1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml">
6 <title>Samba - Release Notes Archive</title>
11 <h2>The Samba Team are pleased to announce Samba 2.2.7a</h2>
15 The Samba Team is proud to announce the release of Samba 2.2.7a.
17 This is the latest stable release of Samba and the version that all
18 production Samba servers should be running for all current bug-fixes.
20 The source code can be downloaded from :
22 <a href="/samba/ftp">http://download.samba.org/samba/ftp/</a>
24 in the file samba-2.2.7a.tar.gz or samba-2.2.7a.tar.bz2.
25 Both archives have been signed as well using the
26 <a href="/samba/ftp/samba-pubkey.asc">Samba Distribution Key</a>
28 Binary packages will be released shortly for major platforms and
31 <a href="/samba/ftp/Binary_Packages">http://download.samba.org/samba/ftp/Binary_Packages/</a>
33 The release notes follow.
35 As always, all bugs are our responsibility.
41 WHAT'S NEW IN Samba 2.2.7a - 10th December 2002
42 ===============================================
44 This is the latest stable release of Samba. This is the version
45 that all production Samba servers should be running for all current
46 bug-fixes. The primary reason for this release is to correct problems
47 with large file (>2Gb) support. Please see the "Changes..." section
55 See the cvs log for SAMBA_2_2 for more details
57 1) Fix for smbclient reporting negative file sizes on dir command
58 and negative statistics being reported when using put or get
60 2) Fix bug in determination of allocation size
61 3) Fix 64bit size problems which prevented copying of files larger
63 4) Fix for xcopy /s problem with old DOS clients not sending correct
64 attributes on subsequent SMBsearch calls.
65 5) Fix bug in call to standard_sub_advanced giving a 0 length. This
66 fixes the string overflow in string_sub errors.
67 6) Correctly handle querygroup rpcclient command
68 7) fix broken incremental tar in smbtar command
71 =========================================
73 Older releases notes for 2.2.x distributions follow
75 -----------------------------------------------------------------------------
76 The release notes for 2.2.7 follow :
78 IMPORTANT: Security bugfix for Samba
79 ------------------------------------
84 A security hole has been discovered in versions 2.2.2 through 2.2.6
85 of Samba that could potentially allow an attacker to gain root access
86 on the target machine. The word "potentially" is used because there
87 is no known exploit of this bug, and the Samba Team has not been able to
88 craft one ourselves. However, the seriousness of the problem warrants
89 this immediate 2.2.7 release.
91 In addition to addressing this security issue, Samba 2.2.7 also includes
92 thirteen unrelated improvements. These improvements result from our
93 process of continuous quality assurance and code review, and are part of
94 the Samba team's commitment to excellence.
99 There was a bug in the length checking for encrypted password change
100 requests from clients. A client could potentially send an encrypted
101 password, which, when decrypted with the old hashed password could be
102 used as a buffer overrun attack on the stack of smbd. The attach would
103 have to be crafted such that converting a DOS codepage string to little
104 endian UCS2 unicode would translate into an executable block of code.
106 All versions of Samba between 2.2.2 to 2.2.6 inclusive are vulnerable
107 to this problem. This version of Samba 2.2.7 contains a fix for this
110 Earlier versions of Samba are not vulnerable.
112 There is no known exploit or exploit code for this vulnerability,
113 it was discovered by a code audit by Debian Samba maintainers.
118 Thanks to Steve Langasek <vorlon@debian.org> and Eloy Paris
119 <peloy@debian.org> for bringing this vulnerability to our notice.
121 Patch for Samba versions 2.2.2 to 2.2.6
122 ---------------------------------------
124 The following patch applies cleanly to the above Samba versions
125 and will fix the vulnerability for sites that do not wish to upgrade
126 to 2.2.7 at this time.
128 -------------------------------cut here---------------------------------
129 --- libsmb/smbencrypt.c.orig Tue Nov 19 17:21:57 2002
130 +++ libsmb/smbencrypt.c Tue Nov 19 17:22:12 2002
134 /* Password must be converted to NT unicode - null terminated. */
135 - dos_struni2((char *)wpwd, (const char *)passwd, 256);
136 + dos_struni2((char *)wpwd, (const char *)passwd, len);
137 /* Calculate length in bytes */
138 len = strlen_w((const smb_ucs2_t *)wpwd) * sizeof(int16);
139 -------------------------------cut here---------------------------------
146 See the cvs log for SAMBA_2_2 for more details
148 1) ensure we send the notify message in the same way it is expected
149 to be received by srv_spoolss_receive_message().
150 2) attribute matching on truncate only matters when opening truncate
151 with current SYSTEM|HIDDEN -> NONE. It's fine to truncate on open
152 with current NONE -> SYSTEM | HIDDEN.
153 3) Fix bug in rpcclient's deldriver command
154 4) Don't set global_machine_password_needs_changing if
155 lp_machine_password_timeout() is set to zero
156 5) don't parse the BUFFER5 if the buffer length is zero
157 6) fix core dump if pdbedit is run as non-root or smbpasswd file does
159 7) Ensure can_delete() returns correct error code
160 8) correctly return NT_STATUS_DELETE_PENDING from open code
161 9) fix bug that assumed dos_unistr2 length was in ucs2 units, not bytes
162 10) check the long_archi name is not null when deleting a printer driver.
