Slashdot Mirror
Tridgell Taking Samba Beyond POSIX
dW writes "The Australian hacker has been working on pushing Samba beyond the POSIX world and figuring out what work needs to be done to get Samba to support new filesystems such as XFS, ext3, and Storage Tank. The answer is nothing less than a complete rewrite of Samba's smbd code, which has become his latest pet project. Here's an interview with Andrew Tridgell on his latest Samba rewrite."
Out of the datacenter market!
You think that I'm crazy, you should see this guy!
There's no support for ext3? I'm sharing out several partitions with ext3 file systems via samba right now. Maybe they meant some other type of "support".
Everyone is entitled to their own opinion. It's just that yours is stupid.
They way I'm reading this support for things like XFS/ext3 etc is that samba will implment things such as native ACL's and such like. However I can help but wonder how these will be preserved if say the server is XFS and the Client FAT. The only think I can think of is some sort of file which stores it as Metadata. Of course if it was XFS -> ext3 then you might be able to convert to the native setup but it might be buggy and subject to the filesystem formats changing
Rus
Cheap UK and US VPS
samba appears to support FFS with softupdates just ;)
fine so I'm cool.
For every annoying gentoo user, are three even more annoying anti-gentoo crybabies. Take Yosh from #Gimp for example.
I think he means that instead of Samba presenting itself as a legacy CIFS file server it should serve files to a client expecting other file systems. So you could run Samba on AIX and tell your Linux box it's an ext3 connection.
Or maybe it's because the user level file systems on plan9 have made too much of a mark on me.
open, close, read, write & walk baby, s'all you need
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
Don't like NFS, AFS is nicer, though a bit quirky to the uninitiated.
Government of the people, by corporate executives, for corporate profits.
Yeah NFS is a better system. However in defense of MS they have document SMB (aka CIFS) so people can understand it. However virtually every other recent OS has support for NFS so it would be nice if MS included native support rather than just in their UNIX Tools which are cost extras
Rus
Cheap UK and US VPS
Samba's existence is vastly important to the adoption by corporate management of perceived 'alternate' computing systems (i.e., Linux, Mac, sometimes Unix, as opposed to Windows) in the datacenter. The simple fact that there exists an easy-to-use, open source method of interconnecting disparate file systems, allowing multiple OS co-existance, is often the lynchpin in convincing managers to permit non-Windows systems to be deployed in a company. I have worked in several situations where employees have wanted to use Mac OSX desktops or Linux/Unix servers (etc.) in an all-Windows shop, and managers balked at the idea until they were convinced that data could still be exchanged, and that the 'alternative' OS'es could still 'talk' to the Windows machines.
With this established managerial behavior in mind, isn't it interesting that IBM would have hired Samba's creator outright, to work on a project which furthers Samba's ability to communicate with additional operating systems? Samba in many ways is a 'license to change' computers in a datacenter for IT staff. IBM has positioned itself to pump funding directly into the Samba project, as well as to have a say in which file systems it supports; this gives IBM the ability to write its own ticket in terms of promoting its disparate filesystem architectures' usage in the datacenter, alongside their Windows brethren.
Who's working on polishing up that ActiveDirectory and Kerberos stuff so I can continue to use my samba based PDC with WinXP.
It's neat that he's extending the SMB protocol to support some more of the native features of the underlying filesystems.
But I'd wager the lions share of it's user base want samba to replace/supplement Win2k Server, and soon Win2003.
This always happens in open source. Projects get pulled in a new direction before they're completed. Developers always want to work on neat stuff and get bogged down in the academics, and it doesnt produce a truly functional result.
There's nothing that can be done about it, it's his time, his decision. Still, it sure would be nice for samba to be a full member of a Windows 2000 domain.
I don't need no instructions to know how to rock!!!!
When I first read the headline, I thought that it said "Trogdor Taking Samba Beyond POSIX." I thought "Why would the burninator bother with this? Doesn't he have villages to burninate?" Yeah. I'll go ahead and read the article now...
The article was similar to Tridge's talk on the same subject at linux.conf.au in January - "towards full NTFS semantics in Samba."
The talk (in Ogg Speex audio format) and accompanying paper are on the linux.conf.au CD. There's a list of mirrors on their web site, both to mounted copies of the CD so you can download individual talks, and ISO images of the whole thing.
> Yeah NFS is a better system. However in defense of MS they have document SMB (aka CIFS) so people can understand it. However virtually every other recent OS has support for NFS so it would be nice if MS included native support rather than just in their UNIX Tools which are cost extras
And NFS support helps Microsoft's business case how, exactly? I can't think of *any* reason for them to support a competing networked filesharing system, and plenty of reasons for them not to - including their historical distaste for all things Not Invented There, unless they've been suitably embraced and extended.
