Ubuntu
samba package

Merge ~ahasenack/ubuntu/+source/samba:cosmic-samba-merge-4.8-1778125 into ubuntu/+source/samba:debian/sid

  1. Git
  2. lp:~ahasenack/ubuntu/+source/samba
  3. cosmic-samba-merge-4.8-1778125
  4. Merge into debian/sid
Proposed by Andreas Hasenack
Status: Merged
Merge reported by: Christian Ehrhardt 
Merged at revision: 7bbdf71f4f230e588045d039f9e0912e5ed4ed77
Proposed branch: ~ahasenack/ubuntu/+source/samba:cosmic-samba-merge-4.8-1778125
Merge into: ubuntu/+source/samba:debian/sid
Diff against target: 1601 lines (+1289/-21)
8 files modified
debian/changelog (+1089/-0)
debian/control (+4/-4)
debian/patches/VERSION.patch (+2/-2)
debian/rules (+4/-2)
debian/samba-common-bin.install (+1/-0)
debian/samba-common.config (+4/-4)
debian/smb.conf (+15/-9)
debian/source_samba.py (+170/-0)
Reviewer Review Type Date Requested Status
Christian Ehrhardt  (community) Approve
Canonical Server Pending
Review via email: mp+348424@code.launchpad.net

Description of the change

Merge from Debian's 4.8.2.

This is a package where git ubuntu merge start crashed, so I did that part manually.

This merge has some interesting aspects:
- our old delta included an upstream version bump (debian had 4.7.4, we went with 4.7.6). This can be seen in the git logs, and was of course dropped when rebasing on new/debian
- samba 4.8.x requires a newer libldb, which is already in cosmic-proposed for a month but hasn't migrated because samba needs to be rebuilt with it, so it's stuck. Any new upload of samba would unstuck it, even a 4.7.x one, but so will this 4.8 MP.
- here is a PPA with test packages for all architectures where samba was built with the new libldb: https://launchpad.net/~ahasenack/+archive/ubuntu/samba-merge-4.8-1778125/+packages (ppa:ahasenack/samba-merge-4.8-1778125)
- debian fixed bugs that also affected our package, so these bugs will be marked as fix released manually:
  https://pad.lv/1773679 samba-dbg not found
  https://pad.lv/1748267 dep8 test user
- this one was fixed upstream in samba 4.8:
  https://pad.lv/1752878 fullsync support for timemachine

I added a fix for a logrotate issue (#1760855) and also submitted it to debian (#902149)

Here are DEP8 tests run with the packages from that PPA: http://people.ubuntu.com/~ahasenack/dep8-samba-4.8-1778125/

To post a comment you must log in.
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Checking smb.conf with testparm
Load smb config files from /etc/samba/smb.conf
WARNING: The "syslog" option is deprecated

Should we do something about this on the merge?

review: Needs Information
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Yes, I can finally tackle that now I think.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Some changes needed to be adapted like dhclient3, but all LGTM.
Overall retained Delta - all in and as-is or correctly adapted.
Dropped Delta - acl to what was dropped

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

acl => ack

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

I did some install/upgrade tests and hit no issues.

As discussed please also run the qa-regresssion-test against the new upload.

Under the condition that these tests work as well and some minor changelog cleanup as we discussed on IRC +1

review: Approve
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Salsa MP about the syslog changes: https://salsa.debian.org/samba-team/samba/merge_requests/7

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

What is failing with 4.8.2, and passing with 4.7.6, is this simple construct on a cifs mountpoint:

root@ubuntu:~# echo hello > $(mktemp /mnt/hello.XXXXXX)
-su: $(mktemp /mnt/hello.XXXXXX): Permission denied
root@ubuntu:~# l /mnt/hello.JJocjv
-rw-------+ 1 nobody nogroup 0 Jun 25 17:56 /mnt/hello.JJocjv
root@ubuntu:~#

The share is just:
[tmp]
 comment = Temp Directory
 guest ok = Yes
 path = /tmp
 read only = No

Since it's a guest connection, the user on the server side is effectively nobody/nogroup, so he should be able to write to the file.

I emailed samba@.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Reading from that file also fails.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

I submitted a bug upstream: https://bugzilla.samba.org/show_bug.cgi?id=13486

I'm not sure what we do now. I don't know when this bug will get attention.

libldb is still stuck in proposed as it needs a samba build. It could be the current 4.7.6 one, we just need to upload it again with a version bump. Or we wait.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Bug also filed with Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902431

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Another MP to just rebuild cosmic's current samba (4.7.6) with the stuck ldb: https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/348888

Revision history for this message
Robie Basak (racb) wrote :

Blocked on samba upstream bug but otherwise ready to merge. Ask Andreas before uploading.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

This is an ugly dead-lock :-/
The adoption of the new code would be good for so many things CVEs and normal fixes/improvements.

Since the smb bug tracker user creation takes a while, could you poll there please?

I wonder how critical that new bug is in comparison to the improvements. Maybe we want to merge as is and be more pressing on the upstream bug to backport something hopefully between FF and Release.
But upstream had nothing so far after a few initial "could you try this" :-/

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Maybe in addition call for help in https://lists.samba.org/archive/samba/2018-August/thread.html or https://lists.samba.org/archive/samba-technical/2018-August/thread.html ?

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Reopening this, after I rebased it on 4.8.4. Given that the regression bug is also present in 4.7.7, and in 4.8.1 and later in the 4.8.x series, I believe either not many people are affected, or it's not important enough, because these releases have been out there for some time now. The benefits outweigh the cons here in my opinion.

Bileto ticket: https://bileto.ubuntu.com/#/ticket/3373

There is a nagging gvfs s390x test failure: http://autopkgtest.ubuntu.com/packages/gvfs/cosmic/s390x looks like it "never" passed and is not related to samba. I will try it in s390x later to see if I can reproduce it, file a bug upstream if that's the case, etc, we know the drill.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Actually, the gvfs s390x failure is a force-badtest already, so it's expected and won't block this migration:
andreas@nsnx:~/bzr/hints-ubuntu$ grep gvfs *
ubuntu-release:force-badtest gvfs/1.36.1-0ubuntu1/ppc64el gvfs/1.36.1-0ubuntu1/s390x gvfs/1.36.1-0ubuntu3/ppc64el gvfs/1.36.1-0ubuntu3/s390x

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Everything is in place in cosmic-proposed for this upload: ldb is currently just waiting on a samba rebuild (http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html#ldb)

trying: ldb
skipped: ldb (15, 3, 7)
    got: 22+0: a-4:a-3:a-5:i-3:p-3:s-4
    * s390x: samba-dsdb-modules

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

With your logrotate and syslog changes in Debian this looks even better :-)
Tests are good - I checked a bit on my own and the links are as you said onle the gvfs which doesn't matter.

The corner case issue we found in testing really should not stop all these new things from going in. And we have plenty of time to work on that once upstream replies on your bugs.

So what is the state now - still as approved as before?

review: Approve
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

To ssh://git.launchpad.net/~usd-import-team/ubuntu/+source/samba
 * [new tag] upload/2%4.8.4+dfsg-2ubuntu1 -> upload/2%4.8.4+dfsg-2ubuntu1

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

You are still not an uplader of samba :-/
But I don't want to push on my own without your final call to do so.
I made the tag ready, so that anyone can sponsor in case I'm not available.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Thanks, I'll do a final check first thing when I get in

On Wed, Aug 22, 2018, 06:29  Christian Ehrhardt  <
<email address hidden>> wrote:

> You are still not an uplader of samba :-/
> But I don't want to push on my own without your final call to do so.
> I made the tag ready, so that anyone can sponsor in case I'm not available.
> --
>
> https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/348424
> You are the owner of
> ~ahasenack/ubuntu/+source/samba:cosmic-samba-merge-4.8-1778125.
>
> Launchpad-Message-Rationale: Owner
> Launchpad-Message-For: ahasenack
> Launchpad-Notification-Type: code-review
> Launchpad-Branch:
> ~ahasenack/ubuntu/+source/samba/+git/samba:cosmic-samba-merge-4.8-1778125
>

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Please proceed with the upload/sponsorship, thanks

