Samba should be more selective when importing accounts
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
samba (Ubuntu) |
Confirmed
|
Wishlist
|
Unassigned |
Bug Description
Binary package hint: samba
The Samba postinst maintainer script systematically import all account with uid >= 1000. This is so that user account and such have corresponding Samba account. In most case, this is a good thing and make. However, where the machine has been configured with a network directory as the source of user account (ie, using nss_ldap), this may not be desirable. Especially if the network directory host a large number of user accounts, this could be very wasteful.
The behavior of the account import is preseedable with the samba/generate_
Perhaps it would be better if we where only importing local users (those listed in /etc/passwd)? We could do that by specifying the compat service to getent ("-s compat") in the samba.postinst maintainer script, such as:
if [ "${GENERATE_
getent -s compat passwd | mksmbpasswd > /etc/samba/
pdbedit -i smbpasswd -e tdbsam -d 0
rm /etc/samba/
fi
I guess the implication owuld need to be considered, and the first thing is to decide whether there is a good reason to import the non-local account in Samba.
Good point ill take this under consideration.
chuck