Remove executable permission bits from ctdb service file

Avoids the following warning message from /var/log/messages:

...
systemd: Configuration file /usr/lib/systemd/system/ctdb.service
is marked executable. Please remove executable permission bits.
Proceeding anyway.
...

Signed-off-by: Anoop C S <anoopcs@redhat.com>

.gitignore

@@ -57,157 +57,10 @@ samba-3.6.0pre1.tar.gz
 /samba-4.3.2.tar.xz
 /samba-4.3.3.tar.xz
 /samba-4.3.4.tar.xz
-/samba-4.4.0rc1.tar.xz
-/samba-4.4.0rc2.tar.xz
-/samba-4.4.0rc3.tar.xz
-/samba-4.4.0rc4.tar.xz
-/samba-4.4.0rc5.tar.xz
-/samba-4.4.0.tar.xz
-/samba-4.4.2.tar.xz
-/samba-4.4.3.tar.xz
-/samba-4.4.4.tar.xz
-/samba-4.4.5.tar.xz
-/samba-4.5.0rc1.tar.xz
-/samba-4.5.0rc2.tar.xz
-/samba-4.5.0rc3.tar.xz
-/samba-4.5.0.tar.xz
-/samba-4.5.1.tar.xz
-/samba-4.5.2.tar.xz
-/samba-4.5.3.tar.xz
-/samba-4.6.0rc1.tar.xz
-/samba-4.6.0rc2.tar.xz
-/samba-4.6.0rc2.tar.asc
-/samba-4.6.0rc3.tar.asc
-/samba-4.6.0rc3.tar.xz
-/samba-4.6.0rc4.tar.xz
-/samba-4.6.0rc4.tar.asc
-/samba-4.6.0.tar.asc
-/samba-4.6.0.tar.xz
-/samba-4.6.1.tar.xz
-/samba-4.6.1.tar.asc
-/samba-4.6.2.tar.xz
-/samba-4.6.2.tar.asc
-/samba-4.6.3.tar.xz
-/samba-4.6.3.tar.asc
-/samba-4.6.4.tar.xz
-/samba-4.6.4.tar.asc
-/samba-4.6.5.tar.xz
-/samba-4.6.5.tar.asc
-/samba-4.7.0rc1.tar.xz
-/samba-4.7.0rc1.tar.asc
-/samba-4.7.0rc3.tar.xz
-/samba-4.7.0rc3.tar.asc
-/samba-4.7.0rc5.tar.xz
-/samba-4.7.0rc5.tar.asc
-/samba-4.7.0rc6.tar.xz
-/samba-4.7.0rc6.tar.asc
-/samba-4.7.0.tar.xz
-/samba-4.7.0.tar.asc
-/samba-4.7.1.tar.xz
-/samba-4.7.1.tar.asc
-/samba-4.7.2.tar.xz
-/samba-4.7.2.tar.asc
-/samba-4.7.3.tar.xz
-/samba-4.7.3.tar.asc
-/samba-4.7.4.tar.xz
-/samba-4.7.4.tar.asc
-/samba-4.8.0rc1.tar.xz
-/samba-4.8.0rc1.tar.asc
-/samba-4.8.0rc2.tar.xz
-/samba-4.8.0rc2.tar.asc
-/samba-4.8.0rc3.tar.xz
-/samba-4.8.0rc3.tar.asc
-/samba-4.8.0rc4.tar.xz
-/samba-4.8.0rc4.tar.asc
-/samba-4.8.0.tar.xz
-/samba-4.8.0.tar.asc
-/samba-4.8.1.tar.xz
-/samba-4.8.1.tar.asc
-/samba-4.8.2.tar.xz
-/samba-4.8.2.tar.asc
-/samba-4.8.3.tar.asc
-/samba-4.8.3.tar.xz
-/samba-4.9.0rc1.tar.xz
-/samba-4.9.0rc1.tar.asc
