[Samba] [ANNOUNCE] Samba 3.5.13 Available for Download
Please note that the tarball is available, but the v3-6-stable git branch and the websites cannot be updated right now because of technical problems. Thank you for your understanding. === "A great artist is always before his time or behind it." George Edward Moore == Release Announcements = This is the latest stable release of Samba 3.5. Major enhancements in Samba 3.5.13 include: o Fix a crash bug in cldap_socket_recv_dgram() (bug #8593). o Fully observe password change settings (bug #8561). o Fix NT ACL issue (bug #8673). o Fix segfault in Winbind if we can't map the last user (bug #8678). Changes since 3.5.12: o Michael Adam * BUG 8327: Fix config reload to reload shares from registry. o Jeremy Allison * BUG 8139: Ignore SMBecho errors. * BUG 8521: Fix Winbind cache timeout expiry test. * BUG 8561: Fully observe password change settings. * BUG 8631: Fix POSIX ACE x permission mapping to and from a DACL. * BUG 8636: When returning an ACL without SECINFO_DACL requested, we still set SEC_DESC_DACL_PRESENT in the type field. * BUG 8644: Make sure that vfs_acl_xattr and vfs_acl_tdb modules add inheritable entries on a directory with no stored ACL. * BUG 8663: Fix deleting a symlink if the symlink target is outside of the * share. * BUG 8664: Fix renaming a symlink if the symlink target is outside of the share. * BUG 8673: Fix NT ACL issue. * BUG 8679: Make sure that recvfile code path using splice() on Linux does not leave data in the pipe on short write. * BUG 8687: Fix typo in 'net memberships' usage. o Christian Ambach * BUG 8658: Add timeouts to Winbind cache. o Andrew Bartlett * BUG 8727: Do not limit read replies to NBT packet sizes. o Günther Deschner * BUG 8176: Fix perl path. * BUG 8692: Fix malloc/talloc mismatch in ads_keytab_verify_ticket(). o Björn Jacke * BUG 8652: Document the ignore system acls option of vfs_acl_xattr and vfs_acl_tdb. o Jeff Layton * BUG 8648: Document more undocumented mount.cifs options. o Volker Lendecke * BUG 8639: Fix the vfs_commit module. * BUG 8686: Packet validation checks can be done before length validation causing uninitialized memory read. o Stefan Metzmacher * BUG 5326: Fix cli_write_and_x() against OS/2 print shares. * BUG 8562: Fix double free error (talloc). * BUG 8593: Fix a crash bug in cldap_socket_recv_dgram(). * BUG 8684: Try ctdbd_init_connection() as root. o Masafumi Nakayama * BUG 563: Fix 'smbclient tar' for files greater than 8GB on BE machines. o Matthieu Patou * BUG 8599: Make WINBINDD_PAM_AUTH_CRAP return valid user session key. * BUG 8771: Make Winbind change faster from DC1 to DC2. o Andreas Schneider * BUG 8608: Don't fail on users without a uid (Winbind). * BUG 8628: Don't duplicate Kerberos service tickets. * BUG 8645: Add missing prefixpath options for mount.cifs manpage. * BUG 8658: Add an update function for Winbind cache. * BUG 8678: Fix segfault in Winbind if we can't map the last user. o Karolin Seeger * BUG 7705: Fix rpm build issues on RHEL4. o Richard Sharpe * BUG 8607: Simplify building modules outside the Samba source tree. ## Reporting bugs & Development Discussion ### Please discuss this release on the samba-technical mailing list or by joining the #samba-technical IRC channel on irc.freenode.net. If you do report problems then please try to send high quality feedback. If you don't provide vital information to help us track down the problem then you will probably be ignored. All bug reports should be filed under the Samba 3.5 product in the project's Bugzilla database (https://bugzilla.samba.org/). == == Our Code, Our Bugs, Our Responsibility. == The Samba Team == Download Details The uncompressed tarballs and patch files have been signed using GnuPG (ID 6568B7EA). The source code can be downloaded from: http://download.samba.org/samba/ftp/stable The release notes are available online at: http://www.samba.org/samba/history/samba-3.5.13.html Binary packages will be made available on a volunteer basis from http://download.samba.org/samba/ftp/Binary_Packages/ Our Code, Our Bugs, Our Responsibility. (https://bugzilla.samba.org/) --Enjoy The Samba Team -- T
Re: [Samba] Unable to start Samba on AIX 6.1
On Mon, Mar 12, 2012 at 05:17:39PM +, neetesh.gu...@accenture.com wrote: > Hi Allison, > > I have downloaded the package yesterday night, complied & > installed. While I am starting the nmbd & smbd process, I am getting below > error. > > > # ./nmbd > exec(): 0509-036 Cannot load program ./nmbd because of the following errors: > 0509-150 Dependent module libwbclient.so could not be loaded. > 0509-022 Cannot load module libwbclient.so. > 0509-026 System error: A file or directory in the path name does not > exist. > # ./smbd > exec(): 0509-036 Cannot load program ./smbd because of the following errors: > 0509-150 Dependent module libtalloc.so could not be loaded. > 0509-022 Cannot load module libtalloc.so. > 0509-026 System error: A file or directory in the path name does not > exist. Set your shared library load path to /usr/local/samba/lib. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba PDC/NIS client
