| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Bugfixes:
o Address a bug in the oplock code which may cause clients to stall
when multiple users are accessing a share concurrently
o Missing groups in a user's token when logging in via kerberos
o Incompatibilities with newer MS Windows hotfixes and
embedded OS platforms
o Portability and crash bugs.
o Performance issues in winbindd.
Additions:
o Complete NTLMv2 support by consolidating authentication
mechanism used at the CIFS and RPC layers.
o The capability to manage Unix services using the Win32
Service Control API.
o The capability to view external Unix log files via the
Microsoft Event Viewer.
o New libmsrpc share library for application developers.
o Rewrite of CIFS oplock implementation.
o Performance Counter external daemon.
o Winbindd auto-detection query methods when communicating with
a domain controller.
o The ability to enumerate long share names in libsmbclient
applications.
|
|
for samba-3.0.20b that are applied as part of this update include:
http://www.samba.org/samba/patches/print_lprm.patch
http://www.samba.org/samba/patches/quota.patch
http://www.samba.org/samba/patches/bug3201_wbinfo.patch
This fixes PRs pkg/31352 and pkg/31991. Important changes that were
made as part of porting this Samba release to pkgsrc include the
following:
* The new release model for Samba includes distributing patches for
urgent bug fixes that will be included in the next release of Samba,
and are available at http://www.samba.org/samba/patches/. Since
these patches are rather generically named, we download all DISTFILES
and PATCHFILES for Samba into a ${DISTNAME}-specific directory.
* The default configuration for the samba package no longer builds the
"winbind" portions of samba, which are really only useful when
attempting to unify logons between Unix and Microsoft Windows. When
the "winbind" option is specified, we also build the RID and AD idmap
backends, which allow sharing UIDs/GIDs across Unix machines.
* New package options have been added to the build: "mysql", "pgsql",
and "xml" allow adding optional support for experimental passdb
storage backends, and "winbind" allows for optionally building the
winbindd daemon and associated plugins.
* Two new smb.conf options were added -- "passwd expand gecos" and
"state directory". The first describes whether "&" in the GECOS
field of a passwd db entry is expanded to the login name. The
second describes the location where the persistent-state database
files are stored.
* Luke Mewburn contributed code to allow nss_winbind.so to work properly
on supported NetBSD systems. The FreeBSD NSS winbind code should
probably be replaced with a suitably tweaked version of the NetBSD
code since the latter is much more complete in the functions that are
provided, but I'll leave that to freebsd-pkg-people.
* Samba dumps all of its files into "lock directory", but some of them
need to persist across reboots. We make a distinction between these
files and the temporary files that are re-created by the Samba
daemons when they are restarted -- the former are now stored in a
"state directory" and the latter are stored in the "lock directory".
This is modeled after the Debian patch to Samba located in:
packaging/Debian/debian-unstable/patches/fhs.patch
The "lock directory" default has been moved to ${VARBASE}/run/samba
to emphasize the temporary status of the files stored in that
directory.
* Samba persists in using PAM_AUTHTOK_RECOVER_ERR, when there is almost
universal agreement that PAM_AUTHTOK_RECOVERY_ERR is the right
constant to use. Even the Linux-PAM distribution ensures that
PAM_AUTHTOK_RECOVERY_ERR is correctly defined. To work around this,
we define PAM_AUTHTOK_RECOVER_ERR appropriately in all the places
where it is used.
* The configure script checks for OpenSSL's libcrypto.so by looking
for the symbol "des_set_key". However, libcrypto.so might not
contain that symbol because the DES functions might come from a
separate library, e.g. libdes.so. In this case, the configure script
will think that libcrypto.so is not available, when it actually may
be. Instead, look for EVP_des_cbc, which is always provided by
libcrypto.so.
* Add some missing $(PASSDB_LIBS) references to the Makefile to fix
compilation problems if the experimental passdb backends are statically
compiled into the Samba suite programs.
* Fix compilation problems in sam/idmap_rid.c and sam/idmap_ad.c if the
"rid" and "ad" idmap backends are statically compiled into winbindd.