-/samba-4.9.0rc2.tar.xz
-/samba-4.9.0rc2.tar.asc
-/samba-4.9.0rc3.tar.xz
-/samba-4.9.0rc3.tar.asc
-/samba-4.9.0rc4.tar.xz
-/samba-4.9.0rc4.tar.asc
-/samba-4.9.0rc5.tar.asc
-/samba-4.9.0rc5.tar.xz
-/samba-4.9.0.tar.xz
-/samba-4.9.0.tar.asc
-/samba-4.9.1.tar.asc
-/samba-4.9.1.tar.xz
-/samba-4.9.2.tar.xz
-/samba-4.9.2.tar.asc
-/samba-4.9.3.tar.xz
-/samba-4.9.3.tar.asc
-/samba-4.9.4.tar.xz
-/samba-4.9.4.tar.asc
-/samba-4.10.0rc1.tar.xz
-/samba-4.10.0rc1.tar.asc
-/samba-4.10.0rc2.tar.xz
-/samba-4.10.0rc2.tar.asc
-/samba-4.10.0rc3.tar.xz
-/samba-4.10.0rc3.tar.asc
-/samba-4.10.0rc4.tar.xz
-/samba-4.10.0rc4.tar.asc
-/samba-4.10.0.tar.xz
-/samba-4.10.0.tar.asc
-/samba-4.10.1.tar.xz
-/samba-4.10.1.tar.asc
-/samba-4.10.2.tar.xz
-/samba-4.10.2.tar.asc
-/samba-4.10.3.tar.xz
-/samba-4.10.3.tar.asc
-/samba-4.10.4.tar.xz
-/samba-4.10.4.tar.asc
-/samba-4.10.5.tar.xz
-/samba-4.10.5.tar.asc
-/samba-4.10.6.tar.xz
-/samba-4.10.6.tar.asc
-/samba-4.11.0rc1.tar.xz
-/samba-4.11.0rc1.tar.asc
-/samba-4.11.0rc2.tar.xz
-/samba-4.11.0rc2.tar.asc
-/samba-4.11.0rc3.tar.xz
-/samba-4.11.0rc3.tar.asc
-/samba-4.11.0rc4.tar.xz
-/samba-4.11.0rc4.tar.asc
-/samba-4.11.0.tar.xz
-/samba-4.11.0.tar.asc
-/samba-4.11.1.tar.xz
-/samba-4.11.1.tar.asc
-/samba-4.11.2.tar.xz
-/samba-4.11.2.tar.asc
-/samba-4.11.3.tar.xz
-/samba-4.11.3.tar.asc
-/samba-4.11.4.tar.xz
-/samba-4.11.4.tar.asc
-/samba-4.11.5.tar.xz
-/samba-4.11.5.tar.asc
-/samba-4.12.0rc1.tar.xz
-/samba-4.12.0rc1.tar.asc
-/samba-4.12.0rc2.tar.xz
-/samba-4.12.0rc2.tar.asc
-/samba-4.12.0rc3.tar.xz
-/samba-4.12.0rc3.tar.asc
-/samba-4.12.0rc4.tar.xz
-/samba-4.12.0rc4.tar.asc
-/samba-4.12.0.tar.xz
-/samba-4.12.0.tar.asc
-/samba-4.12.1.tar.xz
-/samba-4.12.1.tar.asc
-/samba-4.12.2.tar.xz
-/samba-4.12.2.tar.asc
-/samba-4.12.3.tar.xz
-/samba-4.12.3.tar.asc
-/samba-4.12.4.tar.xz
-/samba-4.12.4.tar.asc
-/samba-4.12.5.tar.xz
-/samba-4.12.5.tar.asc
-/samba-4.13.0rc1.tar.xz
-/samba-4.13.0rc1.tar.asc
+/samba-4.3.5.tar.xz
+/samba-4.3.6.tar.xz
+/samba-4.3.8.tar.xz
+/samba-4.3.9.tar.xz
+/samba-4.3.10.tar.xz
+/samba-4.3.11.tar.xz
+/samba-4.3.12.tar.xz

