[Pkg-samba-maint] Bug#726472: Bug#726472: share passwords not working after upgrade from samba3
Ivo De Decker
ivo.dedecker at ugent.be
Wed Oct 30 09:22:41 UTC 2013
Hi Andrew,
On Wed, Oct 30, 2013 at 11:34:25AM +1300, Andrew Bartlett wrote:
> > That'll also cause some confusion though, as those files will be in
> > sysstatedir on debian but in privatedir on other systems...
>
> I'm not sure that will work either. There are really only 3 databases
> that matter, because schannel_store.tdb will eventually regenerate
> (client machines forced to 'log in' with a NETLOGON
> serverAuthenticate).
>
> passdb.tdb, secrets.tdb, idmap2.tdb.
We don't necessarily need to move them all at the same time (although moving
only some of them would probably cause even more confusion).
> passdb.tdb is what is tripping us up and got us here, but secrets.tdb
> will cause us more pain in 'fixing' this.
>
> The issue is secrets.tdb must be in the same directory as secrets.ldb,
> because we keep them in sync when secrets.ldb is updated. This allows
> -P to work in tools no matter the code origin.
Is secrets.tdb used outside of smbd? The only case I know of is smbpasswd,
running as root, so that shouldn't be an issue. If there are no other uses
outside smbd, there is no race condition when we move it in samba.postinst,
because smbd won't be running.
As for idmap2.tdb, it seems that's only being used from winbindd, and from the
net command, running as root. So if we move that in winbind.postinst, it
should be fine too.
If these assumptions are correct (can someone confirm that?), we only need to
deal with passdb.tdb. If we can find a way to work around that race condition,
we could do that move as well.
Cheers,
Ivo
More information about the Pkg-samba-maint
mailing list