From: Tom Syroid (tom@SYROIDMANOR.COM)
Date: Wed Aug 21 2002 - 16:19:22 EDT
Drew,
I'm CC'ing this to the AIX list, as I think the questions you ask are
pertinent, and perhaps tumbling around in the mind of others.
--On Wednesday, August 21, 2002 15:18 -0400 Drew <apt@dcs-success.com>
wrote:
> Hi Tom,
> Today you recommended to Jon that he compile the latest version of SAMBA
> himself on his machine. I have been following the thread closely because I
> am having the identical problem although I am almost certain it is not a
> permission issue, but some other issue associated with how filenames are
> being called for from the WIN95/98 side of the connection, not the win2k
> side. Our Windows 2000 machines are connecting to the SAMBA server just
> fine. As you stated, most updates to the newest release of SAMBA are in
> regards to Windows2000/XP.
Most of the major code updates to the Samba source of late have been
directed at domain controller functionality and improvements to Win2K/Xp
printing. There have also been scores of minor changes made to improve a
vast range of connectivity issues; generic connectivity, which directly
affects the problems that arise for you, the admin. In short, no matter
who's asking, I usually recommend updating Samba to the latest stable
release unless one has a good reason for holding out at a lower revision
level. Samba are one of the few open source projects I'm familiar with that
somehow manage to add features and improvements to the code base while
still providing full backward compatibility for older Windoz versions.
>
> My question to you (if I may), is: If you compile and install the software
> yourself, what do you do when it is time to upgrade the software? Do you
> just delete all the files (of the older version) you think that were
> installed during the install one at a time before you install the newer
> version? I am asking you this because I consider you an authority on the
> complie subject having read much of your home page at The Manor.
You have two options: one, install your new version to different directory
using the './configure --PREFIX-/where/you/want/the/executables; two, rely
on the program's developers to handle upgrades "gracefully". Regarding the
first option, ALWAYS do a './configure --help' before compiling a new
program, and carefully read the option list. Regarding the second, many
developers script into their configuration routines provision for "backing
out" of an install/update. This includes renaming the existing executables
with a .old extension, and providing a 'make uninstall' routine that
essentially reverses the effects of a 'make install'. Frankly, I don't
recall if Samba provides for a 'make uninstall' process. On the other hand,
in five years of deploying/configuring/updating Samba, I've yet to have to
revert to a lower revision for any reason (betas/alphas aside, of course;
however, having said that, I've had an early alpha of Samba 3.0 running on
my RS/6K for six months now, and it has YET to hiccup even ONCE -- no doubt
a tribute to the fine efforts of the Samba team ;-)
>
> I can see the attractiveness of "rolling your own" programs as far as
> having the latest, but when you use lpp or rpm, uninstalling is a snap,
> the ODM (rpm and lpp database) is updated as to what libraries and
> programs you have and if you need to uninstall it, it can usually be done
> in a snap. Seems very logical and clean cut (most of the time).
>
> What other advantages are there to compiling the latest version of a
> program, other then having the latest program (ie bugfixes, features, etc)
> is there?
The first, as you mention, is *timely* updates to current bugfixes/code
releases. I love AIX to death, but the folks that run AIX on a daily basis
are generally cautious about updates of any kind ("OK, who's gonna be first
to try out this new ML? Any takers?" ;-). Nothing wrong with this approach
of course, but take the example of the recent security exploit discovered
in Apache 1.3.24. By "rolling my own" I had myself covered with hours of
the release of 1.3.26. If you check out the common AIX download sites,
you'll see that most are still offering 1.3.24 as their "current stable
release", and that's Ungood. By compiling from source, I don't have to rely
on anyone else to build an RPM or LPP for me.
Two, and perhaps just as important, I can custom tailor a program build to
my needs (the same principle holds true for recompiling the Linux kernel --
one of the very first things I do after I get the base install squared
away). Almost all "prebuilt packages" have to be build with the masses in
mind. But what if you want to use an LDAP backend to authenticate your
Samba users? Good luck. The source has to be compiled with the '--ldapsam'
option. I can tell you where to find a Linux/i386 RPM for such an
implementation, but I highly doubt any such animal exists for AIX. Also, if
my Apache installation is only serving static web pages, and not special
authentication is called for, why load your executable up with hooks to
PHP, Perl, etc.?
Three, every single option you compile into a program becomes (a) a source
for errors/bugs, and (b) a potential exploit for hackers. Obviously,
security exploits are not a high priority for a program like Samba (Samba
services should NEVER, NEVER, NEVER be accessible to the outside world),
but just the same, it's a good principle to excercise whenever possible.
Four, compiling from source is something every admin should at least be
familiar with. Why? For the reasons stated above: it gives you the ability
to quickly patch an important exploit without waiting for someone to build
you a RPM; it gives you the ability to adapt your installation in ways that
might not be available for a prebuilt package.
>
> I ask you this because sometimes a person (myself included) will run into
> a problem, someone tells them to upgrade to the latest version (which by
> the way is good advice), but because of uncertainties with the "roll your
> own" approach, they never do it, they have to wait for the lpp of a newer
> version of the software. Then when it comes out, and they run into a
> problem, someone tells them to compile the latest version, etc..
>
> Thanks for your time, if you can't answer this email because of the length
> of the response or you are short on time, I understand fully. I've said
> and asked a lot here that I honestly can't ask anyone else. Also I would
> like to thank you for being there when I first started down the AIX path,
> reading your home page and turning me on to the AIX discussion group. I
> love working with AIX and you were there in the early days!
You're welcome. Remember, it's a two-way street. I've learned what I have
by people asking intelligent questions that I didn't always have a ready
answer for. As the saying goes, "you teach what you learn, and learn what
you teach".
Best,
/tom
>
>
> Thanks again Tom,
>
> Drew
>
> -----Original Message-----
> From: IBM AIX Discussion List [mailto:aix-l@Princeton.EDU]On Behalf Of Tom
> Syroid
> Sent: Wednesday, August 21, 2002 12:57 PM
> To: aix-l@Princeton.EDU
> Subject: Re: Copying files from AIX SAMBA 2.07 in Win9x
>
> Jon,
>
> Personally, I always compile from source (www.samba.org). If you need a
> precompiled binary, and you have the AIX Linux Toolbox installed, try:
>
> http://www-1.ibm.com/servers/aix/products/aixos/linux/download.html
> (Unfortunately, this site is only at 2.2.3a at present, which is one of
> the reason I use source -- this way I can always get the best release
> based on need/features/bug-fixes).
>
> The UCLA website has 2.2.4:
>
> http://pdslib4aix.seas.ucla.edu/new-all.html (this is the page for AIX 5L;
> follow the hyperlinks for 4.3.3 stuff).
>
> And then there's the Bull Freeware site:
>
> http://ftp.rge.com/pub/systems/aix/bull/
>
> Unfortunately, it too lists 2.2.3a as the latest release available.
>
> I work with Samba fairly extensively, and personally I'd recommend option
> A if feasible: that is, building 2.2.5 from source. There's some faily
> extensive changes relating to Win2K/XP issues (sharing and printing) that
> remove a great deal of "head scratching / debugging" from earlier
> releases.
>
> Best,
> /tom
>
> --On Wednesday, August 21, 2002 5:14 PM +0100 Jonathan Portman
> <Jonathan.Portman@MPRC.CO.UK> wrote:
>
>>
>> Thanks Tom. Where can I get hold of the latest Samab version from ?
>> websites I've been to show 2.07 as being the latest.
>>
>> Jon.
>
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:16:10 EDT