INVITE: SMB3 IO Lab participation at Storage Developers Conference Sept. 18-21, 2023 in Freemont, CA.
Hi Samba-people, Arnold Jones, Technical Council Managing Director or the Storage Network Industry Association (SNIA) asked me to forward this invitation to anyone who would like to participate in the SMB3 IO Lab. --- Hi Samba Developers, Presentations are only part of what is going on at the SNIA’s 2023 Storage Developer Conference, September 18-21, Fremont, CA. The SNIA SMB3 IO Lab is also an integral part of the program. The purpose of this IO Lab is for vendors to bring their implementations of SMB3 to test, identify, and fix bugs in a collaborative setting with the goal of providing a forum in which companies can develop interoperable products. There are several new features that have recently been added to the SMB3 protocol: * SMB over QUIC support for mutual authentication. * Server Notification update for logon session scenario (when server discards a logon session before client). * Significant Windows security behavior defaults updates in certain Windows releases: + SMB Signing required by default. + Auth rate limiter on by default. + Guest auth fallback now off by default. + Mail slots off by default and SMB1 now disabled in all Windows releases. * And other SMB security updates and features. The IO Lab is an opportunity to learn about these new features and test your implementation with Microsoft Windows protocol test suites. During the IO Lab you can directly engage with Windows Protocol Support, Test Suite Development, and members of the Windows development team as well as network with other professionals from all over the world. This IO Lab is held in one large room (open 24 hrs.), giving participants an easy way to interact with both Microsoft professionals and with all other participants and their implementations. If you are reluctant to participate because you feel that your SMB implementation is "not ready", you should still participate! The SMB3 IO Lab is also a development opportunity, not just a testing opportunity. Implementations still in development are encouraged to participate. It's a great opportunity to get help and learn from the experts! This year we are pleased to announce the full participation and continued support of Microsoft, our 2023 SNIA SDC SMB3 IO Lab underwriter. For complete details on how to participate please see: http://www.snia.org/SMB3IOLab If you have any additional questions, please contact me at arn...@snia.org. I look forward to seeing you and your company at the SMB3 IO Lab this year! -- Arnold Arnold Jones Technical Council Managing Director SNIA http://www.storagedeveloper.org/ http://www.snia.org/SMB3IOLab ---
New minimal SMB2 client library !
Ronnie Sahlberg, Samba Team member - has written a new small-footprint SMB2/3 client library. Compiled size is 120KB (yes, that is *KB*, not MB :-). It supports signing, sealing, NTLM authentication (and krb5 with external libraries). It has *no* dependencies (other than the afore-mentioned krb5 if you need it) and is available for checkout and hacking at: git clone git://git.samba.org/libsmb2.git License is LGPLv2.1+, and it is developed independently of the main samba project, so please send patches directly to: Ronnie Sahlberg Submission of patches grants him the rights to integrate into the code under LGPLv2.1+. It's designed to expand SMB2/3 use into the small device Internet of Things and is already used by the VLC and Kodi projects, and someone has ported it to load games off an SMB3 server instead of a cassette tape for a Tandy TRS-80 (for the over 45's on the list :-). It will *never* support SMB1 :-). Thanks Ronnie for making samba.org the home of all things SMB ! Samba Team.
SambaXP 2018 Conference Program is out !
Hi all, The annual Samba Conference, Samba XP takes place on 5th - 7th of June 2018 in Göttingen, Germany: https://sambaxp.org The conference program is now available here: https://sambaxp.org/#c5 Anyone using, working with or developing Samba or shipping products that include Samba should consider attending. Plus the beer in Germany is world-class and Göttingen has wonderful chocolate shops ! (Beer and chocolate, what more could you want from a conference :-). Hope to see lots of you all there. Cheers, Jeremy Allison, Samba Team.
Re: [Announce] Samba 4.8.0 Available for Download
On Tue, Mar 13, 2018 at 06:11:50PM -0700, Richard Sharpe via samba-technical wrote: > On Tue, Mar 13, 2018 at 12:22 PM, Karolin Seeger via samba-technical >wrote: > > > > "It is time that we all see gender as a > > spectrum instead of two sets of > > opposing ideals. We should stop > > defining each other by what we are not > > and start defining ourselves by who we > > are." > > > > Emma Watson > > > > Is this the thin edge of the wedge? > > I am an XY (male) individual and make no apologies for that! Richard, it's not a wedge at all, it's just a quote. Feel free to ignore if you don't agree. Let's just leave it at that please ! Jeremy.
