samba 4: a new configuration system?

Andrew Bartlett abartlet at
Thu Jun 23 05:48:24 GMT 2005

On Wed, 2005-06-22 at 21:55 -0700, Raymond Lillard wrote:
> Tim Potter wrote:
> > On Wed, 2005-06-22 at 23:41 +0200, Sebastien Estienne wrote:
> >>I was wondering if samba 4 will have a different configuration file
> >>format, maybe something with  an Api to ease writing configuration
> >>gui.
> > 
> > 
> > I don't think that issue has been resolved yet but I am guessing that if
> > the configuration file format is changed it will involved ldb somehow.
> I hope not.  I realize I am "old school", and I fully realize
> I am NOT a decision maker here, but dammit what's so bloody
> wrong about flat text files that can be modified with "vi" or
> *emacs*?  We don't need to turn Samba in *)&$^%& windows.
> Text files are well established as the Unix way of doing things.
> I've had my fill of system configuration databases that become
> corrupted and have to be rebuilt.  It's the same bullshit as
> the windows registry and we all know the sorry mess it is.
> Wouldn't we all like to have back our wasted time caused by it.

I agree here, and to a point, this is actually the direction Samba4 is
moving to.  Leaving configuration aside for a moment, and instead
looking at the issue of run-time state, Samba4 has made great leaps

Unlike Samba3, Samba4 stores all runtime state in a human-editable
format.  This format is ldb, and while it is binary on disk, is far
better than what Samba3 had (cf secrets.tdb).  Samba3 stores it's data
in a format that is almost impossible for a human to edit, even with
tdbtool.  Samba4 provides ldbedit, ldbsearch etc to manage the ldb
databases - you can bring up the ldap-like record in the editor of your

Now, the problem with configuration data is that in many ways, it is an
expression of run-time state.  Not only with web interfaces, but also
with the remote administration tools in the DCE-RPC protocols.   This
can and will change many aspects of Samba's configuration.

I'm a strong believer that while text-based configuration has it's
usability problems, it is also a vital link with what makes Samba
different: we do benefit from being able to add arbitrary comments to a
config value, we do benefit from the absurdly over-extended macro
syntax, and we do benefit from the ability to simply place the
configuration into version control, or paste a copy on a mailing list.

What we need to figure out is how to merge the two worlds: structured
syntax is one way, an 'include this ...' system is another (I have
proposed that file shares be configured this way, with text-based for
the default, with additional shares configured from an ldb, if the admin
so chooses).

Andrew Bartlett
Andrew Bartlett                      
Samba Developer, SuSE Labs, Novell Inc.
Authentication Developer, Samba Team 
Student Network Administrator, Hawker College
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list