~paride/ubuntu/+source/samba:lp1942195-impish

Branch merges

Propose for merging

Merged into ubuntu/+source/samba:ubuntu/impish-devel at revision 237bf2ef2582a25f0789f87acc0e109e31390f07

Sergio Durigan Junior (community): Approve on 2021-11-12

Canonical Server Core Reviewers: Pending requested 2021-11-10

Diff: 40 lines (+7/-14)

2 files modified

debian/changelog (+7/-0)
debian/samba.postinst (+0/-14)

api

Merged into ubuntu/+source/samba:ubuntu/devel at revision 2dbb786e277cc6109c9dd4e691dd44795839521f

Utkarsh Gupta (community): Approve on 2021-10-06

Canonical Server Core Reviewers: Pending requested 2021-10-06

Canonical Server: Pending requested 2021-10-06

Diff: 40 lines (+7/-14)

2 files modified

debian/changelog (+7/-0)
debian/samba.postinst (+0/-14)

api

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

Related rock recipes

237bf2e... by Paride Legovini on 2021-11-12

Update changelog for 2:4.13.14+dfsg-0ubuntu0.21.10.2 release

106adb8... by Paride Legovini on 2021-09-23

samba.postinst: do not populate sambashare from the Ubuntu admin group

This reverts commit fe5cef5014db5b5d6cf55e036583f8f84962e9b2.

The admin group has been phased out in Ubuntu 12.04 [1]:

  Up until Ubuntu 11.10, administrator access using the sudo tool was
  granted via the "admin" Unix group. In Ubuntu 12.04, administrator
  access will be granted via the "sudo" group.

We could add users in the sudo group to sambashare, however I don't
think that's really a good idea:

1. The sudo group isn't likely to go away like admin did, but it's still
   an arbitrary group, and sudo does have alternatives (polkit, doas), so
   it's not really *guaranteed* to stay forever.
2. There's nothing that removes users from sambashare when they're
   removed from the admin/sudo group.
3. Users in the sudo group can add themselves to the sambashare group.
4. This has been broken for almost 10 years, with the problem being noticed
   only when the mechanism did something unexpected.

[1] https://wiki.ubuntu.com/PrecisePangolin/ReleaseNotes/UbuntuDesktop#PrecisePangolin.2FReleaseNotes.2FCommonInfrastructure.Common_Infrastructure

LP: #1942195

9f1ec63... by Marc Deslauriers on 2021-11-09

2:4.13.14+dfsg-0ubuntu0.21.10.1 (patches unapplied)

Imported using git-ubuntu import.

e517cf6... by Sergio Durigan Junior on 2021-06-21

2:4.13.5+dfsg-2ubuntu2 (patches unapplied)

Imported using git-ubuntu import.

7670f12... by Athos Ribeiro on 2021-05-17

update-maintainer

0450c2f... by Athos Ribeiro on 2021-05-17

reconstruct-changelog

9808bd3... by Athos Ribeiro on 2021-05-17

merge-changelogs

53df51d... by Athos Ribeiro on 2021-05-17

    - SECURITY UPDATE: wrong group entries via negative idmap cache entries
      + debian/patches/CVE-2021-20254.patch: Simplify sids_to_unixids() in
        source3/passdb/lookup_sid.c.
      + CVE-2021-20254
      [Included in 2:4.13.5+dfsg-2]

142cb14... by Rafael David Tinoco on 2020-02-06

    - debian/rules: Ubuntu i386 binary compatibility:
      + re-enable the following binary packages:
        - libnss-winbind
        - samba-common-bin
        - python3-samba
        - winbind
      [Included in 2:4.13.4+dfsg-1]

7e22994... by Athos Ribeiro on 2021-05-17

    - debian/rules: Ubuntu i386 binary compatibility:
      + drop ceph support
      + disable the following binary packages:
        - ctdb
        - libnss-winbind
        - libpam-winbind
        - python3-samba
        - samba
        - samba-common-bin
        - samba-testsuite
        - winbind
      [Included in 2:4.13.4+dfsg-1]