[Samba] Samba 4.16 and 4.17 ubuntu focal and jammy packages
Andrew Bartlett
abartlet at samba.org
Sun Oct 30 05:56:01 UTC 2022
On Sun, 2022-10-30 at 18:52 +1300, Andrew Bartlett via samba wrote:
> On Sat, 2022-10-29 at 19:14 +0300, Michael Tokarev via samba wrote:
> > 29.10.2022 19:06, Rowland Penny via samba wrote:
> > > On 28/10/2022 11:28, Michael Tokarev via samba wrote:
> > ..
> > > > Now, there's one more question. Why it is so risky to upgrade
> > > > to a new samba "major" release?
> > ..
> > > Because Samba has an habit of removing, adding or changing things and this leads to old versions of things being left on disk and interfering with the
> > > smooth running of Samba. One that springs to mind is the python 'time', Samba had its own version and then removed it, but the distros didn't.
> > >
> > > Starting with a new OS, also ensures that everything is correct and nothing 'old' is there.
> >
> > Well, I completely disagree with you here.
> >
> > I asked about real-life reasons why samba itself, - unrelated to
> > packaging errors - can not keep its own stuff up and running.
> > Not some theoretical issues and not obvious bug which happened
> > in the past, but something real.
>
> In-place upgrades are fully supported and many users successfully
> upgrade Samba including between major releases.
>
> Samba will self-upgrade the DB format when required. There have been
> occasional bugs with the in-place upgrade, most are fixed with a
> 'samba-tool dbcheck --reindex', except where you have two spaces in a
> DN, and those need manual fixing (nobody wrote a dbcheck rule for
> that).
>
> Upgrading over DRS avoids some of those small risks but adds others,
> that is the DC is (unless newly added) first removed from the domain,
> then added back in. An in-pace upgrade keeps the existing trust
> account and data.
>
> > Requiring to start anew each time something changes is completely
> > unreasonable. We cam and actually *do* better than that.
>
> The wiki https://wiki.samba.org/index.php/Upgrading_a_Samba_AD_DC has
> some collected wisdom on approaches.
>
> Oddly, it doesn't really address the main thing I suggest considering
> when upgrading Samba major versions, which is to build a new DC with
> whatever is now the new LTS release of your base OS, add this as new
> DC, check it is working then demote the old DCs, which avoids loss of
> redundancy during the upgrade and allows some checking before locking
> in the new version across the fleet.
Finally,
this https://wiki.samba.org/index.php/Downgrading_an_Active_Directory_DC#In-place_upgrades_vs_DC_rejoins
explains things well.
Andrew Bartlett
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Developer, Catalyst IT https://catalyst.net.nz/services/samba
More information about the samba
mailing list