Changes between version 3.0.14a and 3.0.20b include:
o Reporting files as read-only instead of returning the correct error
code of "access denied"
o File system quota support defects
o Crash bugs caused by incompatibilities on 64-bit systems.
o User Manager interoperability problems.
o Support for several new Win32 rpc pipes.
o New 'net rpc service' tool for managing Win32 services.
o Capability to set the owner on new files and directory based on the
parent's ownership.
o Experimental, asynchronous IO file serving support.
o Support for Microsoft Print Migrator.
o New Winbind IDmap plugin (ad) for retrieving uid and gid from AD
servers which maintain the SFU user and group attributes.
o Rewritten support for POSIX pathnames when utilizing the Linux CIFS
fs client.
o New asynchronous winbindd.
o New Windows NT registry file I/O library.
o New user right (SeTakeOwnershipPrivilege) added.
o New "net share migrate" options.
|
|
decide if it's actually libcrypto.so from the OpenSSL distribution.
Samba looks to see if libkrb5.so needs it to link when samba is
configured to build ADS support. However, newer versions of heimdal
don't need the old DES API, and newer versions of OpenSSL don't even
provide the old des_* symbol names in the library, so "des_set_key"
is a poor choice to use to detect libcrypto.so. The only place in
the samba sources where the old DES API is even used is in the AFS
fake kaserver support, which pkgsrc does not (ever) intend to support.
This fixes PR pkg/24456.
|
|
- DragonFly dosen't support NSS currently.
- Fix some typo in congigure scripts.
Provided by Joerg Sonnenberger by private mail.
Bump PKGREVISION.
|
|
Changes from 3.0.10 are huge, please see
http://www.samba.org/samba/history/samba-3.0.14a.html in detail.
pkgsrc changes:
* replace ln command to ${LN}.
* avoid use file for shell's variable.
* remove trailing spaces.
|
|
|
|
PAM_AUTHTOK_RECOVERY_ERR and the non-portable PAM_AUTHTOK_RECOVER_ERR as 21,
and you guessed which samba decided to use. Bump the version to nb2.
|
|
- Added checks surrounding all *alloc() calls to fix CAN-2004-1154.
- Fix long standing memory size bug in bitmap_allocate().
- Remove bogus error check in deferred open file serving
code.
- Fix autoconf script on platforms using a version of GNU ld
that does not include a date stamp in the output of --version.
- Fix the swat install script to deal with the new image
destination directory used by the docs.
|
|
Changes:
o Problem updating roaming user profiles.
o Crash in smbd when printing from a Windows 9x client.
o Unresolved symbols in libsmbclient which caused
applications such as KDE's konqueror to fail when
accessing smb:// URLs.
|
|
|
|
Common bugs fixed in 3.0.8 include:
o Compile fixes for HP-UX
o Fixes for the printer publishing code used when joined to
an AD domain.
o Incompatibilities with file system quotas.
o Several bugs in the spoolss printing code and print system
backends.
o Inconsistencies in the username map functionality when
configured on domain member servers.
o Various compile warnings and errors on various platforms.
o Fixes for kerberos interoperability with Windows 200x
domains when using DES keys.
o Fix for CAN-2004-0930 -- smbd remote DoS vulnerability.
New features included in the 3.0.8 release are:
o New migration functionality added the the net tool
for files/directories, printers, and shares.
o New experimental idmap backend for assigning uids/gids
directly based on the user/group RID when acting as a
member of single domain without any trusts.
o Additional printer migration support for XP/2003 platforms.
|
|
|
|
o Fixes for two Denial of Service vulnerabalities
(CVE ID# CAN-2004-0807 & CAN-2004-0808).
o Winbind failure to return user entries under certain conditions.
o Syntax errors in the OpenLDAP schema file (samba.schema).
o Printing errors caused by not setting default values for the various
printing commands.
* Disable 'winbind enable local accounts' by default.
o Schannel failure in winbindd.
o Incompatibilities between the 'write list' and 'force user' smb.conf
options.
o Premature optimization of the open_directory() internal function that
broke tools such as the ArcServe backup agent, Macromedia HomeSite,
and Robocopy.
o Sharing violation errors commonly seen when opening when serving
Microsoft Office documents from a Samba file share.
o Browsing problems caused by an apostrophe (') in the computer's
description field.
o Problems creating special file types from UNIX CIFS clients and
enabling 'unix extensions'.
o Fix stalls in smbd caused by inaccessible LDAP servers.
o Remove various memory leaks.
o Fix issues in the password lockout feature.
o Using a cups server other than localhost.
o Maintaining the service principal entry in the system keytab for
integration with other kerberized services. Please refer to the
'use kerberos keytab' entry in smb.conf(5). When using the heimdal
kerberos libraries, you must also specify the following in /etc/krb5.conf:
[libdefaults]
default_keytab_name = FILE:/etc/krb5.keytab
o Support for maintaining individual printer names stored separately
from the printer's sharename.
o Support for maintaining user password history.
o Support for honoring the logon times for user in a Samba domain.