163 fixes core dump in smbd when using rpcclient's deldriver
164 11) fix fd leak with kernel change notify on Linux 2.4 kernels
165 12) must add one to the extra_data size to transfer the 0 string
166 terminator. This was causing "wbinfo --sequence" to access past the
167 end of malloced memory
168 13) fix for large systems allowing more than 65536 files open in
170 14) Fix bug in %U expansion
173 -----------------------------------------------------------------------------
174 The release notes for 2.2.6 follow :
176 There have been several fixes and internal enhancements which include:
178 * Fixes for MS-RPC printing issues affecting Windows 2000 clients
179 * New support for smb.conf generation in SWAT
180 * Inclusion of several performance enhancements (See --with-sendfile
181 & and the modified smb.conf(5) parameters in these Release Notes)
182 * Fixes for several file locking bugs and returned status codes
188 Refer to the smb.conf(5) man page for complete descriptions of new parameters.
190 * profile acls (S) workaround for issue with WinXP SP1
191 and roaming user profiles
202 * max xmit (G) new default value
203 * large readwrite (G) new default value
205 New ./configure Options
206 -----------------------
208 --with-sendfile Enable experimental sendfile support
209 --with-winbind-ldap-hack Enable winbindd_ldap_hack() functionality
210 for Windows 2000 native mode domains
216 See the cvs log for SAMBA_2_2 for more details
218 1) Fixed several compiler warnings caused by the use of const parameters
219 2) Fixed a hang in the main smbd process caused by an EINTR in the
221 3) Fixed string substitutions to accept a length for sanity checks
222 4) Fixed 17-bit length field in nmb header
223 5) Removed non-portable inline declaration for functions
224 6) Performance fix for including files with an smb.conf variable in the
226 7) Fix for parsing LPRng lpq output
227 8) Parsing fix for PRINTER_INFO_2 structure which was causing viewing
228 printer properties to fail
229 9) Fix for printer change notification and Windows NT clients which caused
230 the client to go into an infinite loop of refreshing the local printers
232 10) Allow trans2 and nttrans messages to be processed in oplock break state
233 which fixes a problem with oplock break requests and Win2k clients
234 11) Don't crash on setfileinfo on printer fsp
235 12) Memory fixes caught by Valgrind
236 13) Updates to stop spurious error message in tdb
237 14) Fix silly logic bug in 'make smbd processes' and 'status = no' check
238 15) Fix compilation of pam_smbpass and --with-ldap
239 16) Fix compilation of smbwrapper on Solaris hosts
240 17) fix logic error in a check for enabling the winbind_pam_auth_crap() code
241 & fix formatting typo in --with-winbind-auth-challenge
242 18) Correcting check for ldap_start_tls()
243 19) Fixed a problem with getgroups() where it could include our current
245 20) fix incorrect semantics in the DeletePrinterDriver() spoolss rpc
246 to only attempt to delete the architecture specified by the client
247 21) Don't allow TEMP attribute on directory open
248 22) Restore VxFS quotas to the 2.2 branch
249 23) Added basic "Wizard" functionality to SWAT
250 24) Fix initial "allocation size" in NTcreate&X call
251 25) Fix for open fid, "nametoolong"
252 26) Exit server on receipt of a non-SMB packet. Ensure we have
253 at least smb_size bytes before processing a packet
254 27) Replace inet_aton with inet_addr() to correct compile problems on Solaris
255 28) Include the "account" objectclass when adding a new account to --with-ldapsam
256 in order to comply with the data model implemented by OpenLDAP 2.1.x
257 29) Various fixes for POSIX compliance
258 30) Correct alignment & offset bug in EnumPrinterDataEx()
259 31) Fix access checks when modifying forms using a print server handle
260 (not just a printer handle)
261 32) Account for case data_len == 0 in EnumPrinterDataEx()
262 33) Fix logic error in blocking lock code
263 34) Fixed various incorrect return codes to clients
264 35) Add RESOLVE_DFSPATH to mkdir operations
265 36) Fix longstanding bug in Win2k clients by clearing the shortname
266 buffer before returning ASCII short name
267 37) added -t option to smbpasswd for explicitly changing a trust
268 account password when operating in security = domain
269 38) installed -x option to testparm to eXclude printing all parameter
270 values that are at default settings.
271 39) Fix shares/printers view in SWAT so that only Basic options are exposed
273 40) Added 1125 & KOI8-U to codepage list in Makefile.in
274 41) Include separate configure checks for *openbsd* & *freebsd* when
275 determining flags used to compile shared libraries.
276 42) Merge in free list unlock on error fix
277 43) Correctly fail opens with mismatching SYSTEM or HIDDEN attributes
278 if we are mapping system or hidden
279 44) Fix bug with stat mode open being done on read-only open with truncate
280 45) Fix crash bug discovered where cli struct was being deallocated in a
282 46) Ensure we open UNIX fifo's non-blocking
283 47) Fix DeletePrinterDriver() (hopefully for the last time...yeah right....)
284 48) only lowercase global_myname in the %L substitution, not the whole string
285 49) Merged Steve French's fix for OS/2 EA return error being removed
286 50) Patch from Steve French to fix difference in responses to smbclient
287 //server/share ls / on Samba and Windows 2000
288 51) Print error and exit if smb.conf doesn't have security=domain and
289 encrypt passwords=yes when joining domain
290 52) Added final Steve French patch for "required" attributes with old dir
292 53) Initialize user_rid value in WINBIND_USERINFO structure returned by
293 the rpc version of query_user()
294 54) Ensure we've failed a lock with a lock denied message before automatically
295 pushing it onto the blocking queue
296 55) Add experimental --with-sendfile code
297 56) alignment fix in printing code merged from HEAD
298 57) Merge fix for other sids in token from HEAD
299 58) Merge winbindd with current (more advanced) state of play in APPLIANCE_HEAD
300 59) fix smbclient / Win98 off by one bug
301 60) Never, *ever* hold a mutex lock in the message database where there may be
302 traversals being attempted
303 61) Add LDAP hack for retrieving the SAM sequence number when a member of a
304 Windows 2000 native mode domain
305 62) Fix race condition when changing a machine account password as we were
306 no longer locking the secrets entry
307 63) Allow '@' as a valid character in domain names
308 64) remove jobs from the spool directory when using cups
309 65) removed -lresolv for --enable-ldapsam
310 66) Memory leak fix and correct use of negative caching in winbindd
311 67) Updated spoolss parsing code with known good state of APPLIANCE_HEAD
312 68) Delete printer security check was reversed
313 69) Windows allows delete printer on a handle opened by an admin user, then
314 used on a pipe handle created by an anonymous user...We do to now...
