1 |
commit: c602f884e34ee08f6a76b11f03a1946170d16d55 |
2 |
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Dec 3 12:59:10 2021 +0000 |
4 |
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Dec 3 13:00:05 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c602f884 |
7 |
|
8 |
net-fs/samba: Attempt to fix winbindd regression |
9 |
|
10 |
Bug: https://bugs.gentoo.org/828063 |
11 |
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org> |
12 |
|
13 |
.../samba-4.14.10-winbindd_regression_fix.patch | 42 +++ |
14 |
.../samba-4.15.2-winbindd_regression_fix.patch | 42 +++ |
15 |
net-fs/samba/samba-4.14.10-r1.ebuild | 346 +++++++++++++++++++++ |
16 |
net-fs/samba/samba-4.15.2-r1.ebuild | 343 ++++++++++++++++++++ |
17 |
4 files changed, 773 insertions(+) |
18 |
|
19 |
diff --git a/net-fs/samba/files/samba-4.14.10-winbindd_regression_fix.patch b/net-fs/samba/files/samba-4.14.10-winbindd_regression_fix.patch |
20 |
new file mode 100644 |
21 |
index 000000000000..23411dad6bec |
22 |
--- /dev/null |
23 |
+++ b/net-fs/samba/files/samba-4.14.10-winbindd_regression_fix.patch |
24 |
@@ -0,0 +1,42 @@ |
25 |
+From bc07c3b70702100975f8921e56cf9b733ec3b826 Mon Sep 17 00:00:00 2001 |
26 |
+From: Stefan Metzmacher <metze@×××××.org> |
27 |
+Date: Tue, 9 Nov 2021 20:50:20 +0100 |
28 |
+Subject: [PATCH] s3:winbindd: fix "allow trusted domains = no" regression |
29 |
+ |
30 |
+add_trusted_domain() should only reject domains |
31 |
+based on is_allowed_domain(), which now also |
32 |
+checks "allow trusted domains = no", if we don't |
33 |
+have an explicit trust to the domain (SEC_CHAN_NULL). |
34 |
+ |
35 |
+We use at least SEC_CHAN_LOCAL for local domains like |
36 |
+BUILTIN. |
37 |
+ |
38 |
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14899 |
39 |
+ |
40 |
+Signed-off-by: Stefan Metzmacher <metze@×××××.org> |
41 |
+Reviewed-by: Andreas Schneider <asn@×××××.org> |
42 |
+ |
43 |
+Autobuild-User(master): Stefan Metzmacher <metze@×××××.org> |
44 |
+Autobuild-Date(master): Wed Nov 10 11:21:31 UTC 2021 on sn-devel-184 |
45 |
+ |
46 |
+(cherry picked from commit a7f6c60cb037b4bc9eee276236539b8282213935) |
47 |
+--- |
48 |
+ source3/winbindd/winbindd_util.c | 2 +- |
49 |
+ 1 file changed, 1 insertion(+), 1 deletion(-) |
50 |
+ |
51 |
+diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c |
52 |
+index 42ddbfd2f44e..9d54e462c425 100644 |
53 |
+--- a/source3/winbindd/winbindd_util.c |
54 |
++++ b/source3/winbindd/winbindd_util.c |
55 |
+@@ -134,7 +134,7 @@ static NTSTATUS add_trusted_domain(const char *domain_name, |
56 |
+ return NT_STATUS_INVALID_PARAMETER; |
57 |
+ } |
58 |
+ |
59 |
+- if (!is_allowed_domain(domain_name)) { |
60 |
++ if (secure_channel_type == SEC_CHAN_NULL && !is_allowed_domain(domain_name)) { |
61 |
+ return NT_STATUS_NO_SUCH_DOMAIN; |
62 |
+ } |
63 |
+ |
64 |
+-- |
65 |
+2.25.1 |
66 |
+ |
67 |
|
68 |
diff --git a/net-fs/samba/files/samba-4.15.2-winbindd_regression_fix.patch b/net-fs/samba/files/samba-4.15.2-winbindd_regression_fix.patch |
69 |
new file mode 100644 |
70 |
index 000000000000..457bad16a6e2 |
71 |
--- /dev/null |
72 |
+++ b/net-fs/samba/files/samba-4.15.2-winbindd_regression_fix.patch |
73 |
@@ -0,0 +1,42 @@ |
74 |
+From 9f73f8a784f2de9211601f92729a47aaa3e51a1a Mon Sep 17 00:00:00 2001 |
75 |
+From: Stefan Metzmacher <metze@×××××.org> |