* Reintroduce 'force unknown acl user' parameter. When getting a security
descriptor for a file, if the owner sid is not known, the owner uid is
set to the current uid. Same for group sid.
|
|
problems described in CAN-2004-0600 and CAN-2004-0686.
|
|
Common bugs fixed in Samba 3.0.3 include:
o Crash bugs and change notify issues in Samba's printing code.
o Honoring secondary group membership on domain member servers.
o TDB scalability issue surrounding the TDB_CLEAR_IF_FIRST flag.
o Substitution errors for %[UuGg] in smb.conf.
o winbindd crashes when using ADS security mode.
o SMB signing errors.
o Delays in winbindd startup caused by unnecessary
connections to trusted domain controllers.
o Various small memory leaks.
o Winbindd failing due to expired Kerberos tickets.
New features introduced in Samba 3.0.3 include:
o Improved support for i18n character sets.
o Support for account lockout policy based on
bad password attempts.
o Improved support for long password changes (>14
characters) and strong password enforcement.
o Support for Windows aliases (i.e. nested groups).
o Experimental support for storing DOS attribute on files
and folders in Extended Attributes.
o Support for local nested groups via winbindd.
o Specifying options to be passed directly to the CUPS libraries.
And more... please review "WHATSNEW.txt".
|
|
o Joining a Samba domain from Pre-SP2 Windows 2000 clients.
o Logging onto a Samba domain from Windows XP clients.
o Problems with the %U and %u smb.conf variables in relation to
Windows 9x/ME clients.
o Kerberos failures due to an invalid in memory keytab detection
test.
o Updates to the ntlm_auth tool.
o Fixes for various SMB signing errors.
o Better separation of WINS and DNS queries for domain controllers.
o Issues with nss_winbind FreeBSD and Solaris.
o Several crash bugs in smbd and winbindd.
o Output formatting fixes for smbclient for better compatibility
with scripts based on the 2.2 version.
|
|
* Active Directory support. Samba is able to join a ADS realm as
a member server and authenticate using LDAP/Kerberos.
* Unicode support.
* New, more flexible authentication (passdb) system.
* A new "net" command that is similar to the "net" command in Windows.
* Samba now negotiates NT-style status32 codes on the wire, which
greatly improves error handling.
* Better Windows 2K/2K3/XP printing support.
* Loadable module support for passdb backends and character sets.
* More performant winbindd.
* Support for migrating from a Windows NT4 domain to a Samba domain
and maintaining user, group, and domain SIDs.
* Support for establishing trust relationships with Windows NT4 DCs.
* Initial support for a distributed Winbind architecture using an
LDAP directory for storing SID-to-uid/gid mappings.
* Major updates to the Samba documentation tree.
* Full support for client and server SMB signing to ensure
compatibility with default Windows 2K3 security settings.
* Improvement of ACL mapping features.
|
|
http://lists.xsec.it/pipermail/samba-it/2003-April/000321.html
|
|
* findsmb is a perl script, and we need to substitute the correct path to
the perl interpreter.
* Don't create ${PREFIX}/private during a "make install" as it's a
completely useless directory.
* Don't bother to install the completely outdated Samba HTML documentation
that is superseded by the Samba HOWTO Collection documentation.
|
|
Changes since 2.2.8:
Digital Defense, Inc. has alerted the Samba Team to a serious
vulnerability in all stable versions of Samba currently shipping.
The Common Vulnerabilities and Exposures (CVE) project has assigned
the ID CAN-2003-0201 to this defect.
This vulnerability, if exploited correctly, leads to an anonymous
user gaining root access on a Samba serving system. All versions
of Samba up to and including Samba 2.2.8 are vulnerable. An active
exploit of the bug has been reported in the wild.
|
|
****************************************
* IMPORTANT: Security bugfix for Samba *
****************************************
The SuSE security audit team, in particular Sebastian Krahmer
<krahmer@suse.de>, has found a flaw in the Samba main smbd code which
could allow an external attacker to remotely and anonymously gain
Super User (root) privileges on a server running a Samba server.
