--- /usr/share/samba/smb.conf.gutsy 2008-03-09 05:30:00.000000000 -0700 +++ smb.conf.ucf-old 2008-03-11 11:51:57.000000000 -0700 @@ -112,7 +112,7 @@ # parameters must be set (thanks to Ian Kahan < for # sending the correct chat script for the passwd program in Debian Sarge). passwd program = /usr/bin/passwd %u - passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *passwd:*password\supdated\ssuccessfully* . + passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* . # This boolean controls whether PAM will be used for password changes # when requested by an SMB client instead of the program listed in @@ -204,15 +204,6 @@ ; idmap uid = 10000-20000 ; idmap gid = 10000-20000 ; template shell = /bin/bash -; -; The following was the default behaviour in sarge -; but samba upstream reverted the default because it might induce -; performance issues in large organizations -; See #368251 for some of the consequences of *not* having -; this setting and smb.conf(5) for all details -; -; winbind enum groups = yes -; winbind enum users = yes #======================= Share Definitions ======================= @@ -226,16 +217,15 @@ # By default, \\server\username shares can be connected to by anyone # with access to the samba server. Un-comment the following parameter # to make sure that only "username" can connect to \\server\username -# This might need tweaking when using external authentication schemes ; valid users = %S # By default, the home directories are exported read-only. Change next # parameter to 'yes' if you want to be able to write to them. ; writable = no -# File creation mask is set to 0700 for security reasons. If you want to -# create files with group=rw permissions, set next parameter to 0775. -; create mask = 0700 +# File creation mask is set to 0600 for security reasons. If you want to +# create files with group=rw permissions, set next parameter to 0664. +; create mask = 0600 # Directory creation mask is set to 0700 for security reasons. If you want to # create dirs. with group=rw permissions, set next parameter to 0775.