README.dc

@@ -0,0 +1,20 @@
+MIT Kerberos 5 Support
+=======================
+
+Fedora is using MIT Kerberos implementation as its Kerberos infrastructure of
+choice. The Samba build in Fedora is using MIT Kerberos implementation in order
+to allow system-wide interoperability between both desktop and server
+applications running on the same machine.
+
+At the moment the Samba Active Directory Domain Controller implementation is
+not available with MIT Kereberos. FreeIPA and Samba Team members are currently
+working on Samba MIT Kerberos support as this is a requirement for a GNU/Linux
+distribution integration of Samba AD DC features.
+
+We have just finished migrating the file server and all client utilities to MIT
+Kerberos.  The result of this work is available in samba-* packages in Fedora.
+We'll provide Samba AD DC functionality as soon as its support of MIT Kerberos
+KDC will be ready.
+
+In case of further questions do not hesitate to send your inquiries to
+samba-owner@fedoraproject.org

README.md

@@ -1,186 +0,0 @@
-Samba is a free SMB and CIFS client and server and Domain Controller for UNIX
-and other operating systems. It is maintained by the Samba Team, who support the
-original author, Andrew Tridgell.
-
-This software is freely distributable under the GNU public license, a copy of
-which you should have received with this software (in a file called COPYING).
-
-# WHAT IS SMB/CIFS?
-This is a big question.
-
-The very short answer is that it is the protocol by which a lot of PC-related
-machines share files and printers and other information such as lists of
-available files and printers. Operating systems that support this natively
-include Windows 9x, Windows NT (and derivatives), OS/2, Mac OS X and Linux. Add
-on packages that achieve the same thing are available for DOS, Windows 3.1, VMS,
-Unix of all kinds, MVS, and more.  Some Web Browsers can speak this protocol as
-well (smb://).  Alternatives to SMB include Netware, NFS, Appletalk, Banyan
-Vines, Decnet etc; many of these have advantages but none are both public
-specifications and widely implemented in desktop machines by default.
-
-The Common Internet File system (CIFS) is what the new SMB initiative is called.
-For details watch [here](https://samba.org/cifs)
-
-# WHY DO PEOPLE WANT TO USE SMB?
-* Many people want to integrate their Microsoft desktop clients with their Unix
-servers.
-
-* Others want to integrate their Microsoft (etc) servers with Unix servers. This
-is a different problem to integrating desktop clients.
-
-* Others want to replace protocols like NFS, DecNet and Novell NCP, especially
-when used with PCs.
-
-# WHAT CAN SAMBA DO?
-Please refer to the WHATSNEW.txt included with this README for a list of
-features in the latest Samba release.
-
-Here is a very short list of what samba includes, and what it does. For many
-networks this can be simply summarized by "Samba provides a complete replacement
-for Windows NT, Warp, NFS or Netware servers."
-* a SMB server, to provide Windows NT and LAN Manager-style file and print
-services to SMB clients such as Windows 95, Warp Server, smbfs and others.
-
-* a Windows Domain Controller (NT4 and AD) replacement.
-
-* a file/print server that can act as a member of a Windows NT 4.0 or Active
-Directory domain.
-
-* a NetBIOS (rfc1001/1002) nameserver, which amongst other things gives browsing
-support. Samba can be the master browser on your LAN if you wish.
-
-* a ftp-like SMB client so you can access PC resources (disks and printers) from
-UNIX, Netware, and other operating systems
-
-* a tar extension to the client for backing up PCs
-
-* limited command-line tool that supports some of the NT administrative
-functionality, which can be used on Samba, NT workstation and NT server.
-
-For a much better overview have a look at the [web site](http://samba.org/samba)
-and browse the user survey.
-
-#### Related packages include:
-* cifsvfs, an advanced Linux-only filesystem allowing you to mount remote SMB
-filesystems from PCs on your Linux box. This is included as standard with Linux
-2.5 and later.
-
-* smbfs, the previous Linux-only filesystem allowing you to mount remote SMB
-filesystems from PCs on your Linux box. This is included as standard with Linux
-2.0 and later.
-
-# CONTRIBUTIONS
-
-### To contribute via GitHub
-  * fork the official Samba team repository on GitHub
-    -- see [GitHub](https://github.com/samba-team/samba)
-
-  * become familiar with the coding standards as described in README.Coding
-
-  * make sure you read the Samba copyright policy
-    -- see [Copyright Policy](https://www.samba.org/samba/devel/copyright-policy.html)
-
-  * create a feature branch
-
-  * make changes
-