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

https://launchpad.net/ubuntu/+source/samba/2:4.8.4+dfsg-2ubuntu1 is building

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/debian/changelog b/debian/changelog
index 0f793e2..cbab972 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,41 @@
1samba (2:4.8.4+dfsg-2ubuntu1) cosmic; urgency=medium
2
3 * Merge with Debian unstable (LP: #1778125). Remaining changes:
4 - debian/VERSION.patch: Update vendor string to "Ubuntu".
5 - debian/smb.conf;
6 + Add "(Samba, Ubuntu)" to server string.
7 + Comment out the default [homes] share, and add a comment about
8 "valid users = %s" to show users how to restrict access to
9 \\server\username to only username.
10 - debian/samba-common.config:
11 + Do not change priority to high if dhclient3 is installed.
12 - Add apport hook:
13 + Created debian/source_samba.py.
14 + debian/rules, debian/samba-common-bin.install: install hook.
15 - d/control, d/rules: Disable glusterfs support because it's not in main.
16 MIR bug is https://launchpad.net/bugs/1274247
17 * Drop:
18 - Add extra DEP8 tests to samba (LP #1696823):
19 + d/t/control, d/t/cifs-share-access: access a file in a share using cifs
20 + d/t/control, d/t/smbclient-anonymous-share-list: list available shares
21 anonymously
22 + d/t/control, d/t/smbclient-authenticated-share-list: list available
23 shares using an authenticated connection
24 + d/t/control, d/t/smbclient-share-access: create a share and download a
25 file from it
26 [Accepted by Debian in 2:4.7.4+dfsg-2]
27 - d/samba-common.dhcp: If systemctl is available, use it to query the
28 status of the smbd service before trying to reload it. Otherwise,
29 keep the same check as before and reload the service based on the
30 existence of the initscript. (LP #1579597)
31 [In Debian since 2:4.7.4+dfsg-2]
32 - debian/patches/passdb_dont_return_ok_if_pinfo_not_filled.patch:
33 [PATCH] s3:passdb: Do not return OK if we don't have pinfo filled.
34 Thanks to Andreas Schneider <asn@samba.org>. (LP #1761737)
35 [Fixed upstream]
36
37 -- Andreas Hasenack <andreas@canonical.com> Tue, 21 Aug 2018 09:57:57 -0300
38
1samba (2:4.8.4+dfsg-2) unstable; urgency=high39samba (2:4.8.4+dfsg-2) unstable; urgency=high
240
3 * Fix typo in previous release: s/usefull/useful/41 * Fix typo in previous release: s/usefull/useful/
@@ -155,6 +193,55 @@ samba (2:4.8.0+dfsg-1) experimental; urgency=medium
155193
156 -- Mathieu Parent <sathieu@debian.org> Mon, 19 Mar 2018 13:02:51 +0100194 -- Mathieu Parent <sathieu@debian.org> Mon, 19 Mar 2018 13:02:51 +0100
157195
196samba (2:4.7.6+dfsg~ubuntu-0ubuntu3) cosmic; urgency=medium
197
198 * No change rebuild to link with new ldb 1.3.3
199
200 -- Andreas Hasenack <andreas@canonical.com> Tue, 03 Jul 2018 09:57:24 -0300
201
202samba (2:4.7.6+dfsg~ubuntu-0ubuntu2) bionic; urgency=medium
203
204 * debian/patches/passdb_dont_return_ok_if_pinfo_not_filled.patch:
205 [PATCH] s3:passdb: Do not return OK if we don't have pinfo filled.
206 Thanks to Andreas Schneider <asn@samba.org>. (LP: #1761737)
207
208 -- Andreas Hasenack <andreas@canonical.com> Wed, 18 Apr 2018 11:49:55 -0300
209
210samba (2:4.7.6+dfsg~ubuntu-0ubuntu1) bionic; urgency=medium
211
212 * New upstream version:
213 - Fix database corruption bug when upgrading from samba 4.6 or lower
214 AD controllers (LP: #1755057)
215 - Fix security issues: CVE-2018-1050 and CVE-2018-1057 (LP: #1755059)
216 * Remaining changes:
217 - debian/VERSION.patch: Update vendor string to "Ubuntu".
218 - debian/smb.conf;
219 + Add "(Samba, Ubuntu)" to server string.
220 + Comment out the default [homes] share, and add a comment about
221 "valid users = %s" to show users how to restrict access to
222 \\server\username to only username.
223 - debian/samba-common.config:
224 + Do not change priority to high if dhclient3 is installed.
225 - Add apport hook:
226 + Created debian/source_samba.py.
227 + debian/rules, debian/samba-common-bin.install: install hook.
228 - Add extra DEP8 tests to samba (LP #1696823):
229 + d/t/control, d/t/cifs-share-access: access a file in a share using cifs
230 + d/t/control, d/t/smbclient-anonymous-share-list: list available shares
231 anonymously
232 + d/t/control, d/t/smbclient-authenticated-share-list: list available
233 shares using an authenticated connection
234 + d/t/control, d/t/smbclient-share-access: create a share and download a
235 file from it
236 - d/samba-common.dhcp: If systemctl is available, use it to query the
237 status of the smbd service before trying to reload it. Otherwise,
238 keep the same check as before and reload the service based on the
239 existence of the initscript. (LP #1579597)
240 - d/control, d/rules: Disable glusterfs support because it's not in main.
241 MIR bug is https://launchpad.net/bugs/1274247
242
243 -- Andreas Hasenack <andreas@canonical.com> Tue, 13 Mar 2018 16:58:49 -0300
244
158samba (2:4.7.4+dfsg-2) unstable; urgency=high245samba (2:4.7.4+dfsg-2) unstable; urgency=high
159246
160 [ Mathieu Parent ]247 [ Mathieu Parent ]
@@ -185,6 +272,37 @@ samba (2:4.7.4+dfsg-2) unstable; urgency=high
185272
186 -- Mathieu Parent <sathieu@debian.org> Fri, 02 Mar 2018 20:55:06 +0100273 -- Mathieu Parent <sathieu@debian.org> Fri, 02 Mar 2018 20:55:06 +0100
187274
275samba (2:4.7.4+dfsg-1ubuntu1) bionic; urgency=medium
276
277 * Merge with Debian unstable (LP: #1744779). Remaining changes:
278 - debian/VERSION.patch: Update vendor string to "Ubuntu".
279 - debian/smb.conf;
280 + Add "(Samba, Ubuntu)" to server string.
281 + Comment out the default [homes] share, and add a comment about
282 "valid users = %s" to show users how to restrict access to
283 \\server\username to only username.
284 - debian/samba-common.config:
285 + Do not change priority to high if dhclient3 is installed.
286 - Add apport hook:
287 + Created debian/source_samba.py.
288 + debian/rules, debian/samba-common-bin.install: install hook.
289 - Add extra DEP8 tests to samba (LP #1696823):
290 + d/t/control, d/t/cifs-share-access: access a file in a share using cifs
291 + d/t/control, d/t/smbclient-anonymous-share-list: list available shares
292 anonymously
293 + d/t/control, d/t/smbclient-authenticated-share-list: list available
294 shares using an authenticated connection
295 + d/t/control, d/t/smbclient-share-access: create a share and download a
296 file from it
297 - d/samba-common.dhcp: If systemctl is available, use it to query the
298 status of the smbd service before trying to reload it. Otherwise,
299 keep the same check as before and reload the service based on the
300 existence of the initscript. (LP #1579597)
301 - d/control, d/rules: Disable glusterfs support because it's not in main.
302 MIR bug is https://launchpad.net/bugs/1274247
303
304 -- Andreas Hasenack <andreas@canonical.com> Mon, 22 Jan 2018 16:31:41 -0200
305
188samba (2:4.7.4+dfsg-1) unstable; urgency=medium306samba (2:4.7.4+dfsg-1) unstable; urgency=medium
189307
190 * New upstream version308 * New upstream version
@@ -201,6 +319,42 @@ samba (2:4.7.4+dfsg-1) unstable; urgency=medium
201319
202 -- Mathieu Parent <sathieu@debian.org> Thu, 11 Jan 2018 20:49:28 +0100320 -- Mathieu Parent <sathieu@debian.org> Thu, 11 Jan 2018 20:49:28 +0100
203321
322samba (2:4.7.3+dfsg-1ubuntu1) bionic; urgency=medium
323
324 * Merge with Debian; remaining changes:
325 - debian/VERSION.patch: Update vendor string to "Ubuntu".
326 - debian/smb.conf;
327 + Add "(Samba, Ubuntu)" to server string.
328 + Comment out the default [homes] share, and add a comment about
329 "valid users = %s" to show users how to restrict access to
330 \\server\username to only username.
331 - debian/samba-common.config:
332 + Do not change priority to high if dhclient3 is installed.
333 - Add apport hook:
334 + Created debian/source_samba.py.
335 + debian/rules, debian/samba-common-bin.install: install hook.
336 - Add extra DEP8 tests to samba (LP #1696823):
337 + d/t/control: enable the new DEP8 tests
338 + d/t/smbclient-anonymous-share-list: list available shares anonymously
339 + d/t/smbclient-authenticated-share-list: list available shares using
340 an authenticated connection
341 + d/t/smbclient-share-access: create a share and download a file from it
342 + d/t/cifs-share-access: access a file in a share using cifs
343 - Ask the user if we can run testparm against the config file. If yes,
344 include its stderr and exit status in the bug report. Otherwise, only
345 include the exit status. (LP #1694334)
346 - If systemctl is available, use it to query the status of the smbd
347 service before trying to reload it. Otherwise, keep the same check
348 as before and reload the service based on the existence of the
349 initscript. (LP #1579597)
350 - d/rules: Compile winbindd/winbindd statically.
351 - Disable glusterfs support because it's not in main.
352 MIR bug is https://launchpad.net/bugs/1274247
353 - d/source_samba.py: use the new recommended findmnt(8) tool to list
354 mountpoints and correctly filter by the cifs filesystem type.
355
356 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 05 Dec 2017 12:49:20 -0500
357
204samba (2:4.7.3+dfsg-1) unstable; urgency=high358samba (2:4.7.3+dfsg-1) unstable; urgency=high
205359
206 * New upstream version360 * New upstream version
@@ -224,6 +378,42 @@ samba (2:4.7.1+dfsg-2) unstable; urgency=high
224378
225 -- Mathieu Parent <sathieu@debian.org> Sun, 12 Nov 2017 10:02:19 +0100379 -- Mathieu Parent <sathieu@debian.org> Sun, 12 Nov 2017 10:02:19 +0100
226380
381samba (2:4.7.1+dfsg-1ubuntu1) bionic; urgency=medium
382
383 * Merge with Debian; remaining changes:
384 - debian/VERSION.patch: Update vendor string to "Ubuntu".
385 - debian/smb.conf;
386 + Add "(Samba, Ubuntu)" to server string.
387 + Comment out the default [homes] share, and add a comment about
388 "valid users = %s" to show users how to restrict access to
389 \\server\username to only username.
390 - debian/samba-common.config:
391 + Do not change priority to high if dhclient3 is installed.
392 - Add apport hook:
393 + Created debian/source_samba.py.
394 + debian/rules, debian/samba-common-bin.install: install hook.
395 - Add extra DEP8 tests to samba (LP #1696823):
396 + d/t/control: enable the new DEP8 tests
397 + d/t/smbclient-anonymous-share-list: list available shares anonymously
398 + d/t/smbclient-authenticated-share-list: list available shares using
399 an authenticated connection
400 + d/t/smbclient-share-access: create a share and download a file from it
401 + d/t/cifs-share-access: access a file in a share using cifs
402 - Ask the user if we can run testparm against the config file. If yes,
403 include its stderr and exit status in the bug report. Otherwise, only
404 include the exit status. (LP #1694334)
405 - If systemctl is available, use it to query the status of the smbd
406 service before trying to reload it. Otherwise, keep the same check
407 as before and reload the service based on the existence of the
408 initscript. (LP #1579597)
409 - d/rules: Compile winbindd/winbindd statically.
410 - Disable glusterfs support because it's not in main.
411 MIR bug is https://launchpad.net/bugs/1274247
