Volker.Lendecke at SerNet.DE
Wed Nov 22 14:03:53 GMT 2006
On Wed, Nov 22, 2006 at 08:12:42AM -0500, simo wrote:
> > Yes, I'll keep it that way. You always have the share
> > secdesc on top of it.
> This the point, why keeping 2 conflicting access control mechanisms?
> Why not merging them? As we change the interface we can also change
> behavior without backward compatibility problems, and fix problems we
> historically had.
Because I think that "valid users" is just too simple and
straight foward to use to dump it. And I don't think there
is a canonical way to convert a valid/invalid users line etc
into a security descriptor or vice versa.
> > Sure. But this should be doable I think. We already have
> > some samba3 mapping layers in samba4 for other things, so if
> > we agree the basic registry model is sane for smb.conf, this
> > should be presentable in a compatible way in samba4 as well.
> Oh well, sure, but it would be a bit silly to introduce something new
> now and then have to emulate it in samba4 to make it compatible with
Do you have in mind to radically change the configuration
for Samba4 shares? I mean, the current .ini style file has
served us well for ages, and I don't see any reason to
change it, at least not from the sharename/keyname/value
concept point of view. And if you look at it, the registry
is just a .ini file on steroids.
So in case you don't plan to change the .ini style
configuration, then the registry is a perfect match for it.
Maybe I'm in Samba conf files for too long, but I have a
hard time imagining something radically enough different for
defining shares that we can not just proceed with this "one
key per share, one value per param" model.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20061122/063eefef/attachment.bin
More information about the samba-technical