Hi all,
I have just released the fourth alpha snapshot
of what will become Samba 2.2.0.
It's available from the usual ftp sites, in the alpha
directory as :
<ftp mirror>:/pub/samba/alpha/samba-2.2.0-alpha3.tar.gz
If people could test this snapshot out and provide feedback
about what is broken and let the lists know that would help.
The problem acting as a PDC for Win2k clients has been fixed,
it should work fine now (it does in my tests).
The Team will be monitoring the feedback and this will help
for the next alpha.
The POSIX ACL mapping feature has been rewritten and now
supports Linux (using the patch at http://acl.bestbits.at/),
Solaris and UnixWare. IRIX is being worked on for the next
release. Implementations for other platforms (AIX, HPUX, True64
etc.) are welcome - look at the code in lib/sysacls.c for
the interface needed.
The documentation has been converted from yodl to DocBook
(thanks Gerald and the documentation authors) but there are
still a few missing parameters.
This code has been running under memory overrun/leak detectors
for weeks now without problems.
Having said that - *please* don't use this on a production
system.
The release notes follow :
Regards,
Jeremy Allison,
Samba Team.
====================================================================
WHATS NEW IN Samba 2.2.0alpha3
=============================
This is the fourth alpha release of the new 2.2.0 codebase
for Samba. This version must not be run in production.
This code will almost certainly have some bugs and is
intended to help the Samba Team prepare an official 2.2.0
release.
The documentation in this alpha snapshot has been updated and
converted from Yodl to DocBook 4.1. There are many new parameters
since 2.0.7 and some defaults have changed. Most of the changes
are now documented.
This version of Samba will act as a PDC for Win2k clients as
well as for NT4.x clients.
Several significant bugs have been fixed between alpha3
and alpha2, these include :
./configure now supports a --with-acl-support that attempts
to select the correct ACL implementation.
./confugure now supports a --with-fhs option for the Linux
file system standard.
The ACL mapping code has been completely re-written and now
supports Solaris ACLs and UnixWare ACLs in addition to Linux
ACLS. IRIX ACL support is currently under development.
smbmount fixes for Linux only.
Byte ordering issues with AS/U on HPUX and PC-Netlink on Solaris
have been fixed. PC-Netlink can now join and authenticate against
a Samba 2.2 PDC (thanks to the CIFS/9000 Team at HP and Herb Lewis
at SGI for getting this working).
Restructuring of all the RPC interface code to allow TALLOC management
of memory. Preparing for auto-generated RPC code in a future Samba
release.
Addition of OS/2 auto printer driver download support from IBM.
Many scalability improvements in the RPC printing code.
Merge of the new SAMR code from a TNG snapshot. Many fixes and
updates since then from Jean-Francois.
Re-written rpcclient to allow UNIX client upload/download of printer
drivers.
Modification to debug system - start to allow "classes" of debug.
Code from John Reilly @ HP.
Removed all uses of snprintf (security reasons) - replaced with
slprintf.
Password caching code fixed - no more null derefs.
Prepare to split wildcard handling out for old DOS/Win3.x clients, not
done yet.
Changed length of fstring to 256 from 128. Longer filenames handled.
CUPS integration with new printing backend (patches from Michael Sweet).
Added ADMIN$ IPC share for AS/U integration.
Policy handle allocation made per pipename specific.
-------------------------------------------------------------
Previous release notes.
-------------------------------------------------------------
Several significant bugs have been fixed between alpha2
and alpha1, these include :
Inclusion of mapping of NT ACLs to Linux ACLs, using the patch
found at http://acl.bestbits.at.
This is being done via an abstract interface that needs porting
to the following UNIXes - IRIX, Solaris, HPUX, AIX - as many
as can be done will be supported at 2.2.0 release. Please look
at the code in lib/sysacls.c for the needed work.
Addition of tdb spinlock code for tdb speed.
Addition of user list lookup from Win2k (thanks to the Samba TNG
branch code for this).
Addition of generic to specific mapping of security descriptors
in printer code.
Addition of code page 857 (Turkish).
Addition of "%D" substitution for incoming Domain of user.
getpwnam/getpwuid cache.
Many codepage fixes when dealing with printers with extended
characters (thanks to HP for this fix).
Inherited security descriptors for printing.
Creation of internal NT "token" for smbd access checks.
Addition of NT trans code for client.
Fix for inheritance of blocked signals (thanks to HP).