This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a
inclusive. This is a serious problem and all sites should either
upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139
and 445. Advice created by Andrew Tridgell, the leader of the Samba
Team, on how to protect an unpatched Samba server is given at the end
of this section.
The SMB/CIFS protocol implemented by Samba is vulnerable to many
attacks, even without specific security holes. The TCP ports 139 and
the new port 445 (used by Win2k and the Samba 3.0 alpha code in
particular) should never be exposed to untrusted networks.
|
|
O_RDWR fails in fcbopen case, remember the errno from previous open_file()
call and set errno back to this value if the second open_file() call
fails too
this makes samba report EACCESS instead of confusing ENOENT if creation
of file fails due to insufficient permissions for SMBcreate/SMBmknew call
bump package revision
|
|
1) Fix for smbclient reporting negative file sizes on dir command
and negative statistics being reported when using put or get
on large files.
2) Fix bug in determination of allocation size
3) Fix 64bit size problems which prevented copying of files larger
than 2 GBytes.
4) Fix for xcopy /s problem with old DOS clients not sending correct
attributes on subsequent SMBsearch calls.
5) Fix bug in call to standard_sub_advanced giving a 0 length. This
fixes the string overflow in string_sub errors.
6) Correctly handle querygroup rpcclient command
7) fix broken incremental tar in smbtar command
|
|
A security hole has been discovered in versions 2.2.2 through 2.2.6
of Samba that could potentially allow an attacker to gain root access
on the target machine. The word "potentially" is used because there
is no known exploit of this bug, and the Samba Team has not been able to
craft one ourselves. However, the seriousness of the problem warrants
this immediate 2.2.7 release.
1) ensure we send the notify message in the same way it is expected
to be received by srv_spoolss_receive_message().
2) attribute matching on truncate only matters when opening truncate
with current SYSTEM|HIDDEN -> NONE. It's fine to truncate on open
with current NONE -> SYSTEM | HIDDEN.
3) Fix bug in rpcclient's deldriver command
4) Don't set global_machine_password_needs_changing if
lp_machine_password_timeout() is set to zero
5) don't parse the BUFFER5 if the buffer length is zero
6) fix core dump if pdbedit is run as non-root or smbpasswd file does
not exist
7) Ensure can_delete() returns correct error code
8) correctly return NT_STATUS_DELETE_PENDING from open code
9) fix bug that assumed dos_unistr2 length was in ucs2 units, not bytes
10) check the long_archi name is not null when deleting a printer driver.
fixes core dump in smbd when using rpcclient's deldriver
11) fix fd leak with kernel change notify on Linux 2.4 kernels
12) must add one to the extra_data size to transfer the 0 string
terminator. This was causing "wbinfo --sequence" to access past the
end of malloced memory
13) fix for large systems allowing more than 65536 files open in
NTcreate&X
14) Fix bug in %U expansion
|
|
* Fixes for MS-RPC printing issues affecting Windows 2000 clients
* New support for smb.conf generation in SWAT
* Inclusion of several performance enhancements
* Fixes for several file locking bugs and returned status codes
|
|
|
|
have been converted to USE_BUILDLINK2.
|
|
and merge their patch collections. These two packages are built from the
same source tree, and updates to the main distfile should be shared by
both packages.
|
|
version 2.2.4nb1 is that there are the usual minor bug fixes, plus some
important ones:
* fix printing with Win2K/XP clients
* fixes related to using LDAP for the SAM
* fixes related to changing passwords
Pkgsrc changes:
* Fetch the .tar.bz2 file -- it's smaller.
* Use smb.conf.default as the sample config file and get rid of
the homegrown files/smb.conf.sample. smb.conf.default is more
informative and is a better resource.
* Remove irrelevant examples.
* Move convert_smbpasswd script to the examples/samba/misc
directory. It's pretty much outlived it's usefulness at this
point of the Samba release cycle.
|
|
element.
- Remove redundant PKGNAME and bump PKGREVISION to 1.
|
|
WHAT'S NEW IN Samba 2.2.4 - 2nd May 2002
=========================================
This is the latest stable release of Samba. This is the version that all
production Samba servers should be running for all current bug-fixes.
There have been several fixes and internal enhancements which include:
* More/better SPOOLSS printing functionality for Windows
NT/2k/XP clients.
* Several fixes relating to serving PC database files such
as (Access and FoxPro) from a Samba file share.
