[Samba] Samba v3.0.23a BROKE my network

Andrew Morgan morgan at orst.edu
Mon Feb 5 19:02:39 GMT 2007 

On Sat, 3 Feb 2007, Chris Hall wrote:

> On Mon, 29 Jan 2007 Gerald (Jerry) Carter wrote
>> Chris Hall wrote:
>>> ...but doesn't change my opinion that software should be written to
>>> avoid obscure failure caused by obvious misconfiguration -- particularly
>>> in the case of an upgrade which turns a previously working configuration
>>> into a broken one !
>
>> Chris,
>> 
>> This is not a pass the buck argument, but I would push back
>> on the Fedora folks (IIRC the original context correctly).
>> No one should have pushed out a 3.0.23a from 3.0.14a via yum.
>> We have been constantly saying that upgrade releases
>> (when the minor number changes) has significant differences
>> from past releases.  The letter releases are bug fix only.
>
> Well, OK... but is there a 3.0.14x which contains all the bug and *security* 
> fixes that 3.0.23 contains ?
>
>> So you can tell us (developers) that we should make such
>> sweeping changes and in response I would state that package
>> maintainers for a distro should not push out such sweeping
>> changes without properly notifying the distro users.
>
> These days one feels nervous if one is not running the latest, stable 
> version, on the basis that it should be the most secure.
>
> Last time I ran yum it updated 171 packages.  The only way that it is 
> practical for me to keep up to date is to depend on the developers to ensure:
>
>  - either, the updates are upwards compatible (if necessary, by
>    updating configuration)
>
>  - or, the new software stops gracefully and points me in the right
>    direction to complete the update
>
> And I would expect the second case to be (very) rare, and driven by a serious 
> need or (better) a significant feature advantage.
>
> As a developer I understand the cost of upwards compatibility.  But where it 
> used to be a matter of convenience when occasionally upgrading for new 
> features, it is now a matter of necessity when frequently upgrading to 
> maintain maximum security.
>
> If I were maintaining a distribution, running to many hundreds of packages, I 
> doubt I would feel it was practical if each one could carry its own little 
> surprise !

Or, you could use Debian Linux which backports security fixes for their 
stable releases.  :)

 	Andy

More information about the samba mailing list