412 - d/source_samba.py: use the new recommended findmnt(8) tool to list
413 mountpoints and correctly filter by the cifs filesystem type.
414
415 -- Matthias Klose <doko@ubuntu.com> Fri, 10 Nov 2017 10:03:57 +0100
416
227samba (2:4.7.1+dfsg-1) unstable; urgency=medium417samba (2:4.7.1+dfsg-1) unstable; urgency=medium
228418
229 * New upstream version419 * New upstream version
@@ -272,6 +462,87 @@ samba (2:4.6.7+dfsg-2) unstable; urgency=high
272462
273 -- Mathieu Parent <sathieu@debian.org> Tue, 19 Sep 2017 22:00:13 +0200463 -- Mathieu Parent <sathieu@debian.org> Tue, 19 Sep 2017 22:00:13 +0200
274464
465samba (2:4.6.7+dfsg-1ubuntu3) artful; urgency=medium
466
467 * SECURITY UPDATE: SMB1/2/3 connections may not require signing where
468 they should
469 - debian/patches/CVE-2017-12150-1.patch: don't turn a guessed username
470 into a specified one in source3/include/auth_info.h,
471 source3/lib/popt_common.c, source3/lib/util_cmdline.c.
472 - debian/patches/CVE-2017-12150-2.patch: add SMB_SIGNING_REQUIRED to
473 source3/lib/util_cmdline.c.
474 - debian/patches/CVE-2017-12150-3.patch: add SMB_SIGNING_REQUIRED to
475 source3/libsmb/pylibsmb.c.
476 - debian/patches/CVE-2017-12150-4.patch: add SMB_SIGNING_REQUIRED to
477 libgpo/gpo_fetch.c.
478 - debian/patches/CVE-2017-12150-5.patch: add check for
479 NTLM_CCACHE/SIGN/SEAL to auth/credentials/credentials.c.
480 - debian/patches/CVE-2017-12150-6.patch: add
481 smbXcli_conn_signing_mandatory() to libcli/smb/smbXcli_base.*.
482 - debian/patches/CVE-2017-12150-7.patch: only fallback to anonymous if
483 authentication was not requested in source3/libsmb/clidfs.c.
484 - CVE-2017-12150
485 * SECURITY UPDATE: SMB3 connections don't keep encryption across DFS
486 redirects
487 - debian/patches/CVE-2017-12151-1.patch: add
488 cli_state_is_encryption_on() helper function to
489 source3/libsmb/clientgen.c, source3/libsmb/proto.h.
490 - debian/patches/CVE-2017-12151-2.patch: make use of
491 cli_state_is_encryption_on() in source3/libsmb/clidfs.c,
492 source3/libsmb/libsmb_context.c.
493 - CVE-2017-12151
494 * SECURITY UPDATE: Server memory information leak over SMB1
495 - debian/patches/CVE-2017-12163.patch: prevent client short SMB1 write
496 from writing server memory to file in source3/smbd/reply.c.
497 - CVE-2017-12163
498
499 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 21 Sep 2017 08:10:03 -0400
500
501samba (2:4.6.7+dfsg-1ubuntu2) artful; urgency=medium
502
503 * d/source_samba.py: use the new recommended findmnt(8) tool to list
504 mountpoints and correctly filter by the cifs filesystem type.
505 (LP: #1703604)
506
507 -- Andreas Hasenack <andreas@canonical.com> Fri, 01 Sep 2017 09:47:58 -0300
508
509samba (2:4.6.7+dfsg-1ubuntu1) artful; urgency=medium
510
511 * Merge with Debian unstable (LP: #1710281).
512 - Upstream version 4.6.7 fixes the CVE-2017-2619 regression with non-wide
513 symlinks to directories (LP: #1701073)
514 * Remaining changes:
515 - debian/VERSION.patch: Update vendor string to "Ubuntu".
516 - debian/smb.conf;
517 + Add "(Samba, Ubuntu)" to server string.
518 + Comment out the default [homes] share, and add a comment about
519 "valid users = %s" to show users how to restrict access to
520 \\server\username to only username.
521 - debian/samba-common.config:
522 + Do not change priority to high if dhclient3 is installed.
523 - Add apport hook:
524 + Created debian/source_samba.py.
525 + debian/rules, debian/samba-common-bin.install: install hook.
526 - Add extra DEP8 tests to samba (LP #1696823):
527 + d/t/control: enable the new DEP8 tests
528 + d/t/smbclient-anonymous-share-list: list available shares anonymously
529 + d/t/smbclient-authenticated-share-list: list available shares using
530 an authenticated connection
531 + d/t/smbclient-share-access: create a share and download a file from it
532 + d/t/cifs-share-access: access a file in a share using cifs
533 - Ask the user if we can run testparm against the config file. If yes,
534 include its stderr and exit status in the bug report. Otherwise, only
535 include the exit status. (LP #1694334)
536 - If systemctl is available, use it to query the status of the smbd
537 service before trying to reload it. Otherwise, keep the same check
538 as before and reload the service based on the existence of the
539 initscript. (LP #1579597)
540 - d/rules: Compile winbindd/winbindd statically.
541 - Disable glusterfs support because it's not in main.
542 MIR bug is https://launchpad.net/bugs/1274247
543
544 -- Andreas Hasenack <andreas@canonical.com> Mon, 21 Aug 2017 17:27:08 -0300
545
275samba (2:4.6.7+dfsg-1) unstable; urgency=medium546samba (2:4.6.7+dfsg-1) unstable; urgency=medium
276547
277 * New upstream version548 * New upstream version
@@ -283,6 +554,60 @@ samba (2:4.6.7+dfsg-1) unstable; urgency=medium
283554
284 -- Mathieu Parent <sathieu@debian.org> Tue, 15 Aug 2017 23:06:36 +0200555 -- Mathieu Parent <sathieu@debian.org> Tue, 15 Aug 2017 23:06:36 +0200
285556
557samba (2:4.6.5+dfsg-8ubuntu1) artful; urgency=medium
558
559 * Merge with Debian unstable (LP: #1700644). Remaining changes:
560 - debian/VERSION.patch: Update vendor string to "Ubuntu".
561 - debian/smb.conf;
562 + Add "(Samba, Ubuntu)" to server string.
563 + Comment out the default [homes] share, and add a comment about
564 "valid users = %s" to show users how to restrict access to
565 \\server\username to only username.
566 - debian/samba-common.config:
567 + Do not change priority to high if dhclient3 is installed.
568 - Add apport hook:
569 + Created debian/source_samba.py.
570 + debian/rules, debian/samba-common-bin.install: install hook.
571 - Add extra DEP8 tests to samba (LP #1696823):
572 + d/t/control: enable the new DEP8 tests
573 + d/t/smbclient-anonymous-share-list: list available shares anonymously
574 + d/t/smbclient-authenticated-share-list: list available shares using
575 an authenticated connection
576 + d/t/smbclient-share-access: create a share and download a file from it
577 + d/t/cifs-share-access: access a file in a share using cifs
578 - Ask the user if we can run testparm against the config file. If yes,
579 include its stderr and exit status in the bug report. Otherwise, only
580 include the exit status. (LP #1694334)
581 - If systemctl is available, use it to query the status of the smbd
582 service before trying to reload it. Otherwise, keep the same check
583 as before and reload the service based on the existence of the
584 initscript. (LP #1579597)
585 * Drop:
586 - d/rules: Compile winbindd/winbindd statically. (LP: #1700527)
587 [This hunk was missed in 2:4.5.8+dfsg-2ubuntu2 when patch
588 fix-1584485.patch was dropped there.]
589 - d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
590 pam_winbind krb5_ccache_type=FILE failure
591 [Replaced by d/p/s3-gse_krb5-fix-a-possible-crash-in-fill_mem_keytab.patch
592 in 2:4.6.5+dfsg-3 that closed Debian's bug #739768]
593 - debian/patches/winbind_trusted_domains.patch: make sure domain
594 members can talk to trusted domains DCs.
595 [Upstream committed a different fix, see updated patch attached to
596 https://bugzilla.samba.org/show_bug.cgi?id=11830]
597 - d/control: add libcephfs-dev as b-d to build vfs_ceph
598 [Adopted by Debian in 2:4.6.5+dfsg-1]
599 - debian/patches/CVE-2017-11103.patch: use encrypted service
600 name rather than unencrypted (and therefore spoofable) version
601 in heimdal
602 [Adopted by Debian as
603 d/p/CVE-2017-11103-Orpheus-Lyre-KDC-REP-service-name-val.patch]
604 - Cherrypick upstream patch to fix FTBFS with new ceph lib.
605 [Merged upstream in 4.6.0rc1]
606 * Disable glusterfs support because it's not in main.
607 MIR bug is https://launchpad.net/bugs/1274247
608
609 -- Andreas Hasenack <andreas@canonical.com> Thu, 10 Aug 2017 22:20:22 -0300
610
286samba (2:4.6.5+dfsg-8) unstable; urgency=medium611samba (2:4.6.5+dfsg-8) unstable; urgency=medium
287612
288 * Remove dependency on update-inetd, not used anymore613 * Remove dependency on update-inetd, not used anymore
@@ -402,6 +727,77 @@ samba (2:4.6.5+dfsg-1) experimental; urgency=medium
402727
403 -- Mathieu Parent <sathieu@debian.org> Mon, 12 Jun 2017 08:09:43 +0200728 -- Mathieu Parent <sathieu@debian.org> Mon, 12 Jun 2017 08:09:43 +0200
404729
730samba (2:4.5.8+dfsg-2ubuntu5) artful; urgency=medium
731
732 * Cherrypick upstream patch to fix FTBFS with new ceph lib.
733
734 -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 26 Jul 2017 08:34:24 +0100
735
736samba (2:4.5.8+dfsg-2ubuntu4) artful; urgency=medium
737
738 * SECURITY UPDATE: KDC-REP service name impersonation
739 - debian/patches/CVE-2017-11103.patch: use encrypted service
740 name rather than unencrypted (and therefore spoofable) version
741 in heimdal
742 - CVE-2017-11103
743
744 -- Steve Beattie <sbeattie@ubuntu.com> Mon, 17 Jul 2017 16:22:28 -0700
745
746samba (2:4.5.8+dfsg-2ubuntu3) artful; urgency=medium
747
748 * No-change rebuild against libldb 1.1.29
749
750 -- Steve Langasek <steve.langasek@ubuntu.com> Sun, 25 Jun 2017 16:09:33 -0700
751
752samba (2:4.5.8+dfsg-2ubuntu2) artful; urgency=medium
753
754 * Add extra DEP8 tests to samba (LP: #1696823):
755 - d/t/control: enable the new DEP8 tests
756 - d/t/smbclient-anonymous-share-list: list available shares anonymously
757 - d/t/smbclient-authenticated-share-list: list available shares using
758 an authenticated connection
759 - d/t/smbclient-share-access: create a share and download a file from it
760 - d/t/cifs-share-access: access a file in a share using cifs
761 * Ask the user if we can run testparm against the config file. If yes,
762 include its stderr and exit status in the bug report. Otherwise, only
763 include the exit status. (LP: #1694334)
764 * If systemctl is available, use it to query the status of the smbd
765 service before trying to reload it. Otherwise, keep the same check
766 as before and reload the service based on the existence of the
767 initscript. (LP: #1579597)
768 * Remove d/p/fix-1584485.patch as it builds a broken pam_winbind
769 module. There is a fixed version of that patch attached to
770 #1677329 but it has not been vetted yet, so for now it's best
771 to revert (again) so that pam_winbind can be used.
772 (LP: #1677329, LP: #1644428)
773
774 -- Andreas Hasenack <andreas@canonical.com> Mon, 19 Jun 2017 10:49:29 -0700
775
776samba (2:4.5.8+dfsg-2ubuntu1) artful; urgency=medium
777
778 * Merge from Debian unstable. Remaining changes:
779 - debian/VERSION.patch: Update vendor string to "Ubuntu".
780 - debian/smb.conf;
781 + Add "(Samba, Ubuntu)" to server string.
782 + Comment out the default [homes] share, and add a comment about
783 "valid users = %s" to show users how to restrict access to
784 \\server\username to only username.
785 - debian/samba-common.config:
786 + Do not change priority to high if dhclient3 is installed.
787 - Add apport hook:
788 + Created debian/source_samba.py.
789 + debian/rules, debian/samba-common-bin.install: install hook.
790 - d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
791 pam_winbind krb5_ccache_type=FILE failure
792 - debian/patches/winbind_trusted_domains.patch: make sure domain
793 members can talk to trusted domains DCs.
