Slashdot Mirror
Samba Code Fork Announced
Andrew Klaassen writes: "No, it's not just another Samba code branch. It's a much more serious code fork, led by Luke Kenneth Casson Leighton and some of the coders who brought PDC functionality to Samba. The announcement was very circumspect about the developer differences which led up to the fork, as is the new project's (currently rather threadbare) Web site."
NT uses full ACLs while Samba is written to the lowest common denomiter (SP?), or true Unix permissions which are a 3 part ACL only (user, group, all). This causes problems between the mapping.
When I was subscribed to the Samba list, there was talk about how to go about it.
--
Ben Kosse
--
Ben Kosse
Remember Ed Curry!
So will samba be able to support Microsoft's bastardized Kerberos? What about Active Directory? Also, how does the "release" of MS Kerberos specs affect the development?
Oh, and is it possible to run samba as a non-PDC server within Active Directory network? (that is right now)
___
___
If you think big enough, you'll never have to do it.
>buy an FTP server package for Windows just to get a few files across.
That's FUD [unintentional?].
You don't need to "buy" an FTP server to get files across Win2k and Linux -- the free FTP server included in IIS is just fine, and I'm sure there's GPL stuff that's been ported also.
Aside from that, you can always ssh into the Linux box, and ftp files in the OTHER direction.
But why do anything? The FTP server in Linux works fine. I can't get the Win2K/IE 5.5 "FTP Explorer" to work with Linux (doesn't take password and there's no fucking logs to debug courtesy of Microsoft)... but WS-FTP works fine.
I use Win2k on one box, Linux on another at home. I've yet to get Samba working, though it's been more laziness than anything.
That would be "Tomix", "Dickix", or "Harrix"...:)
Any sufficiently advanced technology is indistinguishable from a rigged demo
--Andy Finkel (J. Klass?)
But, IMHO, Samba and the SMB protocol are a good example of a Bad but neccesary thing. Let me get this clear: "SAMBA IS GOOD, Samba let's you have a UNIX file/print server in a private network full of Windows machines. But the PROTOCOL is BAD. The extensions that have been added to the original protocol by M$ have made it a nightmare. I think that's why the Samba project is forking. But again, this is only MHO. Thanks to the samba guys anyway (both), who have been delivering a quality product from a lousy standard....
Ruin filesharing? They've already done that, and not only for non-ms platforms!
Am I the only one that runs into many problems with filesharing using Win2K? I have problems all the time: users that connect from Win98/95/ME have to enter passwords while I did not set any (yes, I do have the guest-account enabled, screw security!)
Then, sometimes it works without a password, then it asks for a not-existing password, then it does not work at all.
Since I put Linux+samba in between to do all this stuff I haven't had any problems whatsoever.
So, am I the only one experiencing this kind of problem?
(I know this is a bit - or actually a lot - offtopic - sorry about that!)
Every expression is true, for a given value of 'true'
Two focussed projects can be managed more effectively and can produce results faster than a single project that wants to be everything to everybody. So, when it happens for technical reasons, forking a project can be quite rational. Besides, the two projects can still share and exchange a lot of code--it just requires a little more hacking.
On another "official' fork. Take Mozilla. They officially anounced that Mozilla would fork. There would be netscape 6 and Mozilla. At some point they would come back together again. If you get Netscape 6 and Mozilla they are different ever so slightly. Netscape is focusing on stability and speed and targeting towards a release that AOL can ship with there software. There focus is more on the Windows / MAC side as that is where AOL software runs. Mozilla is also focusing on this but they are focusing on Linux (read there pages this is true test the software). I have both Netscape 6pre 3 and Mozilla 18. They are ever so slightly differnt with an end goal that the two will someday merge back to one.
I don't want a lot, I just want it all!
Flame away, I have a hose!
Only 'flamers' flame!
There were two main branches in the samba group. These guys wanted samba to be a complete replacement for Windows NT/2000. The other group just wanted samba to be able to interact with a windows network and felt that if you wanted a Windows PDC, you should get a windows machine. I was hoping this stuff would work itself out, but it sounds like the two groups could not agree on the future of samba so they split. The PDC folks are a minority anyway, so they broke off. The Samba folks want win2k support and it works anyway, but they don't want to support all the functionality of a win2k server, whereas the TNG group did.