Addition of "total print jobs" parameter.
Fix for NT not being able to save properties changes on
PCL drivers.
Fixes to speed up enumeration of print jobs.
Cleanup printer spool files on client disconnect.
Byteswap fixes for printing code (thanks JF).
New parameter "dos filemode" to allow a user who can write to a
file to change permissions on it.
Subtle statcache bugfix.
Fix for Office2000 print to file bug.
Fix for MS Access multi-user open problem.
Valid users now in linked list rather than array.
SMB lookup now table driven rather than linear search (doh!).
TDB locking fixes for multiple openers.
Several significant bugs have been fixed between alpha0
and alpha1, these include :
Fix for level II oplock bug.
Support for detecting version 2/3 printer drivers (from HP).
Samba profiling support (from SGI).
Winbind integration fixes.
Preliminary Win2K PDC support in compatibility mode for Win2K
clients (from JF).
VFS interface updates.
Failover finding of BDC's now works again.
lpq race condition fixes.
utmp fixes.
SWAT username detection fix.
Bugfix for WinNT and Win2K point and print feature.
The upcoming 2.2.0 Samba release will include the following
new features:
Integration with the winbind daemon that provides a single
sign on facility for UNIX servers in Windows NT4/2000 networks
driven by a Windows NT4/2000 PDC.
Support for native Windows NT4/2000 printing RPCs.
This includes support for automatic printer driver
download. It is currently believed this functionality
is working in alpha2.
Rewritten internal locking semantics for more robustness.
This alpha supports full 64 bit locking semantics on all
(even 32 bit) platforms. SMB locks are mapped onto POSIX
locks (32 bit or 64 bit) as the underlying system allows.
Conversion of various internal flat data structures to use
database records for increased performance and
flexibility.
Support for acting as a MS-DFS server
Compile time option for enabling a VFS layer
Support for server supported Access Control Lists (ACLs).
This support will require a specific pluggable backend to
be written for each filesystem ACL implementation to be
supported. The stable 2.2.0 release should contain
support for the following filesystems:
Solaris 2.6+
HPUX
SGI Irix
Linux Kernel 2.2 with German ACL patch
Currently in this alpha snapshot (alpha1) this feature
is not enabled - the VFS layer has been modified to allow
it, but the code is still under development and should
be in a later alpha snapshot.
Other platforms will be supported as resources are
available to test and implement the encessary modules. If
you are interested in writing the support for a particular
ACL filesystem, please join the samba-technical mailing
list and coordinate your efforts.
Support for collection of profile information. A shared
memory area has been created which contains counters for
the number of calls to and the amount of time spent in
various system calls and smb transactions. See the file
profile.h for a complete listing of the information
collected. Sample code for a samba pmda (collection agent
for Performance Co-Pilot) has been included in the pcp
directory.
To enable the profile data collection code in samba, you
must compile samba with profile support (run configure with
the --with-profile option). On startup, collection of data
is disabled. To begin collecting data use the smbcontrol
program to turn on profiling (see the smbcontrol man page).
Profile information collection can be enabled for all smbd
processes or one or more selected processes. The profiling
data collected is the aggragate for all processes that have
profiling enabled.
With samba compiled for profile data collection, you may see
a very slight degradation in performance even with profiling
collection turned off. On initial tests with NetBench on an
SGI Origin 200 server, this degradation was not measureable
with profile collection off compared to no profile collection
compiled into samba.
With count profile collection enabled on all clients, the
degradation was less than 2%. With full profile collection
enabled on all clients, the degradation was about 8.5%.
====================================================================
If you think you have found a bug please email a report to :
samba@samba.org
As always, all bugs are our responsibility.
Regards,
The Samba Team.
--
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------
> Prepare to split wildcard handling out for old DOS/Win3.x clients, not > done yet.Does this mean that future releases of samba will not fully suport these old clients? This would be a drawback as we have a net that needs not only new w2k-machines but also these old clients (never change running labatory equipment). Sorry if this is a silly question. Thanks, Christian _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN)
On Sat, 24 Mar 2001, Christian Barth wrote:> > Prepare to split wildcard handling out for old DOS/Win3.x clients, > > not done yet. > > Does this mean that future releases of samba will not > fully suport these old clients? This would be a drawback as we have a > net that needs not only new w2k-machines but also these old clients > (never change running labatory equipment). Sorry if this is a silly > question.No. it means that wilcard matching is different in DOS and NT clients. Different mattern matching algorithms are needed to correctly handle this. Cheers, jerry
Jeremy,
First off, I haven't tested alpha3 yet ... but I am using alpha2.
