- ================================
- Release Notes for Samba 3.0.6rc2
- Aug 5, 2004
- ================================
-
-This is a release candidate snapshot of the Samba 3.0.5 code
-base and should be considered for testing only. A release
-candidate (RC) means that we are close to the final, stable
-release and in provided for Quality Assurance (QA) purposes.
-This release is *not* intended for production servers. Use
-at your own risk.
+ =============================
+ Release Notes for Samba 3.0.6
+ Aug XX, 2004
+ =============================
-There have been several bug fixes since the 3.0.4 release that
-we feel are important to make available to the Samba community
-for wider testings. See the "Changes" section for details on
-exact updates.
+This is the latest stable release of Samba. This is the version
+that production Samba servers should be running for all
+current bug-fixes. There have been several issues fixes since
+the 3.0.4/5 release and new features have been added as well.
+See the "Changes" section for details on exact updates.
-Common bugs fixed in 3.0.6rc2 include:
+Common bugs fixed in 3.0.6 include:
+ o Schannel failure in winbindd.
+ o Numerous memory leaks.
+ o Incompatibilities between the 'write list' and 'force user'
+ smb.conf options.
+ o Premature optimization of the open_directory() internal
+ function that broke tools such as the ArcServe backup
+ agent, Macromedia HomeSite, and Robocopy.
+ o Corrupt workgroup names in nmbd's browse.dat.
+ o Sharing violation errors commonly seen when opening
+ when serving Microsoft Office documents from a Samba
+ file share.
+ o Browsing problems caused by an apostrophe (') in the
+ computer's description field.
+ o Problems creating special file types from UNIX CIFS
+ clients and enabling 'unix extensions'.
o Fix stalls in smbd caused by inaccessible LDAP servers.
o Remove various memory leaks.
o Fix issues in the password lockout feature.
- o Merge security fixes for CAN-2004-0600, CAN-2004-0686
- from 3.0.5.
New features introduced in this release include:
+ O Support symlinks created by CIFS clients which
+ can be followed on the server.
+ o Using a cups server other than localhost.
+ o Maintaining the service principal entry in the system
+ keytab for integration with other kerberized services.
+ Please refer to the 'use kerberos keytab' entry in
+ smb.conf(5). When using the heimdal kerberos libraries,
+ you must also specify the following in /etc/krb5.conf:
+ [libdefaults]
+ default_keytab_name = FILE:/etc/krb5.keytab
+ o Support for maintaining individual printer names
+ stored separately from the printer's sharename.
o Support for maintaining user password history.
+ o Support for honoring the logon times for user in a
+ Samba domain.
+
+--------------------------------------------
+unix extensions = yes (default) and symlinks
+--------------------------------------------
+
+Beginning with Samba 3.0.6pre1 (formally known as 3.0.5pre1),
+clients supporting the UNIX extensions to the CIFS protocol
+can create symlinks to absolute paths which will be **followed**
+by the server. This functionality has been requested in order
+to correctly support certain applications when the user's home
+directory is mounted using some type of CIFS client (e.g. the
+cifsvfs in the Linux 2.6 kernel).
+
+If this behavior is not acceptable for your production environment
+you can set 'wide links = no' in the specific share declaration in
+the server's smb.conf. Be aware that disabling wide link support
+out of a share in Samba may impact the server's performance due
+to the fact that smbd will now have to check each path additional
+times before traversing it.
------------------------
Password History Support
The new password history feature allows smbd to check the new
password in password change requests against a list of the user's
-previous passwords. The number of previous passwords to save can be
-set using pdbedit (4 in this example):
+previous passwords. The number of previous passwords to save can
+be set using pdbedit (4 in this example):
root# pdbedit -P "password history" -C 4
-When using the ldapsam passdb backend, it is vital to secure
-the following attributes from access by non-administrative
-users:
+When using the ldapsam passdb backend, it is vital to secure the
+following attributes from access by non-administrative users:
* sambaNTPassword
* sambaLMPassword
You should refer to your directory server's documentation on how
to implement this restriction).
