- =================================
- Release Notes for Samba 3.4.0pre1
+ ================================
+ Release Notes for Samba 3.5.0rc2
+ January 26, 2010
+ ================================
- =================================
-
-This is the first preview release of Samba 3.4. This is *not*
+This is the second release candidate of Samba 3.5. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
-Major enhancements in Samba 3.4.0 include:
+Major enhancements in Samba 3.5.0 include:
+
+General changes:
+o Add support for full Windows timestamp resolution
+o The Using Samba HTML book has been removed.
+
+Protocol changes:
+o Experimental implementation of SMB2
+
+Printing Changes:
+o Add encryption support for connections to a CUPS server
+
+Winbind changes:
+o Major refactoring
+o Asynchronous
+
+VFS modules:
+o New vfs_scannedonly module has been added.
+
+
+General changes:
+================
+
+Support for full Windows timestamp resolution has been added. This effectively
+makes us use Windows' full 100ns timestamp resolution if supported by the
+kernel (2.6.22 and higher) and the glibc (2.6 and higher).
+
+The Using Samba HTML book has been removed from the Samba tarball.
+It is still available at http://www.samba.org/samba/docs/using_samba/toc.html.
+
+Protocol changes
+================
+
+An EXPERIMENTAL implementation of the SMB2 protocol has been added. SMB2 can be
+enabled by setting "max protocol = smb2". SMB2 is a new implementation of the
+SMB protocol used by Windows Vista and higher.
+
+Printing Changes
+================
+
+A new parameter "cups encrypt" has been added to control whether connections to
+CUPS servers will be encrypted or not. The default is to use unencrypted
+connections.
+
+Winbind changes
+===============
+
+The Winbind daemon has been refactored internally to be asynchronous. The new
+Winbind will not be blocked by running 'getent group' or 'getent passwd'.
+
+VFS modules
+===========
+
+A new VFS module "scannedonly" has been added. This is a filter that
+talks to an antivirus-engine and stores whether a file is clean or not.
+Users do only see clean files on their filesystem.
+
+
+######################################################################
+Changes
+#######
+
+smb.conf changes
+----------------
+
+ Parameter Name Description Default
+ -------------- ----------- -------
+
+ create krb5 conf New yes
+ ctdb timeout New 0
+ cups encrypt New no
+ debug hires timestamp Changed Default yes
+ ldap deref New auto
+ ldap follow referral New auto
+
+
+New configure options
+---------------------
+
+--enable-external-libtdb Enable external tdb
+--enable-netapi Turn on netapi support
+--enable-pthreadpool Enable pthreads pool helper support
+--with-cifsumount Include umount.cifs (Linux only) support
+--with-codepagedir=DIR Where to put codepages
+
+
+Commit Highlights
+=================
+
+o Björn Jacke <bj@sernet.de>
+ * Add support for full Windows timestamp resolution.
+ * Add encryption support for connections to a CUPS server.
+
+
+o Volker Lendecke <vl@samba.org>
+ * Major internal refactoring of the Winbind daemon.
+ * Make Winbind asynchronous.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * Implement the new SMB2 protocol (experimental).
+
+
+Changes since 3.5.0rc1
+----------------------
+
+
+o Michael Adam <obnox@samba.org>
+ * BUG 4347: Check password history before increasing "badPasswordCount".
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 5202: Fix changing of ACLs on writable file with "dos filemode=yes".
+ * BUG 6876: Fix deletion of an object whose parent folder does not have delete
+ rights fails even if the delete right is set on the object in
+ vfs_acl_xattr and vfs_acl_tdb.
+ * BUG 7033: Fix SMBrmdir error message when deleting a directory fails.
+ * BUG 7036: Fix 'net rpc getsid' in hardened Windows environments.
+ * BUG 7045: Fix bad (non memory copying) interfaces in smbc_setXXXX calls.
+
+
+o Giovanni Bajo <rasky@develer.com>
+ * BUG 7029: Disable sanity check in NetShareEnum for better compatibility
+ with Windows.
+
+
+o Kai Blin <kai@samba.org>
+ * BUG 7039: Fix compile error with WITH_DNS_UPDATE. Update .po files.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 7043: Fix crash bug in libsmbclient.
+
+
+o André Hentschel <nerv@dawncrow.de>
+ * BUG 7039: Complete German translation of 'net'.
+
+
+o Björn Jacke <bj@sernet.de>
+ * BUG 7039: Improve some German translations in 'net'.
+
+
+o William Jojo <w.jojo@hvcc.edu>
+ * BUG 7052: Fix DFS on AIX.
+
+
+o Volker Lendecke <vl@samba.org>
+ * BUG 6981: Fix large paged search with DirX LDAP servers.
+ * BUG 7027: Fix a segfault in winbindd_dual_ccache_ntlm_auth().