* Several improves in Samba's VFS layer which can be seen
in the inclusion of a "Recycle Bin" vfs module. See
examples/VFS/README for more details on this.
* Addition of a tool (tdbbackup) for backup/restore of Samba's
tdb's
* Continued improvements to winbind for greater scalability
and stability
* Several fixes related to Samba's MS-DFS support
* Rpcclient's various printer commands now work (again)
New/Changed parameters in 2.2.4
--------------------------------
For more information on these parameters, see the man pages for
smb.conf(5).
Added/changed parameters
------------------------
* csc policy
* inherit acls
* nt status support
* lock spin count
* lock spin time
* pid directory
* winbind use default domain
Depreciated parameters
----------------------
The following parameters have been marked as depreciated
and will be removed in Samba 3.0
* postscript
* printer driver
* printer driver file
* printer driver location
Removed Parameters
------------------
none
Changes in 2.2.4
----------------
See the cvs log for SAMBA_2_2 for more details
1) added -c option to smbpasswd
2) reworked smbpasswd internal command line option parsing
3) small various bug fixes to experimental pdb_tdb.c
4) Enforce spoolss RPCs based on the access granted at PrinterOpen()
5) Added missing access checks to [add/delete/set]form
6) Compile fixes for pam_smbpass
7) fix smbd crash when netbios session request fails from
spoolss_connect_to_client().
8) fixed logic bug that prevent SetPrinter() from storing devmode
9) Removed extra get_printer_snum() calls from set_printer_hnd_name()
10) fix joining domain on big endian machine when using -U to smbpasswd
11) allow command line arg to override smb.conf log level
12) continue to retry to register 1b name with wins server if there is an old IP there
13) fix smbclient print crash bug
14) 9x pnp fix when the config file and driver file are different
15) force testparm to print the correct value for log level
16) fix swat to show full log level info
17) fix server GetPrinterData() fields to be more sensible
18) fix logic error in SetPrinterDataEx()
19) Only set smb_read_error if not already set
20) Fix string returns that require unicode
21) Merge of printing performance fixes from appliance
22) lpq parsing fixes
23) Back port tridge's xcopy /o fix from HEAD
24) Fix the printer change notify code (unfinished)
25) Patch for Domain users not showing up
26) Fixed SetPrinterData(magic key) to support zero length DEVMODE
27) Ensure that all methods of looking up and connecting to DC's work
using identical logic.
28) Merge in the mutex code to stop multiple domain logon failure
29) Ignore 0/0 lock
30) Fix winbindd to respect command line debuglevel as nmbd/smbd
31) Update with tdbbackup from HEAD
32) Fix for typo on solaris nss
33) Merge in the locking changes from HEAD
34) Added POSIX ACL layer into the vfs
35) Fix the returning of domain enum
36) Fix the generation of the MACHINE.SID file into the secrets.tdb.
37) Enable test for -rdynamic when building binaries
38) Remove the "stat open" code - make it inline
39) Fix the mp3 rename bug
40) Fix for Explorer DFS problems on older Windows 9X machines
41) implement OpenPrinter() opnum == 0x01
42) Matched W2K *insane* open semantics....
43) small fix that will prevent the "failed to marshall
R_NET_SAMLOGON" message in the logs
42) don't do checking of local passdb in smbpasswd if using -r option
43) fix "smbpasswd -j DOMAIN -r * -U Admin%XXXX" so that it doesn't
try to connect to a server named '*'
44) merge rpcclient code from HEAD
45) Ensure MACHINE.SID update done before child spawns
46) Fix the bad path errors for mkdir so mkdir \a\b\c\d works
47) Removed --with-vfs - always built if available
48) Fixed psec for 2.2
49) Fixed the handle leak in the connection management code
50) fix disable spoolss after the switch to nt status codes
51) Added Shirish's client side caching policy change
52) Honor the specversion when parsing the the DEVICEMODE
53) fix parsing bug when DEVICEMODE's private data does not end
on a 4 byte boundary
54) do not idle an smbd when there is an open pipe
55) when a new driver is added to a Samba server, cycle through
all printers and bump the change_id for each one bound to the driver
56) allow smbclient to work with a FIFO as well (needed for KDE
ioslave)
57) various updates to pdb_nisplus.c
58) many small documentation updates
59) removed many compiler warnings
Known Bugs
----------
* Under certain conditions when serving the MS Access 2000
executable file and an Access database from a Samba share,
it is possible to experience data corruption. This pug does
does occur when the database is served from a Samba file share
but the Access *.exe is stored on the client's local file system.
