7.187. samba

Updated samba packages that fix several bugs are now available for Red Hat Enterprise Linux 6.
Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and other information.

Bug Fixes

Enumerating groups did not work as expected with ID mapping for Winbind configured. Running the "getent group -s winbind" command displayed no output if Winbind could not retrieve a GID from a group in Active Directory (AD). With this update, "getent group -s winbind" correctly lists the groups in the described situation.
Previously, Samba could be consuming a lot of CPU resources every 60 seconds. The mechanism for how the smbd service processes reread the printcap configuration has been modified, and Samba no longer causes these periodical increases in CPU consumption.
An attempt to use the smbclient utility to access a CIFS share could fail under certain circumstances, and the smbd service logged the attempt as LOGON_FAILURE even when the user provided the correct password. The problem has been fixed, and accessing a CIFS share using smbclient works as expected.
Running the "net ads join -k" command could result in a segmentation fault when the /etc/krb5.keytab file contained an existing keytab entry. This update prevents passing an invalid pointer, which caused the segmentation fault, and "net ads join -k" no longer fails in the described situation.
Description for the "access based share enum" option has been added to the sharesec(1) man page.
BZ#1164269, BZ#1165750
After the Samba packages upgrade, accessing a printer could fail with error messages. The user could not connect to a printer or print files. When more than 900 printers were registered, the rpcclient utility failed with an error message. A patch has been applied to fix these problems, and printers can be used as expected after upgrading Samba.
Creating a snapshot from a Windows 2008 or Windows 7 client on a share using the shadow_copy2 module could fail when the snapshot was restoring a file that did not yet exist in the directory. The "NT_STATUS_OBJECT_NAME_NOT_FOUND" message appeared after the user clicked the restore button. With this update, restoring a snapshot works as expected in the described situation.
When two AD domains, each configured in a separate forest, had a two-way trust established, Winbind retrieved incorrect group information after the user logged in. For example, the "id" utility did not display the correct list of groups the user belonged to. Only the supplementary groups from the user's own domain were listed when the user was a member of groups from both domains. With this update, Samba clears the cache after a successful login to ensure the correct user information is used. Running "id" now lists supplementary groups from both trusted domains in the described situation.
Samba did not start when the file system was in read-only mode. With this update, the Samba init scripts no longer require write permissions for certain system files. Samba now runs as expected on read-only systems.
When the "winbind use default domain = yes" setting was used in combination with the "force user = AD_user_name" setting in the /etc/samba/smb.conf file, the AD domain user specified in the "force user" attribute could not access the share. With this update, setting "winbind use default domain = yes" no longer prevents the AD domain user from accessing the share in the described situation.
Users of samba are advised to upgrade to these updated packages, which fix these bugs. After installing this update, the smb service will be restarted automatically.