The original idea was that SAMBA TNG was the development branch. As parts became stable, they were to be merged into the main branch. It looks instead like they'll try to turn the development branch into a stable branch.
But nothing says that the main SAMBA branch team can't merge parts of TNG into the the main branch, like the BSDs who sometimes use each others' code.
Order the pizza. Ask for a second box. When it arrives, take half the pizza and put it in the second box. Mail both.
Okay, it's not as easy as sending a voucher, but it's equally fair to both code parties...
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
I think it is a bit strange to characterise what Redhat and SuSE do as
forking the kernel. It would be more accurate to say that they
maintain a set of patches to the kernel that they keep updated and
apply to each new release (which is something many kernel developers
do on their own anyway). What they don't do set up an alternative
linux-kernel development community that duplicates the work of the
main development effort, which is what is commonly undetsood by a fork.
If we end up being able to run smbd from the main samba project for our file sharing, and the TNG PDC stuff for user/machine authentication simultaneously, then this will be a win. If it's all-or-nothing with either project, then we lose.
Of course it should always be possible to run samba with security=server pointing at a TNG server. I'd just like to be sure I can run both on the same box.
"Even if you are on the right track, you'll
get run over if you just sit there." Will Rogers
"Even if you are on the right track, you'll get run over if you just sit there" - Will Rogers
It sounds like setting up a IP alias would be the only hassle, then just setup Samba to listen on one and Samba-TNG to listen on the other. (Remember they both listen on the same netbios ports).
It could end up being quite a win-win situation.
TNG is much more about RPC than about filesharing ....
.... there is an remote smbstatus for srvmgr.exe, and many more things planned ....
with TNG you can add users to your smbpasswd whith the NT 4.0 usrmgr.exe
Samba Information HQ
nah, security=domain is used when you authenticate your users against *another* pdc...
h p3 for howtos about samba-tng
if your are doing your own pdc, you should use security=user
check http://bioserve.latrobe.edu.au/samba/ for very nice info about samba 2.0.7 (latest stable, does not work as pdc with wni2k)as pdc
check http://www.kneschke.de/projekte/samba_tng/index.p
Ring brother, ring for me | Ring the bells of hope and faith
Ring for my damnation | I am at the gallows end
Only, if I recall correctly, if it's NT4 PRE SERVICE PACK 4. Not NT4 SP6a, and not Win2K Professional.
Vintage computer games and RPG books available. Email me if you're interested.
Having PDC/BDC functionality is a very useful thing - are there no plans to merge it into the main codebase?
BlackNova Traders
I have directories mounted using smbfs on my Linux box from shares on my Windows 2000 box.
So, what's missing?
Actually IE (and I think netscape does this as well) will let you enter your password seperately.
Just use ftp://user@site.com and enter the password when it prompts. After you quit every instance of IE or NS the address will remain in the history, however it should forget your password.
Fist Prost
"We're talking about a planet of helpdesks."
Fist Prost
"We're talking about a planet of helpdesks."
-Jaron Lanier
It works, but partically, if you just want to map a couple of drives over, it works ok, mainly because Win2K is running in compatability mode.
:/
However, they want to Samba to include PDC (Primary Domain Controller) support, and ActiveDirectory (LDAP based) support, with full support for kerbreos, access controls, SDP support etc.
MS also have a 'internet file system' standard to replace SMB, they've made the standard publicaclly available apparenltly
i dont know about anyone else here, but I always found smbmount to be the most obvious SMB client on Linux, since it allows you to map a windows drive just as any other mounted device. Whereas smbclient always seemed like a very clumsy tool that can't easily be integrated with other console/X apps (or maybe im wrong here, feel free to point something out to me).
Anyway the samba site has said for quite a long time:
Which would be fine if Andrew Tridgell answered any emails about it, such as the problems I'm having getting it to work as anything other than root (and its *not* the RTFM solution in the man page, tried it, been there, done that, still doesnt work).So does anyone care about being able to talk to a windows machine just like any other mounted device?