Re: [Samba] [Announce] Samba 4.8.0 Available for Download
On Tue, Mar 13, 2018 at 09:21:12PM +, Miguel Medalha wrote: > The only possibility here is for me to unsubscribe? Is it forbidden to just > give my views about it and then go on with life? Why? Because complaining as you did about an innocent quote in release notes is bullying. You can agree or not, you didn't need to tell anyone about it unless you were trying to intimidate Karolin into not using quotes that conflict with your world-view. I don't want to see bullying on this list please. Let's drop the matter and get back to technical issues.
Re: [Samba] [Announce] Samba 4.8.0 Available for Download
On Tue, Mar 13, 2018 at 09:08:36PM +, Miguel Medalha via samba wrote: > > > On 13-03-2018 19:22, Karolin Seeger via samba-technical wrote: > > > > "It is time that we all see gender as a > > spectrum instead of two sets of > > opposing ideals. We should stop > > defining each other by what we are not > > and start defining ourselves by who we > > are." > > > > Emma Watson > > > > > Isn't this a technical mailing list? If so, it would be nice if we could > keep it free from political propaganda, ideological brainwashing and other > such BS. > > Thank you! Miguel, Karolin is the Samba release manager and as such is free to chose whichever quotes for the release she feels are appropriate. I am constantly delighted at the range of material she finds and uses ! If you don't like the quotes you are free to unsubscribe from samba-technical, and you won't have to see them. Regards, Jeremy Allison.
Re: [Announce] Samba 4.6.4, 4.5.10 and 4.4.14 Available for Download
On Wed, May 24, 2017 at 09:21:14AM +0200, Karolin Seeger via samba-technical wrote: > Release Announcements > - > > These are a security releases in order to address the following defect: > > o CVE-2017-7494 (Remote code execution from a writable share) > > === > Details > === > > o CVE-2017-7494: >All versions of Samba from 3.5.0 onwards are vulnerable to a remote >code execution vulnerability, allowing a malicious client to upload a >shared library to a writable share, and then cause the server to load >and execute it. > > > Changes: > > > o Volker Lendecke>* BUG 12780: CVE-2017-7494: Avoid remote code execution from a writable > share. > > > ### > Reporting bugs & Development Discussion > ### > > Please discuss this release on the samba-technical mailing list or by > joining the #samba-technical IRC channel on irc.freenode.net. > > If you do report problems then please try to send high quality > feedback. If you don't provide vital information to help us track down > the problem then you will probably be ignored. All bug reports should > be filed under the "Samba 4.1 and newer" product in the project's Bugzilla > database (https://bugzilla.samba.org/). > > > == > == Our Code, Our Bugs, Our Responsibility. > == The Samba Team > == Thanks Karolin ! Here are some mitigation techniques from Red Hat in case servers cannot be patched immediately: - https://bugzilla.redhat.com/show_bug.cgi?id=1450347#c3 Huzaifa S. Sidhpurwala 2017-05-15 04:02:57 EDT Mitigation: Any of the following: 1. SELinux is enabled by default and our default policy prevents loading of modules from outside of samba's module directories and therefore blocks the exploit 2. Mount the filessytem which is used by samba for its writeable share, using "noexec" option. 3. Add the parameter: nt pipe support = no to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing any named pipe endpoints. Note this can disable some expected functionality for Windows clients. - Jeremy.
Re: [Samba] [Announce] Samba 4.3.0 Available for Download
On Tue, Sep 08, 2015 at 09:28:20PM +0200, Michael Adam wrote: > On 2015-09-08 at 11:39 -0700, Jeremy Allison wrote: > > On Tue, Sep 08, 2015 at 05:01:14PM +0200, Karolin Seeger wrote: > > >= > > >Release Notes for Samba 4.3.0 > > >September 8, 2015 > > >= > > > > > > > > > This is the first stable release of Samba 4.3. > > > > *Wonderful* news Karolin - thanks a *LOT for getting > > this out there. > > Indeed, many Kudos to Karolin, and also to Metze who did > a lot of work to help getting this one out of the door! > > This is also quite an impressive release, feature-wise! > Great stuff! Yes, Metze too - but Metze is usually too shy to appreciate a shout-out :-). Thanks Metze !
