- Issued:
- 2007-11-15
- Updated:
- 2007-11-15
RHEA-2007:0698 - Product Enhancement Advisory
Synopsis
samba bug fix and enhancement update
Type/Severity
Product Enhancement Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated samba packages that fix various bugs and add enhancements are now
available.
Description
Samba is a suite of programs used by machines to share files, printers, and
other information.
These updated packages fix the following bugs:
- the smbcacls "-M OWNER" and "-M GROUP" options did not change the owner
or the group.
- when using a samba recycle folder with "recycle:touch = yes" enabled,
touch failed when a user removed a file that was not created by that user.
- samba incorrectly changed the date and time on a file when it was opened
by Microsoft Excel.
- when "security = ads" was enabled, a memory leak caused the winbindd
process to consume memory until out-of-memory errors killed the windbind
process. Other processes may have been killed.
- samba did not recognize netgroups provided by LDAP servers.
- a segmentation fault occurred when running "net ads join [domain]" after
obtaining a Kerberos ticket for the domain administrator.
- when Samba is a Domain Master Browser, Microsoft Windows clients browsing
the network shares caused the nmbd daemon to hang.
- the smbclient and smbtree commands did not display share names that were
more than 12 characters long.
- smbd and nmbd now use a default port number when an invalid port is
specified.
- directory change notifications only worked for 1 minute when a samba
share was opened by Microsoft Windows Explorer. Red Hat Enterprise Linux 4
users need to install the "gamin" package, and set "vfs object =
notify_fam" in smb.conf to activate notifications.
- the netsamlogon_cache.tdb file failed to update after modifying user and
group membership in Microsoft Active Directory (AD), causing windbind and
nss to report inaccurate information.
- in certain situations the wrong free size value was returned for Samba
shares that were larger than 2 TB.
- mkfifo failed to create named pipes on CIFS file systems.
- some setfattr operations failed. This could be seen using the Linux
Test Project test suite. These are expected to fail due to the CIFS
security model.
- the smb init script returned incorrect values, causing the wrong status
to be returned by the status command.
- the vfs_full_audit module logged incorrect operations.
This update also adds the following enhancements:
- umount.cifs, allowing users to unmount CIFS file systems.
- smbclient support for the Microsoft Distributed File System.
- "host msdfs = yes" is now the default in smb.conf.
- support for Microsoft Print Migrator.
- CIFS UNIX extentions for use with the kernel CIFS module.
- new "Unix Users" and "Unix groups" domains for unmapped users and
domains.
WARNING: Note the following major changes, which may break certain
installations:
- a fully qualified user/group name is required for many options, otherwise
access may be denied.
- removed support for chaining multiple passdb backends.
- privilege delegation.
- better Schannel, SPNEGO and NTLMv2 support.
- Kerberos support for pam_winbindd.
- Winbindd offline mode authentication and AD Site discovery support.
- rewritten IDMAP subsystem to support multiple backends, added support
for AD with the SFU or the RFC2307 schema.
New Options:
idmap domains
idmap alloc backend
idmap cache time
idmap negative cache time
ldap password sync
winbind normalize names
winbindd nss info
winbind offline logon
winbind refresh tickets
Deprecated options:
acl group control
printer admin
write cache
Removed options:
change notify timeout
lock spin count
enable rid algorithm
hosts equiv
winbind max idle children
wins partners
ldap filter
min password length
winbind enable local account
Changed options (different defaults or new values):
dos filemode: no
host msdfs: yes
strict locking: auto
winbind enum users: no
winbind enum groups: no
winbind nested groups: yes
All samba users should upgrade to these updated packages, which resolve
these issues and add these enhancements.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This Release fixes numerous bugs, adds new features and improves
compatibility with other CIFS clients and servers especially with the
Microsoft Windows family of operating system up to Windows Vista.
To achieve this result some changes in behavior were required. Therefore
some configurations may need minor adjustments to function properly after
an upgrade.
We advice forward testing for critical production servers before applying
this upgrade.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
Affected Products
- Red Hat Enterprise Linux Server 4 x86_64
- Red Hat Enterprise Linux Server 4 ia64
- Red Hat Enterprise Linux Server 4 i386
- Red Hat Enterprise Linux Workstation 4 x86_64
- Red Hat Enterprise Linux Workstation 4 ia64
- Red Hat Enterprise Linux Workstation 4 i386
- Red Hat Enterprise Linux Desktop 4 x86_64
- Red Hat Enterprise Linux Desktop 4 i386
- Red Hat Enterprise Linux for IBM z Systems 4 s390x
- Red Hat Enterprise Linux for IBM z Systems 4 s390
- Red Hat Enterprise Linux for Power, big endian 4 ppc
Fixes
- BZ - 162130 - winbindd, memory leak
- BZ - 171897 - Bogus warning saving excel spreadsheet
- BZ - 172372 - net ads join dumped core
- BZ - 172713 - nmbd either crashes and dies or stops responding
- BZ - 187213 - smbcacls doesn't change ownership/group
- BZ - 191273 - Failure to mount samba shares under certain conditions
- BZ - 194210 - smbclient / smbtree returns <12 characters shares.
