[SCM] Samba Website Repository - branch master updated
Karolin Seeger
kseeger at samba.org
Tue Dec 11 10:27:12 MST 2012
The branch, master has been updated
via a205824 Announce Samba 4.0.0.
from c3a4c6e Announce Samba 3.6.10.
http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit a2058240ef6d451667e253747a78bc870a135e92
Author: Karolin Seeger <kseeger at samba.org>
Date: Tue Dec 11 15:40:23 2012 +0100
Announce Samba 4.0.0.
Karolin
-----------------------------------------------------------------------
Summary of changes:
generated_news/latest_10_bodies.html | 22 +-
generated_news/latest_10_headlines.html | 4 +-
generated_news/latest_2_bodies.html | 20 +-
history/header_history.html | 1 +
history/samba-4.0.0.html | 764 +++++++++++++++++++++++++++++++
latest_stable_release.html | 6 +-
6 files changed, 791 insertions(+), 26 deletions(-)
create mode 100755 history/samba-4.0.0.html
Changeset truncated at 500 lines:
diff --git a/generated_news/latest_10_bodies.html b/generated_news/latest_10_bodies.html
index dd3f192..63c0c12 100644
--- a/generated_news/latest_10_bodies.html
+++ b/generated_news/latest_10_bodies.html
@@ -1,3 +1,13 @@
+ <h5><a name="4.0.0">11 December 2012</a></h5>
+ <p class="headline">Samba 4.0.0 Available for Download</p>
+ <p>This is the first stable release of the Samba 4.0 series.</p>
+
+<p>The uncompressed tarballs and patch files have been signed
+using GnuPG (ID 6568B7EA). The source code can be
+<a href="http://samba.org/samba/ftp/stable/samba-4.0.0.tar.gz">downloaded
+now</a>. See <a href="http://samba.org/samba/history/samba-4.0.0.html">
+the release notes for more info</a>.</p>
+
<h5><a name="3.6.10">10 December 2012</a></h5>
<p class="headline">Samba 3.6.10 Available for Download</p>
<p>This is the latest stable release of the Samba 3.6 series.</p>
@@ -84,15 +94,3 @@ See <a href="https://download.samba.org/pub/samba/rc/WHATSNEW-4-0-0rc2.txt">the
using GnuPG (ID 6568B7EA). The source code can be
<a href="http://samba.org/samba/ftp/stable/samba-3.5.18.tar.gz">downloaded
now</a>. A <a href="http://samba.org/samba/ftp/patches/patch-3.5.17-3.5.18.diffs.gz">patch against Samba 3.5.17</a> is also available. See <a href="http://samba.org/samba/history/samba-3.5.18.html">the release notes for more info</a>.</p>
-
- <h5><a name="3.6.8">17 September 2012</a></h5>
- <p class="headline">Samba 3.6.8 Available for Download</p>
- <p>This is the latest stable release of the Samba 3.6 series.</p>
-
-<p>The uncompressed tarballs and patch files have been signed
-using GnuPG (ID 6568B7EA). The source code can be
-<a href="http://samba.org/samba/ftp/stable/samba-3.6.8.tar.gz">downloaded
-now</a>. A <a href="http://samba.org/samba/ftp/patches/patch-3.6.7-3.6.8.diffs.gz">
-patch against Samba 3.6.7</a> is also available.