Re: [Samba] [Announce] Samba 4.3.0 Available for Download
On Tue, Sep 08, 2015 at 05:01:14PM +0200, Karolin Seeger wrote: >= >Release Notes for Samba 4.3.0 >September 8, 2015 >= > > > This is the first stable release of Samba 4.3. *Wonderful* news Karolin - thanks a *LOT for getting this out there. Cheers, Jeremy.
Samba 4.0 released - The First Free Software Active Directory Compatible Server is now available !
Samba Team Releases Samba 4.0 = December 11th 2012. The Samba Team is proud to announce the release of Samba 4.0, a major new release of the award-winning Free Software file, print and authentication server suite for Microsoft Windows clients. The First Free Software Active Directory Compatible Server == As the culmination of ten years' work, the Samba Team has created the first compatible Free Software implementation of Microsoft’s Active Directory protocols. Familiar to all network administrators, the Active Directory protocols are the heart of modern directory service implementations. Samba 4.0 comprises an LDAP directory server, Heimdal Kerberos authentication server, a secure Dynamic DNS server, and implementations of all necessary remote procedure calls for Active Directory. Samba 4.0 provides everything needed to serve as an Active Directory Compatible Domain Controller for all versions of Microsoft Windows clients currently supported by Microsoft, including the recently released Windows 8. The Samba 4.0 Active Directory Compatible Server provides support for features such as Group Policy, Roaming Profiles, Windows Administration tools and integrates with Microsoft Exchange and Free Software compatible services such as OpenChange. The Samba 4.0 Active Directory Compatible Server can also be joined to an existing Microsoft Active Directory domain, and Microsoft Active Directory Domain Controllers can be joined to a Samba 4.0 Active Directory Compatible Server, showing true peer-to-peer interoperability of the Microsoft and Samba implementations of the Active Directory protocols. Acknowledging the value of the interoperability of the Samba 4.0 Active Directory Compatible Server, Steve van Maanen, the co-founder of Starsphere LLC, an IT services company in Tokyo, said: Thanks to Samba4, I have two fully replicating Active Directory Domain controllers that boot in under 10 seconds ! It is nice to have alternatives, and Samba4 is a great one. Upgrade scripts are also provided for organizations using the previous Microsoft Windows NT Domain Controller functionality in Samba 3.x, to allow them to migrate smoothly to Samba 4.0. Suitable for low-power and embedded applications, yet scaling to large clusters, Samba 4.0 is efficient and flexible. Its Python programming interface and administration toolkit help in enterprise deployments. Created Using Microsoft Documentation = The Samba 4.0 Active Directory Compatible Server was created with help from the official protocol documentation published by Microsoft Corporation and the Samba Team would like acknowledge the documentation help and interoperability testing by Microsoft engineers that made our implementation interoperable. Active Directory is a mainstay of enterprise IT environments, and Microsoft is committed to support for interoperability across platforms, said Thomas Pfenning, director of development, Windows Server. We are pleased that the documentation and interoperability labs that Microsoft has provided have been key in the development of the Samba 4.0 Active Directory functionality. Introducing SMB2.1 File Serving Support === Samba 4.0 includes the first Free Software implementation of Microsoft's SMB2.1 file serving protocol. Building on the success of the SMB2.0 server in Samba 3.6, the Samba 4.0 file server component is an evolution of the trusted Samba file serving code that is used worldwide by vendors of file servers, such as IBM's clustered Scale Out Network Attached Storage (SONAS), and many other commercial products. In addition, the Samba 4.0 file server contains an initial implementation of SMB3, which will be further developed in later Samba 4 releases into a fully-featured SMB3 clustered file server implementation. Future developments of our SMB3 server and client suite, in combination with our expanding number of SMB3 tests, will keep driving the performance improvements and improved compatibility with Microsoft Windows that Samba users have come to expect from our software. Integrated Clustered File Server Support Building on our success as the first commercial implementation of a clustered SMB/CIFS server, Samba 4.0 provides industry-leading scalability and performance as a clustered SMB2/SMB/CIFS file server, using our clustered tdb (ctdb) technology - also available as Free Software. Clustered Samba provides a Single Server view of clustered file storage, allowing clients to connect to the least loaded server and still providing a completely coherent view of the underlying clustered file system. Written and tested to be compatible with most clustered file systems, both Free Software and proprietary, Samba 4.0 with ctdb provides a scalable clustered file server
Re: [Samba] [Announce] Samba 3.5.7, 3.4.12 and 3.3.15 Security Releases Available
On Mon, Feb 28, 2011 at 10:15:23AM -0500, Chris Smith wrote: On Mon, Feb 28, 2011 at 8:35 AM, Karolin Seeger ksee...@samba.org wrote: Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to address CVE-2011-0719. Will there be a new 3.5.7 Jumbo Patch available for those using it with 3.5.6 and strict allocate? Or does the current 3.5.6 Jumbo Patch work fine with 3.5.7 (I'm assuming it's not included as there was no mention of any other fixes in the release notes)? Both patches should work fine together. As per our policy, security fix releases contain no other changes than the security bugfix. Just take the 3.5.7 release and apply the jumbo patch on top of it, as you did with 3.5.6. A 3.5.8 will be released soon with all the pending patches we were planning the next release before it got preempted by the security fix. Hope this helps, Jeremy.