- BZ - 205353 - smbd allows ports higher than 65536.
- BZ - 206260 - Samba fails to recognise valid users = @netgroup under LDAP and no YP
- BZ - 218955 - Drirectory change notification work only for 1 min
- BZ - 221907 - Vista login problems
- BZ - 227325 - netsamlogon_cache.tdb group information becomes stale
- BZ - 228236 - RHEL4 samba needs -excel patch already in RHEL3
- BZ - 228989 - Samba shares with >= 2Tb filesystems can be return wrong free size.
- BZ - 229761 - mkdir -p foo/bar fails on CIFS clients / Samba server
- BZ - 240321 - Update to 3.0.25 or later.
- BZ - 241575 - fatal errors from mount.smbfs leading to an stale mount point
- BZ - 241870 - Module vfs_full_audit logs unwanted operation types
- BZ - 242753 - Missing character bug in latest security patches
- BZ - 244821 - Wrong init script
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 4
SRPM | |
---|---|
samba-3.0.25b-0.4E.6.src.rpm | SHA-256: 0054b1845d529a17b46ee5600e0d2cd30396ab427502057968a936aea46ef81e |
x86_64 | |
samba-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: 38831bd88e9cfb5080740aca4ca96c7897d3b71a51c275db1378cc0d14b0c3cd |
samba-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: 38831bd88e9cfb5080740aca4ca96c7897d3b71a51c275db1378cc0d14b0c3cd |
samba-client-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: a2adde1bbae3f8f5ae12a0980ef2b700a2c35489a51d4f31abc674de28392c67 |
samba-client-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: a2adde1bbae3f8f5ae12a0980ef2b700a2c35489a51d4f31abc674de28392c67 |
samba-common-3.0.25b-0.4E.6.i386.rpm | SHA-256: 517a0c1dbf3169e3f2c081d3af0e58e0253debb8fe3dcb632541c5715d07961a |
samba-common-3.0.25b-0.4E.6.i386.rpm | SHA-256: 517a0c1dbf3169e3f2c081d3af0e58e0253debb8fe3dcb632541c5715d07961a |
samba-common-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: caffd0fa75c4681dad649f6338ca865bd341079188298b86bed1427b8e31817c |
samba-common-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: caffd0fa75c4681dad649f6338ca865bd341079188298b86bed1427b8e31817c |
samba-swat-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: b24e133a05e079d5689aed74be37ad235b766933d8ca645db68c0b2b41a25bc3 |
samba-swat-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: b24e133a05e079d5689aed74be37ad235b766933d8ca645db68c0b2b41a25bc3 |
ia64 | |
samba-3.0.25b-0.4E.6.ia64.rpm | SHA-256: 544d9abc8d310ea6783a994c06418ccdaab0a4c583a568a233b21817698f467a |
samba-3.0.25b-0.4E.6.ia64.rpm | SHA-256: 544d9abc8d310ea6783a994c06418ccdaab0a4c583a568a233b21817698f467a |
samba-client-3.0.25b-0.4E.6.ia64.rpm | SHA-256: a86c5f2c29c2654741affa59705599383eea8def22c5b5e844ea6f2c26840a44 |
samba-client-3.0.25b-0.4E.6.ia64.rpm | SHA-256: a86c5f2c29c2654741affa59705599383eea8def22c5b5e844ea6f2c26840a44 |
samba-common-3.0.25b-0.4E.6.i386.rpm | SHA-256: 517a0c1dbf3169e3f2c081d3af0e58e0253debb8fe3dcb632541c5715d07961a |
samba-common-3.0.25b-0.4E.6.i386.rpm | SHA-256: 517a0c1dbf3169e3f2c081d3af0e58e0253debb8fe3dcb632541c5715d07961a |
samba-common-3.0.25b-0.4E.6.ia64.rpm | SHA-256: 17bf2741464cf2c6d49975b1778c99b1ddf1ab2acccd720b8127ed421e9f39c9 |