794 - d/p/fix-1584485.patch: Make libnss-winbind and libpam-winbind
795 to be statically linked
796 - d/rules: Compile winbindd/winbindd statically.
797 - d/control: add libcephfs-dev as b-d to build vfs_ceph
798
799 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 15 Jun 2017 14:17:43 -0400
800
405samba (2:4.5.8+dfsg-2) unstable; urgency=high801samba (2:4.5.8+dfsg-2) unstable; urgency=high
406802
407 * CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside803 * CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside
@@ -416,6 +812,23 @@ samba (2:4.5.8+dfsg-1) unstable; urgency=high
416812
417 -- Mathieu Parent <sathieu@debian.org> Sat, 01 Apr 2017 20:39:17 +0200813 -- Mathieu Parent <sathieu@debian.org> Sat, 01 Apr 2017 20:39:17 +0200
418814
815samba (2:4.5.8+dfsg-0ubuntu1) artful; urgency=medium
816
817 * SECURITY UPDATE: remote code execution from a writable share
818 - debian/patches/CVE-2017-7494.patch: refuse to open pipe names with a
819 slash inside in source3/rpc_server/srv_pipe.c.
820 - CVE-2017-7494
821
822 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 24 May 2017 07:39:13 -0400
823
824samba (2:4.5.8+dfsg-0ubuntu0.17.04.1) zesty-security; urgency=medium
825
826 * SECURITY UPDATE: Symlink race allows access outside share definition
827 - Updated to new upstream release 4.5.8.
828 - CVE-2017-2619
829
830 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 21 Apr 2017 07:33:25 -0400
831
419samba (2:4.5.6+dfsg-2) unstable; urgency=high832samba (2:4.5.6+dfsg-2) unstable; urgency=high
420833
421 * This is a security release in order to address the following defects:834 * This is a security release in order to address the following defects:
@@ -445,6 +858,61 @@ samba (2:4.5.5+dfsg-1) unstable; urgency=medium
445858
446 -- Mathieu Parent <sathieu@debian.org> Sun, 05 Mar 2017 23:21:09 +0100859 -- Mathieu Parent <sathieu@debian.org> Sun, 05 Mar 2017 23:21:09 +0100
447860
861samba (2:4.5.4+dfsg-1ubuntu2) zesty; urgency=medium
862
863 * d/control: add libcephfs-dev as b-d to build vfs_ceph
864 (LP: #1668940).
865
866 -- Nishanth Aravamudan <nish.aravamudan@canonical.com> Mon, 06 Mar 2017 11:13:41 -0800
867
868samba (2:4.5.4+dfsg-1ubuntu1) zesty; urgency=medium
869
870 * Merge from Debian unstable (LP: #1659707, LP: #1639962). Remaining
871 changes:
872 + debian/VERSION.patch: Update vendor string to "Ubuntu".
873 + debian/smb.conf;
874 - Add "(Samba, Ubuntu)" to server string.
875 - Comment out the default [homes] share, and add a comment about "valid users = %s"
876 to show users how to restrict access to \\server\username to only username.
877 + debian/samba-common.config:
878 - Do not change prioritiy to high if dhclient3 is installed.
879 + Add apport hook:
880 - Created debian/source_samba.py.
881 - debian/rules, debia/samb-common-bin.install: install hook.
882 + d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
883 pam_winbind krb5_ccache_type=FILE failure (LP #1310919)
884 + debian/patches/winbind_trusted_domains.patch: make sure domain members
885 can talk to trusted domains DCs.
886 [ update patch based upon upstream discussion ]
887 + d/p/fix-1584485.patch: Make libnss-winbind and libpam-winbind
888 to be statically linked fixes LP #1584485.
889 + d/rules: Compile winbindd/winbindd statically.
890 * Drop:
891 - Delete debian/.gitignore
892 [ Previously undocumented ]
893 - debian/patches/git_smbclient_cpu.patch:
894 + backport upstream patch to fix smbclient users hanging/eating cpu on
895 trying to contact a machine which is not there (lp #1572260)
896 [ Fixed upstream ]
897 - SECURITY UPDATE: remote code execution via heap overflow in NDR parsing
898 + debian/patches/CVE-2016-2123.patch: check lengths in
899 librpc/ndr/ndr_dnsp.c.
900 + CVE-2016-2123
901 [ Fixed in Debian ]
902 - SECURITY UPDATE: unconditional privilege delegation to Kerberos servers
903 + debian/patches/CVE-2016-2125.patch: don't use GSS_C_DELEG_FLAG in
904 source4/scripting/bin/nsupdate-gss, source3/librpc/crypto/gse.c,
905 source4/auth/gensec/gensec_gssapi.c.
906 + CVE-2016-2125
907 [ Fixed in Debian ]
908 - SECURITY UPDATE: privilege elevation in Kerberos PAC validation
909 + debian/patches/CVE-2016-2126.patch: only allow known checksum types
910 in auth/kerberos/kerberos_pac.c.
911 + CVE-2016-2126
912 [ Fixed in Debian ]
913
914 -- Nishanth Aravamudan <nish.aravamudan@canonical.com> Thu, 26 Jan 2017 17:20:15 -0800
915
448samba (2:4.5.4+dfsg-1) unstable; urgency=medium916samba (2:4.5.4+dfsg-1) unstable; urgency=medium
449917
450 [ Mathieu Parent ]918 [ Mathieu Parent ]
@@ -572,6 +1040,77 @@ samba (2:4.4.5+dfsg-3) unstable; urgency=medium
5721040
573 -- Mathieu Parent <sathieu@debian.org> Fri, 09 Sep 2016 13:00:54 +02001041 -- Mathieu Parent <sathieu@debian.org> Fri, 09 Sep 2016 13:00:54 +0200
5741042
1043samba (2:4.4.5+dfsg-2ubuntu7) zesty; urgency=medium
1044
1045 * SECURITY UPDATE: remote code execution via heap overflow in NDR parsing
1046 - debian/patches/CVE-2016-2123.patch: check lengths in
1047 librpc/ndr/ndr_dnsp.c.
1048 - CVE-2016-2123
1049 * SECURITY UPDATE: unconditional privilege delegation to Kerberos servers
1050 - debian/patches/CVE-2016-2125.patch: don't use GSS_C_DELEG_FLAG in
1051 source4/scripting/bin/nsupdate-gss, source3/librpc/crypto/gse.c,
1052 source4/auth/gensec/gensec_gssapi.c.
1053 - CVE-2016-2125
1054 * SECURITY UPDATE: privilege elevation in Kerberos PAC validation
1055 - debian/patches/CVE-2016-2126.patch: only allow known checksum types
1056 in auth/kerberos/kerberos_pac.c.
1057 - CVE-2016-2126
1058
1059 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 20 Jan 2017 12:32:25 -0500
1060
1061samba (2:4.4.5+dfsg-2ubuntu6) zesty; urgency=high
1062
1063 * d/p/fix-1584485.patch: Make libnss-winbind and libpam-winbind
1064 to be statically linked fixes LP: #1584485.
1065
1066 * d/rules: Compile winbindd/winbindd statically.
1067
1068 -- Jorge Niedbalski <jorge.niedbalski@canonical.com> Wed, 02 Nov 2016 13:59:10 +0100
1069
1070samba (2:4.4.5+dfsg-2ubuntu5) yakkety; urgency=medium
1071
1072 * No-change rebuild for readline soname change.
1073
1074 -- Matthias Klose <doko@ubuntu.com> Sun, 18 Sep 2016 10:26:52 +0000
1075
1076samba (2:4.4.5+dfsg-2ubuntu4) yakkety; urgency=medium
1077
1078 * No-change rebuild for readline soname change.
1079
1080 -- Matthias Klose <doko@ubuntu.com> Sat, 17 Sep 2016 12:09:21 +0000
1081
1082samba (2:4.4.5+dfsg-2ubuntu3) yakkety; urgency=medium
1083
1084 * debian/patches/git_smbclient_cpu.patch:
1085 - backport upstream patch to fix smbclient users hanging/eating cpu on
1086 trying to contact a machine which is not there (lp: #1572260)
1087
1088 -- Sebastien Bacher <seb128@ubuntu.com> Fri, 05 Aug 2016 17:32:43 +0200
1089
1090samba (2:4.4.5+dfsg-2ubuntu1) yakkety; urgency=low
1091
1092 * Merge from Debian unstable. Remaining changes:
1093 + debian/VERSION.patch: Update vendor string to "Ubuntu".
1094 + debian/smb.conf;
1095 - Add "(Samba, Ubuntu)" to server string.
1096 - Comment out the default [homes] share, and add a comment about "valid users = %s"
1097 to show users how to restrict access to \\server\username to only username.
1098 + debian/samba-common.config:
1099 - Do not change prioritiy to high if dhclient3 is installed.
1100 + Add apport hook:
1101 - Created debian/source_samba.py.
1102 - debian/rules, debia/samb-common-bin.install: install hook.
1103 + d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
1104 pam_winbind krb5_ccache_type=FILE failure (LP: #1310919)
1105 + debian/patches/winbind_trusted_domains.patch: make sure domain members
1106 can talk to trusted domains DCs.
1107 * Dropped changes:
1108 - build-depends on libgnutls-dev instead of libgnutsl28-dev: rename was
1109 never done in Debian, revert.
1110 - ufw integration: included in Debian.
1111
1112 -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 14 Jul 2016 17:45:46 -0700
1113
575samba (2:4.4.5+dfsg-2) unstable; urgency=medium1114samba (2:4.4.5+dfsg-2) unstable; urgency=medium
5761115
577 * Disable running of 'make quicktest' during build, as it takes very1116 * Disable running of 'make quicktest' during build, as it takes very
@@ -699,6 +1238,20 @@ samba (2:4.4.0+dfsg-1) experimental; urgency=medium
6991238
700 -- Andrew Bartlett <abartlet+debian@catalyst.net.nz> Wed, 06 Apr 2016 17:08:20 +12001239 -- Andrew Bartlett <abartlet+debian@catalyst.net.nz> Wed, 06 Apr 2016 17:08:20 +1200
7011240
1241samba (2:4.3.9+dfsg-0ubuntu1) yakkety; urgency=medium
1242
1243 * SECURITY REGRESSION: Updated to 4.3.9 to fix multiple regressions in
1244 the previous security updates. (LP: #1577739)
1245 - debian/control: bump tevent Build-Depends to 0.9.28.
1246 * SECURITY REGRESSION: NTLM authentication issues (LP: #1578576)
1247 - debian/patches/samba-bug11912.patch: let msrpc_parse() return
1248 talloc'ed empty strings in libcli/auth/msrpc_parse.c.
1249 - debian/patches/samba-bug11914.patch: make
1250 ntlm_auth_generate_session_info() more complete in
1251 source3/utils/ntlm_auth.c.
1252
1253 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 25 May 2016 09:29:15 -0400
1254
702samba (2:4.3.8+dfsg-1) unstable; urgency=low1255samba (2:4.3.8+dfsg-1) unstable; urgency=low
7031256
704 [ Jelmer Vernooij ]1257 [ Jelmer Vernooij ]
@@ -713,6 +1266,25 @@ samba (2:4.3.8+dfsg-1) unstable; urgency=low
7131266
714 -- Jelmer Vernooij <jelmer@debian.org> Sat, 16 Apr 2016 01:18:36 +00001267 -- Jelmer Vernooij <jelmer@debian.org> Sat, 16 Apr 2016 01:18:36 +0000
7151268
1269samba (2:4.3.8+dfsg-0ubuntu1) xenial; urgency=medium
1270
1271 * SECURITY UPDATE: Updated to 4.3.8 to fix multiple security issues
1272 - CVE-2015-5370: Multiple errors in DCE-RPC code
1273 - CVE-2016-2110: Man in the middle attacks possible with NTLMSSP
1274 - CVE-2016-2111: NETLOGON Spoofing Vulnerability
1275 - CVE-2016-2112: The LDAP client and server don't enforce integrity
1276 protection
1277 - CVE-2016-2113: Missing TLS certificate validation allows man in the
1278 middle attacks
1279 - CVE-2016-2114: "server signing = mandatory" not enforced
1280 - CVE-2016-2115: SMB client connections for IPC traffic are not
1281 integrity protected
1282 - CVE-2016-2118: SAMR and LSA man in the middle attacks possible
1283 * debian/patches/winbind_trusted_domains.patch: make sure domain members
1284 can talk to trusted domains DCs.
1285
1286 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 12 Apr 2016 07:26:29 -0400
1287
716samba (2:4.3.7+dfsg-1) unstable; urgency=high1288samba (2:4.3.7+dfsg-1) unstable; urgency=high
7171289
718 * New upstream release.1290 * New upstream release.
@@ -755,6 +1327,29 @@ samba (2:4.3.6+dfsg-2) unstable; urgency=low
7551327
756 -- Mathieu Parent <sathieu@debian.org> Thu, 31 Mar 2016 22:26:11 +02001328 -- Mathieu Parent <sathieu@debian.org> Thu, 31 Mar 2016 22:26:11 +0200
7571329
1330samba (2:4.3.6+dfsg-1ubuntu1) xenial; urgency=medium
1331
1332 * Merge with Debian; remaining changes:
1333 + debian/VERSION.patch: Update vendor string to "Ubuntu".
1334 + debian/smb.conf;
1335 - Add "(Samba, Ubuntu)" to server string.
1336 - Comment out the default [homes] share, and add a comment about "valid users = %s"
