Difference between revisions of "SoC/Ideas"

(Convert more of the Samba 4 IDL to be used in Samba 3)
(Samba 3)
Line 97: Line 97:
  
 
Possible mentors: Stefan Metzmacher
 
Possible mentors: Stefan Metzmacher
 +
 +
===Develop a .reg file registry dump/restore utility for Samba3===
 +
 +
The goal of this project is to develop a library for reading and writing .reg files
 +
as described here: [http://support.microsoft.com/?scid=kb%3Ben-us%3B310516&x=16&y=16].
 +
A subcommand of the ''net'' utility would be used to save and restore parts or all
 +
of Samba3's registry.
 +
 +
A simple project would develop this upon the existing Samba3 registry code.
 +
This task can also be achieved as part of a more ambitious project described in the
 +
next chapter.
 +
 +
Possible mentors: [[Obnox|Michael Adam]] and [[Jelmer Vernooij]]
 +
 +
===Reconcile Samba3 and Samba4 registry code===
 +
 +
Samba4's registry code is a well structured mostly isolated library with replaceable
 +
backends mounted onto hives, similar to Windows registry structure. Samba3 registry code
 +
has many legacy parts that are currently being hidden more and more under a winreg-api-like
 +
interface. Special actions like dynamic overlays are tied to various registry subkeys
 +
by "hooks".
 +
 +
Reconciling the two registry versions would mostly mean porting Samba4 registry code to Samba3,
 +
things have to be adapted for Samba3 registry hooks functionality to be preserved.
 +
 +
A .reg file utility could be obtained more or less as side result of this project since ther
 +
is alread some support for this in Samba4.
 +
 +
Possible Mentors: [[JelmerVernooij]] and [[Obnox|Michael Adam]]
  
 
==Samba 4==
 
==Samba 4==

Revision as of 14:10, 10 March 2008

Google Summer of Code: Suggested Project ideas

Samba 3

User-space ACL implementation

Samba4 contains an implementation of NT-style access control lists in user space. [1] contains a rudimentary start of this code to Samba3. This project should complete the implementation started by Volker Lendecke, together with a lot of tests that verify individual operations in Samba3 do the correct access checks.

Possible mentor: Volker Lendecke

SACL VFS Module

Support for file systems SACLs (i.e. file system auditing) on in Samba in a VFS module by utilizing Extended Attributes. This project should ensure that users are able to successfully view and modify auditing settings on files and directories using the Windows Explorer.

Possible mentors:

Consolidate internal LDAP SASL support

Samba has two separate copies of LDAP support routines. One is used to access Active Directories servers when operating as a member server and the other is used for implementing the LDAP passdb backend feature. Applicants should be comfortable with LDAP directories services and SASL mechanisms such as GSS-SPNEGO.

Possible mentors:

Backport EndPointMapper and support for ncacn_ip_tcp

Current Samba 3.0 releases only support MS-RPC over SMB named pipes. The SAMBA_4_0 code base has support RPC directory over TCP which could be back ported in some degree to the SAMBA_3_0 tree. A pre-requisite task may be to backport the events framework first

Possible mentors: JelmerVernooij

Alternative configuration backends

NOTE: Samba 3.2.0 has a registry configuration backend as an alternative to smb.conf, which makes this project obsolete at least to some extent - Michael

The current smb.conf does not allow the flexible set read and modify individual key/value pairs from within smbd. This project would explore using a registry like backend that would allow more flexibility is managing Samba's configuration settings outside on a simple text editor. The LibElektra project provides a common configuration library with storage plugins. One possibility would be to implement an LDB backend along with a simple command line interpreter/editor.

The interaction between this and the registry shares in Samba3 should be carefully considered.

Possible mentors:

Full SAM implementation

Provide a new database passdb backend that provides both the Unix and Win32 attributes without the use of external commands such as the "add user script". This could be based around LDB (perhaps with the Samba4/AD layout), TDB, or some other database.

Possible mentors:

SNMP support

Explore supporting the LANMAN SNMP MIB included with Windows server operating systems in smbd, nmbd, and winbindd.

Possible mentors:

Solve the overabundance of configuration parameters

(warning: long gloves required?)

Samba 3.0 includes many config options which are necessary only in extreme circumstances. Only a small percentage of the parameters are required in most installations. The challenge is to remove the more advanced settings from immediate misuse while still providing access to them when absolutely necessary.

