Common bugs fixed in Samba 3.0.3 include:
o Crash bugs and change notify issues in Samba's printing code.
o Honoring secondary group membership on domain member servers.
o TDB scalability issue surrounding the TDB_CLEAR_IF_FIRST flag.
o Substitution errors for %[UuGg] in smb.conf.
o winbindd crashes when using ADS security mode.
o SMB signing errors.
o Delays in winbindd startup caused by unnecessary
connections to trusted domain controllers.
o Various small memory leaks.
o Winbindd failing due to expired Kerberos tickets.
New features introduced in Samba 3.0.3 include:
o Improved support for i18n character sets.
o Support for account lockout policy based on
bad password attempts.
o Improved support for long password changes (>14
characters) and strong password enforcement.
o Support for Windows aliases (i.e. nested groups).
o Experimental support for storing DOS attribute on files
and folders in Extended Attributes.
o Support for local nested groups via winbindd.
o Specifying options to be passed directly to the CUPS libraries.
And more... please review "WHATSNEW.txt".
the RCD_SCRIPTS rc.d script(s) to the PLIST.
This GENERATE_PLIST idea is part of Greg A. Woods'
PR #22954.
This helps when the RC_SCRIPTS are installed to
a different ${RCD_SCRIPTS_EXAMPLEDIR}. (Later,
the default RCD_SCRIPTS_EXAMPLEDIR will be changed
to be more clear that they are the examples.)
These patches also remove the etc/rc.d/ scripts from PLISTs
(of packages that use RCD_SCRIPTS). (This also removes
now unused references from openssh* makefiles. Note that
qmail package has not been changed yet.)
I have been doing automatic PLIST registration for RC_SCRIPTS
for over a year. Not all of these packages have been tested,
but many have been tested and used.
Somethings maybe to do:
- a few packages still manually install the rc.d scripts to
hard-coded etc/rc.d. These need to be fixed.
- maybe remove from mk/${OPSYS}.pkg.dist mtree specifications too.
o Joining a Samba domain from Pre-SP2 Windows 2000 clients.
o Logging onto a Samba domain from Windows XP clients.
o Problems with the %U and %u smb.conf variables in relation to
Windows 9x/ME clients.
o Kerberos failures due to an invalid in memory keytab detection
test.
o Updates to the ntlm_auth tool.
o Fixes for various SMB signing errors.
o Better separation of WINS and DNS queries for domain controllers.
o Issues with nss_winbind FreeBSD and Solaris.
o Several crash bugs in smbd and winbindd.
o Output formatting fixes for smbclient for better compatibility
with scripts based on the 2.2 version.
finding cups if it's somewhere in your PATH. Explicitly pass configure
--disable-cups if USE_CUPS is not defined to avoid finding CUPS. Fixes
PR 24117 by David Brownlee.
* Building and installing the PAM modules if USE_PAM is defined.
* Installing the NSS loadable modules.
* Making the samba rc.d script run the winbindd script, too.
* Active Directory support. Samba is able to join a ADS realm as
a member server and authenticate using LDAP/Kerberos.
* Unicode support.
* New, more flexible authentication (passdb) system.
* A new "net" command that is similar to the "net" command in Windows.
* Samba now negotiates NT-style status32 codes on the wire, which
greatly improves error handling.
* Better Windows 2K/2K3/XP printing support.
* Loadable module support for passdb backends and character sets.
* More performant winbindd.
* Support for migrating from a Windows NT4 domain to a Samba domain
and maintaining user, group, and domain SIDs.
* Support for establishing trust relationships with Windows NT4 DCs.
* Initial support for a distributed Winbind architecture using an
LDAP directory for storing SID-to-uid/gid mappings.
* Major updates to the Samba documentation tree.
* Full support for client and server SMB signing to ensure
compatibility with default Windows 2K3 security settings.
* Improvement of ACL mapping features.
adduser and deluser scripts into ${PKG_SYSCONFDIR} that are capable of
dealing with usernames containing a "$". These scripts basically
accept the same options as useradd/userdel. They're meant to be used
in "add user script" and "delete user script" to deal with samba
machine accounts.
USE_PKGINSTALL is "YES". bsd.pkg.install.mk will no longer automatically
pick up a INSTALL/DEINSTALL script in the package directory and assume that
you want it for the corresponding *_EXTRA_TMPL variable.
