On Thu, Feb 09, 2006 at 08:33:07AM +0100, Christian Perrier wrote: > > Hmm, no discussion of this one before committing?
> Well, I saw these changes as safe and harmless which obviously they aren't. > > > + * Default smb.conf changes: > > > + - activate "preserve case" and "short preserve case" in the > > > + default smb.conf file. Closes: #349047 > > These options are already the defaults. What's the point of uncommenting > > them? > Hmm, well. Personal history. I usually always keep them in my own > smb.conf files...but I agreee this is not a reason. I use them for > such a long time that I didn't remember they are the default..:-) > Dropping seems then worth it. Closing the bug report Yes, that bug report should be closed. I think your removal of them from the default smb.conf is reasonable indeed, since these options should rarely need to be adjusted. (They were previously present in our default smb.conf, but I don't think they need to be.) > > > + - add safe network browsing parameters . Closes: #349048 > > > +# Please read BROWSING.txt and set the next parameters accordind > > > +# to your network setup. There is no valid default, so they are commented > > > +; os level = 66 > > > +; local master = yes > > > +; preferred master = yes > > No, these are *not* safe options; they should almost *never* be tampered > > with, and almost anyone who touches them doesn't know what they're doing. > > Please do not include these as examples, they're just examples of how to > > break your network. > Blech. I'm afraid that my personal history lead me wrong here also. I > usually set samba servers to win master browser elections because of a > very messy network at work....this being a way to have some "control" > over it. This works if you know your network and have full control over it, and you're not running any domain controllers. But once you start to have domain controllers present, adjusting these options on a machine that *isn't* the domain controller can disrupt network visibility, cause extra chatter, or break compatibility with unknown future versions of Windows. We don't need to be giving people examples of how to do this :) > But I agree this is not a good example to give....and, well, people > who want to temper these parameters MUST anyway read BRWSING.txt carefully. Indeed... > > > +# Is this machine able to authenticate users. Both PDC and BDC > > > +# must have this setting enabled. If you are the BDC you must > > > +# change the 'domain master' setting to no > > > +; domain logons = yes > > > +# Domain Master specifies Samba to be the Domain Master Browser. If this > > > +# machine will be configured as a BDC (a secondary logon server), you > > > +# must set this to 'no'; otherwise, the default behaviour is recommended. > > > + domain master = auto > > These are ok as examples, but again I don't see any reason to have an > > uncommented 'domain master' option that duplicates the compiled-in default. > > I also think we ought to be distinguishing between "this is a default value > > that you may want to uncomment and change to something else" and "this is a > > non-default value which you may want to uncomment under specific > > circumstances". That's a separate wishlist bug, though, as we haven't done > > this consistently for existing examples either. > After Andrew comments, I'm very tempted to avoid examples with the > default value as this leads to users building very complicated > smb.conf files which make debugging a lot more complicated. > As a consequence, after your both comments, I'm tempted to simply > close these two bugs as irrelevant. Agreed? > Or do we keep one or two of the options? Well, 'domain logons' is probably a more common option for users to want to change than many of those we already list as examples. I think we should include it. (Yes, it's also dangerous to enable this, but the effects of this option are a bit easier to understand than the others, and there *are* good and common reasons to want to set it...) -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/
signature.asc
Description: Digital signature