-See <a href="http://samba.org/samba/history/samba-3.6.8.html">
-the release notes for more info</a>.</p>
diff --git a/generated_news/latest_10_headlines.html b/generated_news/latest_10_headlines.html
index 1d2b5c9..0a50fd0 100644
--- a/generated_news/latest_10_headlines.html
+++ b/generated_news/latest_10_headlines.html
@@ -1,4 +1,6 @@
<ul>
+ <li> 11 December 2012 <a href="#4.0.0">Samba 4.0.0 Available for Download</a></li>
+
<li> 10 December 2012 <a href="#3.6.10">Samba 3.6.10 Available for Download</a></li>
<li> 04 December 2012 <a href="#4.0.0rc6">Samba 4.0.0rc6 Available for Download</a></li>
@@ -16,6 +18,4 @@
<li> 02 October 2012 <a href="#4.0.0rc2">Samba 4.0.0rc2 Available for Download</a></li>
<li> 24 September 2012 <a href="#3.5.18">Samba 3.5.18 Available for Download</a></li>
-
- <li> 17 September 2012 <a href="#3.6.8">Samba 3.6.8 Available for Download</a></li>
</ul>
diff --git a/generated_news/latest_2_bodies.html b/generated_news/latest_2_bodies.html
index f323cd5..de0ea2e 100644
--- a/generated_news/latest_2_bodies.html
+++ b/generated_news/latest_2_bodies.html
@@ -1,3 +1,14 @@
+ <h5><a name="4.0.0">11 December 2012</a></h5>
+ <p class="headline">Samba 4.0.0 Available for Download</p>
+ <p>This is the first stable release of the Samba 4.0 series.</p>
+
+<p>The uncompressed tarballs and patch files have been signed
+using GnuPG (ID 6568B7EA). The source code can be
+<a href="http://samba.org/samba/ftp/stable/samba-4.0.0.tar.gz">downloaded
+now</a>. See <a href="http://samba.org/samba/history/samba-4.0.0.html">
+the release notes for more info</a>.</p>
+
+
<h5><a name="3.6.10">10 December 2012</a></h5>
<p class="headline">Samba 3.6.10 Available for Download</p>
<p>This is the latest stable release of the Samba 3.6 series.</p>
@@ -9,12 +20,3 @@ now</a>. A <a href="http://samba.org/samba/ftp/patches/patch-3.6.9-3.6.10.diffs.
patch against Samba 3.6.9</a> is also available.
See <a href="http://samba.org/samba/history/samba-3.6.10.html">
the release notes for more info</a>.</p>
-
- <h5><a name="4.0.0rc6">04 December 2012</a></h5>
- <p class="headline">Samba 4.0.0rc6 Available for Download</p>
- <p>This is the sixth release candidate of the Samba 4.0 series.</p>
-
-<p>The uncompressed tarballs and patch files have been signed
-using GnuPG (ID 6568B7EA). The source code can be
-<a href="https://download.samba.org/pub/samba/rc/samba-4.0.0rc6.tar.gz">downloaded now</a>.
-See <a href="https://download.samba.org/pub/samba/rc/WHATSNEW-4-0-0rc6.txt">the release notes for more info</a>.</p>
diff --git a/history/header_history.html b/history/header_history.html
index 2c6e106..c6502f9 100755
--- a/history/header_history.html
+++ b/history/header_history.html
@@ -9,6 +9,7 @@
<li><a href="/samba/history/">Release Notes</a>
<li class="navSub">
<ul>
+ <li><a href="samba-4.0.0.html">samba-4.0.0</a></li>
<li><a href="samba-3.6.10.html">samba-3.6.10</a></li>
<li><a href="samba-3.6.9.html">samba-3.6.9</a></li>
<li><a href="samba-3.6.8.html">samba-3.6.8</a></li>
diff --git a/history/samba-4.0.0.html b/history/samba-4.0.0.html
new file mode 100755
index 0000000..d16f56c
--- /dev/null
+++ b/history/samba-4.0.0.html
@@ -0,0 +1,764 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+<title>Samba - Release Notes Archive</title>
+</head>
+
+<body>
+
+ <H2>Samba 4.0.0 Available for Download</H2>
+
+<p>
+<pre>
+ =============================
+ Release Notes for Samba 4.0.0
+ December 11, 2012
+ =============================
+
+
+This is is the first stable release of Samba 4.0.
+
+This release contains the best of all of Samba's
+technology parts, both a file server (that you can reasonably expect
+to upgrade existing Samba 3.x releases to) and the AD domain
+controller work previously known as 'Samba4'.
+
+Major enhancements in Samba 4.0.0 include:
+
+Active Directory services
+=========================
+
+Samba 4.0 supports the server-side of the Active Directory logon
+environment used by Windows 2000 and later, so we can do full domain
+join and domain logon operations with these clients.
+
+Our Domain Controller (DC) implementation includes our own built-in
+LDAP server and Kerberos Key Distribution Center (KDC) as well as the
+Samba3-like logon services provided over CIFS. We correctly generate
+the infamous Kerberos PAC, and include it with the Kerberos tickets we
+issue.