-  * when committing, be sure to add signed-off-by tags
-    -- see [Commit message tags](https://wiki.samba.org/index.php/CodeReview#commit_message_tags)
-
-  * send a pull request for your branch through GitHub
-
-  * this will trigger an email to the samba-technical mailing list
-
-  * discussion happens on the samba-technical mailing list as described below
-
-  * more info on using Git for Samba development can be found on Samba Wiki
-    -- see [Using Git for Samba](https://wiki.samba.org/index.php/Using_Git_for_Samba_Development)
-
-### To contribute via mailing lists
-Join the mailing list. The Samba team accepts patches (preferably in "diff -u"
-format, see [here](https://samba.org/samba/devel) for more details) and are
-always glad to receive feedback or suggestions to the address
-samba@lists.samba.org. More information on the various Samba mailing lists can
-be found at [mailman](http://lists.samba.org).
-
-You can also get the Samba sourcecode straight from the [git repository](http://wiki.samba.org/index.php/Using_Git_for_Samba_Development).
-
-If you like a particular feature then look through the git change-log on the
-[web](https://git.samba.org/?p=samba.git;a=summary) and see who added it, then
-send them an email.
-
-Remember that free software of this kind lives or dies by the response we get.
-If no one tells us they like it then we'll probably move onto something else.
-
-
-# MORE INFO
-
-### DOCUMENTATION
-There is quite a bit of documentation included with the package, including man
-pages, and lots of .html files with hints and useful info. This is also
-available from the web page. There is a growing collection of information under
-docs/.
-
-A list of Samba documentation in languages other than English is available on
-the web page.
-
-If you would like to help with the documentation, please coordinate on the
-samba@lists.samba.org mailing list. See the next section for details on
-subscribing to samba mailing lists.
-
-### MAILING LIST
-Please do NOT send subscription/unsubscription requests to the lists!
-
-There is a mailing list for discussion of Samba.  For details go to [mailman](https://lists.samba.org)
-or send mail to <samba-subscribe@lists.samba.org>.
-
-There is also an announcement mailing list where new versions are announced. To
-subscribe go to [mailman](http://lists.samba.org) or send mail to
-<samba-announce-subscribe@lists.samba.org>. All announcements also go to the
-samba list, so you only need to be on one.
-
-For details of other Samba mailing lists and for access to archives, see
-[mailman](http://lists.samba.org)
-
-### MAILING LIST ETIQUETTE
-
-A few tips when submitting to this or any mailing list.
- - Make your subject short and descriptive. Avoid the words "help" or "Samba" in
-the subject. The readers of this list already know that a) you need help, and b)
-you are writing about samba (of course, you may need to distinguish between
-Samba PDC and other file sharing software). Avoid phrases such as "what is" and
-"how do i". Some good subject lines might look like "Slow response with Excel
-files" or "Migrating from Samba PDC to NT PDC".
-
-- If you include the original message in your reply, trim it so that only the
-relevant lines, enough to establish context, are included. Chances are (since
-this is a mailing list) we've already read the original message.
-
-- Trim irrelevant headers from the original message in your reply. All we need
-to see is a) From, b) Date, and c) Subject. We don't even really need the
-Subject, if you haven't changed it. Better yet is to just preface the original
-message with "On [date] [someone] wrote:".
-
-- Please don't reply to or argue about spam, spam filters or viruses on any
-Samba lists. We do have a spam filtering system that is working quite well thank
-you very much but occasionally unwanted messages slip through. Deal with it.
-
-- Never say "Me too." It doesn't help anyone solve the problem. Instead, if you
-ARE having the same problem, give more information. Have you seen something that
-the other writer hasn't mentioned, which may be helpful?
-
-- If you ask about a problem, then come up with the solution on your own or
-through another source, by all means post it. Someone else may have the same
-problem and is waiting for an answer, but never hears of it.
-
-- Give as much *relevant* information as possible such as Samba release number,
-OS, kernel version, etc...
-
-- RTFM. Google.
-
-### WEB SITE
-A Samba WWW [site](https://samba.org) has been setup with lots of useful info.
-
-As well as general information and documentation, this also has searchable
-archives of the mailing list and a user survey that shows who else is using this
-package.