315 70) Make explicit the difference between a tdb key with no data attached, and
317 71) Ensure we register the 1c name on the unicast subnet.
318 72) Fix inheritance problem when recursively setting ACLs on directories
319 73) prevent ACL set on read-only share
320 74) Ensure we never have more than MAX_PRINT_JOBS in a queue
321 75) Added timeout to tdb_lock_bystring()
322 76) Ensure we set FIRST+LAST flags on a bind request
323 77) Add version strings to the usage message for smbcacls and smbpasswd
324 78) Fix bug in the write cache code
325 79) make the default printed values for boolean the same for all parameters
326 80) Default all LDAP connections to v3 with compiling with --with-ldapsam
327 81) Fix memory leak in smbspool
328 82) Fix bug in mangling code that resulted in Win9x clients not being
329 able to execute batch files in deep, non 8.3 directory paths
330 83) Fix infinite looping bug in winbindd_getgrent()
331 84) Fix crash bug on 64-bit systems (merge from HEAD)
332 85) Fix extended character bug when setting LanMan/NT password
333 86) Negotiate same SMB read size as a Windows 2000 file server
334 to fix performance bug with NT4 clients
337 -----------------------------------------------------------------------------
338 The release notes for 2.2.5 follow :
340 There have been several fixes and internal enhancements which include:
342 * Several compile fixes for Solaris and HP-UX
343 * More printing fixes for Windows NT/2k/XP clients
344 * New options for the VFS recycle bin library
345 * New internal signal handling semantics relating to directory change
346 notification and oplocks
348 New/Changed parameters in 2.2.5
349 --------------------------------
351 For more information on these parameters, see the man pages for
354 Added/changed parameters
355 ------------------------
357 * block size = <INTEGER>
358 * force unknown acl user = <boolean>
359 * mangling method = [hash|hash2]
362 Deprecated Parameters
363 ---------------------
365 The following parameters have been marked as deprecated and will be removed
381 See the cvs log for SAMBA_2_2 for more details
383 1) Removal of several compiler warnings, incorrect Makefile dependencies,
384 and wrong autoconf tests on various platforms--Solaris & HP-UX 10.20
385 being the predominantly reported platforms
386 2) Fixed winbindd crash bug on the IBM s390 running Linux
387 3) Inclusion of enhanced Linux quota support
388 4) Correctly link against Sun LDAP libraries on Solaris 8 (even through
389 there is no apparent SSL support there)
390 5) POSIX conformance patches
391 6) Include new configure --enable-cups option (can also be disabled even
392 if CUPS libraries are installed on the system)
393 7) Set reasonable default for the "passwd program" parameter using an
395 8) Added --with-winbind-auth for enabling winbindd_pam_auth_crap() code
396 9) fixed bug to prevent root account from being deleted by the
398 10) Inclusion of autoconf script for building VFS modules
399 11) Add new run time options to the VFS recycle bin library (see
400 examples/VFS/recycle/README for details)
401 12) Include findsmb perl script as part of the "make install" process
402 13) Return correct error code for EnumPrinters(PRINTER_ENUM_REMOTE, InfoLevel1)
403 to fix a bug where printers appear at the workgroup level in the Windows
404 NT/2k APW browse list
405 14) Added support to nmblookup to return NMB flags (See nmblookup(8) for
407 15) Fix length bug that caused password changes from Windows NT/2k clients to
409 16) Correct false password expiration when using --with-ldapsam caused by
410 missing attributes in the directory
411 17) added -S option to smbpasswd for storing the SID of a domain controller
412 as the local machine SID in secrets.tdb. See the smbpasswd(8) man page
414 18) Various fixes for UNIX CIFS extensions commands
415 19) Fixed CIDR notation in "hosts allow/deny"
416 20) Change semantics of an idle connection to mean "no open files and no
417 open handles". We cannot idle a connection if there are open named
418 pipe handles. This fixes scalability problem on Samba print servers
419 and NT/2k clients introduced in 2.2.4
420 21) Fix germam umlaut problem when returning ACL entries
421 22) Return NT_STATUS_OBJECT_NAME_NOT_FOUND for ENOENT. This fixes the bug
422 of running the Microsoft Access executable (msaccess.exe) and database
423 files from a Samba share documented in the 2.2.4 release
424 23) Corrected signal handling relating to directory change notification and
426 24) Fix bug in unix_to_nt_time() that appeared on files dated close to Daylight
428 25) Corrected alignment bug in spoolss parsing code which caused Win2k/XP
429 clients not to be able to view printer properties from a Samba host
430 26) Fixed spoolss parsing bug causing printing from ACT! 2000 running on
431 Windows 2k/XP clients to fail
432 27) Fixed incorrect error check in mod_share_entry()
433 28) Allow %S variable in MS-DFS root paths
434 29) Correct a bug regarding the use of 'wbinfo -A'
435 30) Fixed libnss_wins.so to correctly work on RedHat 7.3 systems
436 31) Store the key for a name-to-sid cache entry in upper case rather than
437 whatever case the request was made in. This gets rid of duplicate
439 32) Fix bug causing the pid stored in winbindd's pid file to be the wrong id
440 33) Enhanced error reporting messages of wbinfo
441 34) Parameterize block size on disk size return
442 35) Added new parameter to allow incoming ACLs to have owner and group forced
443 to the currently logged in user. This fixes the XCOPY /O problem
444 36) Fixed bug in local_change_password() caused by reusing a struct
446 37) Change default value for "ldap port" to 389 if "ldap ssl = no"
447 38) Updated HOWTO's, manpages, and general documentation....