+
+When running an AD DC, you only need to run 'samba' (not smbd/nmbd/winbindd),
+as the required services are co-coordinated by this master binary.
+The tool to administer the Active Directory services is called 'samba-tool'.
+
+A short guide to setting up Samba 4 as an AD DC can be found on the wiki:
+
+ http://wiki.samba.org/index.php/Samba4/HOWTO
+
+
+File Services
+=============
+
+Samba 4.0.0 ships with two distinct file servers. We now use the
+file server from the Samba 3.x series 'smbd' for all file serving by
+default.
+
+Samba 4.0 also ships with the 'NTVFS' file server. This file server
+is what was used prior to the beta2 release of Samba 4.0, and is
+tuned to match the requirements of an AD domain controller. We
+continue to support this, not only to provide continuity to
+installations that have deployed it as part of an AD DC, but also as a
+running example of the NT-FSA architecture we expect to move smbd to in
+the longer term.
+
+For pure file server work, the binaries users would expect from that
+series (smbd, nmbd, winbindd, smbpasswd) continue to be available.
+
+
+DNS
+===
+
+As DNS is an integral part of Active Directory, we also provide two DNS
+solutions, a simple internal DNS server for 'out of the box' configurations
+and a more elaborate BIND plugin using the BIND DLZ mechanism in versions
+9.8 and 9.9. During the provision, you can select which backend to use.
+With the internal backend, your DNS server is good to go.
+If you chose the BIND_DLZ backend, a configuration file will be generated
+for bind to make it use this plugin, as well as a file explaining how to
+set up bind.
+
+
+NTP
+===
+
+To provide accurate timestamps to Windows clients, we integrate with
+the NTP project to provide secured NTP replies. To use you need to
+start ntpd and configure it with the 'restrict ... ms-sntp' and
+ntpsigndsocket options.
+
+
+Python Scripting Interface
+==========================
+
+A new scripting interface has been added to Samba 4, allowing
+Python programs to interface to Samba's internals, and many tools and
+internal workings of the DC code is now implemented in python.
+
+
+Known Issues
+============
+
+- Replication of DNS data from one AD server to another may not work.
+ The DNS data used by the internal DNS server and bind9_dlz is stored
+ in an application partition in our directory. The replication of
+ this partition is not yet reliable.
+
+- Replication may fail on FreeBSD due to getaddrinfo() rejecting names
+ containing _. A workaround will be in a future release.
+
+- samba_upgradeprovision should not be run when upgrading to this release
+ from a recent release. No important database format changes have
+ been made since alpha16.
+
+- Installation on systems without a system iconv (and developer
+ headers at compile time) is known to cause errors when dealing with
+ non-ASCII characters.
+
+- Domain member support in the 'samba' binary is in its infancy, and
+ is not comparable to the support found in winbindd. As such, do not
+ use the 'samba' binary (provided for the AD server) on a member
+ server.
+
+- There is no NetBIOS browsing support (network neighbourhood)
+ available for the AD domain controller. (Support in nmbd and smbd
+ for classic domains and member/standalone servers is unchanged).
+
+- Clock Synchronisation is critical. Many 'wrong password' errors are
+ actually due to Kerberos objecting to a clock skew between client
+ and server. (The NTP work in the previous alphas are partly to assist
+ with this problem).
+
+- The DRS replication code may fail. Please contact the team if you
+ experience issues with DRS replication, as we have fixed many issues
+ here in response to feedback from our production users.
+
+- Linux inotify will now only be supported on systems where glibc also supports
+ it (for details, please refer to bug #8850).
+
+
+Upgrading
+=========
+
+Users upgrading from Samba 3.x domain controllers and wanting to use
+Samba 4.0 as an AD DC should use the 'samba-tool domain
+classicupgrade' command. See the wiki for more details:
+https://wiki.samba.org/index.php/Samba4/samba3upgrade/HOWTO.
+
+Users upgrading from Samba 4.0 alpha and beta releases since alpha15
+should run 'samba-tool dbcheck --cross-ncs --fix' before re-starting
+Samba. Users upgrading from earlier alpha releases should contact the
+team for advice.