+
######################################################################
Changes
#######
-Changes since 3.0.6rc1
-(formally referred to as 3.0.5rc1)
-----------------------------------
+Changes since 3.0.5
+-------------------
smb.conf changes
----------------
Parameter Name Action
-------------- ------
+ cups server New
+ defer sharing violations New
+ force unknown acl user New
ldap timeout New
-
+ printcap cache time New
+ use kerberos keytab New
commits
-------
o Jeremy Allison <jra@samba.org>
+ * Correct path parsing bug that broke DeletePrinterDriverEx().
+ * Fix bugs in check_path_syntax() caught by asserts.
+ * Internal change - rearrange internal global case setting
+ variables to a per connection basis.
+ * BUG 1345: Fix premature optimization in unix_convert().
+ * Allow clients to truncate a locked file.
+ * BUG 1319: Always check to see if a user as write access
+ to a share, even when 'force user' is set.
+ * Fix specific case of open that doesn't cause oplock break,
+ or share mode check.
+ * Correct sid type is WKN_GROUP, not alias. Added some
+ more known types (inspired by patch from Jianliang Lu).
+ * Allow creation of absolute symlink paths via CIFS clients.
+ * Fix charset bug in when invoking send_mailslot().
+ * When using widelinks = no, use realpath to canonicalize
+ the connection path on connection create for the user.
+ * Enhance stat open code.
+ * Fix unix extensions mknod code path.
+ * Allow unix domain socket creation via unix extensions.
+ * Auto disable the 'store dos attribute' parameter if the
+ underlying filesystem doesn't support EAs.
+ * Implement deferred open code to fix a bug with Excel files
+ on Samba shares.
+ * BUG 1427: Catch bad path errors at the right point. Ensure
+ all our pathname parsing is consistent.
+ * Fix SMB signing error introduced by the new deferred open
+ code.
+ * Change default setting for case sensitivity to "auto". (see
+ commit message -- r1154 -- for details).
+ * Add new remote client arch -- CIFSFS.
+ * Allow smbd to maintain the service principal entry in the
+ system keytab file (based on patch Dan Perry <dperry@pppl.gov>,
+ Guenther Deschner, et. al.).
+ * Fix longstanding memleak bug with logfile name.
+ * Fix incorrect type in printer publishing (struct uuid,
+ not UUID_FLAT).
+ * Heimdal compile fixes after introduction of the new ketyab
+ feature.
+ * Ensure we check attributes correctly on rename request.
+ * Ensure we defer a sharing violation on rename correctly.
+ * BUG 607: Ensure we remove DNS and DNSFAIL records immediately
+ on timeout.
+ * Fix bogus error message when using "mangling method = hash"
+ rather than hash2.
+ * Turn on sendfile by default for non-Win9x clients.
+ * Handle non-io opens that cause oplock breaks correctly.
+ * Ensure ldap replication sleep time is not more than 5 seconds.
* Add support for storing a user's password history.
LDAP portion of the code was based on a patch from
Jianliang Lu <j.lu@tiesse.com>.
o Andrew Bartlett <abartlet@samba.org>
+ * Fix parsing bug in GetDomPwInfo().
+ * Fix segfault in 'ntlm_auth --diagnostics'.
+ * Re-enable code to allow sid_to_gid() to perform a group
+ mapping lookup before checking with winbindd.
+ * Fix memory leak in the trans2 signing code.
+ * Allow more flexible GSS-SPENGO client and server operation
+ in ntlm_auth.
* Improve smbd's internal random number generation.
* Fix a few outstanding long password changes in smbd.
* Fix LANMAN2 session setup code.
+o Eric Boehm <boehm@nortelnetworks.com>
+ BUG 703: Final touches on netgroup case lookups.
+
+
+o Jerome Borsboom <j.borsboom@erasmusmc.nl>
+ * Ensure error status codes don't get overwritten in
+ lsa_lookup_sids() server code.
+ * Correct bug that caused smbd to overwrite certain error
+ codes when returning up the call stack.
+ * Ensure the correct sid type returned for builtin sids.
+
+
o Gerald Carter <jerry@samba.org>
+ * Fix a few bugs in the Fedora Packaging files.
+ * Fix for setting the called name to by our IP if the
+ called name was *SMBSERVER and *SMBSERV. Fixes issue
+ with connecting to printers via \\ip.ad.dr.ess\printer
+ UNC path.
