Quoting Christian Perrier ([email protected]): > Package: samba > Version: 2:3.6.5-1 > Severity: wishlist > > After a discussion with Ivo De Decker at SambaXP, I noticed that we > try to create the passdb database in all cases, which: > - takes ages with thousands of users (so, we should at least print > something to avoid users thinking that the upgrade process is hanged > - is useless if and LDAP backed is used
FTR, here's the discussion I had with Steve(vorlon) on IRCabout this,
after I propsoed entirely dropping the pieces of code that
automaticallly create smb passwrod file entries at install time:
10:01 < vorlon> bubulle: so if we don't do the import at install time, how do
we ensure that the system is usable after install? It's not usable without
passdb entries, and
nothing else populates them automatically
10:01 < vorlon> I'm happy to get rid of this if there's a better mechanism
10:03 <@abartlet> vorlon: it doesn't do anything
10:03 < vorlon> hmm?
10:03 <@abartlet> vorlon: smbpasswd file entries without passwords are pretty
pointless
10:03 <@abartlet> no other distribution auto-imports
10:03 < vorlon> well
10:04 < vorlon> except there's pam_smbpass which can be used to set the
password for the passwordless entry
10:04 < vorlon> and IIRC it cares about whether the account already exists
10:08 <@abartlet> vorlon: then make it a step for pam_smbpass only
10:09 <@abartlet> vorlon: or perhaps I can help by removing the script from
master? ;-)
10:09 < vorlon> pam_smbpass only> hmm, could do
10:09 < vorlon> historically, samba would display acls differently to clients
based on whether accounts existed in the passdb; is that no longer relevant?
10:10 <@abartlet> we still do that
10:10 < vorlon> ok
10:10 < vorlon> maybe not a compelling reason to do the import, but it does
mean the import isn't a no-op
10:12 <@abartlet> the problem with a one-time import is nothing keeps it in sync
10:12 <@abartlet> so you create two classes of users: those present at install
time, and others
10:14 < vorlon> true enough
10:15 < vorlon> though we could arguably hook into adduser, if creating the
passdb entries was the right thing to do
10:20 <@abartlet> vorlon: assuming user management is local...
10:27 < bubulle> indeed it can make sens for local users but, really, I think
that ppl who have such setup do already have local user creation scripts that
take care of creating
the user *and* populate ths smb passwords
10:27 < bubulle> at least, I think the benefit is not balanced by the various
drawbacks
signature.asc
Description: Digital signature

