[Bug 721514] Re: Samba should be more selective when importing accounts

Uwe Menges 721514 at bugs.launchpad.net
Wed Feb 22 11:19:14 UTC 2012 

I just hit the same situation. The solution described (with "getent -s
compat passwd") wouldn't work there because they actually have "passwd:
compat" in /etc/nsswitch.conf and a "+::::::" line in /etc/passwd. The
smbpasswd was already 2MiB large as I killed the import process.

Can you please un-automate / unbundle the "import accounts" task from
the "software installation" task? I just want to install samba, please.
Nothing more.

If I want to import remote users locally, I can do after installation.
If I want to connect samba to Active Directory, I *must* do it after
installation.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/721514

Title:
  Samba should be more selective when importing accounts

Status in “samba” package in Ubuntu:
  Confirmed

Bug description:
  Binary package hint: samba

  The Samba postinst maintainer script systematically import all account
  with uid >= 1000.  This is so that user account and such have
  corresponding Samba account.  In most case, this is a good thing and
  make.  However, where the machine has been configured with a network
  directory as the source of user account (ie, using nss_ldap), this may
  not be desirable.  Especially if the network directory host a large
  number of user accounts, this could be very wasteful.

  The behavior of the account import is preseedable with the
  samba/generate_smbpasswd debconf template.  This is good, but it's an
  either/or proposition.

  Perhaps it would be better if we where only importing local users
  (those listed in /etc/passwd)?  We could do that by specifying the
  compat service to getent ("-s compat") in the samba.postinst
  maintainer script, such as:

  if [ "${GENERATE_SMBPASSWD}" = "true" -a ! -e /var/lib/samba/passdb.tdb -a ! -e /etc/samba/smbpasswd ]; then
          getent -s compat passwd | mksmbpasswd > /etc/samba/smbpasswd
          pdbedit -i smbpasswd -e tdbsam -d 0
          rm /etc/samba/smbpasswd
  fi

  
  I guess the implication owuld need to be considered, and the first thing is to decide whether there is a good reason to import the non-local account in Samba.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/721514/+subscriptions

More information about the foundations-bugs mailing list