+ * BUG 1315: fix for schannel client connections to servers
+ when we haven't specifically negotiated AUTH_PIPE_SEAL.
+ * Allow PrinterDriverData valuenames with embedded backslashes
+ (Fixes bug with one of the Konica Fiery drivers).
+ * Fixed string length miscalculation in netbios names that
+ resulted in corrupt workgroup names in browse.dat.
+ * When running smbd as a daemon, launch child smbd to update
+ the lpq cache listing in the background.
+ * Allow printers "Printers..." folder to be renamed to a string
+ other than the share name.
+ * Allow winbindd to use domain trust account passwords when
+ running on a Samba DC to establish an schannel to remote
+ domains.
+ * Fix bad merge and ensure that we always use tdb_open_log()
+ instead of tdb_open_ex() (the former call enforce the 'use
+ mmap' parameter).
+ * BUG 1221: revert old change that used single and double
+ quotes as delimeters in next_token(), and change
+ print_parameter() to print out parm values surrounded by
+ double quotes (instead of single quotes).
+ * Prevent home directories added during the SMBsesssetup&X from
+ being removed as unused services.
+ * Invalidate the print object cache for open printer handles when
+ smbd receives a message that an attribute on a given printer
+ has been changed.
+ * Cause the configure script to exit if --enable-cups[=yes] is
+ defined and the system does not have the cups devel files
+ installed.
+ * BUG 1297: Prevent map_username() from being called twice
+ during logon.
+ * Ensure that we use the userPrincipalName AD attribute
+ value for LDAP SASL binds.
+ * Ensure we remove the tdb entry when deleting a job that
+ is being spooled.
* BUG 1520: Work around bug in Windows XP SP2 RC2 where the
client sends a FindNextPrintChangeNotify() request without
previously sending a FindFirstPrintChangeNotify(). Return
sambaSidEntry, & sambaIdmapEntry object classes.
-
o Fabien Chevalier <fabien.chevalier@supelec.fr>
* Debian BUG 252591: Ensure that the return value from the
number of available interfaces is initialized in case no
o Guenther Deschner <gd@sernet.de>
+ * Implement 'rpcclient setprintername'.
+ * Add local groups to the user's NT_TOKEN since they are
+ actually supported now.
+ * Heimdal compile fixes after introduction of the new keytab
+ feature.
+ * Correctly honor the info level parameter in 'rpcclient
+ enumprinters'.
+ * Reintroduce 'force unknown acl user' parameter. When getting a
+ security descriptor for a file, if the owner sid is not known,
+ the owner uid is set to the current uid. Same for group sid.
+ * Ensure that REG_SZ values in the SetPrinterData actually
+ get written in UNICODE strings rather than ASCII.
+ * Ensure that the last kerberos error return is not invalid.
* Display share ACL entries from rpcclient.
+o Fabian Franz <FabianFranz@gmx.de>
+ * Support specifying a port in the device URL passed to smbspool.
+
+
o Steve French <sfrench@us.ibm.com>
+ * Handle -S and user mount parms in mount.cifs.
* Fix user unmount of shares mount with suid mount.cifs.
+o Bjoern Jacke <bj@sernet.de>
+ * Install libsmbclient into $(LIBDIR), not into hard coded
+ ${prefix}/lib. This helps amd64 systems with /lib and /lib64
+ and an explicit configure --libdir setting.
+
+
+o <kawasa_r@itg.hitachi.co.jp>
+ * Correct more memory leaks and initialization bugs.
+ * Fix bug that prevented core dumps from being generated
+ even if you tried.
+ * Connect to the winbind pipe in non-blocking mode to
+ prevent processes from hanging.
+ * Memory leak fixes.
+
+
+o Stephan Kulow <coolo@suse.de>
+ * Fix crash bug in libsmbclient.
+
+
o Volker Lendecke <vl@samba.org>
+ * Added vfs_full_audit module.
+ * Add vfs_afsacl.c which can display & set AFS acls via
+ the NT security editor.
+ * Fix crash bug caused by trying to Base64 encode a NULL string.
+ * Fix DOS error code bug in reply_chkpath().
+ * Correct misunderstanding of the max_size field in
+ cli_samr_enum_als_groups; it is more like an account_control
+ field with individual bits what to retrieve.
