Bug 1817557 - Rebase Samba to the the latest 4.12.x release
Summary: Rebase Samba to the the latest 4.12.x release
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: samba
Version: 8.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: 8.0
Assignee: Andreas Schneider
QA Contact: QE contact list for Identity Management :: Authentication and File Services subteam
Marc Muehlfeld
URL:
Whiteboard:
Depends On: 1817560 1817563 1817565 1817567
Blocks: 1825061
TreeView+ depends on / blocked
 
Reported: 2020-03-26 15:03 UTC by Andreas Schneider
Modified: 2020-11-04 21:31 UTC (History)
9 users (show)

Fixed In Version: 4.12.3-0.el8.3
Doc Type: Enhancement
Doc Text:
._samba_ rebased to version 4.12.3 The _samba_ packages have been upgraded to upstream version 4.12.3, which provides a number of bug fixes and enhancements over the previous version: * Built-in cryptography functions have been replaced with GnuTLS functions. This improves the server message block version 3 (SMB3) performance and copy speed significantly. * The minimum runtime support is now Python 3.5. * The `write cache size` parameter has been removed because the previous write cache concept could reduce the performance on memory-constrained systems. * Support for authenticating connections using Kerberos tickets with DES encryption types has been removed. * The `vfs_netatalk` virtual file system (VFS) module has been removed. * The `ldap ssl ads` parameter is marked as deprecated and will be removed in a future Samba version. For information about how to alternatively encrypt LDAP traffic and further details, see the link:https://access.redhat.com/solutions/5325651[samba: removal of "ldap ssl ads" smb.conf option] solution. * By default, Samba on RHEL 8.3 no longer supports the deprecated RC4 cipher suite. If you run Samba as a domain member in an AD that still requires RC4 for Kerberos authentication, use the `update-crypto-policies --set DEFAULT:AD-SUPPORT` command to enable support for the RC4 encryption type. Samba automatically updates its `tdb` database files when the `smbd`, `nmbd`, or `winbind` service starts. Back up the database files before starting Samba. Note that Red Hat does not support downgrading `tdb` database files. For further information about notable changes, read the link:https://www.samba.org/samba/history/samba-4.12.0.html[upstream release notes] before updating.
Clone Of:
Environment:
Last Closed: 2020-11-04 01:59:47 UTC
Type: Bug
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2020:4543 0 None None None 2020-11-04 02:00:06 UTC

Description Andreas Schneider 2020-03-26 15:03:36 UTC
Description of problem:

Rebase Samba to the latest 4.12 release to get improved FIPS support.

Comment 4 Andreas Schneider 2020-06-16 12:16:31 UTC
Marc, this looks fine. However you can remove the ctdb_mutex_fcntl_helper part, as ctdb is not shipped with RHEL8 you need RHGS for ctdb.

Comment 8 errata-xmlrpc 2020-11-04 01:59:47 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (samba bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2020:4543


Note You need to log in before you can comment on or make changes to this bug.