+
+Users upgrading an AD DC from any previous release should run
+'samba-tool ntacl sysvolreset' to re-sync ACLs on the sysvol share
+with those matching the GPOs in LDAP and the defaults from an initial
+provision. This will set an underlying POSIX ACL if required (eg not
+using the NTVFS file server).
+
+If you used the BIND9_FLATFILE or BIND9_DLZ features,
+you'll have to add '-dns' to the 'server services' option,
+as the internal dns server (SAMBA_INTERNAL) is the default now.
+
+
+Supported features
+==================
+
+A whitepaper of currently (un-)supported features is available on the wiki:
+
+ https://wiki.samba.org/index.php/Samba_4.0_Whitepaper
+
+
+######################################################################
+Changes
+#######
+
+smb.conf changes
+----------------
+
+ Parameter Name Description
+ -------------- -----------
+
+ acl compatibility Removed
+ allow dns updates New
+ announce as Removed
+ announce version Removed
+ cldap port New
+ client max protocol New
+ client min protocol New
+ client signing Changed default
+ dcerpc endpoint servers New
+ dgram port New
+ directory security mask Removed
+ display charset Removed
+ dns forwarder New
+ dns update command New
+ force security mode Removed
+ force directory security mode Removed
+ homedir map Changed default
+ kernel oplocks Changed default
+ kernel share modes New
+ kpasswd port New
+ krb5 port New
+ nbt client socket address New
+ nbt port New
+ nsupdate command New
+ ntp signd socket directory New
+ ntvfs handler New
+ paranoid server security Removed
+ pid directory New
+ printer admin Removed
+ rndc command New
+ rpc big endian New
+ samba kcc command New
+ security mask Removed
+ send spnego principal Removed
+ server max protocol New
+ server min protocol New
+ server role New
+ server services New
+ server signing Changed default
+ share backend New
+ share modes Removed
+ smb2 max read Changed default
+ smb2 max write Changed default
+ smb2 max trans Changed default
+ socket address Removed
+ spn update command New
+ time offset Removed
+ tls cafile New
+ tls certfile New
+ tls crlfile New
+ tls dh params file New
+ tls enabled New
+ tls keyfile New
+ unicode New
+ web port New
+ winbindd privileged socket directory New
+ winbind sealed pipes New
+ winbindd socket directory New
+
+
+CHANGES SINCE 4.0.0rc6
+======================
+
+o Michael Adam <obnox at samba.org>
+ * BUG 9456: developer-build: Fix panic when acl_xattr fails with access
+ denied.
+ * BUG 9457: Fix "map username script" with "security=ads" and Winbind.
+
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 9462: Users can not be given write permissions any more by default.
+
+
+o Andrew Bartlett <abartlet at samba.org>
+ * BUG 9415: Install SWAT *.msg files with waf.
+
+
+o Alexander Bokovoy <ab at samba.org>
+ * BUG 9479: Support FIPS mode when building Samba.
+
+
+o Günther Deschner <gd at samba.org>
+ * BUG 9438: Fix netr_ServerPasswordSet2, netr_LogonSamLogon with netlogon
+ AES.
+
+
+o Tsukasa Hamano <hamano at osstech.co.jp>
+ * BUG 9471: Fix SEGV when using second vfs module.
+
+
+o Stefan Metzmacher <metze at samba.org>
+ * BUG 9470: Fix MMC crashes.
+ * BUG 9481: Fix ACL on "cn=partitions,cn=configuration".
+
+
+o Andreas Schneider <asn at samba.org>
+ * BUG 9459: Install manpages only if we install the target.
+
+
+o Richard Sharpe <realrichardsharpe at gmail.com>
+ * BUG 9460: Respond correctly to FILE_STREAM_INFO requests.
+
+
+CHANGES SINCE 4.0.0rc5
+======================
+
+In this release candidate, we have a significant number of improvements
+to our Access Control List (ACL) code, particularly for the Active
+Directory Domain Controller, but also in our general purpose file
+server.
+
+These changes are important, as they enable Group Policy Objects to work
+correctly, allow administrators to impose restrictions on some users
+reading certain parts of the directory and correctly propagating
+inherited ACLs down the LDAP directory tree.
