[KLUG Members] RE:Concerns about updating samba
Adam Williams
members@kalamazoolinux.org
10 Feb 2003 20:57:33 -0500
>I don't know how compatible a new samba version will be with the two WfWg
>3.11 boxen I still have on the LAN. (I hope to have them replaced early this
>spring, but I am unable to implement encrypted passwords as long as these
>are on the network. I suspect there are other limitations while they are on
>the network.)
The WfWg boxes shouldn't be a problem, early 2.2.x versions did have
backward compatibility issues. These are supposedly resolved. I
haven't had a WfWg box in a long time and have not tested this first
hand. But I'm certain someone on this list can say conclusively.
>I don't know if a newer samba will even run with a 2.0.36 kernel.
Yes, it will.
>I suspect I will have to upgrade libraries to support a newer version of
>samba.
No, building from the spec file Samba will compile on almost any
platform.
>This gets me into the old upgrade version verses upgrade to new release
>hassle just a couple of months before I ditch the whole server (well
>actually rebuild it into a mirror of the new server, with heartbeat and fail
>over.)
If the time frame is that short I'd just wait it out.
>>>I am still bumping along with our trusty VA Research Pentium Pro Raid 5
>>>RedHat 5.1 Samba 1.9.18p5 file server (with oplocks turned off, thank you
>>>very much). Our recently hired software engineer is busy
>>>programming open
>>Holy cow. You do realize that sub-2.2.x isn't cleared to work with
>>WinNTsp6+, WinY2k, or WinXpee? Of course, I've recently bumped into
>>several sites that are. Updating Samba is really easy and
>>may provide a
>>nice performance kick.
>I am not sure what the implications are for "isn't cleared to work with
>WinNTsp6+ WinY2k or WinXpee".
Neither am I, but there have been reports of file locking issue and
data corruption.
>I am using a peer-to-peer, non-domain environment and I don't have any NT
>workstations on the network. My only WinNTsp6+ box is a member server.
Ok, I assumed the clients where more recent.
>The majority of my hosts still run Win98.
Ah.
>As I buy replacements or new computer boxen for end users, these come with
>W2K, WXP HE/P, but the apps accessing the file server are still the same.
On a 1.9.x Samba with a mix of Win9x and WinY2K+ working on the same
files you may very well encounter unpleasentness.
><rant/ The press is kind enough to tell everyone what they are missing out
>on when they get XP home edition, but let me tell you from first-hand
>experience, M$ put a lot of effort into making sure XP Pro really sucks in a
>non-domain environment. You get two types of user accounts administrator and
>non-administrator, and that is only the beginning!/rant>
:)
>>Nice, I don't recall if 7.2 included ACL support, but I really doubt
>>it. You should update to 8.x prior to going production. Many issues
>>have been resolved, performance is noticeably better, and the upgrade
>>should be relatively painless.
>I could have sworn you were the person that said never update a server to a
>.0 release...
For packages this is often true, don't even want to remember the kernel
2.4.0 or Samba 2.2.0. But for a distro the .0 ness is pretty
meaningless, it is too complicated a collection of software to make any
generalizations about. RedHat does pretty exhaustive testing of the
server related packages before ANY release and the beta periods are
really long.
>>Hide files and veto files might be useful. You can create multiple
>>shares that point to the same point but with differing veto settings,
>>etc... But I don't know how complicated your right assignments are.
>I take it that hide files and veto files are samba features.
Yes, see man smb.conf. I'm pretty sure these existed in 1.9.x
>These sound very useful!!!
They are indeed.
>As for rights assignments, if I am doing it, it can't be too complicated.
>>>>One good idea would be to use the recycle VFS module to
>>>>create a network trash can. This gives you fall back protection against
>>>>stupid users.
>>>THIS IS MUST LEARN ABOUT!!!!
>>It is very nice.
>I found more about this in samba 2.2.
Right, VFS wasn't introduced until 2.2.x.
>This could be a compelling reason to upgrade samba.
>>Directory permissions of like r-x, gives read and scan, but
>>not write.
>>Thus you can open and modify files, but you can't create or
>>delete files in the directory.
>Since these perms didn't seem to work right on my file server, I assumed
>that I did not really understand effective file access in Linux.
>Perhaps it was samba permissions layered on linux permissions that made
>things seem not to work as expected.
Right, the layering does make things nasty. With 2.2.x even without ACL
support you should be able to set file/directory permissions from a
WinY2k box or a Win9x with some cacls utility. I like to do it this way
as it can avoid confusion.