448 39) Allow root as well as domain admins to open an LDAP connection
449 40) Fixed veto files bug with ".*"
450 41) Fixed uninitialized variable bug in smbpasswd that was causing a random
451 IP address to be used in the connection when joining a domain
452 42) Fix for joining a domain with a netbios name of 15 characters and
453 pre-creating the account on the DC
454 43) Added links to new documentation on SWAT welcome page
458 -----------------------------------------------------------------------------
459 The release notes for 2.2.4 follow :
461 There have been several fixes and internal enhancements which include:
463 * More/better SPOOLSS printing functionality for Windows
465 * Several fixes relating to serving PC database files such
466 as (Access and FoxPro) from a Samba file share.
467 * Several improves in Samba's VFS layer which can be seen
468 in the inclusion of a "Recycle Bin" vfs module. See
469 examples/VFS/README for more details on this.
470 * Addition of a tool (tdbbackup) for backup/restore of Samba's
472 * Continued improvements to winbind for greater scalability
474 * Several fixes related to Samba's MS-DFS support
475 * Rpcclient's various printer commands now work (again)
478 New/Changed parameters in 2.2.4
479 --------------------------------
481 For more information on these parameters, see the man pages for
484 Added/changed parameters
485 ------------------------
493 * winbind use default domain
496 Deprecated parameters
497 ---------------------
499 The following parameters have been marked as deprecated
500 and will be removed in Samba 3.0
504 * printer driver file
505 * printer driver location
517 See the cvs log for SAMBA_2_2 for more details
519 1) added -c option to smbpasswd
520 2) reworked smbpasswd internal command line option parsing
521 3) small various bug fixes to experimental pdb_tdb.c
522 4) Enforce spoolss RPCs based on the access granted at PrinterOpen()
523 5) Added missing access checks to [add/delete/set]form
524 6) Compile fixes for pam_smbpass
525 7) fix smbd crash when netbios session request fails from
526 spoolss_connect_to_client().
527 8) fixed logic bug that prevent SetPrinter() from storing devmode
528 9) Removed extra get_printer_snum() calls from set_printer_hnd_name()
529 10) fix joining domain on big endian machine when using -U to smbpasswd
530 11) allow command line arg to override smb.conf log level
531 12) continue to retry to register 1b name with wins server if there is an old IP there
532 13) fix smbclient print crash bug
533 14) 9x pnp fix when the config file and driver file are different
534 15) force testparm to print the correct value for log level
535 16) fix swat to show full log level info
536 17) fix server GetPrinterData() fields to be more sensible
537 18) fix logic error in SetPrinterDataEx()
538 19) Only set smb_read_error if not already set
539 20) Fix string returns that require unicode
540 21) Merge of printing performance fixes from appliance
541 22) lpq parsing fixes
542 23) Back port tridge's xcopy /o fix from HEAD
543 24) Fix the printer change notify code (unfinished)
544 25) Patch for Domain users not showing up
545 26) Fixed SetPrinterData(magic key) to support zero length DEVMODE
546 27) Ensure that all methods of looking up and connecting to DC's work
547 using identical logic.
548 28) Merge in the mutex code to stop multiple domain logon failure
550 30) Fix winbindd to respect command line debuglevel as nmbd/smbd
551 31) Update with tdbbackup from HEAD
552 32) Fix for typo on solaris nss
553 33) Merge in the locking changes from HEAD
554 34) Added POSIX ACL layer into the vfs
555 35) Fix the returning of domain enum
556 36) Fix the generation of the MACHINE.SID file into the secrets.tdb.
557 37) Enable test for -rdynamic when building binaries
558 38) Remove the "stat open" code - make it inline
559 39) Fix the mp3 rename bug
560 40) Fix for Explorer DFS problems on older Windows 9X machines
561 41) implement OpenPrinter() opnum == 0x01
562 42) Matched W2K *insane* open semantics....
563 43) small fix that will prevent the "failed to marshall
564 R_NET_SAMLOGON" message in the logs
565 42) don't do checking of local passdb in smbpasswd if using -r option
566 43) fix "smbpasswd -j DOMAIN -r * -U Admin%XXXX" so that it doesn't
567 try to connect to a server named '*'
568 44) merge rpcclient code from HEAD
569 45) Ensure MACHINE.SID update done before child spawns
570 46) Fix the bad path errors for mkdir so mkdir \a\b\c\d works
571 47) Removed --with-vfs - always built if available
572 48) Fixed psec for 2.2
573 49) Fixed the handle leak in the connection management code
574 50) fix disable spoolss after the switch to nt status codes
575 51) Added Shirish's client side caching policy change
576 52) Honor the specversion when parsing the the DEVICEMODE
577 53) fix parsing bug when DEVICEMODE's private data does not end
579 54) do not idle an smbd when there is an open pipe
580 55) when a new driver is added to a Samba server, cycle through
581 all printers and bump the change_id for each one bound to the driver
582 56) allow smbclient to work with a FIFO as well (needed for KDE
584 57) various updates to pdb_nisplus.c
585 58) many small documentation updates
586 59) removed many compiler warnings
589 -----------------------------------------------------------------------------
590 The release notes for 2.2.3a follow :
592 This is a minor bugfix release for the 2.2.3 release. The 2.2.3
593 release had a problem that was visible to Windows 2000 Explorer
594 users in that copying files into a share that already existed
595 failed with "Access Denied" rather than asking the user if an
596 overwrite was required. This was due to an incorrect error mapping
597 between the UNIX EXIST error code and the NT status error.
