inhibit startup of smbd/nmbd/winbindd when an AD DC (was Re: Releasing Samba 4.0 RC1?)
steve
steve at steve-ss.com
Mon Aug 20 03:30:07 MDT 2012
On 20/08/12 10:55, Rowland Penny wrote:
> On 20/08/12 09:20, Gémes Géza wrote:
>> 2012-08-19 09:12 keltezéssel, steve írta:
>>> On 18/08/12 23:50, Andrew Bartlett wrote:
>>>> On Sat, 2012-08-18 at 19:48 +0200, Michael Wood wrote:
>>>>> Hi
>>>>>
>>>>> On 17 August 2012 23:52, Andrew Bartlett <abartlet at samba.org> wrote:
>>>>>> On Fri, 2012-08-17 at 13:46 -0300, Juan Pablo Lorier wrote:
>>>>
>>>>> I think it might help to make it extremely clear and explicit that
>>>>> Samba 4 can be run as a DC using the samba binary, or it can be run
>>>>> like a Samba 3 file/print server using the smbd/nmbd binaries, and any
>>>>> other modes it can be used in. I know the release notes try to do
>>>>> this, but I think there's still a lot of confusion from users.
>>>>
>>>> I actually plan to do more than that. It's a little tricky (which is
>>>> why it's not done yet), and I'll allow an override, but being a AD DC
>>>> puts 'server role = active directory domain controller' in the
>>>> smb.conf.
>>>> I would like to have smbd/nmbd/winbindd check this value and then
>>>> simply
>>>> fail to start up.
>>>>
>>>> Andrew Bartlett
>>>>
>>> Hi
>>> Oh dear. That sounds bad. Does that mean that we will no longer be
>>> able to use AD, s3fs and winbind on the same box as we can do
>>> (reliably) at the moment?
>>> Cheers,
>>> Steve
>>>
>> No, that would mean you won't be able to run conflicting binaries
>> simultaneously.
>> For clarity, samba4 (with s3fs) consist of two (server function
>> providing) binaries: samba and smbd. smbd listens on ports 139 and 445
>> providing file services (s3fs), samba listens on a plenty of ports
>> providing lots of services like a kerberos kdc, etc. It also provides
>> its internal nmbd and winbind services. On the other hand a samba3
>> lets call it classic installation consist of three (server function
>> providing) binaries: smbd, nmbd and winbind. If you would start any of
>> those that would cause unpredictable conflicts.
>> In conclusion disallowing the start of smbd, nmbd and winbind daemons
>> if the samba binary is running would save the users from shooting
>> themselves on foot.
>>
>> Regards
>>
>> Geza Gemes
>>
>>
>
> After I have had it explained to me I would basically go with Geza here,
> yes stop nmbd & winbind running if the samba daemon is started, but as
> you need smbd to get s3fs (as far as I understand) this needs to be
> stopped from running unless it is started automatically via samba or if
> you are not going to run the samba daemon ( i.e. mutually exclusive) in
> which case you would need /etc/samba/smb.conf, nmbd and possibly winbind.
>
> Rowland
>
>
Hi
The samba binary seems to start a version of smbd when it start up. You
can see it in the logs. Is the smbd that samba starts called s3fs if it
is started via samba? If so, what is it called if it is started would
samba. smbd? And does it then allow all the smb.conf configure options
one would expect from Samba 3.x?
Cheers,
Steve
More information about the samba-technical
mailing list