1337 to show users how to restrict access to \\server\username to only username.
1338 + debian/samba-common.config:
1339 - Do not change prioritiy to high if dhclient3 is installed.
1340 + debian/control:
1341 - Switch build depends from transitional libgnutsl28-dev to libgnutls-dev
1342 + Add ufw integration:
1343 - Created debian/samba.ufw.profile:
1344 - debian/rules, debian/samba.install: install profile
1345 + Add apport hook:
1346 - Created debian/source_samba.py.
1347 - debian/rules, debia/samb-common-bin.install: install hook.
1348 + d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
1349 pam_winbind krb5_ccache_type=FILE failure (LP: #1310919)
1350
1351 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 09 Mar 2016 08:49:12 -0500
1352
758samba (2:4.3.6+dfsg-1) unstable; urgency=medium1353samba (2:4.3.6+dfsg-1) unstable; urgency=medium
7591354
760 * New upstream release.1355 * New upstream release.
@@ -800,6 +1395,42 @@ samba (2:4.3.3+dfsg-2) unstable; urgency=medium
8001395
801 -- Mathieu Parent <sathieu@debian.org> Thu, 04 Feb 2016 13:25:01 +01001396 -- Mathieu Parent <sathieu@debian.org> Thu, 04 Feb 2016 13:25:01 +0100
8021397
1398samba (2:4.3.3+dfsg-1ubuntu3) xenial; urgency=medium
1399
1400 * No-change rebuild for gnutls transition.
1401
1402 -- Matthias Klose <doko@ubuntu.com> Wed, 17 Feb 2016 22:41:43 +0000
1403
1404samba (2:4.3.3+dfsg-1ubuntu2) xenial; urgency=medium
1405
1406 * Fixes regression introduced by debian/patches/CVE-2015-5252.patch.
1407 (LP: #1545750)
1408
1409 -- Dariusz Gadomski <dariusz.gadomski@canonical.com> Mon, 15 Feb 2016 16:05:12 +0100
1410
1411samba (2:4.3.3+dfsg-1ubuntu1) xenial; urgency=medium
1412
1413 * Merge with Debian; remaining changes:
1414 + debian/VERSION.patch: Update vendor string to "Ubuntu".
1415 + debian/smb.conf;
1416 - Add "(Samba, Ubuntu)" to server string.
1417 - Comment out the default [homes] share, and add a comment about "valid users = %s"
1418 to show users how to restrict access to \\server\username to only username.
1419 + debian/samba-common.config:
1420 - Do not change prioritiy to high if dhclient3 is installed.
1421 + debian/control:
1422 - Switch build depends from transitional libgnutsl28-dev to libgnutls-dev
1423 + Add ufw integration:
1424 - Created debian/samba.ufw.profile:
1425 - debian/rules, debian/samba.install: install profile
1426 + Add apport hook:
1427 - Created debian/source_samba.py.
1428 - debian/rules, debia/samb-common-bin.install: install hook.
1429 + d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
1430 pam_winbind krb5_ccache_type=FILE failure (LP: #1310919)
1431
1432 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 06 Jan 2016 07:41:39 -0500
1433
803samba (2:4.3.3+dfsg-1) unstable; urgency=medium1434samba (2:4.3.3+dfsg-1) unstable; urgency=medium
8041435
805 * New upstream release. Closes: #808133.1436 * New upstream release. Closes: #808133.
@@ -884,6 +1515,63 @@ samba (2:4.2.1+dfsg-1) experimental; urgency=medium
8841515
885 -- Jelmer Vernooij <jelmer@debian.org> Sun, 07 Dec 2014 15:34:36 +00001516 -- Jelmer Vernooij <jelmer@debian.org> Sun, 07 Dec 2014 15:34:36 +0000
8861517
1518samba (2:4.1.20+dfsg-1ubuntu5) xenial; urgency=medium
1519
1520 * Resolve small merge error in the rules
1521
1522 -- Sebastien Bacher <seb128@ubuntu.com> Wed, 16 Dec 2015 12:02:12 +0100
1523
1524samba (2:4.1.20+dfsg-1ubuntu4) xenial; urgency=medium
1525
1526 * Backport Debian change to remove libpam-smbpasswd, it segfaults
1527 leading to non working session (lp: #1515207)
1528
1529 -- Sebastien Bacher <seb128@ubuntu.com> Wed, 16 Dec 2015 11:47:44 +0100
1530
1531samba (2:4.1.20+dfsg-1ubuntu3) xenial; urgency=medium
1532
1533 * Build with the new ldb
1534
1535 -- Sebastien Bacher <seb128@ubuntu.com> Wed, 18 Nov 2015 11:45:32 +0100
1536
1537samba (2:4.1.20+dfsg-1ubuntu2) xenial; urgency=medium
1538
1539 * debian/samba.logrotate:
1540 - revert to Debian version of the logrotate reload command, fix an
1541 invalid syntax introduced in the upstart->systemd transition
1542 (lp: #1385868)
1543
1544 -- Sebastien Bacher <seb128@ubuntu.com> Tue, 10 Nov 2015 19:01:06 +0100
1545
1546samba (2:4.1.20+dfsg-1ubuntu1) xenial; urgency=medium
1547
1548 * Merge with Debian; remaining changes:
1549 + debian/VERSION.patch: Update vendor string to "Ubuntu".
1550 + debian/smb.conf;
1551 - Add "(Samba, Ubuntu)" to server string.
1552 - Comment out the default [homes] share, and add a comment about "valid users = %s"
1553 to show users how to restrict access to \\server\username to only username.
1554 + debian/samba-common.config:
1555 - Do not change prioritiy to high if dhclient3 is installed.
1556 + debian/control:
1557 - Don't build against or suggest ctdb and tdb.
1558 - Switch build depends from transitional libgnutsl28-dev to libgnutls-dev
1559 + debian/rules:
1560 - Drop explicit configuration options for ctdb and tdb.
1561 + Add ufw integration:
1562 - Created debian/samba.ufw.profile:
1563 - debian/rules, debian/samba.install: install profile
1564 + Add apport hook:
1565 - Created debian/source_samba.py.
1566 - debian/rules, debia/samb-common-bin.install: install hook.
1567 + debian/samba.logrotate: use service command to reload (send SIGHUP) the main
1568 processes such that it works under both upstart and systemd.
1569 + debian/samba-common.dirs: Move /var/lib/samba/private from samba.dirs.
1570 + d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
1571 pam_winbind krb5_ccache_type=FILE failure (LP: #1310919)
1572
1573 -- Matthias Klose <doko@ubuntu.com> Sat, 24 Oct 2015 14:57:47 +0200
1574
887samba (2:4.1.20+dfsg-1) unstable; urgency=medium1575samba (2:4.1.20+dfsg-1) unstable; urgency=medium
8881576
889 * New upstream release (last compatible with current OpenChange).1577 * New upstream release (last compatible with current OpenChange).
@@ -897,6 +1585,44 @@ samba (2:4.1.17+dfsg-5) unstable; urgency=medium
8971585
898 -- Jelmer Vernooij <jelmer@debian.org> Sun, 20 Sep 2015 13:20:53 +00001586 -- Jelmer Vernooij <jelmer@debian.org> Sun, 20 Sep 2015 13:20:53 +0000
8991587
1588samba (2:4.1.17+dfsg-4ubuntu2) wily; urgency=medium
1589
1590 * debian/control:
1591 - Switch build depends from transitional libgnutsl28-dev to libgnutls-dev
1592
1593 -- Robert Ancell <robert.ancell@canonical.com> Tue, 11 Aug 2015 11:34:50 +1200
1594
1595samba (2:4.1.17+dfsg-4ubuntu1) wily; urgency=medium
1596
1597 * Merge from Debian unstable. Remaining changes:
1598 + debian/VERSION.patch: Update vendor string to "Ubuntu".
1599 + debian/smb.conf;
1600 - Add "(Samba, Ubuntu)" to server string.
1601 - Comment out the default [homes] share, and add a comment about "valid users = %s"
1602 to show users how to restrict access to \\server\username to only username.
1603 + debian/samba-common.config:
1604 - Do not change prioritiy to high if dhclient3 is installed.
1605 + debian/control:
1606 - Don't build against or suggest ctdb and tdb.
1607 + debian/rules:
1608 - Drop explicit configuration options for ctdb and tdb.
1609 + Add ufw integration:
1610 - Created debian/samba.ufw.profile:
1611 - debian/rules, debian/samba.install: install profile
1612 + Add apport hook:
1613 - Created debian/source_samba.py.
1614 - debian/rules, debia/samb-common-bin.install: install hook.
1615 + debian/samba.logrotate: use service command to reload (send SIGHUP) the main
1616 processes such that it works under both upstart and systemd.
1617 + debian/samba-common.dirs: Move /var/lib/samba/private from samba.dirs.
1618 + d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
1619 pam_winbind krb5_ccache_type=FILE failure (LP: #1310919)
1620 + debian/patches/git_timeout_client_error.patch:
1621 - don't let smb mounts timeout that leads to errors when trying to
1622 reuse a mount after idling for a while in e.g nautilus (lp: #310932)
1623
1624 -- Martin Pitt <martin.pitt@ubuntu.com> Fri, 08 May 2015 10:49:12 +0200
1625
900samba (2:4.1.17+dfsg-4) unstable; urgency=medium1626samba (2:4.1.17+dfsg-4) unstable; urgency=medium
9011627
902 * Add pidl_reproducible.patch: Make pidl output reproducible.1628 * Add pidl_reproducible.patch: Make pidl output reproducible.
@@ -933,6 +1659,53 @@ samba (2:4.1.17+dfsg-1) unstable; urgency=high
9331659
934 -- Ivo De Decker <ivodd@debian.org> Mon, 23 Feb 2015 20:20:21 +01001660 -- Ivo De Decker <ivodd@debian.org> Mon, 23 Feb 2015 20:20:21 +0100
9351661
1662samba (2:4.1.13+dfsg-4ubuntu3) vivid; urgency=medium
1663
1664 * debian/patches/git_timeout_client_error.patch:
1665 - don't let smb mounts timeout that leads to errors when trying to
1666 reuse a mount after idling for a while in e.g nautilus (lp: #310932)
1667
1668 -- Sebastien Bacher <seb128@ubuntu.com> Fri, 03 Apr 2015 17:20:06 +0200
1669
1670samba (2:4.1.13+dfsg-4ubuntu2) vivid; urgency=medium
1671
1672 * SECURITY UPDATE: code execution vulnerability in smbd daemon
1673 - debian/patches/CVE-2015-0240.patch: don't call talloc_free on an
1674 uninitialized pointer and don't dereference a NULL pointer in
1675 source3/rpc_server/netlogon/srv_netlog_nt.c.
1676 - CVE-2015-0240
1677
1678 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 23 Feb 2015 08:36:51 -0500
1679
1680samba (2:4.1.13+dfsg-4ubuntu1) vivid; urgency=low
1681
1682 * Merge from Debian unstable. Remaining changes:
1683 + debian/VERSION.patch: Update vendor string to "Ubuntu".
1684 + debian/smb.conf;
1685 - Add "(Samba, Ubuntu)" to server string.
1686 - Comment out the default [homes] share, and add a comment about "valid users = %s"
1687 to show users how to restrict access to \\server\username to only username.
1688 + debian/samba-common.config:
1689 - Do not change prioritiy to high if dhclient3 is installed.
1690 + debian/control:
1691 - Don't build against or suggest ctdb and tdb.
1692 + debian/rules:
1693 - Drop explicit configuration options for ctdb and tdb.
1694 + Add ufw integration:
1695 - Created debian/samba.ufw.profile:
1696 - debian/rules, debian/samba.install: install profile
1697 + Add apport hook:
1698 - Created debian/source_samba.py.
1699 - debian/rules, debia/samb-common-bin.install: install hook.
1700 + debian/samba.logrotate: use service command to reload (send SIGHUP) the main
1701 processes such that it works under both upstart and systemd.
1702 + debian/samba-common.dirs: Move /var/lib/samba/private from samba.dirs.
1703 + d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
1704 pam_winbind krb5_ccache_type=FILE failure (LP: #1310919)
1705 + debian/patches/CVE-2014-8143.patch fix CVE-2014-8143.
1706
1707 -- Gianfranco Costamagna <costamagnagianfranco@yahoo.it> Wed, 21 Jan 2015 15:48:05 +0100
1708
936samba (2:4.1.13+dfsg-4) unstable; urgency=medium1709samba (2:4.1.13+dfsg-4) unstable; urgency=medium
9371710
938 * Revert previous patch, since ldb has an active module version check.1711 * Revert previous patch, since ldb has an active module version check.
@@ -975,6 +1748,69 @@ samba (2:4.1.11+dfsg-2) unstable; urgency=medium
9751748
976 -- Jelmer Vernooij <jelmer@debian.org> Sun, 07 Sep 2014 20:52:27 +02001749 -- Jelmer Vernooij <jelmer@debian.org> Sun, 07 Sep 2014 20:52:27 +0200
9771750
1751samba (2:4.1.11+dfsg-1ubuntu4) vivid; urgency=medium
1752