+ * Implement 'net rpc group rename' -- rename domain groups.
+ * Implement the 'cups server' option. This makes it possible
+ to have virtual smbd's connect to different cups daemons.
+ * Paranoia fixes when adding local aliases to a user's NT_TOKEN.
+ * Fix sid_to_gid() calls in winbindd to prevent loops.
+ * Ensure that local_sid_to_gid() sets the type of the group on
+ return.
+ * Make sure that the clients are given back the IP address to
+ which they connected in the case of a multi-homed host. Only
+ affects strings the spoolss printing replies.
+ * Fix the bad password lockout. This has not worked as pdb_ldap.c
+ did not ask for the modifyTimestamp attribute, so it could
+ not find it. Try not to regress by not putting that attrib
+ in the main list but append it manually for the relevant searches.
+ * Fix two memleaks in login_cache.c.
+ * fixes memory bloat when unmarshalling strings.
+ * Fix compile errors using gcc 3.2 on SuSE 8.2.
+ * Fix the build for systems without kerberos headers.
+ * Allow winbindd to handle authentication requests only when
+ started without either an 'idmap uid' or 'idmap gid' range.
+ * Fix the build for systems without ldap headers.
+ * Fix interaction between share security descriptor and the
+ 'read only' smb.conf option.
+ * Fix bug that caused _samr_lookupsids() with more than 32 (
+ MAX_REF_DOMAINS) SIDs to fail.
* Allow the 'idmap backend' parameter to accept a list of
LDAP servers for failover purposes.
* Revert code in smbd to remove a tdb when it has become
* Expand aliases for getusersids as well.
-o James Peach <jpeach@sgi.com>
- * More iconv detection fixes for IRIX.
- * Compile fixed for systems that do not have C99/UNIX98 compliant
- vsnprintf by default.
+o Herb Lewis <herb@samba.org>
+ * Add the acls debug class.
+ * Fix logic bug in netbios name truncate routine.
+ * Fix smbd crash caused by smbtorture IOCTL test.
+ * Fix errno tromping before calling iconv to reset the
+ conversion state.
+ * need to leave empty dacl so we can remove last ACE.
-o Tim Potter <tpot@samba.org>
- * BUG 1360: Use -Bsymbolic when creating shared libraries to
- avoid conflicts with identical symbols in the global namespace
- when loading libnss_wins.so.
+o Jianliang Lu <Jianliang.Lu@getronics.com>
+ * Fix to stop smbd hanging on missing group member in
+ get_memberuids().
+ * Make sure Samba returns the correct group types.
+ * Reset the bad password count password counts upon a successful login.
+
+
+o Jim McDonough <jmcd@us.ibm.com>
+ * BUG 1279: SMBjobid fix for Samba print servers running on
+ Big-Endian platforms.
-o Richard Renard <rrenard@idealx.com>
- * Save the current password as it is being changed into the
- password history list.
+o Joe Meadows <jameadows@webopolis.com>
+ * Add optional timeout parameter to ldap open calls.
+ * Allow get_dc_list() to check the negative cache.
-o Simo Source <idra@samba.org>
- * Tidy up parametric options in testparm output.
+o Jason Mader <jason@ncac.gwu.edu>
+ * BUG 1385: Don't use non-consts in a structure initialization.
+
+
+o Stefan Metzmacher <metze@samba.org>
+ * fix a configure logic bug for linux/XFS quotas when
+ using --with-sys-quotas.
+ * Use quota debug class in quota code.
+ * print out the SVN revision by configure,
+
+
+o Lars Mueller <lmuelle@suse.de>
+ * BUG 1279: Added 'printcap cache time' parameter.
+ * Fix afs related build issues on SuSE.
+
+
+o James Peach <jpeach@sgi.com>
+ * More iconv detection fixes for IRIX.
+ * Compile fixed for systems that do not have C99/UNIX98 compliant
+ vsnprintf by default.
+
+
+o Dan Peterson
+ * Implement NFS quota support on FreeBSD.
+
+
+o Tim Potter <tpot@samba.org>
+ * BUG 1360: Use -Bsymbolic when creating shared libraries to
+ avoid conflicts with identical symbols in the global namespace
+ when loading libnss_wins.so.
