A Roadmap to Samba Development
Samba 2.2.0 is coming soon! Samba expert Jerry Carter walks you through the functionality and features of this new release.
With the beta release cycle of Samba 2.2.0 beginning soon, I thought it would be helpful to mention some of the functionality that it offers, as well as to look forward to future Samba developments. Samba 2.2.0 offers several things in the way of new features. Some of these are external and will be seen by end users, while others are internal to Samba's code base and will benefit performance and stability.
Initially Windows NT/2000 end users of Samba will notice two new features conspicuously absent until now. First, Samba will offer native support for Windows NT printing mechanisms by implementing the MS-RPC functions used between Windows NT hosts. This means that Samba will be capable of providing automatic printer driver downloads for Windows 95/98/NT/2000 clients. Support for Windows Me is not listed because it was not in final release when the new printing support was implemented; however, because it is a revision of current technology in previous Windows 9x releases, it should not be difficult to add the necessary supporting features, if any at all.
A second highly anticipated feature will be the support for access control lists on file shares. This functionality will require two pieces. The first is underlying file system support for ACLs, and the second is back-end support for the server's ACL implementation in Samba. A conceptual illustration of Samba's ACL subsystem is shown in Figure 1.
){kind=link}
Implementing POSIX ACLs in Samba
Rather than attempting its own ACL implementation, Samba will convert NT ACL specifications sent via MS-RPC into a POSIX ACL blob (binary lump of bits). For each server ACL implementation, Samba must have an associated back end that provides means of converting the ACL blob into a server specific ACL. Initially, you can probably expect support for some of the more widely used server platforms such as Solaris and SGI's IRIX. How quickly a given server OS and filesystem will be supported depends upon how closely the server's ACL API confirms to the POSIX specifications. Once your server platform is supported, your users will be able to manipulate the server-side ACLs using the security tab of the Windows NT Explorer. This is somewhat supported currently, but only for the standard Unix permissions bits (read-write-execute for owner-group-world).
While these first two features may make your users take notice, as a systems administrator, you will be glad to know that the Samba team is also actively pursuing development paths that will enhance Samba's scalability and performance. One of the changes introduced in the upcoming 2.2.0 release is the rewrite of Samba's internal file locking semantics. Each smbd process must multiplex file locks to maintain POSIX locking compatibility. Remember that most operating systems have no concept of SMB opportunistic locking. While the operating system may view each smbd process as a single entity, Samba must be capable of handling multiple client connections per smbd, and multiple smbd process must correlate the file locks between each other. This is no trivial task, and Samba's new file-locking implementation improves upon Samba's existing stability.
Longtime Samba administrators will no doubt be familiar with the various flat files used by Samba to store information such as file locks, browse lists, and service connections. For the 2.2.0 release, developers have replaced many of these with simultaneous write safe databases. This means better performance for administrators over the previous flat files (which required sequential lookups) as well as more flexibility for developers.
Looking past the 2.2.0 release, Samba admins often ask about future developments on the horizon. The following are some of the features planned for Samba's 3.0 release, with an optimistic release date of Q1 2001:
- Full Windows NT 4.0 primary domain controller support
- UNICODE support for internationalization
- Winbind
- A new internal smbd/nmbd messaging system for communication between server daemons
As always, if you are interested in more information about Samba, the best place to start is the main Samba Web site, which can be found at http://www.samba.org/. Information on the various Samba mailing lists can be found at http://lists.samba.org/.
About the Author
Gerald Carter has been a member of the SAMBA Team since 1998, and he is employed by VA Linux Systems. He is currently working with O'Reilly Publishing on a guide to LDAP for system administrators. He holds a master's degree in computer science from Auburn University, where he was also previously employed as a network and systems administrator. Gerald has published articles with various Web based magazines, such as Linuxworld, and has authored instructional course for companies such as Linuxcare. In addition, he acted as the lead author of Teach Yourself Samba in 24 Hours (Sams Publishing, 2000), and he actively gives tutorials at systems administration conferences.
During his spare time, Gerald enjoys running, hiking, playing music, and bible study. He resides with his beautiful wife of seven years in Dadeville, Alabama.