599 As Windows Explorer is a highly visible end user application a quick
600 bugfix release was required, hence 2.2.3a.
602 Compilation on HPUX versions earlier than HPUX 11 has also been
605 The cvs.log file is no longer included with this release, as it adds
606 13Mb to the size of the release, and is easily available on the Web.
608 -----------------------------------------------------------------------------
609 The release notes for 2.2.3 follow :
611 There are several important scaling bugs that have been fixed in this release
612 for large server systems so an upgrade is recommended.
617 Much work has been done on the LDAP backend code. The configure
618 option --with-ldapsam is now considered to be stable. The schema
619 used has changed, see the file examples/LDAP/samba.schema for the
622 New documentation explaining how to set up a Samba only PDC/BDC
623 setup has been added in the files Samba-LDAP-HOWTO and Samba-BDC-HOWTO
624 in the documentation tree.
626 winbindd daemon extended
627 ------------------------
629 Samba 2.2.2 was the first release to include the winbind daemon.
630 This code allows UNIX systems that implement the name service
631 switch (nss) to be entered into a Windows NT/2000 domain and
632 use the Domain controller for all user and group enumeration.
634 Samba 2.2.3 fixes the known memory leaks in winbindd and has
635 been extended to work with SGI IRIX and HPUX (11.x) in addition
636 to the earlier targets of Linux and Solaris.
638 For more information on using winbind, see the man pages for
641 Note that winbindd is not installed by default.
643 New/Changed parameters in 2.2.3
644 --------------------------------
646 For more information on these parameters, see the man pages for
649 Added/changed parameters.
650 -------------------------
654 Enables the experimental UNIX CIFS extensions in smbd. See the manpage
659 Some printer drivers will crash the Windows NT/2000 spooler service
660 if they are given a default devmode, some require it. This parameter
661 allows the administrator a choice of whether smbd returns such a
662 default devmode for a driver.
666 This parameter has been restored to allow people who wish smbd to ignore
667 client share modes. This is *very dangerous* and should not be set without
668 full knowledge of what this is designed for.
673 1). Fixed shared library compile for Solaris with native compiler.
674 2). UNIX CIFS extensions code added (donated by HP).
675 3). Changed to using NT status codes on the wire if the client can support
677 4). altname command to show 8.3 name added to smbclient.
678 5). const-safe endian macros now used.
679 6). client code now uses UNICODE on the wire.
680 7). Correctly return fault PDU's on bad handle.
681 8). Improved NT error code mapping table.
682 9). Many new point and print RPC calls added.
683 10). Win9x clients can now see full user list.
684 11). field added to identify simultaneous open files (no longer
685 use dev/inode/time as unique value).
686 12). HPUX ACL code added (donated by HP).
687 13). vfs interfaces updated (again !).
688 14). MSDOS Code Page 866 -> 1251 mapping added.
689 15). winbindd now processes quit/hup signals correctly.
690 16). No tdb traversal done on startup/shutdown - ensures scalability.
691 17). Fix bug with paths for homes share.
692 18). Fixed copyfile for OS/2.
693 19). Fix group membership when groups are on more than one line.
694 20). Fixed core dumps in posix ACL mapping code.
695 21). Tidyup of UNICODE functions (put/get).
696 22). Move rpcclient to the new libsmb code.
697 23). Add missing Windows 2000 passthough trans2 calls.
698 24). Return check all tdb calls.
699 25). Make local name lookup work even if wins server is down.
700 26). pam session code added to winbind.
701 27). Added winbindd cache to all lookups.
702 28). Fix allocate bugs that caused file sizes to be incorrect.
703 29). Fixed write cache code - now safe to use.
704 30). Fixed winbindd memory leaks.
705 31). winbindd will now do name lookups (to allow non Open Source
706 systems to do the nsswitch WINS lookup). Fixed by SGI.
707 32). passdb memory leaks fixed.
708 33). LDAP code updates and now properly maintained.
709 34). Finally figured out how changeid is meant to work.
710 35). Downlevel printing now looks as NT does in print monitor window.
711 36). Many fixups in spoolss printing RPC parsing.
712 37). Speed up password enumeration as a PDC.
713 38). Fix printer changed notify messages (work from HP).
714 39). Fix modify timestamp on close code.
715 40). Fix long standing mangled names bug.
716 41). Fix delete on close semantics.
717 42). Stop opening all files with O_NONBLOCK !
718 43). Use O_NOFOLLOW for systems that have it and don't want symlinks.
719 44). Ensure NT supplementary groups get added to user token.
720 45). Try and mitigate effects of DNS timeout (do less lookups).
721 46). Added current user connection context stack.
722 47). Fixes to utmp code.
723 48). smbw code tidyups.
724 49). Added tdb open log code. Several tdb fixes.
