[KLUG Members] RE:Concerns about updating samba

Bob Kanaley members@kalamazoolinux.org
Mon, 10 Feb 2003 17:25:01 -0500
Previous message: [KLUG Members] New Open Source Compiler
Next message: [KLUG Members] RE:Concerns about updating samba
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Adam,

Thanks for the help.

I have several concerns about updating samba. If it ain't broke bad it is
much better for me not to meddle. I don't see how samba can be too broken.
It appears to me that most of my network problems are related to non-network
aware apps like lotus 123 v5 accessing non-ACL controlled file shares
(although, I still really want to get Ntop setup to look at some packet
traffic. I have had way too many dropped connections, recently).

Even though the desktop OS can change, the files on the samba server are
being accessed by mission critical in-house apps written for MS Access 97,
MS Office 2000, and Lotus 123 v5 or Lotus Millennium edition (with an
approach 2 or 3 app thrown in for good measure).

Yes, the log files for the samba users do have complaints of
non-understandable SMB requests, so far everyone seems able to get to
required shares and files with the required access rights.

I don't know how compatible a new samba version will be with the two WfWg
3.11 boxen I still have on the LAN. (I hope to have them replaced early this
spring, but I am unable to implement encrypted passwords as long as these
are on the network. I suspect there are other limitations while they are on
the network.)

I don't know if a newer samba will even run with a 2.0.36 kernel.

I suspect I will have to upgrade libraries to support a newer version of
samba.

This gets me into the old upgrade version verses upgrade to new release
hassle just a couple of months before I ditch the whole server (well
actually rebuild it into a mirror of the new server, with heartbeat and fail
over.)

> >I am still bumping along with our trusty VA Research Pentium
> Pro Raid 5
> >RedHat 5.1 Samba 1.9.18p5 file server (with oplocks turned
> off, thank you
> >very much). Our recently hired software engineer is busy
> programming open
>
> Holy cow.  You do realize that sub-2.2.x isn't cleared to work with
> WinNTsp6+, WinY2k, or WinXpee?  Of course, I've recently bumped into
> several sites that are.  Updating Samba is really easy and
> may provide a
> nice performance kick.

I am not sure what the implications are for "isn't cleared to work with
WinNTsp6+ WinY2k or WinXpee".

I am using a peer-to-peer, non-domain environment and I don't have any NT
workstations on the network. My only WinNTsp6+ box is a member server.

The majority of my hosts still run Win98.

As I buy replacements or new computer boxen for end users, these come with
W2K, WXP HE/P, but the apps accessing the file server are still the same.

<rant/ The press is kind enough to tell everyone what they are missing out
on when they get XP home edition, but let me tell you from first-hand
experience, M$ put a lot of effort into making sure XP Pro really sucks in a
non-domain environment. You get two types of user accounts administrator and
non-administrator, and that is only the beginning!/rant>

>
> >source alternatives to our proprietary in-house software.
> For development
> >work, I gave him the dual power supply, dual NIC, Raid 1+0
> with hot swap
> >spare, RedHat 7.2 ext3 box from Monarch.
>
> Nice, I don't recall if 7.2 included ACL support, but I really doubt
> it.  You should update to 8.x prior to going production.  Many issues
> have been resolved, performance is noticeably better, and the upgrade
> should be relatively painless.

I could have sworn you were the person that said never update a server to a
.0 release...

> Hide files and veto files might be useful.  You can create multiple
> shares that point to the same point but with differing veto settings,
> etc... But I don't know how complicated your right assignments are.
>

I take it that hide files and veto files are samba features.

These sound very useful!!!

As for rights assignments, if I am doing it, it can't be too complicated.

> >>One good idea would be to use the recycle VFS module to
> >>create a network
> >>trash can.  This gives you fall back protection against
> stupid users.
> >THIS IS MUST LEARN ABOUT!!!!
>
> It is very nice.
>

I found more about this in samba 2.2.

This could be a compelling reason to upgrade samba.

> Directory permissions of like r-x, gives read and scan, but
> not write.
> Thus you can open and modify files, but you can't create or
> delete files
> in the directory.

Since these perms didn't seem to work right on my file server, I assumed
that I did not really understand effective file access in Linux.

Perhaps it was samba permissions layered on linux permissions that made
things seem not to work as expected.

Once again, thanks for the help.


Bob

Robert V. Kanaley
Manager Information Systems
Agdia, Inc.
rvk@agdia.com
http://www.agdia.com
Previous message: [KLUG Members] New Open Source Compiler
Next message: [KLUG Members] RE:Concerns about updating samba
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]