After a bit of research, I've uncovered the new 'hostname lookups' option in Samba HEAD. I understand the value of being able to configure this setting, and of having it default to 'no' to conserve resources; however, this setting also (unnecessarily, IMHO) breaks the config of anyone using hostname-based access lists on upgrade.
Would it be acceptable to add a 'hostname lookups = auto' option as the default, which checks the 'hosts allow' and 'hosts deny' lists for hostname tokens, and makes its decision based on these other two config options? Having hostname lookups unexpectedly turned off can not only block access from legitimate users, it can also be a security hole. Steve Langasek postmodern programmer
msg02955/pgp00000.pgp
Description: PGP signature