726 -----------------------------------------------------------------------------
727 The release notes for 2.2.2 follow :
729 New daemon included - winbindd
730 ------------------------------
732 Samba 2.2.2 is the first release to include the winbind daemon.
733 This code allows UNIX systems that implement the name service
734 switch (nss) to be entered into a Windows NT/2000 domain and
735 use the Domain controller for all user and group enumeration.
737 This allows a Samba server added to a Windows domain to serve
738 file and print services with *NO* local users needed in /etc/passwd
739 and /etc/group - all users and groups are read directly from the
740 Windows domain controller. In addition with pam_winbind which allows
741 a PAM enabled UNIX system to use a Windows domain for authentication
742 service this allows single sign on and account control across
743 UNIX and Windows systems.
745 The current version of winbindd shipped in 2.2.2 does have some
746 memory leaks, which will be addressed for the next Samba release,
747 so it is advisable to monitor the winbind process. This code is
748 being used in production by several vendors, so the leaks are
749 manageable. In addition, this version of winbind does not work
750 correctly against a Samba PDC, due to some missing calls on the
751 PDC side. These problems are being addressed for the next Samba
752 release, but it was thought better to release the code now rather
753 than delay the main Samba code to match the winbind release schedule.
755 For more information on using winbind, see the man pages for
758 Note that winbindd is not installed by default.
760 New/Changed parameters in 2.2.2
761 -------------------------------
763 For more information on these parameters, see the man pages for
766 Added/changed parameters.
767 -------------------------
771 Causes Samba not to create UNIX 'sparse' files, but to follow the
772 Windows behavior of always allocating on-disk space.
776 Set to 'on' by default, only set to 'off' on HPUX 11.x or below or other
777 UNIX systems that don't have coherent mmap/read-write internal caches.
778 You should not need to set this parameter.
782 This parameter has been changed to a per-share option, and is very
783 useful in enabling Windows 2000 SP2 to load/save profiles from a
786 New printing parameters.
787 ------------------------
791 Setting this parameter causes Samba to go back to the old 2.0.x
792 LANMAN printing behavior, for people who wish to disable the
797 Causes Windows NT/2000 clients to need have a local printer driver
798 installed and to treat the printer as local.
803 Samba 2.2.2 contains new code to maintain a Samba SAM database
804 on a remote LDAP server. These parameters have been added as
805 part of this code. These parameters are only available when Samba
806 has been compiled with the --with-ldapsam option.
814 The SSL support in Samba has been fixed. These new parameters
815 are part of the changes added. These parameters are only available
816 when Samba has been compiled with the --with-ssl option.
817 Please see the smb.conf man page for details.
823 New winbindd parameters.
824 ------------------------
826 These parameters are used by winbindd. See the man page for
827 winbindd for details.
848 Some new README's have been added in the docs/ directory. These cover
849 using roving profiles with Windows 2000 SP2 (docs/README.Win2kSP2),
850 and how to use Samba to help prevent Windows virus spread
851 (docs/README.Win32-Viruses).
853 Quota problems on a Linux 2.4 kernel.
854 -------------------------------------
856 Currently the quota interfaces have diverged between the Linus
857 2.4.x kernels and the Alan Cox 2.4.x kernels (the Alan Cox variants
858 are shipped with RedHat). Running quota-enabled Samba compiled on
859 an Alan Cox kernel works correctly on an Alan Cox kernel (the one
860 shipped by default with RedHat 7.x) but fails on a Linus kernel.
862 This is a mess, and hopefully Alan and Linus will sort it out soon.
863 In the meantime we need to ship.....
868 1). mmap tdb code disabled on HPUX. This should prevent the reports of
869 tdb corruption on HUPX.
870 2). Large file support set to off in Solaris 5.5 and below.
871 3). Better CUPS detection.
872 4). New SAM (password database) backends - smbpasswd (traditional),
873 LDAP, NIS+ and Samba TDB.
874 5). Quota fixups on Linux.
875 6). libsmbclient stand-alone code added. Can be built as a shared library
877 7). Tru64 ACL support added.
878 8). winbindd option added.
879 9). Realloc fail tidyup fixes all over the code.
880 10). Large improvement in hash table code efficiency - would be found with
882 11). Error code consistency improved (still needs more work).
883 12). Profile shared memory support added to nmbd.
884 13). New Windows 2000/NT passthrough info levels added.
885 14). readraw/writeraw code rewritten - many bugs fixed.
886 15). UNIX password sync (non pam) code fixed, use correct wildcard matcher.
887 16). Reverse DNS lookup avoided on socket open.
888 17). Bug preventing nmbd re-registering names on WINS server timeout fixed.
889 18). Zero length byte range lock code added. Much closer to Windows semantics.
890 19). Alignment fault fixes for Linux/Alpha.
891 20). Error checking on tdb returns vastly improved.
892 21). Handling of delete on close fixed. No longer possible to leave 'dead'
894 22). Handling of oplock break failure cleanups improved. Should not be
895 able to leave 'dead' entries.
896 23). Fix handling of errors trying to set 64 bit locks on 32 bit NFS mounts.
897 24). Misc. MS-DFS code fixes.
898 25). Ignore logon packets if not a PDC (needed for PDC/BDC failover).
899 26). winbind pam module added.
900 27). Order N^^2 enumeration of printers problem fixed.
901 28). Password backend database code re-ordered to allow different password
902 backends (at compile time currently).
903 29). Improved print driver version detection for Windows 2000.
904 30). Driver DEVMODE initialization fixes.
905 31). Improved SYSV print parse code.
906 32). Fixed enumeration of large numbers of users/groups from Windows clients.
908 33). Fix for buggy NetApp RPC pipe clients.
909 34). Fix for NT sending multiple SetPrinterDataEx calls.