+
+
+o Richard Renard <rrenard@idealx.com>
+ * Save the current password as it is being changed into the
+ password history list.
+
+
+o Richard Sharpe <rsharpe@samba.org>
+ * Fix error return codes on some lock messages.
+ * BUG 1178: Make the libsmbclient routines callable
+ by C++ programs.
+ * BUG 1333: Make sure we return an error code when
+ things go wrong.
+ * BUG 1301: Return NT_STATUS_SHARING_VIOLATION when
+ share mode locking requests fail.
+
+
+o Simo Source <idra@samba.org>
+ * Update Debian stable & unstable packaging.
+ * Tidy up parametric options in testparm output.
o Richard Sharpe <rsharpe@samba.org>
o Nick Thompson <nickthompson@agere.com>
* Protect smbd against broken filesystems which return zero
blocksize.
+
+
+o Andrew Tridgell <tridge@samba.org>
+ * Fixed bug in handling of timeout in socket connections.
+
+
+o Nick Wellnhofer <wellnhofer@aevum.de>
+ * Prevent lp_interfaces() list from being corrupted. Fixes
+ bug where nmbd would lose the list of network interfaces
+ on the system and consequently shutdown.
+
+o James Wilkinson <jwilk@alumni.cse.ucsc.edu>
+ * Fix ntlm_auth memory leaks.
+
+
+o Jelmer Vernooij <jelmer@samba.org>
+ * Additional NT status to unix error mappings.
+ * BUG 478: Rename vsnprintf to smb_vsnprintf so we don't
+ get duplicate symbol errors.
+ * Return an error when the last command read from stdin
+ fails in smbclient.
+ * Prepare for better error checking in tar.
+
Changes for older versions follow below:
--------------------------------------------------
-
+
=============================
Release Notes for Samba 3.0.5
July 20, 2004
##################################################################
-
- --------------------------------------------------
-
- ================================
- Release Notes for Samba 3.0.5rc1
- July 8, 2004
- ================================
-
-Common bugs fixed in this 3.0.5rc1 include:
-
- o Corrupt workgroup names in nmbd's browse.dat.
-
- o Sharing violation errors commonly seen when opening
- when serving Microsoft Office documents from a Samba
- file share.
-
- o Browsing problems caused by an apostrophe (') in the
- computer's description field.
-
- o Problems creating special file types from UNIX CIFS
- clients and enabling 'unix extensions'.
-
-
-New features introduced in this release include:
-
- o Using a cups server other than localhost.
-
- o Maintaining the service principal entry in the system
- keytab for integration with other kerberized services.
- Please refer to the 'use kerberos keytab' entry in
- smb.conf(5). When using the heimdal kerberos libraries,
- you must also specify the following in /etc/krb5.conf:
- [libdefaults]
- default_keytab_name = FILE:/etc/krb5.keytab
-
- o Support for maintaining individual printer names
- stored separately from the printer's sharename.
-
-
-######################################################################
-Changes
-#######
-
-Changes since 3.0.5pre1
------------------------
-
-smb.conf changes
-----------------
-
- Parameter Name Action
- -------------- ------
- cups server New
- defer sharing violations New
- force unknown acl user New
- ldap timeout New
- use kerberos keytab New
-
-commits
--------
-o Jeremy Allison <jra@samba.org>
- * Fix charset bug in when invoking send_mailslot().
- * When using widelinks = no, use realpath to canonicalize
- the connection path on connection create for the user.
- * Enhance stat open code.
- * Fix unix extensions mknod code path.
- * Allow unix domain socket creation via unix extensions.
- * Auto disable the 'store dos attribute' parameter if the
- underlying filesystem doesn't support EAs.
- * Implement deferred open code to fix a bug with Excel files
- on Samba shares.
- * BUG 1427: Catch bad path errors at the right point. Ensure
- all our pathname parsing is consistent.
- * Fix SMB signing error introduced by the new deferred open
- code.
- * Change default setting for case sensitivity to "auto". (see
- commit message -- r1154 -- for details).
- * Add new remote client arch -- CIFSFS.
- * Allow smbd to maintain the service principal entry in the
- system keytab file (based on patch Dan Perry <dperry@pppl.gov>,
- Guenther Deschner, et. al.).
