[Samba] [OT?] VM or Container for an AD DC?

Marco Gaiarin gaio at sv.lnf.it
Wed Sep 20 10:53:34 UTC 2017

Mandi! Andrew Bartlett via samba
  In chel di` si favelave...

> tdb ACLs are a good idea for production use.   I really should make
> this more clear. 
> The TDB approach creates a dev/inode indexed DB, rather than using the
> file system.  This is prone to inode re-use issues, and while we have
> defences for the ACL side of that (we hash the POSIX ACL on the file),
> there is no such defence for other extended attributes that might also
> be stored there.

?! samba-tools does not seem to agree with you, print:

 You are not root or your system do not support xattr, using tdb backend for attributes.
 not using extended attributes to store ACLs and other metadata. If you intend to use this provision in production, rerun the script as root on a system supporting xattrs.

dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)

More information about the samba mailing list