Possible mentors:

Convert more of the Samba 4 IDL to be used in Samba 3

3.2 will start using more autogenerated DCE/RPC pull/push functions. At the moment, winreg, wkssvc, dssetup, lsarpc, netlogon and samr have been converted. The following interfaces still have to be converted (and would ideally also have the related tests from Samba 4 pass against them):

  • srvsvc
  • svcctl (already started)
  • eventlog (only 1 call left)
  • ntsvcs (already started)
  • spoolss (samba4's idl should be fixed first.)

Possible mentors: JelmerVernooij

Design and Implement a New Printer API for Better CUPS Integration

The current internal printing API used to interact with a Unix printing systems (e.g. LPD or CUPS) mirrors the existing "print command" and other parameters from smb.conf. These were originaly designed to work with LPD and SysV spoolers. The CUPS library has a much richer interface for interacting with applications such as Samba. The goal of this project would be to redesign the current print system support to expose these more advanced features in CUPS to Samba administrators and to provide a better user experience when deploying Samba as a print server in mixed Windows/Unix networks.

Possible mentors:

Finish the move to the new NDR based winbind protocol

Samba 3.2 has a libwbclient library which abstracts the access to winbindd. However there're some caller's left which directly access the winbindd socket (e.g. wbinfo).

The student should add the missing functions to libwbclient and convert wbinfo (and maybe also nss_winbind.so and pam_winbind.so) to only use libwbclient.so.

It is aimed to replace the struct based winbind protocol in samba3 with a new NDR based one. The infrastructure for the autodection and request handling between the new and old protocol is already finished. Also the winbind internal communication uses almost only the new protocol. It's available in this branch http://gitweb.samba.org/?p=metze/samba/wb-ndr.git;a=shortlog;h=v3-2-wb-ndr.

The student should also start convert the winbindd code to support the new NDR based protocol also on the client socket. However the old struct based protocol should still be available, but the old protocol requests should be implemented just as wrappers to the new protocol, so that the winbind internal logic only uses the struct based interface.

The student should also extend the winbind torture tests in Samba4 to test the struct based and NDR based interfaces automaticly in the build-farm (make test).

The student doesn't need to convert libwbclient to use the new protocol.

Possible mentors: Stefan Metzmacher

Develop a .reg file registry dump/restore utility for Samba3

The goal of this project is to develop a library for reading and writing .reg files as described here: [2]. A subcommand of the net utility would be used to save and restore parts or all of Samba3's registry.

A simple project would develop this upon the existing Samba3 registry code. This task can also be achieved as part of a more ambitious project described in the next chapter.

Possible mentors: Michael Adam and Jelmer Vernooij

Reconcile Samba3 and Samba4 registry code

Samba4's registry code is a well structured mostly isolated library with replaceable backends mounted onto hives, similar to Windows registry structure. Samba3 registry code has many legacy parts that are currently being hidden more and more under a winreg-api-like interface. Special actions like dynamic overlays are tied to various registry subkeys by "hooks".

Reconciling the two registry versions would mostly mean porting Samba4 registry code to Samba3, things have to be adapted for Samba3 registry hooks functionality to be preserved.

A .reg file utility could be obtained more or less as side result of this project since ther is alread some support for this in Samba4.

Possible Mentors: JelmerVernooij and Michael Adam

Samba 4

FRS: File Replication Service

The protocol used for the File Replication Service in Active Directory is not currently understood.

This project would be to document this protocol, and implement a working client as part of our torture suite. An ambitious student could try and implement a server as well, but getting the client done would be enough of a challenge for a SOC project. This project would suit someone who is interested in delving into the intricacies of protocol analysis.

Possible mentors:

Compression in the ndr layer

The DRSUAPI DsGetNCChanges() call uses compression for replicating large chunks of objects.

We already have the MSZIP decompression working in samba4 and know the student should implement the MSZIP compression code used for the server code. The idea is to base the work on zlib and contribute the results back to the zlib authors.

There's also another compression algorithm "XPRESS" used in windows 2003. The algorithm is described in the MS-DRSR document of the Microsoft WSPP documentation (See http://msdn2.microsoft.com/en-us/library/cc203213.aspx). The student should implement windows 2003 compression/decompression.

The student should also write a testsuite, so that the compression is tested automaticly in the build-farm (make test).

The algorithm is also used between Outlook and Exchange, so this would also help the OpenChange team.

Possible mentors: Stefan Metzmacher

Windows Search Protocol WSP client library and torture tests

The Windows Search Protocol WSP is used to implement remote full filesystem indexing (indexed search) between windows machines. We would like to support this functionality in Samba, interfacing with existing indexing tools on Unix systems (such as beagle).

This is a new protocol based on SMB named pipes \pipe\ci_skads or \pipe\MSFTEWDS. See http://msdn2.microsoft.com/en-us/library/cc216195.aspx.

