The packaged/binary install of samba36 lacks ADS (a "Windows compatible" file server that lacks Windows authentication?), so I had to manually compile it.
The Samba 3.6 setup has worked for me for around ~2 years. However, I tried to move to Samba 4.1 not too long ago, just to make sure that I was up to date and got all the security fixes.
I found that even though net/samba41 includes ADS, it does NOT include the actual modules for it to work with id mapping!
I submitted a bug here:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197320
I tried to build net/samba41, including several options such as building the "experimental" modules, but also selecting the DEVELOPER option causes it to fail. I submitted another bug:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194046
Once I get net/samba41 built (without "DEVELOPER"), an update then came out that seemed to break how winbindd starts in /etc/rc.conf. Another bug report submitted:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=198064
The next issue is that some Mac users as well as Windows XP and Windows 2003 users were causing Samba 4.1 and eventually FreeBSD 9.3 to hang.
I tried to kill the Samba service, but then I'd run
(D state = "uninterruptible sleep")
I couldn't kill the process or reboot the server. I'd have to hold power to shut off the server.
The Samba logs had no errors, but /var/log/messages had stuff like this over and over:
I Googled sendfile_short_send and didn't find ANY other users mentioning that message.
So, I decided to pull Samba 4.1 and install net/samba40. During its build it listed dozens of errors. Apparently some dependencies were not fulfilled by portmaster. No, I did not write down the errors. I was getting a little frustrated and just decided to go back to Samba 3.6.
Build options for Samba 3.6 changed as well! It didn't work like it did only a few weeks ago.
While I had no issue installing Samba 3.6.24 in the past, trying to build Samba 3.6.25 gives multiple issues.
First:
That wasn't an issue in 3.6.24. Going with GSSAPI_BASE seemed to work.
But alas, idmapping wasn't working!
/usr/local/lib/samba/idmap/ad.so was missing, the same file that the Samba 4.1 installation lacked!
You now have to compile Samba 3.6 with the EXP_MODULES option if you want ADS to work. This wasn't the case before.
When did the EXP_MODULES option change? When did the GSSAPI_BASE/kerberos option change?
I saw nothing in /usr/ports/UPDATING about that.
Basically, I'd consider net/samba36, net/samba4, and net/samba41 all broken. Their default build options result in a system that lacks AD authentication, default build options changed between releases, in the case of net/samba4 it doesn't even seem to build, in the case of net/samba41 its functionality after built doesn't match its documentation (such as not requiring winbindd being set in /etc/rc.conf), and net/samba41 has the ability to bring down a FreeBSD 9.3 system.
Why have I had so much bad luck with this? Does this stuff really work flawlessly for everyone else?
Is there somewhere that I can read about the changes that take place with the default build options between samba3.6.24 and samba3.6.25?
The Samba 3.6 setup has worked for me for around ~2 years. However, I tried to move to Samba 4.1 not too long ago, just to make sure that I was up to date and got all the security fixes.
I found that even though net/samba41 includes ADS, it does NOT include the actual modules for it to work with id mapping!
I submitted a bug here:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197320
I tried to build net/samba41, including several options such as building the "experimental" modules, but also selecting the DEVELOPER option causes it to fail. I submitted another bug:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194046
Once I get net/samba41 built (without "DEVELOPER"), an update then came out that seemed to break how winbindd starts in /etc/rc.conf. Another bug report submitted:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=198064
The next issue is that some Mac users as well as Windows XP and Windows 2003 users were causing Samba 4.1 and eventually FreeBSD 9.3 to hang.
I tried to kill the Samba service, but then I'd run
# ps aux | grep smb and see a bunch of stuck processes.
Code:
myname 2099 0.0 0.0 348732 13352 ?? D 13Apr15 50:35.96 /usr/local/sbin/smbd --daemon --configfile=/usr/local/etc/smb4.confI couldn't kill the process or reboot the server. I'd have to hold power to shut off the server.
The Samba logs had no errors, but /var/log/messages had stuff like this over and over:
Code:
Apr 23 11:07:30 server smbd[8763]: [2015/04/23 11:07:30.315978, 0] ../source3/smbd/reply.c:3119(sendfile_short_send)
Apr 23 11:07:30 server smbd[8763]: sendfile_short_send: filling truncated file home/user/desktop.ini with zeros !I Googled sendfile_short_send and didn't find ANY other users mentioning that message.
So, I decided to pull Samba 4.1 and install net/samba40. During its build it listed dozens of errors. Apparently some dependencies were not fulfilled by portmaster. No, I did not write down the errors. I was getting a little frustrated and just decided to go back to Samba 3.6.
Build options for Samba 3.6 changed as well! It didn't work like it did only a few weeks ago.
While I had no issue installing Samba 3.6.24 in the past, trying to build Samba 3.6.25 gives multiple issues.
First:
Code:
samba36-3.6.25 ADS support requires GSSAPI_BASE, GSSAPI_HEIMDAL, or GSSAPI_MIT.That wasn't an issue in 3.6.24. Going with GSSAPI_BASE seemed to work.
But alas, idmapping wasn't working!
/usr/local/lib/samba/idmap/ad.so was missing, the same file that the Samba 4.1 installation lacked!
You now have to compile Samba 3.6 with the EXP_MODULES option if you want ADS to work. This wasn't the case before.
When did the EXP_MODULES option change? When did the GSSAPI_BASE/kerberos option change?
I saw nothing in /usr/ports/UPDATING about that.
Basically, I'd consider net/samba36, net/samba4, and net/samba41 all broken. Their default build options result in a system that lacks AD authentication, default build options changed between releases, in the case of net/samba4 it doesn't even seem to build, in the case of net/samba41 its functionality after built doesn't match its documentation (such as not requiring winbindd being set in /etc/rc.conf), and net/samba41 has the ability to bring down a FreeBSD 9.3 system.
Why have I had so much bad luck with this? Does this stuff really work flawlessly for everyone else?
Is there somewhere that I can read about the changes that take place with the default build options between samba3.6.24 and samba3.6.25?