samba-4.2-auth-credentials-if-credentials-have-principal-set-t.patch

@@ -0,0 +1,35 @@
+From 97d7bc19bb463cfbb9d45b69cec1e668eb15b4a1 Mon Sep 17 00:00:00 2001
+From: Alexander Bokovoy <ab@samba.org>
+Date: Thu, 7 May 2015 14:12:03 +0000
+Subject: [PATCH] auth/credentials: if credentials have principal set, they are
+ not anonymous anymore
+
+When dealing with Kerberos, we cannot consider credentials anonymous
+if credentials were obtained properly.
+
+Signed-off: Alexander Bokovoy <ab@samba.org>
+---
+ auth/credentials/credentials.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c
+index 78b5955..b1ccc5a 100644
+--- a/auth/credentials/credentials.c
++++ b/auth/credentials/credentials.c
+@@ -921,6 +921,13 @@ _PUBLIC_ bool cli_credentials_is_anonymous(struct cli_credentials *cred)
+ 						    cred->machine_account_pending_lp_ctx);
+ 	}
+ 
++	if (cli_credentials_get_kerberos_state(cred) != CRED_DONT_USE_KERBEROS) {
++		/* if principal is set, it's not anonymous */
++		if (cred->principal && cred->principal_obtained >= cred->username_obtained) {
++			return false;
++		}
++	}
++
+ 	username = cli_credentials_get_username(cred);
+ 	
+ 	/* Yes, it is deliberate that we die if we have a NULL pointer
+-- 
+2.4.0
+

samba-4.2.10-s3-winbind-make-sure-domain-member-can-talk-to-trust.patch

@@ -0,0 +1,60 @@
+From b89f28556ad0d1caf9cf41c56a0d67440098358f Mon Sep 17 00:00:00 2001
+From: Alexander Bokovoy <abokovoy@redhat.com>
+Date: Tue, 12 Apr 2016 09:36:12 +0300
+Subject: [PATCH] s3-winbind: make sure domain member can talk to trusted
+ domains DCs
+
+  Allow cm_connect_netlogon() to talk to trusted domains' DCs when
+  running in a domain member configuration.
+
+Signed-off-by: Alexander Bokovoy <ab@samba.org>
+---
+ source3/winbindd/winbindd_cm.c | 15 +++++++++------
+ 1 file changed, 9 insertions(+), 6 deletions(-)
+
+diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
+index 63175e5..1ef3d17 100644
+--- a/source3/winbindd/winbindd_cm.c
++++ b/source3/winbindd/winbindd_cm.c
+@@ -2578,9 +2578,10 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
+  anonymous:
+ 
+ 	/* Finally fall back to anonymous. */
+-	if (lp_winbind_sealed_pipes() || lp_require_strong_key()) {
++	if ((lp_winbind_sealed_pipes() || lp_require_strong_key()) &&
++	    (IS_DC || domain->primary)) {
+ 		status = NT_STATUS_DOWNGRADE_DETECTED;
+-		DEBUG(1, ("Unwilling to make SAMR connection to domain %s"
++		DEBUG(1, ("Unwilling to make SAMR connection to domain %s "
+ 			  "without connection level security, "
+ 			  "must set 'winbind sealed pipes = false' and "
+ 			  "'require strong key = false' to proceed: %s\n",
+@@ -2811,9 +2812,10 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
+ 
+  anonymous:
+ 
+-	if (lp_winbind_sealed_pipes() || lp_require_strong_key()) {
++	if ((lp_winbind_sealed_pipes() || lp_require_strong_key()) &&
++	    (IS_DC || domain->primary)) {
+ 		result = NT_STATUS_DOWNGRADE_DETECTED;
+-		DEBUG(1, ("Unwilling to make LSA connection to domain %s"
++		DEBUG(1, ("Unwilling to make LSA connection to domain %s "
+ 			  "without connection level security, "
+ 			  "must set 'winbind sealed pipes = false' and "
+ 			  "'require strong key = false' to proceed: %s\n",
+@@ -2978,9 +2980,10 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
+ 
+  no_schannel:
+ 	if (!(conn->netlogon_flags & NETLOGON_NEG_AUTHENTICATED_RPC)) {
+-		if (lp_winbind_sealed_pipes() || lp_require_strong_key()) {
++		if ((lp_winbind_sealed_pipes() || lp_require_strong_key()) &&
++		    (IS_DC || domain->primary)) {
+ 			result = NT_STATUS_DOWNGRADE_DETECTED;
+-			DEBUG(1, ("Unwilling to make connection to domain %s"
++			DEBUG(1, ("Unwilling to make connection to domain %s "
+ 				  "without connection level security, "
+ 				  "must set 'winbind sealed pipes = false' and "
+ 				  "'require strong key = false' to proceed: %s\n",
+-- 
+2.5.5
+

