Plans for integrating vfs proxy and security=server
Andrew Bartlett
abartlet at samba.org
Tue May 6 22:49:59 GMT 2008
On Tue, 2008-05-06 at 11:20 +0100, Amin Azez wrote:
> * Andrew Bartlett wrote, On 05/05/08 22:53:
> > On Mon, 2008-05-05 at 18:13 +0200, Jelmer Vernooij wrote:
> >> Am Montag, den 05.05.2008, 13:46 +1000 schrieb Andrew Bartlett:
> >>> I've committed the security=server implementation into Samba4, but not
> >>> any tests as yet. I'm hoping that once we merge the vfs proxy backend
> >>> (the CIFS Accelerator from Sam) into Samba4, that the testsuite we use
> >>> there can cover the auth_server code too.
> >>>
> >>> How does that sound?
> >> That makes a lot of sense. I guess just running smbclient with domain
> >> creds against a standalone smbd configured to use auth_server should be
> >> sufficient?
> >
> > Yeah. I figure we will have the proxy in 'make test' configured to
> > accept either kerberos with domain credentials, or NTLM with the
> > pass-though. We can do most of the tests with kerberos, and add quick
> > smbclient invocation with NTLM to check that codepath.
>
>
> Aye; and also a double-proxy test.
>
> I'm just fixing some rpm build errors and then hope to integrate the
> pass-through and add the proxy test.
BTW, following a recent fedora-devel discussion, it seems to be strongly
advised not to run autogen.sh in an RPM spec file. This should fix some
of the complexity you needed trying to preserve GIT versions etc.
> Sam
BTW, you should pick one identity or the other ;-)
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20080507/dda3911d/attachment.bin
More information about the samba-technical
mailing list