The exact reason for this bug is unknown at this time.
|
|
Change from 2.2.3
-----------------
This is a minor bugfix release for the 2.2.3 release. The 2.2.3
release had a problem that was visible to Windows 2000 Explorer
users in that copying files into a share that already existed
failed with "Access Denied" rather than asking the user if an
overwrite was required. This was due to an incorrect error mapping
between the UNIX EEXIST error code and the NT status error.
As Windows Explorer is a highly visible end user application a quick
bugfix release was required, hence 2.2.3a.
Compilation on HPUX versions earlier than HPUX 11 has also been
corrected.
The cvs.log file is no longer included with this release, as it adds
13Mb to the size of the release, and is easily available on the Web.
|
|
(2) Add "piddir" as /var/run and "pidfile dir" and "pidfile directory"
statement for smb.conf.
(3) Some fix for password synchronization but it isn't tested much and
it is almost useless under "encrypt passwords = yes" environment.
Changes for INSTALL and part of Makefile are provided by
"Johnny C. Lam" <jlam@netbsd.org> and (2) and (3) are got
from FreeBSD ports.
Bump revision to 1; samba-2.2.3nb1 now.
|
|
Changes in 2.2.3
-----------------
1). Fixed shared library compile for Solaris with native compiler.
2). UNIX CIFS extensions code added (donated by HP).
3). Changed to using NT status codes on the wire if the client can support this.
4). altname command to show 8.3 name added to smbclient.
5). const-safe endian macros now used.
6). client code now uses UNICODE on the wire.
7). Correctly return fault PDU's on bad handle.
8). Improved NT error code mapping table.
9). Many new point and print RPC calls added.
10). Win9x clients can now see full user list.
11). fileid added to identify simultaneous open files (no longer
use dev/inode/time as unique value).
12). HPUX ACL code added (donated by HP).
13). vfs interfaces updated (again !).
14). MSDOS Code Page 866 -> 1251 mapping added.
15). winbindd now processes quit/hup signals correctly.
16). No tdb traversal done on startup/shutdown - ensures scalability.
17). Fix bug with paths for homes share.
18). Fixed copyfile for OS/2.
19). Fix group membership when groups are on more than one line.
20). Fixed core dumps in posix ACL mapping code.
21). Tidyup of UNICODE functions (put/get).
22). Move rpcclient to the new libsmb code.
23). Add missing Windows 2000 passthough trans2 calls.
24). Return check all tdb calls.
25). Make local name lookup work even if wins server is down.
26). pam session code added to winbind.
27). Added winbindd cache to all lookups.
28). Fix allocate bugs that caused file sizes to be incorrect.
29). Fixed write cache code - now safe to use.
30). Fixed winbindd memory leaks.
31). winbindd will now do name lookups (to allow non Open Source
systems to do the nsswitch WINS lookup). Fixed by SGI.
32). passdb memory leaks fixed.
33). LDAP code updates and now properly maintained.
34). Finally figured out how changeid is meant to work.
35). Downlevel printing now looks as NT does in print monitor window.
36). Many fixups in spoolss printing RPC parsing.
37). Speed up password enumeration as a PDC.
38). Fix printer changed notify messages (work from HP).
39). Fix modify timestamp on close code.
40). Fix long standing mangled names bug.
41). Fix delete on close semantics.
42). Stop opening all files with O_NONBLOCK !
43). Use O_NOFOLLOW for systems that have it and don't want symlinks.
44). Ensure NT suplementary groups get added to user token.
45). Try and mitigate effects of DNS timeout (do less lookups).
46). Added current user connection context stack.
47). Fixes to utmp code.
48). smbw code tidyups.
49). Added tdb open log code. Several tdb fixes.
|
|
is available at http://www.samba.org/samba/whatsnew/samba-2.2.2.html
|
|
WHATS NEW IN Samba 2.2.1a: 11th July 2001
==========================================
This is the latest stable release of Samba. This is the version that all
production Samba servers should be running for all current bug-fixes.
This is a minor bugfix release for 2.2.1, *NOT* security related.
1). 2.2.1 had a bug where using smbpasswd -m to add a Windows NT or
Windows2000 machine into a Samba hosted PDC would fail due to our
stricter user name checking. We were disallowing user names
containing '$', which is needed when using smbpasswd to add a
machine into a domain. Automatically adding machines (using the
native Windows tools) into a Samba domain worked correctly.