samba-4.3.12-vfs_gluster_realpath.patch

@@ -0,0 +1,49 @@
+From 730c0a2fab4b0c494122f29355068cc2bbf0f672 Mon Sep 17 00:00:00 2001
+From: Michael Adam <obnox@samba.org>
+Date: Fri, 21 Oct 2016 00:15:06 +0200
+Subject: [PATCH] vfs:glusterfs: preallocate result for glfs_realpath
+
+https://bugzilla.samba.org/show_bug.cgi?id=12404
+
+This makes us independent of the allocation
+method used inside glfs_realpath.
+
+Signed-off-by: Michael Adam <obnox@samba.org>
+Reviewed-by: Ira Cooper <ira@samba.org>
+
+Autobuild-User(master): Jeremy Allison <jra@samba.org>
+Autobuild-Date(master): Sat Oct 22 00:28:41 CEST 2016 on sn-devel-144
+
+(cherry picked from commit 92a0a56c3852726e0812d260e043957c879aefa4)
+---
+ source3/modules/vfs_glusterfs.c | 15 ++++++++++++++-
+ 1 file changed, 14 insertions(+), 1 deletion(-)
+
+diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c
+index 732ca51..fc40a90 100644
+--- a/source3/modules/vfs_glusterfs.c
++++ b/source3/modules/vfs_glusterfs.c
+@@ -1036,7 +1036,20 @@ static int vfs_gluster_fallocate(struct vfs_handle_struct *handle,
+ static char *vfs_gluster_realpath(struct vfs_handle_struct *handle,
+ 				  const char *path)
+ {
+-	return glfs_realpath(handle->data, path, 0);
++	char *result = NULL;
++	char *resolved_path = SMB_MALLOC_ARRAY(char, PATH_MAX+1);
++
++	if (resolved_path == NULL) {
++		errno = ENOMEM;
++		return NULL;
++	}
++
++	result = glfs_realpath(handle->data, path, resolved_path);
++	if (result == NULL) {
++		SAFE_FREE(resolved_path);
++	}
++
++	return result;
+ }
+ 
+ static bool vfs_gluster_lock(struct vfs_handle_struct *handle,
+-- 
+2.7.4

samba.log

@@ -1,10 +1,7 @@
-/var/log/samba/log.* {
-    compress
-    dateext
-    maxage 365
-    rotate 99
+/var/log/samba/* {
     notifempty
     olddir /var/log/samba/old
     missingok
+    sharedscripts
     copytruncate
 }

samba.xinetd

@@ -0,0 +1,15 @@
+# default: off
+# description: SWAT is the Samba Web Admin Tool. Use swat \
+#	       to configure your Samba server. To use SWAT, \
+#	       connect to port 901 with your favorite web browser.
+service swat
+{
+	port		= 901
+	socket_type	= stream
+	wait 		= no
+	only_from 	= 127.0.0.1
+	user		= root
+	server		= /usr/sbin/swat
+	log_on_failure	+= USERID
+	disable		= yes
+}