- * Fix longstanding memleak bug with logfile name.
- * Fix incorrect type in printer publishing (struct uuid,
- not UUID_FLAT).
- * Heimdal compile fixes after introduction of the new ketyab
- feature.
- * Ensure we check attributes correctly on rename request.
- * Ensure we defer a sharing violation on rename correctly.
- * BUG 607: Ensure we remove DNS and DNSFAIL records immediately
- on timeout.
- * Fix bogus error message when using "mangling method = hash"
- rather than hash2.
- * Turn on sendfile by default for non-Win9x clients.
- * Handle non-io opens that cause oplock breaks correctly.
- * Ensure ldap replication sleep time is not more than 5 seconds.
-
-
-o Andrew Bartlett <abartlet@samba.org>
- * Re-enable code to allow sid_to_gid() to perform a group
- mapping lookup before checking with winbindd.
- * Fix memory leak in the trans2 signing code.
- * Allow more flexible GSS-SPENGO client and server operation
- in ntlm_auth.
-
-
-o Eric Boehm <boehm@nortelnetworks.com>
- BUG 703: Final touches on netgroup case lookups.
-
-
-o Jerome Borsboom" <j.borsboom@erasmusmc.nl>
- * Correct bug that caused smbd to overwrite certain error
- codes when returning up the call stack.
- * Ensure the correct sid type returned for builtin sids.
-
-
-o Gerald Carter <jerry@samba.org>
- * Fixed string length miscalculation in netbios names that
- resulted in corrupt workgroup names in browse.dat.
- * When running smbd as a daemon, launch child smbd to update
- the lpq cache listing in the background.
- * Allow printers "Printers..." folder to be renamed to a string
- other than the share name.
- * Allow winbindd to use domain trust account passwords when
- running on a Samba DC to establish an schannel to remote
- domains.
- * Fix bad merge and ensure that we always use tdb_open_log()
- instead of tdb_open_ex() (the former call enforce the 'use
- mmap' parameter).
- * BUG 1221: revert old change that used single and double
- quotes as delimeters in next_token(), and change
- print_parameter() to print out parm values surrounded by
- double quotes (instead of single quotes).
- * Prevent home directories added during the SMBsesssetup&X from
- being removed as unused services.
- * Invalidate the print object cache for open printer handles when
- smbd receives a message that an attribute on a given printer
- has been changed.
- * Cause the configure script to exit if --enable-cups[=yes] is
- defined and the system does not have the cups devel files
- installed.
- * BUG 1297: Prevent map_username() from being called twice
- during logon.
- * Ensure that we use the userPrincipalName AD attribute
- value for LDAP SASL binds.
- * Ensure we remove the tdb entry when deleting a job that
- is being spooled.
-
-
-o Guenther Deschner <gd@sernet.de>
- * Implement 'rpcclient setprintername'.
- * Add local groups to the user's NT_TOKEN since they are
- actually supported now.
- * Heimdal compile fixes after introduction of the new keytab
- feature.
- * Correctly honor the info level parameter in 'rpcclient
- enumprinters'.
- * Reintroduce 'force unknown acl user' parameter. When getting a
- security descriptor for a file, if the owner sid is not known,
- the owner uid is set to the current uid. Same for group sid.
- * Ensure that REG_SZ values in the SetPrinterData actually
- get written in UNICODE strings rather than ASCII.
- * Ensure that the last kerberos error return is not invalid.
-
-
-o Fabian Franz <FabianFranz@gmx.de>
- * Support specifying a port in the device URL passed to smbspool.
-
-
-o Bjoern Jacke <bj@sernet.de>
- * Install libsmbclient into $(LIBDIR), not into hard coded
- ${prefix}/lib. This helps amd64 systems with /lib and /lib64
- and an explicit configure --libdir setting.
-
-
-o <kawasa_r@itg.hitachi.co.jp>
- * Memory leak fixes.
-
-
-o Volker Lendecke <vl@samba.org>
- * Fix DOS error code bug in reply_chkpath().
- * Correct misunderstanding of the max_size field in
- cli_samr_enum_als_groups; it is more like an account_control
- field with individual bits what to retrieve.
- * Implement 'net rpc group rename' -- rename domain groups.