---
"Hasta la victoria siempre!" El Comandante
There is no spoon. -- Neo
A lot of people have wanted to go very different places with Samba, and have had different visions of how to get there.
I just wish that everyone could resolve their differences through modularisation of the code so that desired features can be compiled in or not. Some of these require rewrites, or different handling, but many can often be done in a complimentary manner.
- Michael T. Babcock (Yes, I blog)
W2K PDC functionality, which is what you get with Samba TNG lets you create accounts on your Linux box which are recognized by the W2K machines in your domain. So, the big thing here is that if you have x W2K boxes you don't need to go to each one to add a user. With a Samba TNG PDC the W2K machines will look to it to get account information.
Without a Samba-based PDC you've got to get NT Server, or go to each W2K machine and add acounts, both of which are major PITAs.
Now I am not a Samba member, but I watch several of the development lists. Here is my take of the situation.
As far as I can tell, Samba TNG's goal was an attempt to fake being an NT server at the expense of everything else. The sole reason for TNG's existence (at least while I monitored the lists) was to provide a reference implementation of the NT server calls that could be backported into the main Samba development branch. And indeed, many things were broken (password changing, good file sharing with 95/98 machines, etc.) in the attempt to get the NT calls working. This was fine, since it was not intended to be widely used.
Unfortunately, many people on the Samba lists implemented Samba TNG as if it were finalized code. They wanted the Win2k domain controller support *before* Samba was ready to provide a stable implementation of it, often complaining (loudly) about this as if it was Samba's sole goal. But the core Samba team was taking its time working on this subject. The Samba TNG staff also had a different working style than the main Samba team. These and other facts (Samba TNG uses about seven daemons, while the current stable samba uses two, etc.) helped lead to this code fork.
In other news (as those of us watching samba-cvs already know), enough support so win2k can join an NT 4 style samba-controlled domain was just put in the CVS tree for samba 2.2 this past week. If you're looking for that, checkout a copy of that, but note it is *alpha* (not even beta) software right now.
So, where's the Samba Code spoon and the Samba Code knife? I want the entire Samba Code stainless steel flatware set!
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer
It's true that there are many different patches around, and custom kernels with major distributions.
But what hasn't developed is a derivitive "Stanix" or "Davix" "Tomix", where someone else is in charge of the entire source tree.
When a fork happens, someone new assumes responsibility for the entire tree. They don't pay very much attention to the other branch.
But patches are just improvements is specific areas. They acknowledge the main branch as essentially good, but lacking in one respect or another, and fix just that aspect. Most of the good patches will join the main branch at some point.
So yeah, there's a lot of variation out there. But it's not quite forking.
Samba works fine with W2k, I use it every day. Lots of users, lots of drive maps. You can have account mappings and shared directories and everything you may like.
The thing they want to get sorted is that we still need a W2K Domain Controller. Samba can't do the job so you can't have an all Linux network server and appear to be beating MS's drum in terms of network structure. I least thats they way I read it last time I checked the FAQs, but I'm no SMB pro.
I've got a P166 to do ALL the file serving and a P333 just to control the domain. Doesn't make a whole lot of sense.
0daymeme.com: Great stuff.
Hey I wrote a program, and I got so many requests by others for this and that to be added in and I added osme of the features in like reading data from a pipe into the editor. Some submitted a patch some did not. In the end some people asked me permision to start there own projects using my code to add this or that functionality and I said that it was fine. As long as there are no hard feelings between the two groups of the samba projectS.
Hey if you look at the Linux kernel there are already so many forks in it. Redhat and SuSe send out there own version of the kernel with there own special patches already applied to them. There are patches all over the place that allow you to customize the kernel and add features that are not part of the main distribution. Has that hurt Linux? NO it has actually helped as now the code gets tested more. It is a good thing. Althought there is not an announced fork in the Linux kernel they exists. Hey not to long ago there was an article about some compnay who was offering a patch that made Linux perform better for RT video and gaming.
Hey forks happen!
I don't want a lot, I just want it all!
Flame away, I have a hose!
Only 'flamers' flame!
