X-Git-Url: http://git.samba.org/samba.git/?p=metze%2Fsamba-autobuild%2F.git;a=blobdiff_plain;f=WHATSNEW.txt;h=3ef066df34f1657ba91faf42e688fd76fd002c7c;hp=d9324e7dbdd04b197c985253a344a805677b6e92;hb=HEAD;hpb=306783d6f5d577a0b8bd31d659d8c802f22f0333 diff --git a/WHATSNEW.txt b/WHATSNEW.txt index d9324e7dbdd..bdd296909d3 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,12 +1,12 @@ Release Announcements ===================== -This is the first preview release of Samba 4.7. This is *not* +This is the first pre release of Samba 4.21. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. -Samba 4.7 will be the next version of the Samba suite. +Samba 4.21 will be the next version of the Samba suite. UPGRADING @@ -16,73 +16,51 @@ UPGRADING NEW FEATURES/CHANGES ==================== -The "strict sync" global parameter has been changed from -a default of "no" to "yes". This means smbd will by default -obey client requests to synchronize unwritten data in operating -system buffers safely onto disk. This is a safer default setting -for modern SMB1/2/3 clients. - -Authentication and Authorization audit support ----------------------------------------------- - -Detailed authentication and authorization audit information is now -logged to Samba's debug logs under the "auth_audit" debug class, -including in particular the client IP address triggering the audit -line. Additionally, if Samba is compiled against the jansson JSON -library, a JSON representation is logged under the "auth_json_audit" -debug class. - -Audit support is comprehensive for all authentication and -authorisation of user accounts in the Samba Active Directory Domain -Controller, as well as the implicit authentication in password -changes. In the file server and classic/NT4 domain controller, NTLM -authentication, SMB and RPC authorization is covered, however password -changes are not at this stage, and this support is not currently -backed by a testsuite. +LDB no longer a standalone tarball +---------------------------------- -smb.conf changes -================ +LDB, Samba's LDAP-like local database and the power behind the Samba +AD DC, is no longer available to build as a distinct tarball, but is +instead provided as an optional public library. - Parameter Name Description Default - -------------- ----------- ------- - auth event notification New parameter no - auth methods Deprecated - map untrusted to domain Deprecated - strict sync Default changed yes +If you need ldb as a public library, say to build sssd, then use + ./configure --private-libraries='!ldb' -Removal of lpcfg_register_defaults_hook() ------------------------------------------ +This re-integration allows LDB tests to use the Samba's full selftest +system, including our knownfail infrastructure, and decreases the work +required during security releases as a coordinated release of the ldb +tarball is not also required. -The undocumented and unsupported function lpcfg_register_defaults_hook() -that was used by external projects to call into Samba and modify -smb.conf default parameter settings has been removed. If your project -was using this call please raise the issue on -samba-technical@lists.samba.org in order to design a supported -way of obtaining the same functionality. +This approach has been demonstrated already in Debian, which is already +building Samba and LDB is this way. -Change of loadable module interface ------------------------------------ +As part of this work, the pyldb-util public library, not known to be +used by any other software, is made private to Samba. -The _init function of all loadable modules in Samba has changed -from: +LDB Module API Python bindings removed +-------------------------------------- -NTSTATUS _init(void); +The LDB Modules API, which we do not promise a stable ABI or API for, +was wrapped in python in early LDB development. However that wrapping +never took into account later changes, and so has not worked for a +number of years. Samba 4.21 and LDB 2.10 removes this unused and +broken feature. + +REMOVED FEATURES +================ -to: -NTSTATUS _init(TALLOC_CTX *); +smb.conf changes +================ + + Parameter Name Description Default + -------------- ----------- ------- -This allows a program loading a module to pass in a long-lived -talloc context (which must be guaranteed to be alive for the -lifetime of the module). This allows modules to avoid use of -the talloc_autofree_context() (which is inherently thread-unsafe) -and still be valgrind-clean on exit. Modules that don't need to -free long-lived data on exist should use the NULL talloc context. KNOWN ISSUES ============ -https://wiki.samba.org/index.php/Release_Planning_for_Samba_4.7#Release_blocking_bugs +https://wiki.samba.org/index.php/Release_Planning_for_Samba_4.21#Release_blocking_bugs ####################################### @@ -90,7 +68,8 @@ Reporting bugs & Development Discussion ####################################### Please discuss this release on the samba-technical mailing list or by -joining the #samba-technical IRC channel on irc.freenode.net. +joining the #samba-technical:matrix.org matrix room, or +#samba-technical IRC channel on irc.libera.chat If you do report problems then please try to send high quality feedback. If you don't provide vital information to help us track down