I was on Monday and Tuesday on SambaXP where Tridge had talk about Samba 4. Also we discussed possibility of having completely Windows-compatible (and NFS v4) compatible ACLs on standard fs like XFS and ext3. Result was that Samba team needs a kernel interface for this so I'm going to hire some summer students for this and I expect some working code on autumn.
I don't know what they're talking about, but if you compile XFS in, all the acls libs, and then compile Samba, you get something that you couldn't tell from Windows. Apart from the uptime, the speed, the security....
Get your own free personal location tracker
I wasn't aware that Windows supported a view of files where they had multiple forks.
I hated the concept of resource forks on Macs, and I hate this.
There can be only one perhaps?
You may think me a tired, old, cynic. I'd have to disagree about the tired bit.
Hmm, not so sure. All that portmap baggage is annoying. And there is no username level security.
Get your own free personal location tracker
Cos AIX, Darwin, Linux, Digital Unix, HP-UX, Irix, MacOS X 10, Solaris, *BSD and Windows all have free client software...
So, by "majority of OSes"... Did you mean DOS?
Government of the people, by corporate executives, for corporate profits.
I don't think the Samba team is well. At least not in the head anyways.
These guys look at some of the uglyest packets in the world. And they keep doing it. And they keep coming back for more. Ever hear Tridge talk about whats going on inside the SMB packets? Hes not too hard on MS in the large public forums but see what happens when you hand him a VB or 5 before a talk... then he will give it to you without the sugar coating... Were talking odd sized data structures that may or may not be little endian. Most of the time the structures are hiding inside other structures and the inner and outer structures will have different bitness and different world alignments. Nest a few levels for even more pain. And then repeat. This is what these guys do for FUN! This is why I'm concerned about them.
Now they want to tackle other stuff as well? Maybe they could just throw in Novell's stuff for grins. Once they have done that, they will win the all time award for being the most saito masicistic coders ever. No one will ever be able to beat them. Ever. Its not even worth attempting to compete with them.
The parent poster writes:
else I'll be using NFS which is a much better protocol in every area.
Er, yes... like how NFS relies on the hostname for security, while SMB/CIFS relies on a password.
NFS is as (in)secure as the r* commands (rlogin, rcp, rsh). It relies on the client to authenticate the user, and the server only trusts certain clients (or anything pretending to be certain clients).
Now I'll admit, a good firewall should keep NFS safe. Under certain setups, even a good router should be enough. However, I prefer to think of a firewall as one layer of security - not my first, last, and only line of defense.
Although I'm not currently using it, AFS/Code seems to be a cross platform (win, mac, unix) secure replacement to NFS.
NFS might be a better protocol then SMB/CIFS in certain areas, but for security, SMB/CIFS wins (even the old versions of SMB that rely on plaintext passwords).
A complete rewrite? WTF? I thought smart developers learned a long time ago that rewrites are almost always a waste of time.
There are many issues to be overcome when doing a complete rewrite. As a developer, I understand the desire to rewrite something from scratch to make it feel better. You feel like you are doing something to improve the system. However, this hardly ever happens. Most developers face serious burn-out issues when they rewrite something. It's fun at first but as you realize the magnitude of what you're trying to do, you quickly start to burn out before you are even close to finishing.
The thing is, even if you do manage to rewrite everything, there will STILL be issues. Hacks, special conditions, etc. All the same types of issues that made you feel bad about the original version will be present in the new version. They may take a different form, but they will still be there.
Successful systems tend to just continue off the old code. Rewrite the problem areas, add things that are needed, etc. That's how you make forward progress. In the end, the only thing that matters is that it works. It doesn't matter how crappy you feel about the code, if it works then people can and will use it.
It's not an impossible task, I just think it's not the smartest thing to do.
The ratio of people to cake is too big
Actually, no- I'd rather have cross-platform file locking. Correct me if things have changed since 2000 when samba and netatalk developers were "thinking" about this problem, but...
It is a HUGE problem that netatalk, Samba, NFS, and the system itself don't share common file-locking, and some file-based applications like Visual Source Safe(still used by many shops) -require- file locks be across all the shares; if you don't have it, you run a serious chance of screwing things up.
WinNT/Win2k with Services for Macintosh is the only server I know of capable of cross-platform locking, and that is pathetic...