On Monday 12 March 2012 17:33:28 Simon Matthews wrote: > On Sun, Mar 11, 2012 at 4:09 AM, Tony Molloy wrote: > > On Sunday 11 March 2012 05:31:35 Simon Matthews wrote: > > > On Sat, Mar 10, 2012 at 4:24 PM, Gaiseric Vandal > > > > > > wrote: > > > > Do you have password sync enabled?If password sync is > > > > enabled, samba will try to use the passwd command to set the > > > > unix password. But with nis, you probably might need > > > > something nis specific. On solaris it was “passwd –r nis” - > > > > not sure about linux.Probably better to just disable > > > > password sync. > > > > I've got a very similar setup to you. Except I use a smbpasswd > > file. > > > > > No, I don't have this option enabled. I am not sure how it is > > > relevant. Problem summary: > > > The samba PDC is an NIS client > > > "getent passwd" retruns the passwd data. > > > The user's SAMBA password was set using smbpasswd > > > The user's NIS passwd was set using yppasswd > > > > So far all the same. > > > > > ALL I had to do to allow domain logins was: > > > ypcat passwd | grep >> /etc/passwd > > > > Why duplicate the password entries. I just have them in NIS and > > /etc/passwd just has the system passwords. > > > > > Note that after copying the user details to /etc/passwd, the > > > password that was set with "smbpasswd" was the password that > > > was used with the successful domain login. > > > > Don't really uinderstand what you mean by "domain logins" > > > > 1. Create the user under linux first > > 2. Use smbpasswd to add the user to samba > > > > You now have a user in both linux and samba but remember the > > passwords are stored separately, changing one does not change > > the other. > > > > 3. Edit /etc/nsswitch.conf. Set > > > > passwd:files nis > > shdow: files > > Removing the "nis" entry from "shadow:" in /etc/nsswitch.conf > solved the issue. I don't understand why, but it did . > > Simon The shadow file /etc/shadow stores the passwords associated with the entries in the password file /etc/passwd. It has nothing to do with the NIS password database which stores the passwords in the actual database entries. Tony > > > That works for me. YMMV > > > > Tony > > > > > Simon > > > > -- > > To unsubscribe from this list go to the following URL and read > > the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba PDC/NIS client
If your NIS passwd file did NOT have a valid password, maybe samba or unix was rejecting logins as a security measure. On 03/12/12 13:33, Simon Matthews wrote: On Sun, Mar 11, 2012 at 4:09 AM, Tony Molloy wrote: On Sunday 11 March 2012 05:31:35 Simon Matthews wrote: On Sat, Mar 10, 2012 at 4:24 PM, Gaiseric Vandal wrote: Do you have password sync enabled?If password sync is enabled, samba will try to use the passwd command to set the unix password. But with nis, you probably might need something nis specific. On solaris it was “passwd –r nis” - not sure about linux.Probably better to just disable password sync. I've got a very similar setup to you. Except I use a smbpasswd file. No, I don't have this option enabled. I am not sure how it is relevant. Problem summary: The samba PDC is an NIS client "getent passwd" retruns the passwd data. The user's SAMBA password was set using smbpasswd The user's NIS passwd was set using yppasswd So far all the same. ALL I had to do to allow domain logins was: ypcat passwd | grep >> /etc/passwd Why duplicate the password entries. I just have them in NIS and /etc/passwd just has the system passwords. Note that after copying the user details to /etc/passwd, the password that was set with "smbpasswd" was the password that was used with the successful domain login. Don't really uinderstand what you mean by "domain logins" 1. Create the user under linux first 2. Use smbpasswd to add the user to samba You now have a user in both linux and samba but remember the passwords are stored separately, changing one does not change the other. 3. Edit /etc/nsswitch.conf. Set passwd:files nis shdow: files Removing the "nis" entry from "shadow:" in /etc/nsswitch.conf solved the issue. I don't understand why, but it did . Simon That works for me. YMMV Tony Simon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Unable to get to git.samba.org?