1753 * SECURITY UPDATE: elevation of privilege to AD Domain Controller
1754 - debian/patches/CVE-2014-8143.patch: check for extended access rights
1755 before allowing changes to userAccountControl in
1756 librpc/idl/security.idl, source4/auth/session.c,
1757 source4/dsdb/common/util.c, source4/dsdb/pydsdb.c,
1758 source4/dsdb/samdb/ldb_modules/samldb.c, source4/dsdb/samdb/samdb.h,
1759 source4/rpc_server/lsa/dcesrv_lsa.c,
1760 source4/setup/schema_samba4.ldif.
1761 - CVE-2014-8143
1762
1763 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 21 Jan 2015 09:19:12 -0500
1764
1765samba (2:4.1.11+dfsg-1ubuntu3) vivid; urgency=medium
1766
1767 * No-change rebuild against current ldb. Note that I'm not claiming the
1768 merging for this package.
1769
1770 -- Martin Pitt <martin.pitt@ubuntu.com> Thu, 04 Dec 2014 07:50:22 +0100
1771
1772samba (2:4.1.11+dfsg-1ubuntu2) utopic; urgency=medium
1773
1774 * d/p/krb_zero_cursor.patch - apply proposed-upstream fix for
1775 pam_winbind krb5_ccache_type=FILE failure (LP: #1310919)
1776
1777 -- Serge Hallyn <serge.hallyn@ubuntu.com> Thu, 11 Sep 2014 11:53:36 -0500
1778
1779samba (2:4.1.11+dfsg-1ubuntu1) utopic; urgency=medium
1780
1781 * Merge from Debian unstable. Remaining changes:
1782 + debian/VERSION.patch: Update vendor string to "Ubuntu".
1783 + debian/smb.conf;
1784 - Add "(Samba, Ubuntu)" to server string.
1785 - Comment out the default [homes] share, and add a comment about "valid users = %s"
1786 to show users how to restrict access to \\server\username to only username.
1787 + debian/samba-common.config:
1788 - Do not change prioritiy to high if dhclient3 is installed.
1789 + debian/control:
1790 - Don't build against or suggest ctdb and tdb.
1791 + debian/rules:
1792 - Drop explicit configuration options for ctdb and tdb.
1793 + Add ufw integration:
1794 - Created debian/samba.ufw.profile:
1795 - debian/rules, debian/samba.install: install profile
1796 + Add apport hook:
1797 - Created debian/source_samba.py.
1798 - debian/rules, debia/samb-common-bin.install: install hook.
1799 + debian/samba.logrotate: call upstart interfaces unconditionally instead
1800 of hacking arround with pid files.
1801 + Set sbmclients conflicts with samba4-clients less than 4.0.3+dfsg1-0.1ubuntu4,
1802 first dummy transitional package version.
1803 + debian/samba-common.dirs: Move /var/lib/samba/private from samba.dirs.
1804
1805 * In logrotate, use service command to reload (send SIGHUP) the main
1806 processes such that it works under both upstart and systemd.
1807 * Drop CVE patches, applied upstream.
1808 * Drop patches absent from series: readline-ftbfs.patch,
1809 krb5_kt_start_seq.diff, config-bind99.patch
1810 * Drop debian/source/include-binaries, pyc files are correctly cleaned up
1811
1812 -- Dimitri John Ledkov <xnox@ubuntu.com> Sat, 09 Aug 2014 21:26:23 +0100
1813
978samba (2:4.1.11+dfsg-1) unstable; urgency=high1814samba (2:4.1.11+dfsg-1) unstable; urgency=high
9791815
980 * New upstream release. Fixes:1816 * New upstream release. Fixes:
@@ -1010,6 +1846,62 @@ samba (2:4.1.9+dfsg-1) unstable; urgency=high
10101846
1011 -- Ivo De Decker <ivo.dedecker@ugent.be> Mon, 23 Jun 2014 18:33:27 +02001847 -- Ivo De Decker <ivo.dedecker@ugent.be> Mon, 23 Jun 2014 18:33:27 +0200
10121848
1849samba (2:4.1.8+dfsg-1ubuntu3) utopic; urgency=medium
1850
1851 * SECURITY UPDATE: remote code execution on unauthenticated nmbd
1852 - debian/patches/CVE-2014-3560.patch: fix unstrcpy in
1853 lib/util/string_wrappers.h.
1854 - CVE-2014-3560
1855
1856 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 01 Aug 2014 17:54:54 -0400
1857
1858samba (2:4.1.8+dfsg-1ubuntu2) utopic; urgency=medium
1859
1860 * SECURITY UPDATE: denial of service on nmbd malformed packet
1861 - debian/patches/CVE-2014-0244.patch: return on EWOULDBLOCK/EAGAIN in
1862 source3/lib/system.c.
1863 - CVE-2014-0244
1864 * SECURITY UPDATE: denial of service via bad unicode conversion
1865 - debian/patches/CVE-2014-3493.patch: refactor code in
1866 source3/lib/charcnv.c, change return code checks in
1867 source3/libsmb/clirap.c, source3/smbd/lanman.c.
1868 - CVE-2014-3493
1869
1870 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 23 Jun 2014 14:10:12 -0400
1871
1872samba (2:4.1.8+dfsg-1ubuntu1) utopic; urgency=low
1873
1874 * Merge from Debian unstable. Remaining changes:
1875 + debian/VERSION.patch: Update vendor string to "Ubuntu".
1876 + debian/smb.conf;
1877 - Add "(Samba, Ubuntu)" to server string.
1878 - Comment out the default [homes] share, and add a comment about "valid users = %s"
1879 to show users how to restrict access to \\server\username to only username.
1880 + debian/samba-common.config:
1881 - Do not change prioritiy to high if dhclient3 is installed.
1882 + debian/control:
1883 - Don't build against or suggest ctdb and tdb.
1884 + debian/rules:
1885 - Drop explicit configuration options for ctdb and tdb.
1886 + Add ufw integration:
1887 - Created debian/samba.ufw.profile:
1888 - debian/rules, debian/samba.install: install profile
1889 + Add apport hook:
1890 - Created debian/source_samba.py.
1891 - debian/rules, debia/samb-common-bin.install: install hook.
1892 + debian/samba.logrotate: call upstart interfaces unconditionally instead
1893 of hacking arround with pid files.
1894 + Set sbmclients conflicts with samba4-clients less than 4.0.3+dfsg1-0.1ubuntu4,
1895 first dummy transitional package version.
1896 + Dropped patches:
1897 - debian/patches/CVE-2013-4496.patch: Dropped no longer needed
1898 - debian/patches/CVE-2013-6442.patch: Dropped no longer needed.
1899 - debian/patches/readline-ftbfs.patch: Use the debian version.
1900 + debian/samba-common.dirs: Move /var/lib/samba/private from samba.dirs.
1901 (LP: #1268180)
1902
1903 -- Chuck Short <zulcss@ubuntu.com> Wed, 18 Jun 2014 10:50:25 -0400
1904
1013samba (2:4.1.8+dfsg-1) unstable; urgency=medium1905samba (2:4.1.8+dfsg-1) unstable; urgency=medium
10141906
1015 [ Jelmer Vernooij ]1907 [ Jelmer Vernooij ]
@@ -1047,6 +1939,74 @@ samba (2:4.1.7+dfsg-1) unstable; urgency=medium
10471939
1048 -- Ivo De Decker <ivo.dedecker@ugent.be> Sat, 19 Apr 2014 13:39:09 +02001940 -- Ivo De Decker <ivo.dedecker@ugent.be> Sat, 19 Apr 2014 13:39:09 +0200
10491941
1942samba (2:4.1.6+dfsg-1ubuntu6) utopic; urgency=medium
1943
1944 * Set the stack size to unlimited during the build to avoid a SIGBUS in
1945 xsltproc on some architectures.
1946
1947 -- Colin Watson <cjwatson@ubuntu.com> Mon, 02 Jun 2014 23:18:40 +0100
1948
1949samba (2:4.1.6+dfsg-1ubuntu5) utopic; urgency=medium
1950
1951 * Backport from unstable (Ivo De Decker):
1952 - Build-depend on heimdal-dev.
1953
1954 -- Colin Watson <cjwatson@ubuntu.com> Mon, 02 Jun 2014 15:39:54 +0100
1955
1956samba (2:4.1.6+dfsg-1ubuntu4) utopic; urgency=high
1957
1958 * No change rebuild against new dh_installinit, to call update-rc.d at
1959 postinst.
1960
1961 -- Dimitri John Ledkov <xnox@ubuntu.com> Wed, 28 May 2014 10:41:32 +0100
1962
1963samba (2:4.1.6+dfsg-1ubuntu3) utopic; urgency=medium
1964
1965 * cherrypick upstream patch 1310919 to fix pam_winbind regression
1966 (LP: #1310919)
1967
1968 -- Serge Hallyn <serge.hallyn@ubuntu.com> Tue, 29 Apr 2014 16:05:44 -0500
1969
1970samba (2:4.1.6+dfsg-1ubuntu2) trusty; urgency=medium
1971
1972 * Fix a grammatical error in smb.conf that showed up in a ucf prompt on
1973 upgrade.
1974
1975 -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 03 Apr 2014 19:08:03 -0700
1976
1977samba (2:4.1.6+dfsg-1ubuntu1) trusty; urgency=low
1978
1979 * Merge from Debian unstable. Remaining changes:
1980 + debian/VERSION.patch: Update vendor string to "Ubuntu".
1981 + debian/smb.conf;
1982 - Add "(Samba, Ubuntu)" to server string.
1983 - Comment out the default [homes] share, and add a comment about "valid users = %s"
1984 to show users how to restrict access to \\server\username to only username.
1985 + debian/samba-common.config:
1986 - Do not change prioritiy to high if dhclient3 is installed.
1987 + debian/control:
1988 - Don't build against or suggest ctdb and tdb.
1989 + debian/rules:
1990 - Drop explicit configuration options for ctdb and tdb.
1991 + Add ufw integration:
1992 - Created debian/samba.ufw.profile:
1993 - debian/rules, debian/samba.install: install profile
1994 + Add apport hook:
1995 - Created debian/source_samba.py.
1996 - debian/rules, debia/samb-common-bin.install: install hook.
1997 + debian/samba.logrotate: call upstart interfaces unconditionally instead
1998 of hacking arround with pid files.
1999 + Set sbmclients conflicts with samba4-clients less than 4.0.3+dfsg1-0.1ubuntu4,
2000 first dummy transitional package version.
2001 + Dropped patches:
2002 - debian/patches/CVE-2013-4496.patch: Dropped no longer needed
2003 - debian/patches/CVE-2013-6442.patch: Dropped no longer needed.
2004 - debian/patches/readline-ftbfs.patch: Use the debian version.
2005 + debian/samba-common.dirs: Move /var/lib/samba/private from samba.dirs.
2006 (LP: #1268180)
2007
2008 -- Chuck Short <zulcss@ubuntu.com> Wed, 02 Apr 2014 13:40:30 -0400
2009
1050samba (2:4.1.6+dfsg-1) unstable; urgency=high2010samba (2:4.1.6+dfsg-1) unstable; urgency=high
10512011
1052 * New upstream security release. Fixes:2012 * New upstream security release. Fixes:
@@ -1106,6 +2066,77 @@ samba (2:4.1.4+dfsg-1) unstable; urgency=medium
11062066
1107 -- Ivo De Decker <ivo.dedecker@ugent.be> Sat, 18 Jan 2014 14:07:15 +01002067 -- Ivo De Decker <ivo.dedecker@ugent.be> Sat, 18 Jan 2014 14:07:15 +0100
11082068
2069samba (2:4.1.3+dfsg-2ubuntu5) trusty; urgency=medium
2070
2071 * debian/smb.conf: comment back some of the "share definitions"
2072 options (including "valid users"). That was an Ubuntu diff and seems to
2073 have been dropped in the trusty merge. Those changes seem needed to
2074 get the usershare feature working (used by nautilus-share) (lp: #1261873)
2075
2076 -- Sebastien Bacher <seb128@ubuntu.com> Tue, 01 Apr 2014 16:01:04 +0200
2077
2078samba (2:4.1.3+dfsg-2ubuntu4) trusty; urgency=medium
2079
2080 * SECURITY UPDATE: Password lockout not enforced for SAMR password
2081 changes
2082 - debian/patches/CVE-2013-4496.patch: refactor password lockout code in
2083 source3/auth/check_samsec.c,
2084 source3/rpc_server/samr/srv_samr_chgpasswd.c,
2085 source3/rpc_server/samr/srv_samr_nt.c,
2086 source3/smbd/lanman.c,
2087 source4/rpc_server/samr/samr_password.c,
2088 source4/torture/rpc/samr.c.
2089 - CVE-2013-4496
2090 * SECURITY UPDATE: smbcacls can remove a file or directory ACL by
2091 mistake
2092 - debian/patches/CVE-2013-6442.patch: handle existing ACL in
2093 source3/utils/smbcacls.c.
2094 - CVE-2013-6442
2095 * debian/patches/readline-ftbfs.patch: fix ftbfs with newer readline6.
2096
2097 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 17 Mar 2014 08:32:30 -0400
2098
2099samba (2:4.1.3+dfsg-2ubuntu3) trusty; urgency=medium
2100
2101 * Depend on tdb-tools (LP: #1279593)
2102 * Updated generated config for Bind9.9.
2103
2104 -- Stéphane Graber <stgraber@ubuntu.com> Wed, 12 Feb 2014 21:26:00 -0500
2105
2106samba (2:4.1.3+dfsg-2ubuntu2) trusty; urgency=medium
2107
2108 * Add missing python-ntdb dependency to python-samba (spotted by
2109 autopkgtest).
2110