2.2.1a fixes this single problem.
New/Changed parameters in 2.2.1
-------------------------------
Added parameters.
-----------------
obey pam restrictions
When Samba is configured to use PAM, turns on or off Samba checking
the PAM account restrictions. Defaults to off.
pam password change
When Samba is configured to use PAM, turns on or off Samba passing
the password changes to PAM. Defaults to off.
large readwrite
New option to allow new Windows 2000 large file (64k) streaming
read/write options. Needs a 64 bit underlying operating system
(for Linux use kernel 2.4 with glibc 2.2 or above). Can improve performance
by 10% with Windows 2000 clients. Defaults to off. Not as tested
as some other Samba code paths.
hide unreadable
Prevents clients from seeing the existance of files that cannot
be read. Off by default.
enhanced browsing
Turn on/off the enhanced Samba browing functionality (*1B names).
Default is "on". Can prevent eternal machines in workgroups when
WINS servers are not synchronised.
Removed parameters.
-------------------
domain groups
domain admin users
domain guest users
Changes in 2.2.1
-----------------
1). "find" command removed for smbclient. Internal code now used.
2). smbspool updates to retry connections from Michael Sweet.
3). Fix for mapping 8859-15 characters to UNICODE.
4). Changed "security=server" to try with invalid username to prevent
account lockouts.
5). Fixes to allow Windows 2000 SP2 clients to join a Samba PDC.
6). Support for Windows 9x Nexus tools to allow security changes from Win9x.
7). Two locking fixes added. Samba 2.2.1 now passes the Clarion network
lock tester tool for distributed databases.
8). Preliminary support added for Windows 2000 large file read/write SMBs.
9). Changed random number generator in Samba to prevent guess attacks.
10). Fixes for tdb corruption in connections.tdb and file locking brlock.tdb.
smbd's clean the tdb files on startup and shutdown.
11). Fixes for default ACLs on Solaris.
12). Tidyup of password entry caching code.
13). Correct shutdowns added for send fails. Helps tdb cleanup code.
14). Prevent invalid '/' characters in workgroup names.
15). Removed more static arrays in SAMR code.
16). Client code is now UNICODE on the wire.
17). Fix 2 second timstamp resolution everywhere if dos timestamp set to yes.
18). All tdb opens now going through logging function.
19). Add pam password changing and pam restrictions code.
20). Printer driver management improvements (delete driver).
21). Fix difference between NULL security descriptors and empty
security descriptors.
22). Fix SID returns for server roles.
23). Allow Windows 2000 mmc to view and set Samba share security descriptors.
24). Allow smbcontrol to forcibly disconnect a share.
25). tdb fixes for HPUX, OpenBSD and other OS's that don't have a coherent
mmap/file read/write cache.
26). Fix race condition in returning create disposition for file create/open.
27). Fix NT rewriting of security descriptors to their canonical form for
ACLs.
28). Fix for Samba running on top of Linux VFAT ftruncate bug.
29). Swat fixes for being run with xinetd that doesn't set the umask.
30). Fix for slow writes with Win9x Explorer clients. Emulates Microsoft
TCP stack early ack specification error.
31). Changed lock & persistant tdb directory to /var/cache/samba by default on
RedHat and Mandrake as they clear the /var/lock/samba directory on reboot.
|
|
WHATS NEW IN Samba 2.2.0a: 23rd June 2001
==========================================
SECURITY FIX
============
This is a security bugfix release for Samba 2.2.0. This release provides the
following two changes *ONLY* from the 2.2.0 release.
1). Fix for the security hole discovered by Michal Zalewski (lcamtuf@bos.bindview.com)
and described in the security advisory below.
2). Fix for the hosts allow/hosts deny parameters not being honoured.
No other changes are being made for this release to ensure a security fix only.
For new functionality (including these security fixes) download Samba 2.2.1
when it is available.
The security advisory follows :
IMPORTANT: Security bugfix for Samba
------------------------------------
June 23rd 2001
Summary
-------
A serious security hole has been discovered in all versions of Samba
that allows an attacker to gain root access on the target machine for
certain types of common Samba configuration.
The immediate fix is to edit your smb.conf configuration file and
remove all occurances of the macro "%m". Replacing occurances of %m
with %I is probably the best solution for most sites.