- * Implement the 'cups server' option. This makes it possible
- to have virtual smbd's connect to different cups daemons.
- * Paranoia fixes when adding local aliases to a user's NT_TOKEN.
- * Fix sid_to_gid() calls in winbindd to prevent loops.
- * Ensure that local_sid_to_gid() sets the type of the group on
- return.
- * Make sure that the clients are given back the IP address to
- which they connected in the case of a multi-homed host. Only
- affects strings the spoolss printing replies.
- * Fix the bad password lockout. This has not worked as pdb_ldap.c
- did not ask for the modifyTimestamp attribute, so it could
- not find it. Try not to regress by not putting that attrib
- in the main list but append it manually for the relevant searches.
- * Fix two memleaks in login_cache.c.
- * fixes memory bloat when unmarshalling strings.
- * Fix compile errors using gcc 3.2 on SuSE 8.2.
- * Fix the build for systems without kerberos headers.
- * Allow winbindd to handle authentication requests only when
- started without either an 'idmap uid' or 'idmap gid' range.
- * Fix the build for systems without ldap headers.
- * Fix interaction between share security descriptor and the
- 'read only' smb.conf option.
- * Fix bug that caused _samr_lookupsids() with more than 32 (
- MAX_REF_DOMAINS) SIDs to fail.
-
-
-o Herb Lewis <herb@samba.org>
- * Fix errno tromping before calling iconv to reset the
- conversion state.
- * need to leave empty dacl so we can remove last ACE.
-
-
-o Jianliang Lu <Jianliang.Lu@getronics.com>
- * Reset the bad password count password counts upon a successful login.
-
-
-o Joe Meadows "Joe Meadows" <jameadows@webopolis.com>
- * Add optional timeout parameter to ldap open calls.
- * Allow get_dc_list() to check the negative cache.
-
-
-o Jason Mader <jason@ncac.gwu.edu>
- * BUG 1385: Don't use non-consts in a structure initialization.
-
-
-o Stefan Metzmacher <metze@samba.org>
- * print out the SVN revision by configure,
-
-
-o Lars Mueller <lmuelle@suse.de>
- * Fix afs related build issues on SuSE.
-
-
-o Dan Peterson
- * Implement NFS quota support on FreeBSD.
-
-
-o Nick Wellnhofer <wellnhofer@aevum.de>
- * Prevent lp_interfaces() list from being corrupted. Fixes
- bug where nmbd would lose the list of network interfaces
- on the system and consequently shutdown.
-
-
-o James Wilkinson <jwilk@alumni.cse.ucsc.edu>
- * Fix ntlm_auth memory leaks.
-
-
-o Jelmer Vernooij <jelmer@samba.org>
- * BUG 478: Rename vsnprintf to smb_vsnprintf so we don't
- get duplicate symbol errors.
- * Return an error when the last command read from stdin
- fails in smbclient.
- * Prepare for better error checking in tar.
-
-
- --------------------------------------------------
-
- =================================
- Release Notes for Samba 3.0.5pre1
- May 25, 2004
- =================================
-
-Common bugs fixed in this preview release include:
-
- o Schannel failure in winbindd.
- o Numerous memory leaks.
- o Incompatibilities between the 'write list' and 'force user'
- smb.conf options.
- o Premature optimization of the open_directory() internal
- function that broke tools such as the ArcServe backup
- agent, Macromedia HomeSite, and Robocopy.
-
-
-ATTENTION! NEW BEHAVIOR!
--------------------------
-
-Beginning with Samba 3.0.5pre1, clients supporting the UNIX
-extensions to the CIFS protocol can create symlinks to
-absolute paths which will be **followed** by the server. This
-functionality has been requested in order to correctly support
-certain applications when the user's home directory is mounted
-using some type of CIFS client (e.g. the cifsvfs in the Linux
-2.6 kernel).
-
-If this behavior is not acceptable for your production environment
-you can set 'wide links = no' in the specific share declaration in
-the server's smb.conf. Be aware that disabling wide link support
-out of a share in Samba may impact the server's performance due
-to the fact that smbd will now have to check each path additional
-times before traversing it.