2111 -- Martin Pitt <martin.pitt@ubuntu.com> Mon, 10 Feb 2014 09:53:01 +0100
2112
2113samba (2:4.1.3+dfsg-2ubuntu1) trusty; urgency=low
2114
2115 * Merge from Debian Unstable:
2116 - debian/VERSION.patch: Update vendor string to "Ubuntu".
2117 * debian/smb.conf;
2118 - Add "(Samba, Ubuntu)" to server string.
2119 - Comment out the default [homes] share, and add a comment about "valid users = %s"
2120 to show users how to restrict access to \\server\username to only username.
2121 + debian/samba-common.config:
2122 - Do not change prioritiy to high if dhclient3 is installed.
2123 + debian/control:
2124 - Don't build against or suggest ctdb and tdb.
2125 + debian/rules:
2126 - Drop explicit configuration options for ctdb and tdb.
2127 + Add ufw integration:
2128 - Created debian/samba.ufw.profile:
2129 - debian/rules, debian/samba.install: install profile
2130 + Add apport hook:
2131 - Created debian/source_samba.py.
2132 - debian/rules, debia/samb-common-bin.install: install hook.
2133 + debian/samba.logrotate: call upstart interfaces unconditionally instead
2134 of hacking arround with pid files.
2135 + Set sbmclients conflicts with samba4-clients less than 4.0.3+dfsg1-0.1ubuntu4,
2136 first dummy transitional package version.
2137
2138 -- Chuck Short <zulcss@ubuntu.com> Mon, 13 Jan 2014 08:52:31 -0500
2139
1109samba (2:4.1.3+dfsg-2) unstable; urgency=medium2140samba (2:4.1.3+dfsg-2) unstable; urgency=medium
11102141
1111 * Add debug symbols for all binaries to samba-dbg. Closes: #7324932142 * Add debug symbols for all binaries to samba-dbg. Closes: #732493
@@ -1148,6 +2179,33 @@ samba (2:4.0.13+dfsg-2) UNRELEASED; urgency=low
11482179
1149 -- Steve Langasek <vorlon@debian.org> Mon, 09 Dec 2013 11:13:59 -08002180 -- Steve Langasek <vorlon@debian.org> Mon, 09 Dec 2013 11:13:59 -0800
11502181
2182samba (2:4.0.13+dfsg-1ubuntu1) trusty; urgency=low
2183
2184 * Merge from Debian Unstable:
2185 - debian/VERSION.patch: Update vendor string to "Ubuntu".
2186 * debian/smb.conf;
2187 - Add "(Samba, Ubuntu)" to server string.
2188 - Comment out the default [homes] share, and add a comment about "valid users = %s"
2189 to show users how to restrict access to \\server\username to only username.
2190 + debian/samba-common.config:
2191 - Do not change prioritiy to high if dhclient3 is installed.
2192 + debian/control:
2193 - Don't build against or suggest ctdb and tdb.
2194 + debian/rules:
2195 - Drop explicit configuration options for ctdb and tdb.
2196 + Add ufw integration:
2197 - Created debian/samba.ufw.profile:
2198 - debian/rules, debian/samba.install: install profile
2199 + Add apport hook:
2200 - Created debian/source_samba.py.
2201 - debian/rules, debia/samb-common-bin.install: install hook.
2202 + debian/samba.logrotate: call upstart interfaces unconditionally instead
2203 of hacking arround with pid files.
2204 + Set sbmclients conflicts with samba4-clients less than 4.0.3+dfsg1-0.1ubuntu4,
2205 first dummy transitional package version.
2206
2207 -- Chuck Short <zulcss@ubuntu.com> Wed, 11 Dec 2013 19:55:47 -0500
2208
1151samba (2:4.0.13+dfsg-1) unstable; urgency=high2209samba (2:4.0.13+dfsg-1) unstable; urgency=high
11522210
1153 [ Steve Langasek ]2211 [ Steve Langasek ]
@@ -1202,6 +2260,37 @@ samba (2:4.0.11+dfsg-1) unstable; urgency=high
12022260
1203 -- Ivo De Decker <ivo.dedecker@ugent.be> Mon, 11 Nov 2013 15:42:40 +01002261 -- Ivo De Decker <ivo.dedecker@ugent.be> Mon, 11 Nov 2013 15:42:40 +0100
12042262
2263samba (2:4.0.10+dfsg-4ubuntu2) trusty; urgency=low
2264
2265 * Set sbmclients conflicts with samba4-clients less than 4.0.3+dfsg1-0.1ubuntu4, first dummy transitional package version.
2266
2267 -- Dmitrijs Ledkovs <xnox@ubuntu.com> Wed, 27 Nov 2013 21:50:43 +0000
2268
2269samba (2:4.0.10+dfsg-4ubuntu1) trusty; urgency=low
2270
2271 * Merge from Debian Unstable:
2272 - debian/VERSION.patch: Update vendor string to "Ubuntu".
2273 * debian/smb.conf;
2274 - Add "(Samba, Ubuntu)" to server string.
2275 - Comment out the default [homes] share, and add a comment about "valid users = %s"
2276 to show users how to restrict access to \\server\username to only username.
2277 + debian/samba-common.config:
2278 - Do not change prioritiy to high if dhclient3 is installed.
2279 + debian/control:
2280 - Don't build against or suggest ctdb and tdb.
2281 + debian/rules:
2282 - Drop explicit configuration options for ctdb and tdb.
2283 + Add ufw integration:
2284 - Created debian/samba.ufw.profile:
2285 - debian/rules, debian/samba.install: install profile
2286 + Add apport hook:
2287 - Created debian/source_samba.py.
2288 - debian/rules, debia/samb-common-bin.install: install hook.
2289 + debian/samba.logrotate: call upstart interfaces unconditionally instead
2290 of hacking arround with pid files.
2291
2292 -- Chuck Short <zulcss@ubuntu.com> Fri, 08 Nov 2013 13:47:46 +0800
2293
1205samba (2:4.0.10+dfsg-4) unstable; urgency=low2294samba (2:4.0.10+dfsg-4) unstable; urgency=low
12062295
1207 [ Christian Perrier ]2296 [ Christian Perrier ]
diff --git a/debian/control b/debian/control
index 75b3bbf..7ccd503 100644
--- a/debian/control
+++ b/debian/control
@@ -1,7 +1,8 @@
1Source: samba1Source: samba
2Section: net2Section: net
3Priority: optional3Priority: optional
4Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>4Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
5XSBC-Original-Maintainer: Debian Samba Maintainers <pkg-samba-maint@lists.alioth.debian.org>
5Uploaders: Steve Langasek <vorlon@debian.org>,6Uploaders: Steve Langasek <vorlon@debian.org>,
6 Jelmer Vernooij <jelmer@debian.org>,7 Jelmer Vernooij <jelmer@debian.org>,
7 Ivo De Decker <ivodd@debian.org>,8 Ivo De Decker <ivodd@debian.org>,
@@ -16,7 +17,6 @@ Build-Depends: bison,
16 docbook-xml,17 docbook-xml,
17 docbook-xsl,18 docbook-xsl,
18 flex,19 flex,
19 glusterfs-common [linux-any],
20 libacl1-dev,20 libacl1-dev,
21 libarchive-dev,21 libarchive-dev,
22 libattr1-dev,22 libattr1-dev,
@@ -301,8 +301,8 @@ Description: Samba Virtual FileSystem plugins
301 * vfs_shadow_copy2: Expose snapshots to Windows clients as shadow copies301 * vfs_shadow_copy2: Expose snapshots to Windows clients as shadow copies
302 * vfs_worm: Disallow writes for older file302 * vfs_worm: Disallow writes for older file
303 .303 .
304 Note: The runtime dependencies of vfs_ceph, vfs_glusterfs and vfs_snapper are304 Note: The runtime dependencies of vfs_ceph and vfs_snapper are moved to
305 moved to Recommends.305 Recommends.
306306
307Package: libsmbclient307Package: libsmbclient
308Section: libs308Section: libs
diff --git a/debian/patches/VERSION.patch b/debian/patches/VERSION.patch
index d50c4c9..b92d155 100644
--- a/debian/patches/VERSION.patch
+++ b/debian/patches/VERSION.patch
@@ -1,5 +1,5 @@
1From: Eloy A. Paris <peloy@debian.org>1From: Eloy A. Paris <peloy@debian.org>
2Subject: Add "Debian" as vendor suffix2Subject: Add "Ubuntu" as vendor suffix
33
4Forwarded: not-needed4Forwarded: not-needed
5---5---
@@ -15,5 +15,5 @@ index d91963a..2650887 100644
15 # #15 # #
16 ########################################################16 ########################################################
17-SAMBA_VERSION_VENDOR_SUFFIX=17-SAMBA_VERSION_VENDOR_SUFFIX=
18+SAMBA_VERSION_VENDOR_SUFFIX=Debian18+SAMBA_VERSION_VENDOR_SUFFIX=Ubuntu
19 SAMBA_VERSION_VENDOR_PATCH=19 SAMBA_VERSION_VENDOR_PATCH=
diff --git a/debian/rules b/debian/rules
index cd86965..065266f 100755
--- a/debian/rules
+++ b/debian/rules
@@ -130,6 +130,9 @@ override_dh_auto_install:
130 cp debian/gdbcommands $(DESTDIR)/etc/samba/130 cp debian/gdbcommands $(DESTDIR)/etc/samba/
131 mkdir -p $(DESTDIR)/etc/dhcp/dhclient-enter-hooks.d131 mkdir -p $(DESTDIR)/etc/dhcp/dhclient-enter-hooks.d
132 install -m755 debian/samba-common.dhcp $(DESTDIR)/etc/dhcp/dhclient-enter-hooks.d/samba132 install -m755 debian/samba-common.dhcp $(DESTDIR)/etc/dhcp/dhclient-enter-hooks.d/samba
133 # Ubuntu things
134 mkdir -p $(DESTDIR)/usr/share/apport/package-hooks
135 install -D -m 644 debian/source_samba.py $(DESTDIR)/usr/share/apport/package-hooks/source_samba.py
133 install -m 0755 debian/mksmbpasswd.awk $(DESTDIR)/usr/sbin/mksmbpasswd136 install -m 0755 debian/mksmbpasswd.awk $(DESTDIR)/usr/sbin/mksmbpasswd
134 mkdir -p $(DESTDIR)/etc/ufw/applications.d137 mkdir -p $(DESTDIR)/etc/ufw/applications.d
135 install -m644 debian/samba.ufw.profile $(DESTDIR)/etc/ufw/applications.d/samba138 install -m644 debian/samba.ufw.profile $(DESTDIR)/etc/ufw/applications.d/samba
@@ -238,12 +241,11 @@ override_dh_makeshlibs:
238241
239override_dh_shlibdeps:242override_dh_shlibdeps:
240 LD_LIBRARY_PATH=$(DESTDIR)/usr/lib/$(DEB_HOST_MULTIARCH)/samba:$$LD_LIBRARY_PATH \243 LD_LIBRARY_PATH=$(DESTDIR)/usr/lib/$(DEB_HOST_MULTIARCH)/samba:$$LD_LIBRARY_PATH \
241 dh_shlibdeps -a -Xceph.so -Xglusterfs.so -Xsnapper.so244 dh_shlibdeps -a -Xceph.so -Xsnapper.so
242ifeq ($(DEB_HOST_ARCH_OS), linux)245ifeq ($(DEB_HOST_ARCH_OS), linux)
243 LD_LIBRARY_PATH=$(DESTDIR)/usr/lib/$(DEB_HOST_MULTIARCH)/samba:$$LD_LIBRARY_PATH \246 LD_LIBRARY_PATH=$(DESTDIR)/usr/lib/$(DEB_HOST_MULTIARCH)/samba:$$LD_LIBRARY_PATH \
244 dh_shlibdeps -a -- -pvfsmods -dRecommends \247 dh_shlibdeps -a -- -pvfsmods -dRecommends \
245 -e debian/samba-vfs-modules/usr/lib/*/samba/vfs/ceph.so \248 -e debian/samba-vfs-modules/usr/lib/*/samba/vfs/ceph.so \
246 -e debian/samba-vfs-modules/usr/lib/*/samba/vfs/glusterfs.so \
247 -e debian/samba-vfs-modules/usr/lib/*/samba/vfs/snapper.so249 -e debian/samba-vfs-modules/usr/lib/*/samba/vfs/snapper.so
248else250else
249 LD_LIBRARY_PATH=$(DESTDIR)/usr/lib/$(DEB_HOST_MULTIARCH)/samba:$$LD_LIBRARY_PATH \251 LD_LIBRARY_PATH=$(DESTDIR)/usr/lib/$(DEB_HOST_MULTIARCH)/samba:$$LD_LIBRARY_PATH \
diff --git a/debian/samba-common-bin.install b/debian/samba-common-bin.install
index e28e290..44c32ce 100644
--- a/debian/samba-common-bin.install
+++ b/debian/samba-common-bin.install
@@ -20,3 +20,4 @@ usr/share/man/man8/samba-tool.8
20usr/share/man/man8/smbpasswd.820usr/share/man/man8/smbpasswd.8
21usr/share/samba/addshare.py21usr/share/samba/addshare.py
22usr/share/samba/setoption.py22usr/share/samba/setoption.py
23usr/share/apport/package-hooks/source_samba.py
diff --git a/debian/samba-common.config b/debian/samba-common.config
index e9fc02d..4800015 100644
--- a/debian/samba-common.config
+++ b/debian/samba-common.config
@@ -64,15 +64,15 @@ db_go
6464
65DHCPPRIORITY=medium65DHCPPRIORITY=medium
66#if [ "$DEBCONF_RECONFIGURE" = 1 ] && [ -f /sbin/dhclient ]66#if [ "$DEBCONF_RECONFIGURE" = 1 ] && [ -f /sbin/dhclient ]
67if [ -f /sbin/dhclient ]67#if [ -f /sbin/dhclient ]
68then68#then
69 DHCPPRIORITY=high69# DHCPPRIORITY=high
70# TODO: see if we can detect that dhcp-client is *going* to be installed,70# TODO: see if we can detect that dhcp-client is *going* to be installed,
71# even if it isn't yet.71# even if it isn't yet.
72#elif dpkg-query -W --showformat='${Status}\n' dhcp-client | grep ???72#elif dpkg-query -W --showformat='${Status}\n' dhcp-client | grep ???
73# unknown ok not-installed ? 73# unknown ok not-installed ?
74# DHCPPRIORITY=high74# DHCPPRIORITY=high
75fi75#fi
7676
77FOUND=false77FOUND=false
78if [ -f $FILE ]; then78if [ -f $FILE ]; then