smb.conf.default

@@ -2,23 +2,26 @@
 # options listed here, refer to the smb.conf(5) manual page. Samba has a huge
 # number of configurable options, most of which are not shown in this example.
 #
-# The Samba Wiki contains a lot of step-by-step guides installing, configuring,
-# and using Samba:
-# https://wiki.samba.org/index.php/User_Documentation
+# The Official Samba 3.2.x HOWTO and Reference Guide contains step-by-step
+# guides for installing, configuring, and using Samba:
+# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
+#
+# The Samba-3 by Example guide has working examples for smb.conf. This guide is
+# generated daily: http://www.samba.org/samba/docs/Samba-Guide.pdf
 #
 # In this file, lines starting with a semicolon (;) or a hash (#) are
 # comments and are ignored. This file uses hashes to denote commentary and
 # semicolons for parts of the file you may wish to configure.
 #
-# NOTE: Run the "testparm" command after modifying this file to check for basic
+# Note: Run the "testparm" command after modifying this file to check for basic
 # syntax errors.
 #
 #---------------
 # Security-Enhanced Linux (SELinux) Notes:
 #
-# Turn the samba_domain_controller Boolean on to allow a Samba PDC to use the
-# useradd and groupadd family of binaries. Run the following command as the
-# root user to turn this Boolean on:
+# Turn the samba_domain_controller Boolean on to allow Samba to use the useradd
+# and groupadd family of binaries. Run the following command as the root user to
+# turn this Boolean on:
 # setsebool -P samba_domain_controller on
 #
 # Turn the samba_enable_home_dirs Boolean on if you want to share home
@@ -67,8 +70,7 @@
 #
 # server string = the equivalent of the Windows NT Description field.
 #
-# netbios name = used to specify a server name that is not tied to the hostname,
-#                maximum is 15 characters.
+# netbios name = used to specify a server name that is not tied to the hostname.
 #
 # interfaces = used to configure Samba to listen on multiple network interfaces.
 # If you have multiple interfaces, you can use the "interfaces =" option to
@@ -80,6 +82,9 @@
 #
 # hosts deny = the hosts not allowed to connect. This option can also be used on
 # a per-share basis.
+#
+# max protocol = used to define the supported protocol. The default is NT1. You
+# can set it to SMB2 if you want experimental SMB2 support.
 #
 	workgroup = MYGROUP
 	server string = Samba Server Version %v
@@ -89,6 +94,8 @@
 ;	interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
 ;	hosts allow = 127. 192.168.12. 192.168.13.
 
+;	max protocol = SMB2
+
 # --------------------------- Logging Options -----------------------------
 #
 # log file = specify where log files are written to and how they are split.
@@ -295,7 +302,7 @@
 ;	writable = no
 ;	share modes = no
 
-# Un-comment the following to provide a specific roaming profile share.
+# Un-comment the following to provide a specific roving profile share.
 # The default is to use the user's home directory:
 ;	[Profiles]
 ;	path = /var/lib/samba/profiles
@@ -308,6 +315,6 @@
 ;	comment = Public Stuff
 ;	path = /home/samba
 ;	public = yes
-;	writable = no
+;	writable = yes
 ;	printable = no
 ;	write list = +staff

smb.conf.vendor

@@ -1,37 +0,0 @@
-# See smb.conf.example for a more detailed config file or
-# read the smb.conf manpage.
-# Run 'testparm' to verify the config is correct after
-# you modified it.
-
-[global]
-	workgroup = SAMBA
-	security = user
-
-	passdb backend = tdbsam
-
-	printing = cups
-	printcap name = cups
-	load printers = yes
-	cups options = raw
-
-[homes]
-	comment = Home Directories
-	valid users = %S, %D%w%S
-	browseable = No
-	read only = No
-	inherit acls = Yes
-
-[printers]
-	comment = All Printers
-	path = /var/tmp
-	printable = Yes
-	create mask = 0600
-	browseable = No
-
-[print$]
-	comment = Printer Drivers
-	path = /var/lib/samba/drivers
-	write list = @printadmin root
-	force group = @printadmin
-	create mask = 0664
-	directory mask = 0775

sources

@@ -1,2 +1 @@
-SHA512 (samba-4.13.0rc1.tar.xz) = 3e6d431998907ad8c81f488ddf78dcef5fd6a4cdf8ca684e5ad0ce9bf7217d82fcca7501155446c83d804f939bea7012f1d37c1f738d8ec7bc769a9148a6592a
-SHA512 (samba-4.13.0rc1.tar.asc) = 6dfe9467fd7fd28db91ae15fa3314a7707cfeb88c8ecd2af532d57614bec311119546a2fd4ced71063df9b7d6879a62f9ba512ae05d494323e0362a5492d33fa
+4b84415bea4b8a0d2085e51d1f9cc4c6  samba-4.3.12.tar.xz