It appears that setuid binaries are not honored with 2.2a2. Perhaps this is
intentional.
What I noticed was all print requests sent to Samba never got spooled up
with LPRng. I set the debug level to 3 for smbd and the logs reported that
my "lpr" command "gave a 1".
In order to catch output from the lpr command itself, I created a wrapper
script and redirected the output to a file. After attempting another print
request, the lpr output was complaining that the "-U" option can only
be run
by root (my print commands in smb.conf all use the "-U" option). The
odd
thing is that the lpr command is setuid root and the previous version of
Samba functions fine with this option.
Errol Fouquet - UNIX SysAdmin
Minerals Management Service, DOI
1201 Elmwood Park Blvd.
New Orleans, LA 70123
Phone: (504) 736-3255
Fax: (504) 736-2464
email: errol.fouquet@mms.gov
http://www.gomr.mms.gov
-----Original Message-----
From: Jeremy Allison [mailto:jeremy@valinux.com]
Sent: Friday, March 23, 2001 3:10 PM
To: samba@samba.org; samba-ntdom@samba.org; jeremy@valinux.com; Samba
technical
Subject: Samba 2.2 alpha3 released
Hi all,
I have just released the fourth alpha snapshot
of what will become Samba 2.2.0.
It's available from the usual ftp sites, in the alpha
directory as :
<ftp mirror>:/pub/samba/alpha/samba-2.2.0-alpha3.tar.gz
If people could test this snapshot out and provide feedback
about what is broken and let the lists know that would help.
The problem acting as a PDC for Win2k clients has been fixed,
it should work fine now (it does in my tests).
The Team will be monitoring the feedback and this will help
for the next alpha.
The POSIX ACL mapping feature has been rewritten and now
supports Linux (using the patch at http://acl.bestbits.at/),
Solaris and UnixWare. IRIX is being worked on for the next
release. Implementations for other platforms (AIX, HPUX, True64
etc.) are welcome - look at the code in lib/sysacls.c for
the interface needed.
The documentation has been converted from yodl to DocBook
(thanks Gerald and the documentation authors) but there are
still a few missing parameters.
This code has been running under memory overrun/leak detectors
for weeks now without problems.
Having said that - *please* don't use this on a production
system.
The release notes follow :
Regards,
Jeremy Allison,
Samba Team.
====================================================================
WHATS NEW IN Samba 2.2.0alpha3
=============================
This is the fourth alpha release of the new 2.2.0 codebase
for Samba. This version must not be run in production.
This code will almost certainly have some bugs and is
intended to help the Samba Team prepare an official 2.2.0
release.
The documentation in this alpha snapshot has been updated and
converted from Yodl to DocBook 4.1. There are many new parameters
since 2.0.7 and some defaults have changed. Most of the changes
are now documented.
This version of Samba will act as a PDC for Win2k clients as
well as for NT4.x clients.
Several significant bugs have been fixed between alpha3
and alpha2, these include :
./configure now supports a --with-acl-support that attempts
to select the correct ACL implementation.
./confugure now supports a --with-fhs option for the Linux
file system standard.
The ACL mapping code has been completely re-written and now
supports Solaris ACLs and UnixWare ACLs in addition to Linux
ACLS. IRIX ACL support is currently under development.
smbmount fixes for Linux only.
Byte ordering issues with AS/U on HPUX and PC-Netlink on Solaris
have been fixed. PC-Netlink can now join and authenticate against
a Samba 2.2 PDC (thanks to the CIFS/9000 Team at HP and Herb Lewis
at SGI for getting this working).
Restructuring of all the RPC interface code to allow TALLOC management
of memory. Preparing for auto-generated RPC code in a future Samba
release.
Addition of OS/2 auto printer driver download support from IBM.
Many scalability improvements in the RPC printing code.
Merge of the new SAMR code from a TNG snapshot. Many fixes and
updates since then from Jean-Francois.
Re-written rpcclient to allow UNIX client upload/download of printer
drivers.
Modification to debug system - start to allow "classes" of debug.
Code from John Reilly @ HP.
Removed all uses of snprintf (security reasons) - replaced with
slprintf.
Password caching code fixed - no more null derefs.
