Project

General

Profile

Tâche #28369

Scénario #28295: Évolutions AD identifiées suite à expertise

Vérifier l'option "vfs objects"

Added by Gilles Grandgérard almost 2 years ago. Updated 11 months ago.

Status:
Fermé
Priority:
Normal
Assigned To:
Gilles Grandgérard
Target version:
Distribution EOLE - sprint 2019 21-23 Equipe MENSR
Start date:
04/29/2019
Due date:
% Done:

0%

Estimated time:
0.00 h
Remaining (hours):
0.0

Description

D'après testparm, la valeur par défaut est :

    vfs objects = dfs_samba4 acl_xattr

Mais on reste obligé de gérer l'option à cause de la corbeille !

Related issues

Related to EOLE AD DC - Scénario #29452: Étude : proposition de suppression de la valeur "acl_xattr" dans la directive vfs objects du smb.conf du seth membre Terminé (Sprint) 03/04/2020 04/10/2020
Related to EOLE AD DC - Tâche #30090: Ajouter la variable ad_utiliser_xattr Fermé 04/16/2020

Associated revisions

Revision 373e8c15 (diff)
Added by Gilles Grandgérard almost 2 years ago

dans la section globals: vfs objects n'est pas la même d'un DC à u n
membre.

REF #28369

Revision 50e2f45b (diff)
Added by Gilles Grandgérard almost 2 years ago

nettoyage mauvais code vfs ...

REF #28369

Revision ab399cef (diff)
Added by Joël Cuissinat almost 2 years ago

Do not (re)define "vfs objects" in ScribeAD

Ref: #28369

History

#1 Updated by Joël Cuissinat almost 2 years ago

  • Subject changed from pb vfs_xattr to Vérifier l'option "vfs objects"
  • Description updated (diff)

#2 Updated by Gilles Grandgérard almost 2 years ago

Voir le comportement par défaut:

[[https://gitlab.com/samba-team/samba/commit/3dbff676eaadb5140296b5ede7aba93a6d0311b7]]

static void init_locals(void)
{
    /*
     * We run this check once the [globals] is parsed, to force
     * the VFS objects and other per-share settings we need for
     * the standard way a AD DC is operated.  We may change these
     * as our code evolves, which is why we force these settings.
     *
     * We can't do this at the end of lp_load_ex(), as by that
     * point the services have been loaded and they will already
     * have "" as their vfs objects.
     */
    if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
        const char **vfs_objects = lp_vfs_objects(-1);
        if (!vfs_objects || !vfs_objects[0]) {
            if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
                lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
            } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
                lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
            } else {
                lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
            }
        }

        lp_do_parameter(-1, "map hidden", "no");
        lp_do_parameter(-1, "map system", "no");
        lp_do_parameter(-1, "map readonly", "no");
        lp_do_parameter(-1, "map archive", "no");
        lp_do_parameter(-1, "store dos attributes", "yes");
    }
}

...

static void lp_enforce_ad_dc_settings(void)
{
    lp_do_parameter(GLOBAL_SECTION_SNUM, "passdb backend", "samba_dsdb");
    lp_do_parameter(GLOBAL_SECTION_SNUM, "winbindd:use external pipes", "true");
    lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:default", "external");
    lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:svcctl", "embedded");
    lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:srvsvc", "embedded");
    lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:eventlog", "embedded");
    lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:ntsvcs", "embedded");
    lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:winreg", "embedded");
    lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:spoolss", "embedded");
    lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_daemon:spoolssd", "embedded");
    lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:tcpip", "no");
}

#3 Updated by Gilles Grandgérard almost 2 years ago

  • Status changed from Nouveau to Résolu

#4 Updated by Gérald Schwartzmann almost 2 years ago

  • Assigned To set to Gilles Grandgérard

#5 Updated by Joël Cuissinat almost 2 years ago

  • Status changed from Résolu to Fermé
  • Remaining (hours) set to 0.0

#6 Updated by Joël Cuissinat about 1 year ago

  • Related to Scénario #29452: Étude : proposition de suppression de la valeur "acl_xattr" dans la directive vfs objects du smb.conf du seth membre added

#7 Updated by Gilles Grandgérard 11 months ago

  • Project changed from Distribution EOLE to EOLE AD DC
  • Estimated time set to 0.00 h

#8 Updated by Gilles Grandgérard 11 months ago

  • Related to Tâche #30090: Ajouter la variable ad_utiliser_xattr added

Also available in: Atom PDF