including the insistence on matching > > numeric user identifiers, and lack of support for password > > authentication. Features useful for Samba might be considered > > separately from those available in NFS.Insistence on matching numeric user identifiers, great, its security. Lack of support for password, where, use kerberized NFS then. Samba might be considered separately from those available in NFS. VFS modules in samba will help here. I think above this is more a matter of.. Are we talking about "home" use or Bussiness use. For home use, yes, i can understand his point. For bussiness use, no, i dont get his point. Thats what i think but i might not gotten the big picture yet here. Greetz, Louis