[Pkg-samba-maint] Bug#860779: smbclient: installation of smbclient appears to install and run samba server

Thu Apr 20 00:31:26 UTC 2017

Package: smbclient
Version: 2:4.2.14+dfsg-0+deb8u5
Severity: normal

I do not think that installing client software should, without much
notice, install and activate the associated server.  But that seems to
be what happens with smbclient.  Among other things, this seems an
unnecessary security risk.

   * What led up to the situation?
   I wanted to access a samba share being served by another machine.
   So I installed smbclient using aptitude, accepting the defaults,
   which I noticed included samba (the main package) and a lot of
   other things.

   * What exactly did you do (or not do) that was effective (or
     ineffective)?
   I first ran systemtcl status samba which seemed to indicate the
     server was not running.  However, the samba logs and netstat
     indicated it was, as did /etc/init.d/samba status

   * What was the outcome of this action?
   Big picture: installing the client resulted in a running server on
   my machine.  As for my diagnostics:
ross at ross-node1:/tmp$ systemctl status samba
● samba.service
   Loaded: masked (/dev/null)
   Active: inactive (dead)
ross at ross-node1:/tmp$ /etc/init.d/samba status
● nmbd.service - LSB: start Samba NetBIOS nameserver (nmbd)
   Loaded: loaded (/etc/init.d/nmbd)
   Active: active (running) since Wed 2017-04-19 16:36:11 PDT; 41min ago
   CGroup: /system.slice/nmbd.service
           └─52137 /usr/sbin/nmbd -D
● smbd.service - LSB: start Samba SMB/CIFS daemon (smbd)
   Loaded: loaded (/etc/init.d/smbd)
   Active: active (running) since Wed 2017-04-19 16:36:10 PDT; 41min ago
   CGroup: /system.slice/smbd.service
           ├─52068 /usr/sbin/smbd -D
           └─52072 /usr/sbin/smbd -D

   * What outcome did you expect instead?
   Well, I wasn't too surprised to find the server running given
   the packages installed.  But my original expectation was that I
   could install the client without getting a server started.

Our network admin is pretty strict and takes a dim view of random
services running on the network.  So I'm going to remove all the
packages for now.

As a side note, I find the current interaction of samba and systemd to
be mysterious and undocumented.  I did find bug 740942 which shed some
light (namely that the samba.service link to /dev/null sort of tells
systemd to ignore the package), but I remain puzzled.  The end of that
bug links to
http://git.debian.org/?p=pkg-samba/samba.git;a=commitdiff;h=8828d90
but that link doesn't seem to work anymore.  Then again, I find
systemd to be generally mysterious.

In particular, I don't know what the proper way to disable the
services is.

I do notice that smbclient relies on configuration parameters in
smb.conf, and so it may be that getting a "pure" client is technically
difficult.

-- System Information:
Debian Release: 8.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/40 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages smbclient depends on:
ii  dpkg          1.17.27
ii  libarchive13  3.1.2-11+deb8u3
ii  libbsd0       0.7.0-2
ii  libc6         2.19-18+deb8u7
ii  libpopt0      1.16-10
ii  libreadline6  6.3-8+b3
ii  libsmbclient  2:4.2.14+dfsg-0+deb8u5
ii  libtalloc2    2.1.2-0+deb8u1
ii  libtevent0    0.9.28-0+deb8u1
ii  samba-common  2:4.2.14+dfsg-0+deb8u5
ii  samba-libs    2:4.2.14+dfsg-0+deb8u5

smbclient recommends no packages.

Versions of packages smbclient suggests:
ii  cifs-utils       2:6.4-1
pn  heimdal-clients  <none>

-- no debconf information