Samba (software)
| samba
|
|
|---|---|
|
|
| Basic data
|
|
| developer | Samba team |
| Publishing year | 1992 |
| Current version |
4.12.5 ( July 2, 2020 ) |
| operating system | cross-platform |
| programming language | C ++ , Python , C |
| category | SMB server and client |
| License | GPL |
| German speaking | No |
| samba.org | |
Samba is a free program package that enables Windows functions such as file and print services to be used under other operating systems and to assume the role of a domain controller . Among other things, it implements the SMB / CIFS protocol for this purpose .
Since the software is freely available under the GPL , it is used as an alternative to Microsoft Windows server operating systems.
development
Samba was first published in 1992 by the Australian Andrew Tridgell to enable data exchange between SunOS and DOS even without NFS . Samba was later ported to Linux , which gave the operating system an enormous spread in the file server segment and contributed to its continued success. The software now developed by a community of volunteer programmers has been steadily expanded to include contributions from other companies to the server message block protocol. The extensions to the SMB protocol came from, among others, Microsoft , SCO , Thursby , IBM , Apple and the Samba team itself, whereby Microsoft made most of the contributions and was the only company to keep some extensions secret. However, since a smooth data exchange was not always possible without these secret extensions, part of the SMB protocol had to be developed by evaluating the network traffic ( protocol / network analysis ).
After differences in the architecture of Samba , the Samba-TNG project split off from the main project in 2000 with the aim of developing a Primary Domain Controller (PDC) for Windows NT domains, a functionality that was not yet stable in the main branch at that time . The development of Samba-TNG stopped in 2009.
The core of the Samba developer community consists of around 20 people. Some companies, such as IBM , provide financial and personnel support or are even employers of some Samba developers.
In the Samba 3 version series, it was possible to operate Samba as a member server in an Active Directory domain, but not as its domain controller . Samba 3 could only emulate domain controllers of the outdated Windows NT 4.0 type, which is sufficient for many networks of manageable size. A second Samba server can also take on the role of a backup domain controller (BDC). From version 3.5 Samba also supports the proprietary new version of the SMB protocol called SMB2 , which Microsoft introduced with its Windows Vista operating system .
The biggest innovation of the current version 4 is the support of the Active Directory domain controller role. In addition, the management tool SWAT has been improved to such an extent that it can also be used to manage an Active Directory domain via the web. Samba 4 contains a new development of the domain controller functionality, but the integrated file server role is based on the tried and tested version 3 and now also supports SMB3. Samba 4 was released for productive use in December 2012.
Components and graphical user interfaces
Samba consists of a number of individual modules that serve the basic function as well as the configuration.
The core modules are the daemons samba (Active Directory emulation from version 4), smbd ( file and printer sharing ), nmbd (NetBIOS name resolution) and winbindd ( user / group assignment).
There are a number of GUIs for configuring Samba , for example:
- Samba’s own browser-based module SWAT (Samba Web Administration Tool)
- A module for the browser-based configuration tool Webmin
- The GSAMBAD tool as part of the GAdmintools collection
- The browser-based LDAP Account Manager for managing user accounts
- Options for sharing folders in the user interfaces of the KDE and Gnome project
- Administration interfaces for further products such as B. Univention Corporate Server , IServ and Zentyal
distribution
Almost all Linux distributions contain Samba and thus offer access to file shares in mixed networks. B. Windows is also used. Even in homogeneous Unix networks, Samba, and thus the SMB protocol, is often used instead of the NFS protocol.
In addition, Samba is often part of additional hardware (e.g. NAS ) and software products that facilitate the installation, configuration and administration of the software and whose manufacturers also often offer commercial support .
Access to the protocol documentation
In the early 1990s, Microsoft and the Samba team had a productive relationship exchanging interface data. However, this changed with Microsoft's new interface policy from Windows 95 onwards. On December 20, 2007, however, an agreement was concluded between Microsoft and the "Protocol Freedom Information Foundation" (PFIF) by order of the European Union , which Microsoft obliges all to do To provide information about "Microsoft Work Group Server" in order to be able to communicate with it fully. The agreement stipulates that this information is only accessible to the PFIF and the Samba developers. For this, the agreement also allows the source code of implementations of these interfaces to be published, so that the interfaces are disclosed indirectly. However, patents are not affected by the agreement.
“We are very pleased to be able to get access to the technical information necessary to continue to develop Samba as a free software project. Although we were disappointed the decision did not address the issue of patent claims over the protocols, it was a great achievement for the European Commission and for enforcement of antitrust laws in Europe. The agreement allows us to keep Samba up to date with recent changes in Microsoft Windows, and also helps other Free Software projects that need to interoperate with Windows. "
“We are delighted to have access to the technical information needed to further develop Samba as a free software project. Although we were disappointed that the decision did not address the protocol claims, it represents an outstanding achievement for the European Commission and for the enforcement of antitrust law in Europe. The agreement allows us to keep Samba up to date with the latest changes in Microsoft Windows and also helps other free software projects that need to interact with Windows. "
The fact that Microsoft employees took an active part in Samba development for the first time in 2011 can also be seen as an expression of the relaxed relationship between Microsoft and the Samba project.
safety
The following are some key Samba security issues:
- In 2010 it was announced that some versions up to Samba 3.6.3 allow access to the root account via anonymous guest access using Remote Procedure Calls (RPC) .
- In May 2017 it was announced that based on security problems with the Microsoft software, which can be used in the form of WannaCry , there are also similar problems with Samba. With this error, which is referred to as SambaCry , it is possible to execute injected malicious code on the Samba system concerned. The error affects all Samba versions from version 3.5.0 up to version 4.6.4, which was current in May 2017. This error is particularly critical in NAS systems , which are usually based on Samba. The problem is exacerbated when the Samba system is externally accessible to everyone and not all manufacturers offer appropriate updates for troubleshooting their proprietary NAS systems or these updates are not installed by the owner in ignorance of the problem.
literature
- Stefan Kania: Samba 4: The practical book for administrators. 2nd edition, Rheinwerk Computing, 2016, ISBN 978-3-83624246-2
- Winfried Trümper: Intranetworking with Linux, m. CD-ROM. 2nd edition, Addison-Wesley, 1999, ISBN 978-3-8273-1584-7
Web links
- Samba PDC with OpenLDAP ( Memento from January 30, 2012 in the Internet Archive )
- Samba eXPerience, annual developer conference (English)
- Link catalog on Samba at curlie.org (formerly DMOZ )
Individual evidence
- ↑ The Samba Team (English) - official developer site, accessed June 5, 2012
- ↑ www.samba.org .
- ↑ github.com . 2nd July 2020.
- ↑ a b openhub.net .
- ↑ Andrew Tridgell: Myths About Samba on Groklaw, February 26, 2005
- ^ Samba as part of Commercial Products. Samba website, accessed April 1, 2014 .
- ↑ Samba Commercial Support Providers. Samba website, accessed April 1, 2014 .
- ↑ "We are hoping to get back to the productive relationship we had with Microsoft during the early 1990's when we shared information about these protocols." ( Jeremy Allison, co-creator of Samba )
- ↑ Samba and the PFIF - press release from the Samba team , December 20, 2007, accessed December 25, 2010
- ↑ Samba Notes Passing a Milestone. Samba website, November 2, 2011, accessed December 4, 2011 .
- ↑ CVE-2012-1182 - A security announcement regarding a major issue with Samba 3.6.3 and lower.
- ↑ SambaCry is coming
- ↑ CVE-2017-7494 - Remote code execution from a writable share. Retrieved July 23, 2017 .
- ↑ SambaCry: First attacks on Linux NAS boxes spotted