* findsmb is a perl script, and we need to substitute the correct path to
the perl interpreter.
* Don't create ${PREFIX}/private during a "make install" as it's a
completely useless directory.
* Don't bother to install the completely outdated Samba HTML documentation
that is superseded by the Samba HOWTO Collection documentation.
Changes since 2.2.8:
Digital Defense, Inc. has alerted the Samba Team to a serious
vulnerability in all stable versions of Samba currently shipping.
The Common Vulnerabilities and Exposures (CVE) project has assigned
the ID CAN-2003-0201 to this defect.
This vulnerability, if exploited correctly, leads to an anonymous
user gaining root access on a Samba serving system. All versions
of Samba up to and including Samba 2.2.8 are vulnerable. An active
exploit of the bug has been reported in the wild.
****************************************
* IMPORTANT: Security bugfix for Samba *
****************************************
The SuSE security audit team, in particular Sebastian Krahmer
<krahmer@suse.de>, has found a flaw in the Samba main smbd code which
could allow an external attacker to remotely and anonymously gain
Super User (root) privileges on a server running a Samba server.
This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a
inclusive. This is a serious problem and all sites should either
upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139
and 445. Advice created by Andrew Tridgell, the leader of the Samba
Team, on how to protect an unpatched Samba server is given at the end
of this section.
The SMB/CIFS protocol implemented by Samba is vulnerable to many
attacks, even without specific security holes. The TCP ports 139 and
the new port 445 (used by Win2k and the Samba 3.0 alpha code in
particular) should never be exposed to untrusted networks.
O_RDWR fails in fcbopen case, remember the errno from previous open_file()
call and set errno back to this value if the second open_file() call
fails too
this makes samba report EACCESS instead of confusing ENOENT if creation
of file fails due to insufficient permissions for SMBcreate/SMBmknew call
bump package revision
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES". This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile. Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.
1) Fix for smbclient reporting negative file sizes on dir command
and negative statistics being reported when using put or get
on large files.
2) Fix bug in determination of allocation size
3) Fix 64bit size problems which prevented copying of files larger
than 2 GBytes.
4) Fix for xcopy /s problem with old DOS clients not sending correct
attributes on subsequent SMBsearch calls.
5) Fix bug in call to standard_sub_advanced giving a 0 length. This
fixes the string overflow in string_sub errors.
6) Correctly handle querygroup rpcclient command
7) fix broken incremental tar in smbtar command
A security hole has been discovered in versions 2.2.2 through 2.2.6
of Samba that could potentially allow an attacker to gain root access
on the target machine. The word "potentially" is used because there
is no known exploit of this bug, and the Samba Team has not been able to
craft one ourselves. However, the seriousness of the problem warrants
this immediate 2.2.7 release.
1) ensure we send the notify message in the same way it is expected
to be received by srv_spoolss_receive_message().
2) attribute matching on truncate only matters when opening truncate
with current SYSTEM|HIDDEN -> NONE. It's fine to truncate on open
with current NONE -> SYSTEM | HIDDEN.
3) Fix bug in rpcclient's deldriver command
4) Don't set global_machine_password_needs_changing if
lp_machine_password_timeout() is set to zero
5) don't parse the BUFFER5 if the buffer length is zero
6) fix core dump if pdbedit is run as non-root or smbpasswd file does
not exist
7) Ensure can_delete() returns correct error code
8) correctly return NT_STATUS_DELETE_PENDING from open code
9) fix bug that assumed dos_unistr2 length was in ucs2 units, not bytes
10) check the long_archi name is not null when deleting a printer driver.
fixes core dump in smbd when using rpcclient's deldriver
11) fix fd leak with kernel change notify on Linux 2.4 kernels
12) must add one to the extra_data size to transfer the 0 string
terminator. This was causing "wbinfo --sequence" to access past the
end of malloced memory
13) fix for large systems allowing more than 65536 files open in
NTcreate&X
14) Fix bug in %U expansion
* Fixes for MS-RPC printing issues affecting Windows 2000 clients
* New support for smb.conf generation in SWAT
* Inclusion of several performance enhancements
* Fixes for several file locking bugs and returned status codes
