Public bug reported:
Binary package hint: samba
The Samba postinst maintainer script systematically import all account
with uid >= 1000. This is so that user account and such have
corresponding Samba account. In most case, this is a good thing and
make. However, where the machine has been configured with a network
directory as the source of user account (ie, using nss_ldap), this may
not be desirable. Especially if the network directory host a large
number of user accounts, this could be very wasteful.
The behavior of the account import is preseedable with the
samba/generate_smbpasswd debconf template. This is good, but it's an
either/or proposition.
Perhaps it would be better if we where only importing local users (those
listed in /etc/passwd)? We could do that by specifying the compat
service to getent ("-s compat") in the samba.postinst maintainer script,
such as:
if [ "${GENERATE_SMBPASSWD}" = "true" -a ! -e /var/lib/samba/passdb.tdb -a ! -e
/etc/samba/smbpasswd ]; then
getent -s compat passwd | mksmbpasswd > /etc/samba/smbpasswd
pdbedit -i smbpasswd -e tdbsam -d 0
rm /etc/samba/smbpasswd
fi
I guess the implication owuld need to be considered, and the first thing is to
decide whether there is a good reason to import the non-local account in Samba.
** Affects: samba (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in ubuntu.
https://bugs.launchpad.net/bugs/721514
Title:
Samba should be more selective when importing accounts
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