+ * BUG 7037: Fix a Winbind segfault in "trusted_domains".
+ * BUG 7046: Fix libsmbclient crash against OpenSolaris CIFS server.
+ * Lock down some srvsvc calls according to what w2k3 seems to do.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * BUG 6157: Restore Samba 3.0.x behavior and use the first "uid" value in
+ pdb_ldap.
+
+
+o SASAJIMA Toshihiro <sasajima_t@jp.fujitsu.com>
+ * BUG 7034: Fix segfault in vfs_cap.
+
+
+o Olivier Sessink <oliviersessink@gmail.com>
+ * BUG 7028: Add new scannedonly VFS module.
+
+
+Changes since 3.5.0pre2
+-----------------------
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 6837: Fix "Too many open files" when trying to access large number of
+ files with Windows 7.
+ * BUG 6939: Fix long filenames when "mangling method" is set to "hash".
+ * BUG 7020: Fix smbd using 2G memory.
+ * Ensure dos_mode can return FILE_ATTRIBUTE_NORMAL, then filter the returned
+ attributes by protocol level.
+ * Vector correctly through reply_openerror() (which uses the same logic).
+ * Fix bugs with the full Windows ACL support.
+
+
+o Kai Blin <kai@samba.org>
+ * Add a few missing gettext calls to the 'net' command.
+ * Fix up a share type translation and translate some more strings in 'net'.
+
+
+o Günther Deschner <gd@samba.org>
+ * Allow to call "pdbedit -N description -u user" without specifiyng "-r".
+ * Add spoolss_DriverInfo7.
+ * Fix rpcclient after setprinter IDL fixes.
+ * Use generated krb5.conf in 'net ads testjoin'.
+
+
+o Jonas Gorski <jonas.gorski+samba@gmail.com>
+ * BUG 6992: make test for getgrouplist cacheable.
+
+
+o André Hentschel <nerv@dawncrow.de>
+ * Add some German translations for the 'net' command.
+
+
+o Suresh Jayaraman <sjayaraman@suse.de>
+ * Update mount.cifs man page with nounix option.
+
+
+o Volker Lendecke <vl@samba.org>
+ * Fix _samr_GetAliasMembership for results with 0 rids.
+ * Fix an error case in cli_negprot.
+ * Add a lower-cost alternative to wbinfo -t: wbinfo --ping-dc.
+ * Restore correct timeouts for SMB requests.
+ * Fix a 64-bit error in libsmb.
+ * Replace IS_DOMAIN_OFFLINE by a function in Winbind.
+ * Simplify/cleanup Winbind code.
+
+
+o Kamen Mazdrashki <kamen.mazdrashki@postpath.com>
+ * Fix write behind memory block in libtalloc.
+ * Fix result check for getaddrinfo().
+
+
+o Jim McDonough <jmcd@samba.org>
+ * BUG 7014: Fix Winbind crash when retrieving empty group members.
+
+
+o Brian Lu <brian.lu@sun.com>
+ * BUG 6991: Create symbol links to shared libraries.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * Add tsocket_address_bsd_sockaddr() and tsocket_address_bsd_from_sockaddr()
+ to tsocket.
+ * Always set tdb->tracefd to -1 to be safe on goto fail in libtdb.
+ * Add TDB_DISALLOW_NESTING and make TDB_ALLOW_NESTING the default behavior.
+ * Fix standalone 'make installdocs'.
+
+
+o Peter Rosin <peda@lysator.liu.se>
+ * Output %p as unsigned in snprintf replacement.
+
+
+o Ronnie Sahlberg <ronniesahlberg@gmail.com>
+ * New attempt at TDB transaction nesting allow/disallow.
+
+
+o Kirill Smelkov <kirr@mns.spb.ru>
+ * Remove swig stuff from libtdb.
+ * Reset tdb->fd to -1 in tdb_close() in libtdb.
+
+
+o Simo Sorce <idra@samba.org>
+ * Change the way mksysms work in libtalloc.
+
+
+o Jelmer Vernooij <jelmer@samba.org>
+ * Also build and install tdb manpages from standalone tdb.
+
+
+o Bo Yang <boyang@samba.org>
+ * Fix infinite loop in NCACN_IP_TCP as there is no timeout.
+ * Make winbindd_cache.c aware of domain offline to avoid unnecessary backend
+ query.
+ * List trusted domains from wcache when domain is offline.
+
+
+Changes since 3.5.0pre1
+-----------------------
+
+o Michael Adam <obnox@samba.org>
+ * Fix the build when no external talloc and tdb are installed.
+ * Fix detection of CTDB headers on systems without system-libtalloc.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 6802: A created folder does not properly inherit permissions from
+ parent in vfs_acl_xattr.
+ * BUG 6837: "Too many open files" when trying to access large number of
+ files from Windows 7.