The student should write a (un)marshalling library to push and pull PDUs and an async client library on top of the samba4 raw smb client library.

The student should write sub tests for smbtorture which should demostrate how the protocol works against a windows server.

The student doesn't have to implement the samba4 server code.

Possible mentors:

Samba4 Domain Member support

Samba4 needs various bits of work, to become a useful domain member: Students may wish to take on some or all of the tasks below

  • Implement Kerberos handling in Samba4
  • Research and improve other aspects of domain member support

Possible mentors:

LDB ACLs

Currently, Samba4 uses a module known as 'kludge_acls' to perform some basic access control on Samba4's database. This is highly inflexible, and needs to be replaced with real NT ACLs on the elements.

Possible mentors:

CIFS POSIX extensions in Samba4

Samba4 does not implement the CIFS POSIX extensions at this stage.

A testsuite needs to be written, to prove consistent behavior, and the Samba3 compatible server implemented.

Possible mentors:

Implement a Berkeley DB backend for LDB

(less important now we have transactions in tdb?)

LDB currently supports both TDB and LDAP backend storage mechanisms. Another alternative backend possibility is the Berkeley DB database.

Possible mentor:

Dbench and Nbench workload generator based on Samba 4

Samba 4 has two NTVFS backends (cifs and nbench) which allow to create a CIFS proxy which:

  1. intercepts CIFS traffic and forwards that to a remote server, and
  2. write down a workload scenario file for Nbench and Dbench tools

For every connection there is one log file is written. These logs can later be replayed by nbench/dbench against any file system/server to reproduce the same workload. Implementation of the following things will allow to create a specialized workload generator to test various usage scenarios based on real world applications:

  1. Add a functionality to post-process generated logs to create a combined dbench/nbench scenario representing multiple-client access pattern.
  2. Add CIFS Posix Extensions support to both Nbench NTVFS backend and dbench/nbench tools so that Linux applications running against Linux CIFS file system could be profiled.
  3. Package resulting solution as simply-installable and configurable application similar to Samba4WINS package

Possible mentors:

Re-implement smbclient in python

Samba4 now has an embedded python interpreter, which is used for both web configuration and for command line tools. The interpreter has access to the extensive internal C library of Samba. We would like smbclient to be rewritten in python, making it much more easily extendable by administrators.

Possible mentors: JelmerVernooij

GQ replacement using GTK and LDB

GQ is a widely used LDAP query tool. Many LDAP administrators would benefit if a similar tool were constructed, in particular with similar schema knowledge. Using LDB as a backend could allow easy use of Samba-supported SASL mechanisms for easier authentication. Likewise, an LDB editor in SWAT would be very useful. Building it with interactive functionality would make it a very powerful way to manage Samba4's LDB databases.

Possible mentors: JelmerVernooij

Browsing support in Samba 4

Samba 4 still needs support for mailslots in general and in particular for the BROWSE mailslot. Should come with tests.

Possible mentors: JelmerVernooij

Extension of the GTK+ frontends

There are a couple of GTK+ frontends for Samba4 (see SambaGtk). These are very limited at the moment but you could work on expanding them and further integrating them with GNOME. In C or Python

Possible mentors: JelmerVernooij

Miscellaneous

Linux Kernel CIFS client improvements

Interested students should contact Steve French and discuss possible improvements to the Linux Kernel CIFS VFS client. Here are some ideas to get you started:

  • improved async/vectored i/o support (improves performance)
  • CIFS->Samba DFS extensions
  • prototype SMB2 client
  • more generic uid mapping facility (when server supports Unix extensions but different uid space)
  • finish up of POSIX->NT ACL mapping
  • integration of cifs client with Dave Howell's fscache (for offline caching)
  • cifs->Samba automated test facility (build verification)

Possible mentors: Steve French

Static and dynamic code analysis

We regularly use tools such as the IBM Checker, and Valgrind to work over our codebase.

These produce many warnings, and in particular the IBM Checker has found many 'unfixed' issues in the code base. Many are false positives, but many are also very serious issues. Students will need to work with the team and the upstream developers to resolve as many of these as possible. To see the current IBM Checker output look at the build farm output for the host 'snab' at http://build.samba.org/

Possible mentors:

Windows GUI Testing

With GUI automation tools, test the behaviour of windows applications against Samba3 and Samba4. This needs to be integrated into the existing Windows testing code.

Last year we had a very successful summer of code project which added automated windows testing to Samba. This tested only command line tools. We would like to expand this to include testing of GUI applications.

Possible mentors: