I don't recall what Samba version you're using, but if I recall
correctly, the only thing the root user was ever needed for, was joining
machines to a domain. Presumably because he had to write to restricted
files. From Samba 3.0.11 the privilege SeMachineAccountPrivilege can be
assigned to a mortal to do this, so root isn't necessary at all from
that version upward.
The account used to join machines had to be able to run the equivilent
of 'useradd somemachine$'. Since the smbd process runs as the
connecting user, you needed root or a root-like user. Then they allowed
the smbd process to fork a root process with the priviledge seperation
commands and voilla.
--
Paul Gienger Office: 701-281-1884
Applied Engineering Inc.
Systems Architect Fax: 701-281-1322
URL: www.ae-solutions.com mailto: [EMAIL PROTECTED]
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