+ * BUG 6938 : No hook exists to check creation rights when using acl_xattr
+ module.
+ * Fix vfs_acl_xattr which was failing to call the NEXT connect function.
+ * Restructure the ACL code.
+ * Refactor reply_rmdir to use handle based code.
+
+
+o Dan Cox <dan@wep.net>
+ * BUG 2350: Add LDAP Alias Dereferencing support.
+
+
+o Günther Deschner <gd@samba.org>
+ * BUG 6929: Fix build with recent heimdal.
+ * Fix several printing issues.
+ * Fix the build on Mac OS X 10.6.2.
+ * Fix net and rpcclient after setprinterdataex changes.
+ * Add full support for level 8 printer drivers.
+ * Add more spoolss architectures to IDL.
+ * Fix enumprinter key client and server.
+ * Fix crash in EnumPrinterDataEx.
+
+
+o Björn Jacke <bj@sernet.de>
+ * Prefer posix_fallocate for doing "strict allocate".
+
-Authentication Changes:
-o Changed the way smbd handles untrusted domain names given during user
- authentication
+o Matt Kraai <mkraai@beckman.com>
+ * BUG 6860: Fix shared library build on QNX.
-net Command Changes:
-o parameter syntax made more consistent
-Authentication Changes
-======================
+o Volker Lendecke <vl@samba.org>
+ * BUG 6288: SWAT adds a second share when changing parameters of an existing
+ share.
+ * BUG 6435: Fix minor memory corruption.
+ * Restore "fake directory create times" as a share parameter.
+ * Fix explicit stat64 support.
+ * Add support for NetWkstaGetInfo 101 and 102.
+ * Add rpcclient wkssvc_enumerateusers.
+ * De-deprecate "write cache size" to prevent its removal without a proper
+ alternative.
+ * Allow more than 1000 users in BUILTIN\Users.
-Previously, when Samba was a domain member and a client was connecting using an
-untrusted domain name, such as BOGUS\user smbd would remap the untrusted
-domain to the primary domain smbd was a member of and attempt authentication
-using that DOMAIN\user name. This differed from how a Windows member server
-would behave. Now, smbd will replace the BOGUS name with it's SAM name. In
-the case where smbd is acting as a PDC this will be DOMAIN\user. In the case
-where smbd is acting as a domain member server this will be WORKSTATION\user.
-Thus, smbd will never assume that an incoming user name which is not qualified
-with the same primary domain, is part of smbd's primary domain.
-While this behavior matches Windows, it may break some workflows which depended
-on smbd to always pass through bogus names to the DC for verification. A new
-parameter "map untrusted to domain" can be enabled to revert to the legacy
-behavior.
+o Jim McDonough <jmcd@samba.org>
+ * BUG 6967: Prevent glibc error on 'net ads join'.
-net Command Changes
-===================
-The net command now accepts the common command line parameters most other Samba
-command line utilities use, with a couple of remaining differences:
+o Lars Müller <lars@samba.org>
+ * BUG 6710: Only install the cifs.upcall man page if CIFSUPCALL_PROGS was
+ set while configure.
--l still gives long output for net commands supporting the --long flag. This was
-more useful than the common --log-base parameter.
--i still tells net to read data from stdin (like --stdin) instead of toggling
-the common --scope flag.
+o Ian Puleston <ipuleston@sonicwall.com>
+ * Complete support for NetWkstaGetInfo/NetWkstaEnumUsers.
--S still tells net the server to connect to (like --server) instead of
-negotiating the common --signing flag. As -S is probably used by most scripts
-doing net rpc commands, this would have been a high-impact change for little
-gain.
-This change was mainly done to unify the authentification options. Here, one
-flag changed it's meaning and one useful flag was added.
+o Karolin Seeger <kseeger@samba.org>
+ * Fix the build of the example VFS modules.
--N used to be the short version of --ntname. It now matches the Samba default of
---no-pass. Use this to stop net from prompting for a password if you want
-anonymous authentication.
--A --authentication-file now takes an authentication file with the username and
-password you want net to use, avoiding a password prompt as with plain -U user
-or having to give a password on the command line as in -U user%pass.
+o Bo Yang <boyang@samba.org>
+ * BUG 6879: Fix crash in Winbind.
+ * Fix crash in free_file_list().
+ * Give the user a chance to change password when password will expire soon.
-Last but not least net now always falls back to your local unix username if no
--U is specified and a username is needed. net rpc commands will now prompt for a
-password unless one is specified using either -U user%pass or -A auth_file.
######################################################################
Reporting bugs & Development Discussion
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
-be filed under the Samba 3.4 product in the project's Bugzilla
+be filed under the Samba 3.5 product in the project's Bugzilla
database (https://bugzilla.samba.org/).
git.samba.org / samba.git / blobdiff