Prepare to split wildcard handling out for old DOS/Win3.x clients, not
done yet.
Changed length of fstring to 256 from 128. Longer filenames handled.
CUPS integration with new printing backend (patches from Michael Sweet).
Added ADMIN$ IPC share for AS/U integration.
Policy handle allocation made per pipename specific.
-------------------------------------------------------------
Previous release notes.
-------------------------------------------------------------
Several significant bugs have been fixed between alpha2
and alpha1, these include :
Inclusion of mapping of NT ACLs to Linux ACLs, using the patch
found at http://acl.bestbits.at.
This is being done via an abstract interface that needs porting
to the following UNIXes - IRIX, Solaris, HPUX, AIX - as many
as can be done will be supported at 2.2.0 release. Please look
at the code in lib/sysacls.c for the needed work.
Addition of tdb spinlock code for tdb speed.
Addition of user list lookup from Win2k (thanks to the Samba TNG
branch code for this).
Addition of generic to specific mapping of security descriptors
in printer code.
Addition of code page 857 (Turkish).
Addition of "%D" substitution for incoming Domain of user.
getpwnam/getpwuid cache.
Many codepage fixes when dealing with printers with extended
characters (thanks to HP for this fix).
Inherited security descriptors for printing.
Creation of internal NT "token" for smbd access checks.
Addition of NT trans code for client.
Fix for inheritance of blocked signals (thanks to HP).
Addition of "total print jobs" parameter.
Fix for NT not being able to save properties changes on
PCL drivers.
Fixes to speed up enumeration of print jobs.
Cleanup printer spool files on client disconnect.
Byteswap fixes for printing code (thanks JF).
New parameter "dos filemode" to allow a user who can write to a
file to change permissions on it.
Subtle statcache bugfix.
Fix for Office2000 print to file bug.
Fix for MS Access multi-user open problem.
Valid users now in linked list rather than array.
SMB lookup now table driven rather than linear search (doh!).
TDB locking fixes for multiple openers.
Several significant bugs have been fixed between alpha0
and alpha1, these include :
Fix for level II oplock bug.
Support for detecting version 2/3 printer drivers (from HP).
Samba profiling support (from SGI).
Winbind integration fixes.
Preliminary Win2K PDC support in compatibility mode for Win2K
clients (from JF).
VFS interface updates.
Failover finding of BDC's now works again.
lpq race condition fixes.
utmp fixes.
SWAT username detection fix.
Bugfix for WinNT and Win2K point and print feature.
The upcoming 2.2.0 Samba release will include the following
new features:
Integration with the winbind daemon that provides a single
sign on facility for UNIX servers in Windows NT4/2000 networks
driven by a Windows NT4/2000 PDC.
Support for native Windows NT4/2000 printing RPCs.
This includes support for automatic printer driver
download. It is currently believed this functionality
is working in alpha2.
Rewritten internal locking semantics for more robustness.
This alpha supports full 64 bit locking semantics on all
(even 32 bit) platforms. SMB locks are mapped onto POSIX
locks (32 bit or 64 bit) as the underlying system allows.
Conversion of various internal flat data structures to use
database records for increased performance and
flexibility.
Support for acting as a MS-DFS server
Compile time option for enabling a VFS layer
Support for server supported Access Control Lists (ACLs).
This support will require a specific pluggable backend to
be written for each filesystem ACL implementation to be
supported. The stable 2.2.0 release should contain
support for the following filesystems:
Solaris 2.6+
HPUX
SGI Irix
Linux Kernel 2.2 with German ACL patch
Currently in this alpha snapshot (alpha1) this feature
is not enabled - the VFS layer has been modified to allow
it, but the code is still under development and should
be in a later alpha snapshot.
Other platforms will be supported as resources are
available to test and implement the encessary modules. If
you are interested in writing the support for a particular
ACL filesystem, please join the samba-technical mailing
list and coordinate your efforts.
Support for collection of profile information. A shared
memory area has been created which contains counters for
the number of calls to and the amount of time spent in
various system calls and smb transactions. See the file
profile.h for a complete listing of the information
collected. Sample code for a samba pmda (collection agent
for Performance Co-Pilot) has been included in the pcp
directory.
To enable the profile data collection code in samba, you
must compile samba with profile support (run configure with
the --with-profile option). On startup, collection of data
is disabled. To begin collecting data use the smbcontrol
program to turn on profiling (see the smbcontrol man page).
