When sending a HUP signal isn't enough?

[Tim Prouty]

Hi,

On certain smb.conf parameter changes, sending a HUP to samba is  
unsafe.  For example, if smbd is running with "security = user", and  
a windows client sends a negotiate protocol request, smbd will reply  
indicating that it is able to handle the security mode: USER.  The  
windows client will then send a Session Setup AndX Request that has a  
word count of 12, which indicates that this sesssetup should be  
handled by the special case sesssetup_spnego code.  There is a race  
that can happen between sending the negprot reply and receiving the  
sesssetup request.  If during this period of time smb.conf is changed  
to "security = share", and smbd is sent a HUP signal, smbd will panic  
due to this check in register_vuid():

	/* Paranoia check. */
	if(lp_security() == SEC_SHARE) {
		smb_panic("Tried to register uid in security=share\n");
	}

Also, when joining a new domain and changing the realm in smb.conf,  
winbindd does not appear to correctly pick up the changes with a HUP  
signal.  Ideally, sending a HUP signal would always be sufficient,  
but as a workaround, we send a TERM signal when changing the security  
mode or realm.

Does anyone know of any other smb.conf parameters that a HUP signal  
won't safely pick up the changes for?

Thanks!

-Tim