910 35). Fix for logic bug where smbd could delay oplock break request messages
911 from other smbd daemons whilst client kept us busy.
912 36). Fix deadlock problem with connections tdb on enumeration.
913 37). Fixes for setting/getting NT ACLs - improved POSIX mapping both ways.
914 38). Removed unused readbmpx/writebmpx code.
915 39). Attempt to fix Linux 2.4.x quota mess.
916 40). Improved ctemp code for Windows 2000 compatibility.
917 41). Finally understood difference between set EOF and set allocation requests.
918 Added strict allocate parameter to help.
919 42). Correctly return name types on name to SID lookups.
920 43). tdb spinlock code update.
921 44). Use pread/pwrite on systems that have it to fix race condition in tdb code.
923 -----------------------------------------------------------------------------
924 The release notes for 2.2.1a follow :
926 This is a minor bugfix release for 2.2.1, *NOT* security related.
928 1). 2.2.1 had a bug where using smbpasswd -m to add a Windows NT or
929 Windows2000 machine into a Samba hosted PDC would fail due to our
930 stricter user name checking. We were disallowing user names
931 containing '$', which is needed when using smbpasswd to add a
932 machine into a domain. Automatically adding machines (using the
933 native Windows tools) into a Samba domain worked correctly.
935 2.2.1a fixes this single problem.
937 -----------------------------------------------------------------------------
938 The release notes for 2.2.1 follow :
940 New/Changed parameters in 2.2.1
941 -------------------------------
946 obey pam restrictions
948 When Samba is configured to use PAM, turns on or off Samba checking
949 the PAM account restrictions. Defaults to off.
953 When Samba is configured to use PAM, turns on or off Samba passing
954 the password changes to PAM. Defaults to off.
958 New option to allow new Windows 2000 large file (64k) streaming
959 read/write options. Needs a 64 bit underlying operating system
960 (for Linux use kernel 2.4 with glibc 2.2 or above). Can improve performance
961 by 10% with Windows 2000 clients. Defaults to off. Not as tested
962 as some other Samba code paths.
966 Prevents clients from seeing the existence of files that cannot
967 be read. Off by default.
971 Turn on/off the enhanced Samba browsing functionality (*1B names).
972 Default is "on". Can prevent eternal machines in workgroups when
973 WINS servers are not synchronized.
985 1). "find" command removed for smbclient. Internal code now used.
986 2). smbspool updates to retry connections from Michael Sweet.
987 3). Fix for mapping 8859-15 characters to UNICODE.
988 4). Changed "security=server" to try with invalid username to prevent
990 5). Fixes to allow Windows 2000 SP2 clients to join a Samba PDC.
991 6). Support for Windows 9x Nexus tools to allow security changes from Win9x.
992 7). Two locking fixes added. Samba 2.2.1 now passes the Clarion network
993 lock tester tool for distributed databases.
994 8). Preliminary support added for Windows 2000 large file read/write SMBs.
995 9). Changed random number generator in Samba to prevent guess attacks.
996 10). Fixes for tdb corruption in connections.tdb and file locking brlock.tdb.
997 smbd's clean the tdb files on startup and shutdown.
998 11). Fixes for default ACLs on Solaris.
999 12). Tidyup of password entry caching code.
1000 13). Correct shutdowns added for send fails. Helps tdb cleanup code.
1001 14). Prevent invalid '/' characters in workgroup names.
1002 15). Removed more static arrays in SAMR code.
1003 16). Client code is now UNICODE on the wire.
1004 17). Fix 2 second timestamp resolution everywhere if dos timestamp set to yes.
1005 18). All tdb opens now going through logging function.
1006 19). Add pam password changing and pam restrictions code.
1007 20). Printer driver management improvements (delete driver).
1008 21). Fix difference between NULL security descriptors and empty
1009 security descriptors.
1010 22). Fix SID returns for server roles.
1011 23). Allow Windows 2000 mmc to view and set Samba share security descriptors.
1012 24). Allow smbcontrol to forcibly disconnect a share.
1013 25). tdb fixes for HPUX, OpenBSD and other OS's that don't have a coherent
1014 mmap/file read/write cache.
1015 26). Fix race condition in returning create disposition for file create/open.
1016 27). Fix NT rewriting of security descriptors to their canonical form for
1018 28). Fix for Samba running on top of Linux VFAT ftruncate bug.
1019 29). Swat fixes for being run with xinetd that doesn't set the umask.
1020 30). Fix for slow writes with Win9x Explorer clients. Emulates Microsoft
1021 TCP stack early ack specification error.
1022 31). Changed lock & persistent tdb directory to /var/cache/samba by default on
1023 RedHat and Mandrake as they clear the /var/lock/samba directory on reboot.
1025 -----------------------------------------------------------------------------
1026 The release notes for 2.2.0a follow :
1031 This is a security bugfix release for Samba 2.2.0. This release provides the
1032 following two changes *ONLY* from the 2.2.0 release.
1034 1). Fix for the security hole discovered by Michal Zalewski (lcamtuf@bos.bindview.com)
1035 and described in the security advisory below.
1036 2). Fix for the hosts allow/hosts deny parameters not being honoured.
1038 No other changes are being made for this release to ensure a security fix only.
1039 For new functionality (including these security fixes) download Samba 2.2.1
1040 when it is available.
1042 The security advisory follows :
1045 IMPORTANT: Security bugfix for Samba
1046 ------------------------------------
1054 A serious security hole has been discovered in all versions of Samba
1055 that allows an attacker to gain root access on the target machine for
1056 certain types of common Samba configuration.
