[Samba] LXC, ADDC and xattr_tdb...
Marco Gaiarin
gaio at sv.lnf.it
Mon Mar 2 11:11:42 UTC 2020
Mandi! Andrew Bartlett via samba
In chel di` si favelave...
> It isn't just that putting XATTRs in a TDB does not scale, and that
> isn't even the main issue. The issue is that if a file is deleted and
> re-created outside Samba's knowledge, then the xattrs are silently
> transferred between the old and new files.
> This isn't theoretical, we had flapping tests in 'make test' (which is
> the only legitimate use of this module) because of this.
> I've updated the wiki page.
Thanks.
> The FreeBSD folks have a similar pain trying to run Samba in a FreeBSD
> jail:
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220844
> https://bugzilla.samba.org/show_bug.cgi?id=12912
> Some there have attempted to get around the issue by changing the code
> to use the unprivileged 'user' namespace, but this creates security
> issues (we use the privileged XATTR namespaces for a reason).
I've subscribed to samba bug, only to get in touch with this. Again,
thanks.
> I realise the attraction with putting a Samba AD DC into a container
> but sadly we do need some privileged support from the OS to operate
> safely.
[...]
> Sorry!
Oh, don't bother!
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba
mailing list