Profile information collection can be enabled for all smbd
processes or one or more selected processes. The profiling
data collected is the aggragate for all processes that have
profiling enabled.
With samba compiled for profile data collection, you may see
a very slight degradation in performance even with profiling
collection turned off. On initial tests with NetBench on an
SGI Origin 200 server, this degradation was not measureable
with profile collection off compared to no profile collection
compiled into samba.
With count profile collection enabled on all clients, the
degradation was less than 2%. With full profile collection
enabled on all clients, the degradation was about 8.5%.
====================================================================
If you think you have found a bug please email a report to :
samba@samba.org
As always, all bugs are our responsibility.
Regards,
The Samba Team.
--
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------
Bill, The problem is not related to LPRng. I agree that the "-U" flag is only available to root. However my lpr binary is "setuid root". This means that whomever runs the binary, does in fact run as the root user. It worked before, I would guess, because 2.0.x versions of Samba allowed the execution of setuid programs. It appears to me that 2.2a2 does not. -----Original Message----- From: William R. Knox [mailto:wknox@mitre.org] Sent: Monday, March 26, 2001 9:08 AM To: Fouquet, Errol Cc: samba@samba.org Subject: RE: Samba 2.2 alpha3 released Pardon the somewhat off-topic reply. LPRng will not allow a non-root user to use the -U flag by default. I couldn't tell you why it worked before. However, you can edit your lpd.conf file and add the line "allow_user_setting=name_of_smb_user" to allow the user as which the samba processes run (in our case nobody) to use this flag. This works like a charm for us here. Good luck! Bill Knox Senior Operating Systems Programmer/Analyst The MITRE Corporation On Mon, 26 Mar 2001, Fouquet, Errol wrote:> Date: Mon, 26 Mar 2001 07:16:40 -0700 > From: "Fouquet, Errol" <Errol.Fouquet@mms.gov> > To: 'Jeremy Allison' <jeremy@valinux.com>, samba@samba.org, > samba-ntdom@samba.org, Samba technical <samba-technical@samba.org> > Subject: RE: Samba 2.2 alpha3 released > > Jeremy, > > First off, I haven't tested alpha3 yet ... but I am using alpha2. > It appears that setuid binaries are not honored with 2.2a2. Perhaps thisis> intentional. > > What I noticed was all print requests sent to Samba never got spooled up > with LPRng. I set the debug level to 3 for smbd and the logs reported that > my "lpr" command "gave a 1". > > In order to catch output from the lpr command itself, I created a wrapper > script and redirected the output to a file. After attempting another print > request, the lpr output was complaining that the "-U" option can only berun> by root (my print commands in smb.conf all use the "-U" option). The odd > thing is that the lpr command is setuid root and the previous version of > Samba functions fine with this option. > > Errol Fouquet - UNIX SysAdmin > Minerals Management Service, DOI > 1201 Elmwood Park Blvd. > New Orleans, LA 70123 > Phone: (504) 736-3255 > Fax: (504) 736-2464 > email: errol.fouquet@mms.gov > http://www.gomr.mms.gov >[original message deleted to save electrons, a precious natural resource] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Hi,> The Team will be monitoring the feedback and this will help > for the next alpha.There is still one thing I can not get to work: If there are directorys in the Windows user profile that have the dos 'read-only' attribute samba 2.2 writes them with mode rwx in the profile share on the Unix system, it should be r-x. Windows 2000 uses the read only attribute to find out if the directory acts as a normal directory or as a 'shortcut to...' (cvs Version 27.3.01 around 3:00am GMT)> for Samba. This version must not be run in production.Ok - but sometimes you have to...> The documentation in this alpha snapshot has been updated andCan someone update the pdc-faq? I think some people (me too) get confused since /usr/sbin/useradd and /usr/sbin/adduser are there on most Linux systems but take different parameters.> ./configure now supports a --with-acl-support that attempts > to select the correct ACL implementation.Should this be a default for Windows 2000 clients?> Re-written rpcclient to allow UNIX client upload/download of printer > drivers.I think there have been same permission problems during pinter driver upload in the cvs from 26.3.01 it seems to work with the cvs version from 27.3.01. Don't know if the problem is also in the alpha 3 ftp-Version.> Policy handle allocation made per pipename specific.Is there a policy howto for Windows 2000 clients? Any kind of emulation of the W2000 Server group policys? Greetings, Martin