[Samba] domain-free multi-user use cases

Gregory Sloop gregs at sloop.net
Sun Oct 24 19:07:36 UTC 2021

> On Sun, 2021-10-24 at 09:03 +0100, Rowland Penny via samba wrote:

>> On Sun, 2021-10-24 at 03:37 -0400, Eric Levy via samba wrote:

>>> On Sun, 2021-10-24 at 20:35 +1300, Andrew Bartlett wrote:

>>>> On Sun, 2021-10-24 at 03:23 -0400, Eric Levy via samba wrote:

>>>>> Right, so coming full circle to my opening comments, we have a
>>>>> case
>>>>> that is not supported internally by Samba, and I wish to
>>>>> inquire
>>>>> about
>>>>> enthusiasm for keeping open any possibility for considering
>>>>> such
>>>>> support in future development.
>>>> I don't have any enthusiasm for host-based (rather than user
>>>> based)
>>>> authentication, if that is what you mean, but do suggest a way,
>>>> without
>>>> changing Samba, that you could achive your goal.

>>>> Other remote file systems may offer host-based authentication.

>>>> Andrew,
>>> I am not sure what you mean.
>> I think Andrew is saying that Samba has no real interest in creating
>> the set up that you seem to require, but you may find another tool
>> that
>> does, but I will not hold my breath whilst you search for it.

>> Rowland

> I did not understand the reference to host-based authentication.

My two cents, after reading some of the thread...
I've not carefully read this thread, but I think in general I understand the issues - and while I'm at a different place in life (where money isn't as scarce as it once was - yet I'm far from rich) I think you're really complaining about a trivial cost.
Almost any C2D or i3/i5 machine can act as a DC.
Even better is a machine with a bit more oomph and run something like Xen/XCP and run your DC in a VM. (You can test with other VM's or run additional stuff without buying yet more hardware.)
But all that said - you're avoiding running a DC because you'd have to buy more hardware. And you kind of take the stance that someone else should spend a substantial amount of time finding you an easy way to do this.
Yet, a used Dell/HP/Compaq machine is probably easily less than $200. (At least here in the US, I've gotten Optiplex 7010's for <$100. I assume you're not in some 3rd world country with terribly limited access to decent hardware. Outside of that, I think used hardware should be pretty trivially available. Heck, you could run a DC on a RaspPi - though I think that's muts.)
So, for <$200, you're asking others to spend a lot of time walking you through an "alternate" solution. (An alternate that ALREADY has a very good solution in a DC.)
I don't know exactly how much time has been expended in just this thread so far, but at any professional rate of pay, I'd nearly guarantee that $200 in time has already been expended.)
To say it kind of bluntly; You're effectively expending other people's $200 (in time), so you can avoid it yourself. (Whether the cost, the hassle, or whatever...)
And to me, that doesn't feel very equitable or reasonable.
There are probably other ways to do what you want, but, by far, the best way already exists - and it's a DC. You'll spend a ton of time trying to re-create the wheel, and why do that? (Likely smarter people than you and I have spent a ton of time considering the problem, and the DC is the solution that's the best so far. You're not likely to come up with something better. And it certainly will cost more than the cost of the hardware you want to avoid buying - so it will be more costly and likely a worse solution too!)
If I were to recommend something - a Dell Precision T3610 (Xeon QC) - ECC RAM is super cheap. Toss a regular 500G SSD in it. Run XCP-NG on it and you'll have an awesome test-bed where you co do all sorts of tinkering. You can make snapshots so if you screw things up, you can roll back in seconds etc. I'd guess you'd find a lot of utility in it. It will probably cost more than $200, but probably not a lot, if you're careful and patient.

More information about the samba mailing list