-
-Changes since 3.0.4
---------------------
-
-smb.conf changes
-----------------
-
- Parameter Name Action
- -------------- ------
- printcap cache time New
-
-
-commits
--------
-o Jeremy Allison <jra@samba.org>
- * Correct path parsing bug that broke DeletePrinterDriverEx().
- * Fix bugs in check_path_syntax() caught by asserts.
- * Internal change - rearrange internal global case setting
- variables to a per connection basis.
- * BUG 1345: Fix premature optimization in unix_convert().
- * Allow clients to truncate a locked file.
- * BUG 1319: Always check to see if a user as write access
- to a share, even when 'force user' is set.
- * Fix specific case of open that doesn't cause oplock break,
- or share mode check.
- * Correct sid type is WKN_GROUP, not alias. Added some
- more known types (inspired by patch from Jianliang Lu).
- * Allow creation of absolute symlink paths via CIFS clients.
-
-
-o Andrew Bartlett <abartlet@samba.org>
- * Fix parsing bug in GetDomPwInfo().
- * Fix segfault in 'ntlm_auth --diagnostics'.
-
-
-o Jerome Borsboom <j.borsboom@erasmusmc.nl>
- * Ensure error status codes don't get overwritten in
- lsa_lookup_sids() server code.
-
-
-o Gerald Carter <jerry@samba.org>
- * Fix a few bugs in the Fedora Packaging files.
- * Fix for setting the called name to by our IP if the
- called name was *SMBSERVER and *SMBSERV. Fixes issue
- with connecting to printers via \\ip.ad.dr.ess\printer
- UNC path.
- * BUG 1315: fix for schannel client connections to servers
- when we haven't specifically negotiated AUTH_PIPE_SEAL.
- * Allow PrinterDriverData valuenames with embedded backslashes
- (Fixes bug with one of the Konica Fiery drivers).
-
-
-o Steve French <sfrench@us.ibm.com>
- * Handle -S and user mount parms in mount.cifs.
-
-
-o kawasa_r@itg.hitachi.co.jp
- * Correct more memory leaks and initialization bugs.
- * Fix bug that prevented core dumps from being generated
- even if you tried.
- * Connect to the winbind pipe in non-blocking mode to
- prevent processes from hanging.
-
-
-o Stephan Kulow <coolo@suse.de>
- * Fix crash bug in libsmbclient.
-
-
-o Volker Lendecke <vl@samba.org>
- * Added vfs_full_audit module.
- * Add vfs_afsacl.c which can display & set AFS acls via
- the NT security editor.
- * Fix crash bug caused by trying to Base64 encode a NULL string.
-
-
-o Herb Lewis <herb@samba.org>
- * Add the acls debug class.
- * Fix logic bug in netbios name truncate routine.
- * Fix smbd crash caused by smbtorture IOCTL test.
-
-
-o Jianliang Lu <j.lu@tiesse.com>
- * Fix to stop smbd hanging on missing group member in
- get_memberuids().
- * Make sure Samba returns the correct group types.
-
-
-o Jim McDonough <jmcd@us.ibm.com>
- * BUG 1279: SMBjobid fix for Samba print servers running on
- Big-Endian platforms.
-
-
-o Stefan Metzmacher <metze@samba.org>
- * fix a configure logic bug for linux/XFS quotas when
- using --with-sys-quotas.
- * Use quota debug class in quota code.
-
-
-o Lars Müller <lmuelle@suse.de>
- * BUG 1279: Added 'printcap cache time' parameter.
-
-
-o Richard Sharpe <rsharpe@samba.org>
- * Fix error return codes on some lock messages.
- * BUG 1178: Make the libsmbclient routines callable
- by C++ programs.
- * BUG 1333: Make sure we return an error code when
- things go wrong.
- * BUG 1301: Return NT_STATUS_SHARING_VIOLATION when
- share mode locking requests fail.
-
-
-o Simo Source <idra@samba.org>
- * Update Debian stable & unstable packaging.
-
-
-o Andrew Tridgell <tridge@samba.org>
- * Fixed bug in handling of timeout in socket connections.
-
-
-o Jelmer Vernooij <jelmer@samba.org>
- * Additional NT status to unix error mappings.
-
-
--------------------------------------------------
+
=============================
Release Notes for Samba 3.0.4
May 8, 2004