30.03.2023 10:33, Kees van Vloten via samba ?????:
> To add to this, if you do not want everything from backports then use
apt-pinning so that you just get the Samba packages from there.
Please don't do this. There's no need to use pinning with debian
backports.
This is not related to samba but to the way how debian backports archive
works. The whole thing is marked with
NotAutomatic: yes
ButAutomaticUpgrades: yes
so only packages you explicitly ask for are installed from bpo, and these
packages will be kept up to date. See man 5 apt_preferences. This is
the way it works since debian squeeze.
> Indeed Samba evolves much faster than Debian releases are released, so
sticking to the primary release is not a good thing in this particular case.
It is not the case here either.
The prob was that 4.13 packages in debian needed quite a bit of adjustments, -
for a few years many changes in there were made in quick but unthinkful way,
making smallest changes instead of right changes. Without updates to new
versions too, - for example, at the time of bullseye, more recent samba
version has already been available (if not two). The state of samba package
has been, well, not excellent :) - which resulted in minor change in an
unrelated place breaking some other random place. We had a bullseye security
update which resulted in i386 smbd binary crashing at startup due to wrong
order of object files at the link line, - this is obviously completely
unacceptable..
Well.. actually I _can_ try to backport a few security patches from current
samba releases to 4.13, but there are at least 2 issues with that. First,
I really dislike doing that, every time I look at the 4.13 packages I'm
trembling somewhere deep inside :). And second, I tried to backport the
already mentioned Win 22H2 AD-DC fix, provided the updated packages, but
wasn't entirely sure it actually fixes the issue (since I had no environment
to test it), -- see #1022574. But the user in question already switched
to bpo version so even they weren't able to test it for me :) so it went
this way without fixing.
So I'm talking just about this 4.13 debian bullseye thing, not general
debian "vs" samba thing.
I keep samba backports in debian up to date due to this very reason, -
because 4.13 bullseye packages aren't the best.
(I uploaded 4.17.7 (and 4.16.10) versions to debian and to my archives
built for debian and ubuntu, filed an unblock request for bookworm for 4.17.7,
hopefully it will be in bookworm in a few days, and plan to upload it to
bpo11 today or tomorrow).
/mjt