samba-common-3.0.25b-0.4E.6.ia64.rpm | SHA-256: 17bf2741464cf2c6d49975b1778c99b1ddf1ab2acccd720b8127ed421e9f39c9 |
samba-swat-3.0.25b-0.4E.6.ia64.rpm | SHA-256: 7d792a0b411c301f7b18f4de064c4d6e2cdfca9027ae968681bb1bb5e630ddfc |
samba-swat-3.0.25b-0.4E.6.ia64.rpm | SHA-256: 7d792a0b411c301f7b18f4de064c4d6e2cdfca9027ae968681bb1bb5e630ddfc |
i386 | |
samba-3.0.25b-0.4E.6.i386.rpm | SHA-256: 84e68e1cfdc876f403a3b91a933e4b5eb1acd64697e44955033cc45e94f0e13d |
samba-3.0.25b-0.4E.6.i386.rpm | SHA-256: 84e68e1cfdc876f403a3b91a933e4b5eb1acd64697e44955033cc45e94f0e13d |
samba-client-3.0.25b-0.4E.6.i386.rpm | SHA-256: 59d890485ea41a6ef6a7def765c9b31e84b1dc98e85f02ac6d12bb4c3e88cc92 |
samba-client-3.0.25b-0.4E.6.i386.rpm | SHA-256: 59d890485ea41a6ef6a7def765c9b31e84b1dc98e85f02ac6d12bb4c3e88cc92 |
samba-common-3.0.25b-0.4E.6.i386.rpm | SHA-256: 517a0c1dbf3169e3f2c081d3af0e58e0253debb8fe3dcb632541c5715d07961a |
samba-common-3.0.25b-0.4E.6.i386.rpm | SHA-256: 517a0c1dbf3169e3f2c081d3af0e58e0253debb8fe3dcb632541c5715d07961a |
samba-swat-3.0.25b-0.4E.6.i386.rpm | SHA-256: 72d7cc2532ec54f469de4d35c61b077f107f8f19a99f61137d89bfec6126ee4d |
samba-swat-3.0.25b-0.4E.6.i386.rpm | SHA-256: 72d7cc2532ec54f469de4d35c61b077f107f8f19a99f61137d89bfec6126ee4d |
Red Hat Enterprise Linux Workstation 4
SRPM | |
---|---|
samba-3.0.25b-0.4E.6.src.rpm | SHA-256: 0054b1845d529a17b46ee5600e0d2cd30396ab427502057968a936aea46ef81e |
x86_64 | |
samba-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: 38831bd88e9cfb5080740aca4ca96c7897d3b71a51c275db1378cc0d14b0c3cd |
samba-client-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: a2adde1bbae3f8f5ae12a0980ef2b700a2c35489a51d4f31abc674de28392c67 |
samba-common-3.0.25b-0.4E.6.i386.rpm | SHA-256: 517a0c1dbf3169e3f2c081d3af0e58e0253debb8fe3dcb632541c5715d07961a |
samba-common-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: caffd0fa75c4681dad649f6338ca865bd341079188298b86bed1427b8e31817c |
samba-swat-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: b24e133a05e079d5689aed74be37ad235b766933d8ca645db68c0b2b41a25bc3 |
ia64 | |
samba-3.0.25b-0.4E.6.ia64.rpm | SHA-256: 544d9abc8d310ea6783a994c06418ccdaab0a4c583a568a233b21817698f467a |
samba-client-3.0.25b-0.4E.6.ia64.rpm | SHA-256: a86c5f2c29c2654741affa59705599383eea8def22c5b5e844ea6f2c26840a44 |
samba-common-3.0.25b-0.4E.6.i386.rpm | SHA-256: 517a0c1dbf3169e3f2c081d3af0e58e0253debb8fe3dcb632541c5715d07961a |
samba-common-3.0.25b-0.4E.6.ia64.rpm | SHA-256: 17bf2741464cf2c6d49975b1778c99b1ddf1ab2acccd720b8127ed421e9f39c9 |
samba-swat-3.0.25b-0.4E.6.ia64.rpm | SHA-256: 7d792a0b411c301f7b18f4de064c4d6e2cdfca9027ae968681bb1bb5e630ddfc |
i386 | |
samba-3.0.25b-0.4E.6.i386.rpm | SHA-256: 84e68e1cfdc876f403a3b91a933e4b5eb1acd64697e44955033cc45e94f0e13d |
samba-client-3.0.25b-0.4E.6.i386.rpm | SHA-256: 59d890485ea41a6ef6a7def765c9b31e84b1dc98e85f02ac6d12bb4c3e88cc92 |
samba-common-3.0.25b-0.4E.6.i386.rpm | SHA-256: 517a0c1dbf3169e3f2c081d3af0e58e0253debb8fe3dcb632541c5715d07961a |
samba-swat-3.0.25b-0.4E.6.i386.rpm | SHA-256: 72d7cc2532ec54f469de4d35c61b077f107f8f19a99f61137d89bfec6126ee4d |
Red Hat Enterprise Linux Desktop 4
SRPM | |
---|---|
samba-3.0.25b-0.4E.6.src.rpm | SHA-256: 0054b1845d529a17b46ee5600e0d2cd30396ab427502057968a936aea46ef81e |