1058 The immediate fix is to edit your smb.conf configuration file and
1059 remove all occurances of the macro "%m". Replacing occurances of %m
1060 with %I is probably the best solution for most sites.
1065 A remote attacker can use a netbios name containing unix path
1066 characters which will then be substituted into the %m macro wherever
1067 it occurs in smb.conf. This can be used to cause Samba to create a log
1068 file on top of an important system file, which in turn can be used to
1069 compromise security on the server.
1071 The most commonly used configuration option that can be vulnerable to
1072 this attack is the "log file" option. The default value for this
1073 option is VARDIR/log.smbd. If the default is used then Samba is not
1074 vulnerable to this attack.
1076 The security hole occurs when a log file option like the following is
1079 log file = /var/log/samba/%m.log
1081 In that case the attacker can use a locally created symbolic link to
1082 overwrite any file on the system. This requires local access to the
1085 If your Samba configuration has something like the following:
1087 log file = /var/log/samba/%m
1089 Then the attacker could successfully compromise your server remotely
1090 as no symbolic link is required. This type of configuration is very
1093 The most commonly used log file configuration containing %m is the
1094 distributed in the sample configuration file that comes with Samba:
1096 log file = /var/log/samba/log.%m
1098 in that case your machine is not vulnerable to this attack unless you
1099 happen to have a subdirectory in /var/log/samba/ which starts with the
1105 Thanks to Michal Zalewski (lcamtuf@bos.bindview.com) for finding this
1112 While we recommend that vulnerable sites immediately change their
1113 smb.conf configuration file to prevent the attack we will also be
1114 making new releases of Samba within the next 24 hours to properly fix
1115 the problem. Please see http://www.samba.org/ for the new releases.
1117 Please report any attacks to the appropriate authority.
1122 ---------------------------------------------------------------------------
1124 The release notes for 2.2.0 follow :
1126 This is the official Samba 2.2.0 release. This version of Samba provides
1127 the following new features and enhancements.
1129 Integration between Windows oplocks and NFS file opens (IRIX and Linux
1130 2.4 kernel only). This gives complete data and locking integrity between
1131 Windows and UNIX file access to the same data files.
1133 Ability to act as an authentication source for Windows 2000 clients as
1134 well as for NT4.x clients.
1136 Integration with the winbind daemon that provides a single
1137 sign on facility for UNIX servers in Windows 2000/NT4 networks
1138 driven by a Windows 2000/NT4 PDC. winbind is not included in
1139 this release, it currently must be obtained separately. We are
1140 committed to including winbind in a future Samba 2.2.x release.
1142 Support for native Windows 2000/NT4 printing RPCs. This includes
1143 support for automatic printer driver download.
1145 Support for server supported Access Control Lists (ACLs).
1146 This release contains support for the following filesystems:
1150 Linux Kernel with ACL patch from http://acl.bestbits.at
1151 Linux Kernel with XFS ACL support.
1152 Caldera/SCO UnixWare
1154 FreeBSD (with external patch)
1156 Other platforms will be supported as resources are
1157 available to test and implement the necessary modules. If
1158 you are interested in writing the support for a particular
1159 ACL filesystem, please join the samba-technical mailing
1160 list and coordinate your efforts.
1162 On PAM (Pluggable Authentication Module) based systems - better debugging
1163 messages and encrypted password users now have access control verified via
1164 PAM - Note: Authentication still uses the encrypted password database.
1166 Rewritten internal locking semantics for more robustness.
1167 This release supports full 64 bit locking semantics on all
1168 (even 32 bit) platforms. SMB locks are mapped onto POSIX
1169 locks (32 bit or 64 bit) as the underlying system allows.
1171 Conversion of various internal flat data structures to use
1172 database records for increased performance and
1175 Support for acting as a MS-DFS (Distributed File System) server.
1177 Support for manipulating Samba shares using Windows client tools
1178 (server manager). Per share security can be set using these tools
1179 and Samba will obey the access restrictions applied.
1181 Samba profiling support (see below).
1183 Compile time option for enabling a (Virtual file system) VFS layer
1184 to allow non-disk resources to be exported as Windows filesystems
1185 (such as databases etc.).
1187 The documentation in this release has been updated and converted
1188 from Yodl to DocBook 4.1. There are many new parameters since 2.0.7
1189 and some defaults have changed.
1193 Support for collection of profile information. A shared
1194 memory area has been created which contains counters for
1195 the number of calls to and the amount of time spent in
1196 various system calls, smb transactions and nmbd activity. See
1197 the file profile.h for a complete listing of the information
1198 collected. Sample code for a samba pmda (collection agent
1199 for Performance Co-Pilot) has been included in the pcp
1202 To enable the profile data collection code in samba, you must
1203 compile samba with profile data support (run configure with
1204 the --with-profiling-data option). On startup, collection of
1205 data is disabled. To begin collecting data use the smbcontrol
1206 program to turn on profiling (see the smbcontrol man page).
1207 Profile information collection can be enabled for nmbd, all smbd
1208 processes or one or more selected processes. The profiling
1209 data collected is the aggregate for all processes that have
1212 With samba compiled for profile data collection, you may see
1213 a very slight degradation in performance even with profiling
1214 collection turned off. On initial tests with NetBench on an
1215 SGI Origin 200 server, this degradation was not measurable
1216 with profile collection off compared to no profile collection
1217 compiled into samba.
1219 With count profile collection enabled on all clients, the
1220 degradation was less than 2%. With full profile collection
1221 enabled on all clients, the degradation was about 8.5%.
1223 =====================================================================
1225 If you think you have found a bug please email a report to :
1229 As always, all bugs are our responsibility.