Please help metamoderate.
exactly, it is much, much harder to get an NFS system properly secured then a CIFS system. Since CIFS is now an open standard I don't see much reason not to use it. I just wish there was a better way to map unix permissions and CIFS permissions onto a single filesystem, this is one of the most frustrating thing about admining our netapps.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
Instead of trying to simply take advantage of extended attributes of various filesystems, what about taking Samba the same route as NFS and implement some kernel-level support? Replace the existing kerne smb code with samba-based client/server bits, similar to NFS; a mix of knfsd and usreland bits like portmap. This could eliminate the many layers that could crop up simply by trying to make the daemon-only version use various filesystem bits.
Don't convert the ENTIRE samba to kernelspace; that would be pointless for samba on other platforms. But development of a 'kernel plugin' allowing Samba lower-level access to filesystem bits might be beneficial.
(yes, I'm ignoring the potential security foo at the moment and realize it's another portal of potential exploit.. but instead of adding more abstraction layers to the system it might be nice to simply access those wanted features directly).
'fester
Many opensource projects started out trying to emulate some other protocol, then overtook it and grabbed the lead.. then the proprietary protocol had to follow.
Samba is in a similar position. I think there are improvements to be made, efficiency, authentication, virutualhosts?(multiple domains/workgroups/subnets with the same daemon), better filesystem support, changes in the protocol making it faster, more efficient and unbreakable etc.
If Andrew can release improvements to samba for say win9x, 2000 and xp, replacing some networking DLLS,or just replacing microsoft network client, samba can be in a real leader position. MS SMB code is deinitely buggy or just inefficient, even on one subnet with 8 hosts. Improve that, release the improvement as GPL, and people will flock to it. Best form of marketing of Linux I can think of. OSSphobics will have no way out.
"Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
I am so tired of applying security patches for system software... the latest double-double vulnerability of samba and sendmail were quite trying.
We keep hearing that the use of a language with bounds checking and a GC would solve a great many security problems. Is there any push towards such a platform?
I don't know much about Objective C, but it seems to be tight with gcc, g++, and g77. Does it have the needed security features?
At this point, I'd almost prefer that Samba was written in Java.
"Rewrite" is rhetoric here. He is making large changes to the existing codebase, which he says will involve modifying about 30% of the code. He's not throwing it all away and starting again. Calm down, or RTFA.
ah. it's just standard /. sensationalistic reporting. i should've realized that.
Smoke crack for baby jesus? ... I want my files now not next week when the JVM decides its done cleaning up after itself!
..."Although I'm not currently using it, AFS/Code seems to be a cross platform (win, mac, unix) secure replacement to NFS."
AFS, or OpenAFS is not -only- a replacement for NFS it is way over NFS in terms of security and scalability. If you aren't using a global namespace filesystem, then you can't actually call yourself knowledgeable of system administration. The only replacement for AFS that is even close is Microsoft's "Win2k AD'd dfs", and even it is missing a large number of features that AFS has.
I'm rather shocked that people don't use global namespace network filesystems for data storage and application servers. The redundancy is excellent.
And, since AFS can be modularly seperated from the authentication system and client OS, it makes for an excellent tool for system upgrades.
Just my 2 cents.
You also should have read the article before commenting on it.
Objective-C isn't garbage-collected nor does it have built-in bounds checking. It wouldn't help in this situation. What we really need is to start developing everything in Ada!
The problems with AFS are that it's almighty bizarre to Joe Average Sysadmin, and that the clients aren't as widespread -- I was going to use "mature," but that's not really a word any rational person would use to describe NFS in /any/ respect -- as the clients for NFS. I love AFS, have proselytized for it in the past, but it's just hard to overcome sysadmin laziness, perceived difficulty of administration and installation, and the network effect of much crappier protocols.
'jfb
To spur "enterprise Linux," Big Bang, the distributed two-phase commit.
I'm so tired of people pooh-poohing C because it can leak. C, when it is the right technology can outshine other platforms. The trick is to make sure you are choosing the right technology for the task. For Samba, C is pretty damn close to perfect.
Samba is supposed to be a cross platform networking technology. C is perfect for that because it is supported on nearly every system out there. Writing a program in C conforming to POSIX standards means that it will work 99.99997% of the platforms out there now.
Another reason why C is a good choice for Samba is because it can directly access memory. A lot of Samba is reading bytes off of this buffer and writing these bytes to that buffer. In a memory managed system you need to fight against the GC to make this work. It is also harder to write kernel parts in a language other than C.
As for Object C, it does not contain garbage collecting or stack protection. As for writing Samba in Java, you would have just as much success porting it to Perl instead and you will probably hit more platforms.
C isn't perfect. You can hang yourself easily with the language. However to say "C Sucks!" is a gross characterization. It definately has its place and it looks like Samba is one of them.