x86_64 | |
samba-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: 38831bd88e9cfb5080740aca4ca96c7897d3b71a51c275db1378cc0d14b0c3cd |
samba-client-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: a2adde1bbae3f8f5ae12a0980ef2b700a2c35489a51d4f31abc674de28392c67 |
samba-common-3.0.25b-0.4E.6.i386.rpm | SHA-256: 517a0c1dbf3169e3f2c081d3af0e58e0253debb8fe3dcb632541c5715d07961a |
samba-common-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: caffd0fa75c4681dad649f6338ca865bd341079188298b86bed1427b8e31817c |
samba-swat-3.0.25b-0.4E.6.x86_64.rpm | SHA-256: b24e133a05e079d5689aed74be37ad235b766933d8ca645db68c0b2b41a25bc3 |
i386 | |
samba-3.0.25b-0.4E.6.i386.rpm | SHA-256: 84e68e1cfdc876f403a3b91a933e4b5eb1acd64697e44955033cc45e94f0e13d |
samba-client-3.0.25b-0.4E.6.i386.rpm | SHA-256: 59d890485ea41a6ef6a7def765c9b31e84b1dc98e85f02ac6d12bb4c3e88cc92 |
samba-common-3.0.25b-0.4E.6.i386.rpm | SHA-256: 517a0c1dbf3169e3f2c081d3af0e58e0253debb8fe3dcb632541c5715d07961a |
samba-swat-3.0.25b-0.4E.6.i386.rpm | SHA-256: 72d7cc2532ec54f469de4d35c61b077f107f8f19a99f61137d89bfec6126ee4d |
Red Hat Enterprise Linux for IBM z Systems 4
SRPM | |
---|---|
samba-3.0.25b-0.4E.6.src.rpm | SHA-256: 0054b1845d529a17b46ee5600e0d2cd30396ab427502057968a936aea46ef81e |
s390x | |
samba-3.0.25b-0.4E.6.s390x.rpm | SHA-256: dac914c7573c4c967847e8b447b223c993b20b60e0b3b578e45b01692aa391ab |
samba-client-3.0.25b-0.4E.6.s390x.rpm | SHA-256: 219e2a467b1927a7752c6dcab0bb6efbfbe5bdbfb2dcac7e8da114c07d6bfb39 |
samba-common-3.0.25b-0.4E.6.s390.rpm | SHA-256: 5e90cee46aca44105268ca9e967d315bbe46653680be09fc873d3dd770bf2a2d |
samba-common-3.0.25b-0.4E.6.s390x.rpm | SHA-256: faa2959ef9f14aa28831ede8ffab38a5b1194774485995507c1f3510370351c5 |
samba-swat-3.0.25b-0.4E.6.s390x.rpm | SHA-256: fda1784ae23cf6d155cc32db09f2d9aaa6cf270e239ff2ef132ce43af5ec9e1f |
s390 | |
samba-3.0.25b-0.4E.6.s390.rpm | SHA-256: 77f0b5fcbd17ebd605990163a00d7de2717f7dc6141635f13d4b67b9723bfd9a |
samba-client-3.0.25b-0.4E.6.s390.rpm | SHA-256: f8e556fc65e4c552f5304dd8bfaa17d89025e5dab4d0aaebac455e8947b1185c |
samba-common-3.0.25b-0.4E.6.s390.rpm | SHA-256: 5e90cee46aca44105268ca9e967d315bbe46653680be09fc873d3dd770bf2a2d |
samba-swat-3.0.25b-0.4E.6.s390.rpm | SHA-256: ae21ffc3729b1a2f5e1b94127656b1521654787a74336abc257d444fb180ce5f |
Red Hat Enterprise Linux for Power, big endian 4
SRPM | |
---|---|
samba-3.0.25b-0.4E.6.src.rpm | SHA-256: 0054b1845d529a17b46ee5600e0d2cd30396ab427502057968a936aea46ef81e |
ppc | |
samba-3.0.25b-0.4E.6.ppc.rpm | SHA-256: cb4373437622d4b842b190425d8be0b4b6392ee58a93e1bf89b43c68035b58b2 |
samba-client-3.0.25b-0.4E.6.ppc.rpm | SHA-256: 2222430cee354d3837bce3f21784e060425b1e170ec2541cb3570003c107a2f7 |
samba-common-3.0.25b-0.4E.6.ppc.rpm | SHA-256: ce54f9ac85f7a34806a523c6e7df1b450fba3b00181658db0af4afb49c129a36 |
samba-common-3.0.25b-0.4E.6.ppc64.rpm | SHA-256: 384499983492cdfbcbe194da5f0f4d956df115c8cc016e2d4d292b868f6be494 |
samba-swat-3.0.25b-0.4E.6.ppc.rpm | SHA-256: 9cb7bd501fd6a185963d08d487f2d0ca9e018ea1e02e5ab9cdde8af93f95c310 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.