Details
-------
A remote attacker can use a netbios name containing unix path
characters which will then be substituted into the %m macro wherever
it occurs in smb.conf. This can be used to cause Samba to create a log
file on top of an important system file, which in turn can be used to
compromise security on the server.
The most commonly used configuration option that can be vulnerable to
this attack is the "log file" option. The default value for this
option is VARDIR/log.smbd. If the default is used then Samba is not
vulnerable to this attack.
The security hole occurs when a log file option like the following is
used:
log file = /var/log/samba/%m.log
In that case the attacker can use a locally created symbolic link to
overwrite any file on the system. This requires local access to the
server.
If your Samba configuration has something like the following:
log file = /var/log/samba/%m
Then the attacker could successfully compromise your server remotely
as no symbolic link is required. This type of configuration is very
rare.
The most commonly used log file configuration containing %m is the
distributed in the sample configuration file that comes with Samba:
log file = /var/log/samba/log.%m
in that case your machine is not vulnerable to this attack unless you
happen to have a subdirectory in /var/log/samba/ which starts with the
prefix "log."
Credit
------
Thanks to Michal Zalewski (lcamtuf@bos.bindview.com) for finding this
vulnerability.
New Release
-----------
While we recommend that vulnerable sites immediately change their
smb.conf configuration file to prevent the attack we will also be
making new releases of Samba within the next 24 hours to properly fix
the problem. Please see http://www.samba.org/ for the new releases.
Please report any attacks to the appropriate authority.
The Samba Team
security@samba.org
|
|
entry to prevent finding libncurses and unnecessary patches to configure
script to handle SSL location and probing libcups. Also use FILES_SUBST
instead of repeating a sed script throughout the Makefile.
|
|
were previously enlarged by the sequence: lseek, write, munmap, mmap
and are now enlarged by: munmap, lseek, write, mmap.
The Samba team is already aware of the problem. I expect this patch will
be incorporated in a future release.
|
|
SHM_{R,W}. Fix suggest by Klaus Klein. This should fix build on
non-current NetBSD systems and closes PRs 13023 and 13033.
|
|
define them to IPC_{R,W} as they're the right values. Problem discovered
by browsing current-users and port-alpha (why were there no PRs?!).
|
|
GNU readline is required. Clean up how to pass location of OpenSSL headers
to the configure script.
|
|
* Integration between Windows oplocks and NFS file opens (IRIX and Linux
2.4 kernel only). This gives complete data and locking integrity between
Windows and UNIX file access to the same data files.
* Ability to act as an authentication source for Windows 2000 clients as
well as for NT4.x clients.
* Integration with the winbind daemon that provides a single
sign on facility for UNIX servers in Windows 2000/NT4 networks
driven by a Windows 2000/NT4 PDC.
* Support for native Windows 2000/NT4 printing RPCs. This includes
support for automatic printer driver download.
* Support for server supported Access Control Lists (ACLs).
* On PAM (Pluggable Authentication Module) based systems - better debugging
messages and encrypted password users now have access control verified via
PAM - Note: Authentication still uses the encrypted password database.
* Rewritten internal locking semantics for more robustness.
This release supports full 64 bit locking semantics on all
(even 32 bit) platforms. SMB locks are mapped onto POSIX
locks (32 bit or 64 bit) as the underlying system allows.
* Conversion of various internal flat data structures to use
database records for increased performance and
flexibility.
* Support for acting as a MS-DFS (Distributed File System) server.
* Support for manipulating Samba shares using Windows client tools
(server manager). Per share security can be set using these tools
and Samba will obey the access restrictions applied.
* Samba profiling support
* Compile time option for enabling a (Virtual file system) VFS layer
to allow non-disk resources to be exported as Windows filesystems
(such as databases etc.).
|
|
Samba 2.0.9 is a security bugfix release which correctly fixes the problem
2.0.8 was supposed to address. (A bug in the handling of temporary files
that allowed local users to destroy data on local devices).
|
|
|
|
Samba 2.0.8 is a security bugfix release. Previous versions of Samba
had a bug with the handling of temporary files that allows local users
to destroy data on local devices. This bug was discovered during a
routine security audit by Caldera. While no exploitation of this bug
is known to have occurred it is fairly easy to exploit so sites with
untrusted local users should take the threat seriously.
Unfortunately we lose japanese language support by this update.
|
|
+ move the patch digest/checksum values from files/patch-sum to distinfo
|
