Quoting Christian Perrier ([email protected]):
> Package: samba
> Version: 2:3.6.5-1
> Severity: wishlist
> 
> After a discussion with Ivo De Decker at SambaXP, I noticed that we
> try to create the passdb database in all cases, which:
> - takes ages with thousands of users (so, we should at least print
> something to avoid users thinking that the upgrade process is hanged
> - is useless if and LDAP backed is used

FTR, here's the discussion I had with Steve(vorlon) on IRCabout this,
after I propsoed entirely dropping the pieces of code that
automaticallly create smb passwrod file entries at install time:

10:01 < vorlon> bubulle: so if we don't do the import at install time, how do 
we ensure that the system is usable after install?  It's not usable without 
passdb entries, and 
                nothing else populates them automatically
10:01 < vorlon> I'm happy to get rid of this if there's a better mechanism
10:03 <@abartlet> vorlon: it doesn't do anything
10:03 < vorlon> hmm?
10:03 <@abartlet> vorlon: smbpasswd file entries without passwords are pretty 
pointless
10:03 <@abartlet> no other distribution auto-imports
10:03 < vorlon> well
10:04 < vorlon> except there's pam_smbpass which can be used to set the 
password for the passwordless entry
10:04 < vorlon> and IIRC it cares about whether the account already exists
10:08 <@abartlet> vorlon: then make it a step for pam_smbpass only
10:09 <@abartlet> vorlon: or perhaps I can help by removing the script from 
master? ;-)
10:09 < vorlon> pam_smbpass only> hmm, could do
10:09 < vorlon> historically, samba would display acls differently to clients 
based on whether accounts existed in the passdb; is that no longer relevant?
10:10 <@abartlet> we still do that
10:10 < vorlon> ok
10:10 < vorlon> maybe not a compelling reason to do the import, but it does 
mean the import isn't a no-op
10:12 <@abartlet> the problem with a one-time import is nothing keeps it in sync
10:12 <@abartlet> so you create two classes of users: those present at install 
time, and others
10:14 < vorlon> true enough
10:15 < vorlon> though we could arguably hook into adduser, if creating the 
passdb entries was the right thing to do
10:20 <@abartlet> vorlon: assuming user management is local...
10:27 < bubulle> indeed it can make sens for local users but, really, I think 
that ppl who have such setup do already have local user creation scripts that 
take care of creating 
                 the user *and* populate ths smb passwords
10:27 < bubulle> at least, I think the benefit is not balanced by the various 
drawbacks


Attachment: signature.asc
Description: Digital signature

Reply via email to