[Proposal] Samba 3.2.0 to replace 3.0.22
Volker.Lendecke at SerNet.DE
Mon Jan 9 15:54:24 GMT 2006
On Mon, Jan 09, 2006 at 09:18:06AM -0600, Gerald (Jerry) Carter wrote:
> It's volker work that is of main concern. But we could
> just ve acting paranoid. There's a couple of corner cases
> where a simple 'rpm -Uvh samba*rpm' would be hard to
> guarantee a working upgrade.
I'd very much argue that the changes are necessary. For example in the current
code aliases are completely broken (and still not fully fixed in trunk, working
on that). Just patching on the existing code base turned out to be quite
difficult. Then I think Jeremy for some reason dragged my attention to
lookup_name(), and this triggered the whole flood of patches.
The long-term listeners on this list might have seen the discussions about
idmap, SURS (how long is *that* ago? ;-)), voyager and all that stuff. I think
finally the current trunk code is in a state where we can present it, with no
change in the underlying ldap database.
However I am certain that we might break some existing installations. The 3.0
group mapping allowed for so much flexibility that I probably did not catch all
possible and probably broken setups. The trunk stuff is much stricter about
what is allowed, although we accept a lot of weird setups.
> Yes. All of it.
Wow, that's ambitious :-)
> Here's the specifics of Volker's changes as I understand
> them. The new code places unmapped groups into the new
> internal domain. This can potentially break any security
> descriptor on a file that has been created under POSIX
> and copied to an NTFS drive since we previously applied
> an RID algorithm to such unmapped groups.
> Of course, one possibility to solve this is to create a
> static mapping for such groups via and upgrade script,
Yes, this was the idea. Mixing static and algorithmic mapping is bound to fail,
you might end up with overlapping mappings without even knowing. It is much
harder to create these with the current trunk stuff.
> I'm still tossing ideas over in my head hoping that others
> will chime in as well. Thanks for the feedback.
The crucial question is: How do we get more people to look at our code and run
the not-yet released stuff in production scenarios? This was also the problem
3.2.0 would be a way for us to say: Hey, this is a .0 release, what do you
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20060109/8031e35a/attachment.bin
More information about the samba-technical