diff --git a/debian/smb.conf b/debian/smb.conf
index 3ebc154..31b9080 100644
--- a/debian/smb.conf
+++ b/debian/smb.conf
@@ -28,6 +28,9 @@
28# Change this to the workgroup/NT-domain name your Samba server will part of28# Change this to the workgroup/NT-domain name your Samba server will part of
29 workgroup = WORKGROUP29 workgroup = WORKGROUP
3030
31# server string is the equivalent of the NT Description field
32 server string = %h server (Samba, Ubuntu)
33
31#### Networking ####34#### Networking ####
3235
33# The specific set of interfaces / networks to bind to36# The specific set of interfaces / networks to bind to
@@ -166,28 +169,31 @@
166169
167#======================= Share Definitions =======================170#======================= Share Definitions =======================
168171
169[homes]172# Un-comment the following (and tweak the other settings below to suit)
170 comment = Home Directories173# to enable the default home directory shares. This will share each
171 browseable = no174# user's home directory as \\server\username
175;[homes]
176; comment = Home Directories
177; browseable = no
172178
173# By default, the home directories are exported read-only. Change the179# By default, the home directories are exported read-only. Change the
174# next parameter to 'no' if you want to be able to write to them.180# next parameter to 'no' if you want to be able to write to them.
175 read only = yes181; read only = yes
176182
177# File creation mask is set to 0700 for security reasons. If you want to183# File creation mask is set to 0700 for security reasons. If you want to
178# create files with group=rw permissions, set next parameter to 0775.184# create files with group=rw permissions, set next parameter to 0775.
179 create mask = 0700185; create mask = 0700
180186
181# Directory creation mask is set to 0700 for security reasons. If you want to187# Directory creation mask is set to 0700 for security reasons. If you want to
182# create dirs. with group=rw permissions, set next parameter to 0775.188# create dirs. with group=rw permissions, set next parameter to 0775.
183 directory mask = 0700189; directory mask = 0700
184190
185# By default, \\server\username shares can be connected to by anyone191# By default, \\server\username shares can be connected to by anyone
186# with access to the samba server.192# with access to the samba server.
187# The following parameter makes sure that only "username" can connect193# Un-comment the following parameter to make sure that only "username"
188# to \\server\username194# can connect to \\server\username
189# This might need tweaking when using external authentication schemes195# This might need tweaking when using external authentication schemes
190 valid users = %S196; valid users = %S
191197
192# Un-comment the following and create the netlogon directory for Domain Logons198# Un-comment the following and create the netlogon directory for Domain Logons
193# (you need to configure Samba to act as a domain controller too.)199# (you need to configure Samba to act as a domain controller too.)
diff --git a/debian/source_samba.py b/debian/source_samba.py
194new file mode 100644200new file mode 100644
index 0000000..9f0b46e
--- /dev/null
+++ b/debian/source_samba.py
@@ -0,0 +1,170 @@
1#!/usr/bin/python
2
3'''Samba Apport interface
4
5Copyright (C) 2010 Canonical Ltd/
6Author: Chuck Short <chuck.short@canonical.com>
7
8This program is free software; you can redistribute it and/or modify it
9under the terms of the GNU General Public License as published by the
10Free Software Foundation; either version 2 of the License, or (at your
11option) any later version. See http://www.gnu.org/copyleft/gpl.html for
12the full text of the license.
13'''
14
15import os
16from subprocess import PIPE, Popen
17from apport.hookutils import *
18
19def run_testparm():
20 '''
21 Run the samba testparm(1) utility against /etc/samba/smb.conf.
22
23 We do not use apport's command_output() method here because:
24 - we need to discard stdout, as that includes smb.conf
25 - we want to know if its exit status is not zero, but that in itself
26 is not an error in the test itself. command_output() would say the
27 command failed and that would be confusing.
28
29 Returns stderr and the exit code (as a string) of testparm as a tuple or
30 None in the case of an error.
31 '''
32 command = ['testparm', '-s', '/etc/samba/smb.conf']
33 try:
34 testparm = Popen(command, stdout=PIPE, stderr=PIPE)
35 except OSError:
36 return None
37 _, err = testparm.communicate()
38 exit_code = testparm.wait()
39 return (err, str(exit_code))
40
41
42def recent_smblog(pattern):
43 '''Extract recent messages from log.smbd or messages which match a regex
44 pattern should be a "re" object. '''
45 lines = ''
46 if os.path.exists('/var/log/samba/log.smbd'):
47 file = '/var/log/samba/log.smbd'
48 else:
49 return lines
50
51 for line in open(file):
52 if pattern.search(line):
53 lines += line
54 return lines
55
56def recent_nmbdlog(pattern):
57 ''' Extract recent messages from log.nmbd or messages which match regex
58 pattern should be a "re" object. '''
59 lines = ''
60 if os.path.exists('/var/log/samba/log.nmbd'):
61 file = '/var/log/samba/log.nmbd'
62 else:
63 return lines
64
65 for line in open(file):
66 if pattern.search(line):
67 lines += line
68 return lines
69
70def add_info(report, ui):
71 packages = ['samba', 'samba-common-bin', 'samba-common', 'samba-tools', 'smbclient', 'swat',
72 'samba-doc', 'samba-doc-pdf', 'smbfs', 'libpam-smbpass', 'libsmbclient', 'libsmbclient-dev',
73 'winbind', 'samba-dbg', 'libwbclient0']
74
75 versions = ''
76 for package in packages:
77 try:
78 version = packaging.get_version(package)
79 except ValueError:
80 version = 'N/A'
81 if version is None:
82 version = 'N/A'
83 versions += '%s %s\n' %(package, version)
84 report['SambaInstalledVersions'] = versions
85
86
87 # Interactive report
88 # start by checking if /etc/samba/smb.conf exists
89 if not os.path.exists ('/etc/samba/smb.conf'):
90 ui.information("The configuration file '/etc/samba/smb.conf' does not exist. This file, and its contents, are critical for the operation of the SAMBA package(s). A common situation for this is:\n * you removed (but did not purge) SAMBA;\n * later on, you (or somebody) manually deleted '/etc/samba/smb.conf;\n * you reinstalled SAMBA.\nAs a result, this file is *not* reinstalled. If this is your case, please purge samba-common (e.g., sudo apt-get purge samba-common) and then reinstall SAMBA.\nYou may want to check other sources, like: https://answers.launchpad.net, https://help.ubuntu.com, and http://ubuntuforums.org. Please press any key to end apport's bug collection.")
91 raise StopIteration # we are out
92
93 ui.information("As a part of the bug reporting process, you'll be asked as series of questions to help provide a more descriptive bug report. Please answer the following questions to the best of your abilities. Afterwards, a browser will be opened to finish filing this as a bug in the Launchpad bug tracking system.")
94
95 response = ui.choice("How would you best describe your setup?", ["I am running a Windows File Server.", "I am connecting to a Windows File Server."], False)
96
97 if response == None:
98 raise StopIteration # user has canceled
99 elif response[0] == 0: #its a server
100 response = ui.yesno("Did this used to work properly with a previous release?")
101 if response == None: # user has canceled
102 raise StopIteration
103 if response == False:
104 report['SambaServerRegression'] = "No"
105 if response == True:
106 report['SambaServerRegression'] = 'Yes'
107
108 response = ui.choice("Which clients are failing to connect?", ["Windows", "Ubuntu", "Both", "Other"], False)
109 if response == None:
110 raise StopIteration # user has canceled
111 if response[0] == 0:
112 report['UbuntuFailedConnect'] = 'Yes'
113 if response[0] == 1:
114 report['WindowsFailedConnect'] = 'Yes'
115 if response[0] == 2:
116 report['BothFailedConnect'] = 'Yes'
117 if response[0] == 3:
118 report['OtherFailedConnect'] = 'Yes'
119
120 response = ui.yesno("The contents of your /etc/samba/smb.conf file may help developers diagnose your bug more quickly. However, it may contain sensitive information. Do you want to include it in your bug report?")
121 if response == None:
122 raise StopIteration
123 if response == False:
124 report['SmbConfIncluded'] = 'No'
125 if response == True:
126 report['SmbConfIncluded'] = 'Yes'
127 attach_file_if_exists(report, '/etc/samba/smb.conf', key='SMBConf')
128 if command_available('testparm') and os.path.exists('/etc/samba/smb.conf'):
129 testparm_result = run_testparm()
130 testparm_response = ui.yesno("testparm(1) is a samba utility that will check /etc/samba/smb.conf for correctness and report issues it may find. Do you want to include its stderr output in your bug report? If you answer no, then we will only include its numeric exit status.")
131 if testparm_response == None:
132 raise StopIteration
133 if testparm_response == True:
134 if testparm_result:
135 report['TestparmStderr'], report['TestparmExitCode'] = testparm_result
136 else: # only include the exit code
137 report['TestparmExitCode'] = testparm_result[1]
138
139 response = ui.yesno("The contents of your /var/log/samba/log.smbd and /var/log/samba/log.nmbd may help developers diagnose your bug more quickly. However, it may contain sensitive information. Do you want to include it in your bug report?")
140 if response == None:
141 raise StopIteration
142 elif response == False:
143 ui.information("The contents of your /var/log/samba/log.smbd and /var/log/samba/log.nmbd will NOT be included in the bug report.")
144 elif response == True:
145 sec_re = re.compile('failed', re.IGNORECASE)
146 report['SmbLog'] = recent_smblog(sec_re)
147 report['NmbdLog'] = recent_nmbdlog(sec_re)
148
149 elif response[0] == 1: #its a client
150 response = ui.yesno("Did this used to work properly with a previous release?")
151 if response == None: #user has canceled
152 raise StopIteration
153 if response == False:
154 report['SambaClientRegression'] = "No"
155 if response == True:
156 report['SambaClientRegression'] = "Yes"
157
158 response = ui.choice("How is the remote share accessed from the Ubuntu system?", ["Nautilus (or other GUI Client)", "smbclient (from the command line)", "cifs filesystem mount (from /etc/fstab or a mount command)"], False)
159 if response == None: #user has canceled
160 raise StopIteration
161 if response[0] == 0:
162 attach_related_packages(report, ['nautilus', 'gvfs'])
163 if response[0] == 1:
164 ui.information("Please attach the output of 'smbclient -L localhost' to the end of this bug report.")
165 if response[0] == 2:
166 report['CIFSMounts'] = command_output(['findmnt', '-n', '-t', 'cifs'])
167 if os.path.exists('/proc/fs/cifs/DebugData'):
168 report['CifsVersion'] = command_output(['cat', '/proc/fs/cifs/DebugData'])
169
170 ui.information("After apport finishes collecting information, please document your steps to reproduce the issue when filling out the bug report.")

Subscribers

People subscribed via source and target branches