+
+Users of the Active Directory Domain Controller upgrading from any
+previous release should run 'samba-tool ntacl sysvolreset' to re-sync
+ACLs on the sysvol share with those matching the GPOs in LDAP and the
+defaults from an initial provision. This will set an underlying POSIX
+ACL if required.
+
+The ACLs in the Active Directory are also checked on searches by default.
+The automatic inheritance of ACLs is also correctly recalculated on
+changes now.
+
+o Michael Adam <obnox at samba.org>
+ * BUG 9350: Fail "configure --with-ads" if ads support is not available.
+ * BUG 9446: Id mapping code delivers inconsistent results.
+ * BUG 9453: Fix building pdb_ldap as shared module.
+
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 9236: ACL masks incorrectly applied when setting ACLs.
+ * BUG 9374: Allow smb2.acls torture test to pass against smbd with a POSIX
+ ACLs backend.
+
+
+o Christian Ambach <ambi at samba.org>
+ * BUG 9178: Add DMAPI configure option and checks.
+ * BUG 9274: Document shadow:snapdirseverywhere option of vfs_shadow_copy2.
+ * BUG 9339: Backport build fixes from master.
+ * BUG 9411: aio read marks the file as modified.
+ * BUG 9413: Fix waf build on AIX6.
+
+
+o Andrew Bartlett <abartlet at samba.org>
+ * BUG 9121: Provide and use setproctitle replacement function for samba4
+ processes on linux.
+ * BUG 9271: samba-tool: Rework ldap attribute fetch in classicupgrade for
+ missing attributes.
+ * BUG 9421: Fix several build issues.
+ * BUG 9448: Backport several crash bugs from master.
+
+
+o Sumit Bose <sbose at redhat.com>
+ * BUG 9367: Use work around for 'winbind use default domain' only if it
+ is set.
+
+
+o Kai Blin <kai at samba.org>
+ * BUG 9399 - 'samba-tool dns serverinfo localhost' returns 'Memory
+ allocation error'.
+ * BUG 9449: Remove unused samba-dig tool.
+
+
+o Günther Deschner <gd at samba.org>
+ * BUG 9426: rpc_client: lookup nametype 0x20 in rpc_pipe_open_tcp_port().
+ * BUG 9439: Fix ncacn_ip_tcp reconnection code for lsa lookups.
+ * BUG 9451: Allow to force DNS updates using net.
+
+
+o David Disseldorp <ddiss at samba.org>
+ * BUG 9433: spoolss: Fix segfault when "default devmode" is disabled.
+
+
+o Amitay Isaacs <amitay at gmail.com>
+ * BUG 9265: Bind dlz fails to start if there is a trustedanchors zone.
+ * BUG 9354: Fix format string vulnerability in an error message.
+
+
+o Volker Lendecke <vl at samba.org>
+ * BUG 9422: Large read requests cause server to issue malformed reply.
+ * BUG 9440: Do not rely on dbwrap_record_get_value to return a talloc
+ object.
+
+
+o Stefan Metzmacher <metze at samba.org>
+ * BUG 8620: Read ACL are not enabled by default on DS.
+ * BUG 8621: ACL are not recalculated if parent is changed and inherit is
+ enabled.
+ * BUG 9373: samba-tool: Report a CommandError if loading of the config file
+ fails.
+ * BUG 9385: Add missing newline in the output of ldb_ldif_write_trace().
+ * BUG 9390: Fix segfaults in "log level = 10" on Solaris.
+ * BUG 9402: lib/addns: Fix working with a bind9 server.
+ * BUG 9406: ACL fixes since 4.0 rc1.
+ * BUG 9447: Backport tests from master.
+ * BUG 9448: Backport several crash bugs from master.
+
+
+o Ricky Nance <ricky.nance at weaubleau.k12.mo.us>
+ * BUG 9449: Remove phpldapadmin inclusion.
+
+
+o Matthieu Patou <mat at matws.net>
+ * BUG 9418: Fix MD5 detection in the autoconf build.
+
+
+o Arvid Requate <requate at univention.de>
+ * BUG 9376: Fix typo in got_duplicate_group check.
+ * BUG 9392: Fix 'samba-tool fsmo --role=schema'.
+
+
+o Andreas Schneider <asn at samba.org>
--
Samba Website Repository
More information about the samba-cvs
mailing list