Hi Charles, Am 12.03.2012 18:49, schrieb Charles Tryon: > I'm trying to do a pull from the Samba git repository, and getting errors > that it can't get to the host: > > ? git pull > fatal: unable to connect to git.samba.org: > git.samba.org[0: 193.175.80.230]: errno=No route to host > > I've tried from a couple of different test environments on different > networks and I'm getting the same error. Possibly a transient problem with > DNS? (I did a pull an hour ago and it was fine.) git.samba.org is currently down for maintenance, If you have urgent need to get the samba git tree, please use http://repo.or.cz/w/Samba.git Sorry for any inconvenience! metze signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba PDC/NIS client
On Sun, Mar 11, 2012 at 4:09 AM, Tony Molloy wrote: > On Sunday 11 March 2012 05:31:35 Simon Matthews wrote: > > On Sat, Mar 10, 2012 at 4:24 PM, Gaiseric Vandal > > > > wrote: > > > Do you have password sync enabled?If password sync is > > > enabled, samba will try to use the passwd command to set the > > > unix password. But with nis, you probably might need something > > > nis specific. On solaris it was “passwd –r nis” - not sure > > > about linux.Probably better to just disable password sync. > > > > I've got a very similar setup to you. Except I use a smbpasswd file. > > > No, I don't have this option enabled. I am not sure how it is > > relevant. Problem summary: > > The samba PDC is an NIS client > > "getent passwd" retruns the passwd data. > > The user's SAMBA password was set using smbpasswd > > The user's NIS passwd was set using yppasswd > > So far all the same. > > > ALL I had to do to allow domain logins was: > > ypcat passwd | grep >> /etc/passwd > > Why duplicate the password entries. I just have them in NIS and > /etc/passwd just has the system passwords. > > > Note that after copying the user details to /etc/passwd, the > > password that was set with "smbpasswd" was the password that was > > used with the successful domain login. > > Don't really uinderstand what you mean by "domain logins" > > 1. Create the user under linux first > 2. Use smbpasswd to add the user to samba > > You now have a user in both linux and samba but remember the passwords > are stored separately, changing one does not change the other. > > 3. Edit /etc/nsswitch.conf. Set > > passwd:files nis > shdow: files > Removing the "nis" entry from "shadow:" in /etc/nsswitch.conf solved the issue. I don't understand why, but it did . Simon > > That works for me. YMMV > > Tony > > > > > Simon > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Unable to start Samba on AIX 6.1
On Fri, Mar 09, 2012 at 04:42:49PM +, neetesh.gu...@accenture.com wrote: > Hi All, > > I have installed the SAMBA 3.2.0.0 on my AIX 6.1 machine. > While I am starting nmbd process, I am getting below error. > > [2012/03/08 20:52:20, 0] nmbd/nmbd.c:main(849) > nmbd version 3.2.0 started. > Copyright Andrew Tridgell and the Samba Team 1992-2008 > [2012/03/08 20:52:20, 0] lib/interface.c:load_interfaces(517) > ERROR: Could not determine network interfaces, you must use a interfaces > config line > > > While I added the below two lines in my smb.conf file > >interfaces = en2 >bind interfaces only = yes > >nmbd is crashing with below error. > > [2012/03/08 20:44:45, 0] nmbd/nmbd.c:main(849) > nmbd version 3.2.0 started. > Copyright Andrew Tridgell and the Samba Team 1992-2008 > [2012/03/08 20:44:46, 0] lib/interface.c:load_interfaces(540) > WARNING: no network interfaces found > [2012/03/08 20:44:46, 