CIFS Engineering Workshop in Mountain View, California: September 26-28th 2007
CIFS Engineering Workshop: September 26-28th 2007. The Samba Team will be running a CIFS Engineering Workshop event hosted at the Google Campus in Mountain View, California, USA on September 26-28th 2007. This event is intended for engineers working on any CIFS products and services, not just products based on the Samba codebase. We welcome engineers from any implementers of the CIFS and SMB2 protocols, or from people shipping products based on these protocols, or people with a deep interest in advancing the standardization of these protocols. This is not a marketing or customer focused event, the intent is that engineers will get together and discuss protocol details and implementation choices in an open and free environment, helped along with free Google food and a gigabit network for testing. There will be some arranged talks, but mostly this will be an interoperability event. There will be some restrictions on using information gathered at the event for marketing purposes in the same way as the Connectathon event restricts using any performance or defect data learned at the event. The goal is for engineers from competing companies to feel free to work together without fear of revealing information they wish to keep secret. There is no charge for attending, but as this event will be hosted on the Google Campus space will be limited, so if you would like to attend or send engineers to this event please email : [EMAIL PROTECTED] as soon as possible so we can get an idea of the numbers involved (and help Google with planning). If you'd like to present a talk, please send a brief abstract to the same address. Currently the same review board who accepts talks for SambaXP will review the abstracts, but if this event is successful a more formal review process will be adopted. FAQ: Why a new event ? Attendance at the CIFS conference has fallen to such an extent that it has become a small interest group in the larger storage conference. The Samba Team wishes to revive interest in a broader discussion of implementation and standardization of the CIFS protocols, as well as promote an interoperability lab. Who decides who will be allowed to attend ? Currently the same group who runs the SambaXP conference, mainly the Samba Team, SerNet, and Google (who are hosting). The goal is to make this event as inclusive as possible, so initially we are trying to gage interest to finalize the numbers we can host (this is where Google comes in). I don't use Samba, should I come ? Certainly ! Anyone who has an interest in working on, documenting or standardizing the CIFS and SMB2 protocols is welcome. This includes any proprietary vendors as well as vendors who OEM the Samba codebase. Service vendors who implement and support CIFS networking with third-party software are also welcome. What software will be available to test against ? All versions of Samba, as well as any required versions of DOS and Windows products will be available on the test network. Other software will depend on the participants bringing versions of their software along. We hope to be able to get a varied mixture of CIFS implementations for testing. My company has signed the MCPP license with Microsoft, are we welcome ? Yes, although of course we would expect that your attendees please respect the MCPP licensing process and not divulge any information you have learned from the MCPP documents. You are especially welcome to bring equipment running your CIFS implementation so we can test against each other's implementations. Why is Google helping ? Google holds events on behalf of Open Source projects like Ubuntu, and has generously donated the use of facilities within their Mountain View Campus for this event. Is it free ? Yes, although you will of course have to fund any travel and accommodation expenses yourself. What about a T-shirt ? Currently we don't have a logo for this event, but the organizers are investigating making a T-shirt available for the participants. Do I get free food ? Yes, this is a chance to try out the famous Google cuisine :-).