ProHoster > Blog > litaba tsa inthanete > Samba 4.13.0 tokollo

Samba 4.13.0 tokollo

Tsebisoa lokolla Samba 4.13.0, ea ileng a ntšetsa pele tsoelo-pele ea lekala Samba 4 e nang le ts'ebetsong e felletseng ea molaoli oa sebaka le ts'ebeletso ea Active Directory, e tsamaellanang le ts'ebetsong ea Windows 2000 mme e khona ho sebeletsa mefuta eohle ea bareki ba Windows e tšehelitsoeng ke Microsoft, ho kenyeletsoa Windows 10. Samba 4 ke sehlahisoa sa seva se sebetsang ka bongata se fanang ka ts'ebetsong ea seva sa faele, tšebeletso ea khatiso le seva sa boitsebiso (winbind).

Senotlolo fetola ho Samba 4.13:

  • Tšireletso e ekelitsoeng ea ts'ireletso Zerologon (CVE-2020-1472) e lumella mohlaseli ho fumana litokelo tsa tsamaiso ho molaoli oa sebaka ho litsamaiso tse sa sebeliseng "server schannel = e" setting.
  • Tlhokahalo e tlase ea mofuta oa Python e ekelitsoe ho tloha Python 3.5 ho isa Python 3.6. Bokhoni ba ho aha seva sa faele ka Python 2 bo ntse bo le teng (pele o sebetsa ./configure le 'make', o lokela ho beha phetoho ea tikoloho 'PYTHON=python2'), empa lekaleng le latelang e tla tlosoa 'me Python 3.6 e tla tlosoa. ho hlokahala bakeng sa kopano.
  • Ts'ebetso ea "wide links = e", e lumellang batsamaisi ba seva sa faele hore ba thehe likhokahano tsa tšoantšetso sebakeng se kantle ho karolo ea hajoale ea SMB / CIFS, e tlositsoe ho tloha ho smbd ho ea ho "vfs_widelinks" module. Hajoale, mojule ona o kentsoe ka bohona haeba paramente ea "wide links = yes" e le teng litlhophisong. Nakong e tlang, ho reriloe ho tlosa tšehetso bakeng sa "wide links = e" ka lebaka la litaba tsa ts'ireletso, 'me basebelisi ba samba ba khothalletsoa ka matla hore ba fetohe ho tloha "wide links = yes" ho sebelisa "mount --bind" ho kenya likarolo tse ka ntle tsa tsamaiso ea faele.
  • Tšehetso ea "Domeine controller" ea khale e tlositsoe. Basebelisi ba li-domain controller tse kang NT4 ('classic') ba lokela ho fetohela ho sebelisa li-domain tsa Samba Active Directory hore ba tsebe ho sebetsa le bareki ba sejoale-joale ba Windows.
  • Mekhoa ea netefatso e sa sireletsehang e tlositsoeng e ka sebelisoang feela ka protocol ea SMBv1: "domain logon", "raw NTLMv2 auth", "client plaintext auth", "client NTLMv2 auth", "client lanman auth" le "client use spnego".
  • Ts'ehetso ea khetho ea "ldap ssl ads" e tlositsoe ho smb.conf. Khetho ea "sechane sa seva" e lebelletsoe ho tlosoa tokollong e latelang.

Source: opennet.ru

Eketsa ka tlhaloso