0] nmbd/nmbd_subnetdb.c:create_subnets(205) > create_subnets: No local interfaces ! > [2012/03/08 20:44:46, 0] nmbd/nmbd_subnetdb.c:create_subnets(206) > create_subnets: Waiting for an interface to appear ... > [2012/03/08 20:44:51, 0] lib/fault.c:fault_report(40) > === > [2012/03/08 20:44:51, 0] lib/fault.c:fault_report(41) > INTERNAL ERROR: Signal 11 in pid 46203380 (3.2.0) > Please read the Trouble-Shooting section of the Samba3-HOWTO > [2012/03/08 20:44:51, 0] lib/fault.c:fault_report(43) > > From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf > [2012/03/08 20:44:51, 0] lib/fault.c:fault_report(44) > === > [2012/03/08 20:44:51, 0] lib/util.c:smb_panic(1666) > PANIC (pid 46203380): internal error > [2012/03/08 20:44:51, 0] lib/util.c:log_stack_trace(1820) > unable to produce a stack trace on this platform > [2012/03/08 20:44:51, 0] lib/fault.c:dump_core(201) > dumping core in /var/cores/nmbd 3.2.0 is a very old, unsupported release. Is there a chance you can install the latest 3.6.3 release instead ? Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] follow symlinks + allow insecure wide links
Hi List, i did a fresh 3.6.3 installation and have a problem with symlinks: a look in the logfiles shows: doing parameter follow symlinks = yes doing parameter allow insecure wide links = yes doing parameter unix extensions = no but when i try to access a symlink the log message is: check_reduced_name: Bad access attempt: link-test/desktop.ini is a symlink outside the share path i thought my parameter set would allow following symlinks pointing somewhere outside the share path? regards frank -- Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Winbind Issues with Server 2003/2008
On Mon, Mar 12, 2012 at 10:17:26AM +1000, Nathan Frankish wrote: > I really hate emailing lists, but I've come to a wall that I just cant > work out how to get past at the moment, so am hoping for some community > assistance if possible. > > > > Some background: > > We are running Windows Server 2003 on all of our domain controllers, and > are in the middle of migrating to server 2008 R2. We have unix exentions > enabled (rfc2307 I believe), and manage all of our uids/shell/home via > this. > > > > Our linux servers are a mix of RHEL 5.1, 5.4 and 5.5. > > > > We were using Samba 3.0.33-3.29.el5_5.1 or equivalent on most of our > servers, but we hit a stone wall when trying to get them to co-exist > with a domain controller that was running Server 2008. > > So we upgraded to the redhat package Samba3x which I believe is 3.3.8 on > some of the hosts and 3.5.10 on the others. > > > > However then we hit the snafu that the servers running samba3x wouldn't > talk to the domain controllers running server 2003 still. To combat > that, we null routed the server 2003 servers, and only let the Linux > servers talk to AD servers running 2008. > > This was working fine, except that some servers stopped being able to > run "getent passwd" or "getent group" and would just return nothing from > winbind. > > > > As a test, I converted over to RID as the idmap backend away from ADS, > and this appears to have almost worked perfectly. Except now that a > users UID isn't being returned from the AD unixattributes tab, but > instead has what I assume is the RID ID for the user. Other attributes > seem to be coming down ok When you change idmap backends, you must always also delete all caches. Delete the winbindd_cache.tdb file and issue a "net cache flush". Hope that helps, Volker Lendecke -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
