Print this page
NEX-15125 It's time to require SMB signing by default
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
NEX-15581 SMB keep-alive feature is just noise
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-5665 SMB2 oplock leases
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
NEX-15581 SMB keep-alive feature is just noise
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-5665 SMB2 oplock leases
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
NEX-9497 SMB should bypass ACL traverse checking
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
NEX-10019 SMB server min_protocol setting
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-9723 SMB2 open delays with exclusive oplocks
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
NEX-5273 SMB 3 Encryption
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
NEX-3611 CLONE NEX-3550 Replace smb2_enable with max_protocol
Reviewed by: Yuri Pankov <Yuri.Pankov@nexenta.com>
SMB2 should be disabled by default
NEX-2781 SMB2 credit handling needs work
NEX-2314 SMB server debug logging needs improvement
SUP-866 smbd lwps stuck in libsocket recv() for no apparent reason (try 2)
NEX-2036 SMB signing should be enabled by default
NEX-1050 enable_smb2 should be smb2_enable
NEX-1022 SMB2 should be enabled by default
SMB-50 User-mode SMB server
Includes work by these authors:
Thomas Keiser <thomas.keiser@nexenta.com>
Albert Lee <trisk@nexenta.com>
SMB-65 SMB server in non-global zones (data structure changes)
Many things move to the smb_server_t object, and
many functions gain an sv arg (which server).
re #13470 rb4432 Sync some SMB differences from illumos
re #6813 rb1757 port 2976 Child folder visibility through shares
@@ -20,12 +20,12 @@
information: Portions Copyright [yyyy] [name of copyright owner]
CDDL HEADER END
Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
-Copyright 2015 Nexenta Systems, Inc. All rights reserved.
Copyright 2016 Hans Rosenfeld <rosenfeld@grumpf.hope-2000.org>
+Copyright 2018 Nexenta Systems, Inc. All rights reserved.
NOTE: This service manifest is not editable; its contents will
be overwritten by package or patch operations, including
operating system upgrade. Make customizations in a different
file.
@@ -36,11 +36,11 @@
<!-- 1. Name the service to 'network/smb/server' -->
<service
name='network/smb/server'
type='service'
- version='1'>
+ version='2'>
<!-- 2. Create default service instance. -->
<create_default_instance enabled='false' />
<!-- 3. Service has single instance -->
@@ -155,10 +155,12 @@
value='solaris.smf.value.smb' />
<propval name='oplock_enable' type='boolean'
value='true' override='true'/>
<propval name='autohome_map' type='astring'
value='/etc' override='true'/>
+ <propval name='bypass_traverse_checking' type='boolean'
+ value='true' override='true'/>
<propval name='debug' type='integer'
value='0' override='true'/>
<propval name='domain_sid' type='astring'
value='' override='true'/>
<propval name='domain_member' type='boolean'
@@ -182,19 +184,17 @@
<propval name='max_workers' type='integer'
value='1024' override='true'/>
<propval name='max_connections' type='integer'
value='100000' override='true'/>
<propval name='keep_alive' type='integer'
- value='5400' override='true'/>
+ value='0' override='true'/>
<propval name='restrict_anonymous' type='boolean'
value='false' override='true'/>
<propval name='signing_enabled' type='boolean'
value='true' override='true'/>
<propval name='signing_required' type='boolean'
- value='false' override='true'/>
- <propval name='signing_check' type='boolean'
- value='false' override='true'/>
+ value='true' override='true'/>
<propval name='sync_enable' type='boolean'
value='false' override='true'/>
<propval name='security' type='astring'
value='workgroup' override='true'/>
<propval name='netbios_enable' type='boolean'
@@ -227,10 +227,14 @@
value='false' override='true'/>
<propval name='traverse_mounts' type='boolean'
value='true' override='true'/>
<propval name='max_protocol' type='astring'
value='' override='true'/>
+ <propval name='min_protocol' type='astring'
+ value='' override='true'/>
+ <propval name='encrypt' type='astring'
+ value='disabled' override='true'/>
<propval name='initial_credits' type='integer'
value='20' override='true'/>
<propval name='maximum_credits' type='integer'
value='1000' override='true'/>
</property_group>