I'm still waiting for samba to fully support my windoze users and fully emulate a windows box 100%. a good example is printing support. I still cant deploy it to a network of windows boxes due to the lack of print queue management from windows workstation. They can print no problem, but god help them if they need to cancel that 200 page document. So far it cant seem to be done from the workstation. The workstation print queue shows the print jobs, but gives errors about not being able to connect to the server queue.
C is for programmers who do not need someone to hold their hands. Garbage collection is nice, garbage collection can be useful. But when you are programming low level things, it just gets in the way. C is designed for low level things.
Life sucks, but death doesn't put out at all....
--Thomas J. Kopp
No, having a root account is not a great failure of POSIX. The great failure is in irresponsibly using the root account like most Linux systems do.
There are far too many things on a Linux system that require root access. Adding ACLs is only have the battle, the other battle is using them responsibly.
However, even without ACLs you can use tools like sudo to avoid passing out the one true root password, or even avoid having a usable root account at all, except through sudo.
Basically, there's a number of things that your typical Linux system does not do that could be done to improve security and accountability.
ok... you're completely wrong about NFS and security.
/RPC/ to provide the security. The mechanics of authentication or securing the RPC transport just are plain not in the remit of NFS.
/mandatory/, which linux 2.5 has support for (not sure though whether all the userspace support is there yet). So 2.6 will hopefully at last support high-strength secure authentication for RPC (and hence for NFS v2,3 and 4) via the AUTH_GSS rpc_sec auth mechanism.
a -nfsd-auth/paper/node2.html
/not/ its fault.
It does not rely on hostnames for security, it does not rely on trusting the client to authenticate the user. NFS in fact relies solely on
Sun RPC in fact can be quite secure. There are various security mechanisms it can employ, and the problems you're just describing are all with one specific mechanism: auth_unix. It just happens to be the most commonly used one, and the only one supported on linux. However, if you use Solaris or OpenBSD there are other mechanisms available, eg auth_dh (public key based i think), auth_kerb (kerberosv4 - was secure, but flaws are known) or auth_gss (Most recent mechanism: Generic Security API / Kerberos V5 typically - which can be quite secure.).
The problem is that auth_unix is the easy option, and the only one that is guaranteed to be implemented by RPC. However, thankfully, with NFSv4 this will change as it makes support for AUTH_GSS and
See:
http://www.cse.unsw.edu.au/~neilb/conf/lca2002/lc
and the rpc and rpc_secure (if your system supports it) man pages for more info on RPC security.
Anyway, stop blaming NFS for things that are
I use Friend/Foe + mod-point modifiers as a karma/reputation system.
The only replacement for AFS that is even close is Microsoft's "Win2k AD'd dfs", and even it is missing a large number of features that AFS has.
;-)
Most notably the ability to build a distributed filesystem that doesn't have a single point of failure, as was required by the MS DFS the last time I checked, since all the name re-mapping happens on a singel server. Ugh - what were they thinking? This has got to be one of the most egregious examples of Microsoft not thinking through the problem before writing the code.
On the other hand, MS DFS was never intended to be a real solution, but just to keep W2K from being disqualified because it didn't have heirarchical mounts. I've seen MS draw it like a gun in several companies where this was an issue - a situation that really sets me up to earn my consulting fees.
"The future's good and the present is nothing to sneeze at." - Roblimo's last
Much of the most secure software around is written in C. Look at OpenBSD or qmail or djbdns. The problem is not the language, the problem is the skill of the programmer. C makes good programmers better, and bad programmers worse.
:)
And yes, bounds-checking and GC are nice for a lot of things. And they do make it much easier for a mediocre or average (or even a good) programmer to write safe, reasonably secure code. The problem is the overhead. For a lot of things, that doesn't matter, and for a lot of things, I firmly advocate the use of higher level languages (don't care if it's lisp or python or whatever). But for some things, like basic kernel and networking features, where performance can be critical, it very much does matter. So our only hope is to get stuff from programmers who have proven themselves to be able to write solid, secure, fast code. That means, e.g. dump the damn sendmail and install postfix or qmail. And as for samba, well, just get rid of windows from your site, and it'll cease to be an issue. And in the mean time, remind yourself that it's still a lot more secure than anything you've seen from MS so far...
Yeah, but can i diskless netboot it?
If your desktops are XP, disable the firewall (which by default blocks ports 137-139). This affects you even with WinNT4.0 on the server-side
If this problem is not specific to XP machines, then either
1)Your authentication is stuffed
2)Your print commands in your smb.conf file are wrong.
samba+cups rock for serving printers!