with the 2012 schema (the core of this replication fix has also been
backported to 4.9.11 and will be in a 4.10.x release).
+GnuTLS 3.2 required
+-------------------
+
+Samba is making efforts to remove in-tree cryptographic functionality,
+and to instead rely on externally maintained libraries. To this end,
+Samba has chosen GnuTLS as our standard cryptographic provider.
+
+Samba now requires GnuTLS 3.2 to be installed (including development
+headers at build time) for all configurations, not just the Samba AD
+DC.
+
+NOTE WELL: The use of GnuTLS means that Samba will honour the
+system-wide 'FIPS mode' (a reference to the US FIPS-140 cryptographic
+standard) and so will not operate in many still common situations if
+this system-wide parameter is in effect, as many of our protocols rely
+on outdated cryptography.
+
+A future Samba version will mitigate this to some extent where good
+cryptography effectively wraps bad cryptography, but for now that above
+applies.
+
+samba-tool improvements
+-----------------------
+
+A new "samba-tool contact" command has been added to allow the
+command-line manipulation of contacts, as used for address book
+lookups in LDAP.
+
+The "samba-tool [user|group|computer|group|contact] edit" command has been
+improved to operate more pleasantly on international character sets.
100,000 USER and LARGER Samba AD DOMAINS
========================================
for example of containers and organisational units, however large
renames are still not recommended.
+CTDB changes
+============
+
+* nfs-linux-kernel-callout now defaults to using systemd service names
+
+ The Red Hat service names continue to be the default.
+
+ Other distributions should patch this file when packaging it.
+
+* The onnode -o option has been removed
+
+* ctdbd logs when it is using more than 90% of a CPU thread
+
+ ctdbd is single threaded, so can become saturated if it uses the
+ full capacity of a CPU thread. To help detect this situation, ctdbd
+ now logs messages when CPU utilisation exceeds 90%. Each change in
+ CPU utilisation over 90% is logged. A message is also logged when
+ CPU utilisation drops below the 90% threshold.
+
+* Script configuration variable CTDB_MONITOR_SWAP_USAGE has been removed
+
+ 05.system.script now monitors total memory (i.e. physical memory +
+ swap) utilisation using the existing CTDB_MONITOR_MEMORY_USAGE
+ script configuration variable.
REMOVED FEATURES
not work and has no tests.
+Python2 support
+---------------
+
+Samba 4.11 will not have any runtime support for Python 2.
+
+If you are building Samba using the '--disable-python' option
+(i.e. you're excluding all the run-time Python support), then this
+will continue to work on a system that supports either python2 or
+python3.
+
+To build Samba with python2 you *must* set the 'PYTHON' environment
+variable for both the 'configure' and 'make' steps, i.e.
+ 'PYTHON=python2 ./configure'
+ 'PYTHON=python2 make'
+This will override the python3 default.
+
+Except for this specific build-time use of python2, Samba now requires
+Python 3.4 as a minimum.
+
smb.conf changes
================
Parameter Name Description Default
-------------- ----------- -------
+ allocation roundup size Default changed/ 0
+ Deprecated
web port Removed
fruit:zero_file_id Changed default False
git.samba.org / samba.git / blobdiff