I am not involved in the samba/tng projects in any way, except as a user, but I've been following the project sort-of closely for a good while, and here's how things about this fork look like.
First, TNG was *not* the devel branch of samba, it was a parallel branch to the HEAD (aka main) branch of samba. TNG's objective has always been to create a Primary Domain Controller with full WindowsNT4.0 functionality. HEAD's objective has never been stated as to haveing a PDC...it's for a file/print share server, nothing else.
Samba has been able to authenticate win9x clients for a while, but if you have an NT worktsation, you need to have an NT server to authenticate your domain, because samba won't listen to it.
Luke and other samba developers have been working on TNG for a good while (as long as I have been following samba) with the goal of creating a Samba PDC that you can't distinguish from an NT4.0 PDC.
There has always been some tension between Luke/the TNG team and the main Samba team, because of technical and phylosophical matters, that came to a conclussion about a month ago, when Luke decided to drop out of the Samba team and, aparently, drop TNG.
Now, Luke and the other TNG people have decided not to drop TNG, but fork it off samba.
As a user/administrator of samba boxes, I believe this is one of those forks that will end up in the Good Thing list....why?
Samba is a great file/print shareing server, fast and reliable (as fast and reliable as the very broken and ugly SMB protocol can be), and the samba team focuses on that, and they do it well.
TNG's objective is, for all purposes, different and broader...they want to create a Primary Domain Controller That Doesn't Suck, that is...a *nix based PDC, and that, in my view, is a Good Thing.
They travell the same paths, because file/print shareing and PDCs use the SMB protocol to accomplish their job in a mixed enviroment...but they have never really been the same thing...and I see this fork as a Good Thing.
If you really want all the info on this, read up on the archives for the samba mailing lists, or the Kernel Cousin - Samba archives that Linuxcare puts out every week, you'll be able to understand what's going on better.
Vox, who knows good things will come out from Samba and TNG.
Pain is the gift of the gods, and I'm the one they chose as their messanger...
I think anyone who has followed the development of the samba project over the past few years, even at a distance, can understand this fork. samba, as a project, is necessarily somewhat schizophrenic. On the one hand, the primary reason is to "emulate" file and print services provided by the microsoft platform. On the other hand, i think that the developers would like to provide an independently valuable server platform.
But samba, as a project, has not quickly been able to adapt new funcitonality provided by microsoft. encrypted passwords and PDC functionality are good example.
People in the open-source community are rightfully jittery about forks, but I think that this one could make sense. On the one hand, we get the main samba project persuing the goal of just having a great file sharing server platform. On the other hand, we have a lighter-weight project with the specific goal of just acheiving W2K full interoperability. I think this could be cool.
When a source code tree forks, there can very easily be misunderstanding and speculations about why the fork occurred and what will happen next.
:)
:) )
Luke leighton is a very good friend of mine. He was the Samba team member who helped get me involved with Samba. He still is a very good friend of course.
I have talked about this with Sander Striker and some of the others as well. It is important that the goal of the Samba TNG (as stated in the source code fork announcement) is to use the existing TNG code base for a portable dce/rpc library as well as other RPC implementations / research.
So this begs the question, what will happen now?
We all hope to be able to learn from and share ideas/code/jokes with each other. Hopes are that this will free up Luke and others to focus solely of the MS RPC implementation in Windows NT/2000. Samba itself will greatly benefit by being able to take advantage of the effort exerted by the TNG developers. In return, the TNG project will hopefully benefit just as much from the code review process of implementing these same RPCs in Samba. (developers often say it takes 3 - 4 four implementations to get something right
IMO (although I hate code forks as much as anyone), this was a good move for both Samba and the TNG project. I will not be surprised to development of both projects accelerate. Of course, this is only speculation, but I base it on the fact that we all can pursue each projects goals without being held back by trying to be portable to both code trees. This became alomost impossible even before TNG became a separate GPL'd project.
If you are interested in finding out more, I encourage you to view Samba's development roadmap at http://www.samba.org/samba/development.html (choose your local morror site please) and the Samba TNG pages at http://www.samba-tng.org/
Cheers, jerry
SAMBA Team