76 |
+Date: Tue, 9 Nov 2021 20:50:20 +0100 |
77 |
+Subject: [PATCH] s3:winbindd: fix "allow trusted domains = no" regression |
78 |
+ |
79 |
+add_trusted_domain() should only reject domains |
80 |
+based on is_allowed_domain(), which now also |
81 |
+checks "allow trusted domains = no", if we don't |
82 |
+have an explicit trust to the domain (SEC_CHAN_NULL). |
83 |
+ |
84 |
+We use at least SEC_CHAN_LOCAL for local domains like |
85 |
+BUILTIN. |
86 |
+ |
87 |
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14899 |
88 |
+ |
89 |
+Signed-off-by: Stefan Metzmacher <metze@×××××.org> |
90 |
+Reviewed-by: Andreas Schneider <asn@×××××.org> |
91 |
+ |
92 |
+Autobuild-User(master): Stefan Metzmacher <metze@×××××.org> |
93 |
+Autobuild-Date(master): Wed Nov 10 11:21:31 UTC 2021 on sn-devel-184 |
94 |
+ |
95 |
+(cherry picked from commit a7f6c60cb037b4bc9eee276236539b8282213935) |
96 |
+--- |
97 |
+ source3/winbindd/winbindd_util.c | 2 +- |
98 |
+ 1 file changed, 1 insertion(+), 1 deletion(-) |
99 |
+ |
100 |
+diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c |
101 |
+index fe68adec534a..a8c510fafc67 100644 |
102 |
+--- a/source3/winbindd/winbindd_util.c |
103 |
++++ b/source3/winbindd/winbindd_util.c |
104 |
+@@ -135,7 +135,7 @@ static NTSTATUS add_trusted_domain(const char *domain_name, |
105 |
+ return NT_STATUS_INVALID_PARAMETER; |
106 |
+ } |
107 |
+ |
108 |
+- if (!is_allowed_domain(domain_name)) { |
109 |
++ if (secure_channel_type == SEC_CHAN_NULL && !is_allowed_domain(domain_name)) { |
110 |
+ return NT_STATUS_NO_SUCH_DOMAIN; |
111 |
+ } |
112 |
+ |
113 |
+-- |
114 |
+2.25.1 |
115 |
+ |
116 |
|
117 |
diff --git a/net-fs/samba/samba-4.14.10-r1.ebuild b/net-fs/samba/samba-4.14.10-r1.ebuild |
118 |
new file mode 100644 |
119 |
index 000000000000..9c5d6e8d0e5f |
120 |
--- /dev/null |
121 |
+++ b/net-fs/samba/samba-4.14.10-r1.ebuild |
122 |
@@ -0,0 +1,346 @@ |
123 |
+# Copyright 1999-2021 Gentoo Authors |
124 |
+# Distributed under the terms of the GNU General Public License v2 |
125 |
+ |
126 |
+EAPI=7 |
127 |
+ |
128 |
+PYTHON_COMPAT=( python3_{8..9} ) |
129 |
+PYTHON_REQ_USE="threads(+),xml(+)" |
130 |
+inherit python-single-r1 waf-utils multilib-minimal linux-info systemd pam tmpfiles |
131 |
+ |
132 |
+DESCRIPTION="Samba Suite Version 4" |
133 |
+HOMEPAGE="https://samba.org/" |
134 |
+ |
135 |
+MY_PV="${PV/_rc/rc}" |
136 |
+MY_P="${PN}-${MY_PV}" |
137 |
+if [[ ${PV} = *_rc* ]]; then |
138 |
+ SRC_URI="mirror://samba/rc/${MY_P}.tar.gz" |
139 |
+else |
140 |
+ SRC_URI="mirror://samba/stable/${MY_P}.tar.gz" |
141 |
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86" |
142 |
+fi |
143 |
+S="${WORKDIR}/${MY_P}" |
144 |
+ |
145 |
+LICENSE="GPL-3" |
146 |
+SLOT="0" |
147 |
+IUSE="acl addc addns ads ceph client cluster cups debug dmapi fam glusterfs |
148 |
+gpg iprint json ldap ntvfs pam profiling-data python quota +regedit selinux |
149 |
+snapper spotlight syslog system-heimdal +system-mitkrb5 systemd test winbind |
150 |
+zeroconf" |
151 |
+ |
152 |
+REQUIRED_USE="${PYTHON_REQUIRED_USE} |
153 |
+ addc? ( python json winbind ) |
154 |
+ addns? ( python ) |
155 |
+ ads? ( acl ldap winbind ) |
156 |
+ cluster? ( ads ) |
157 |
+ gpg? ( addc ) |
158 |
+ ntvfs? ( addc ) |
159 |
+ spotlight? ( json ) |
160 |
+ test? ( python ) |
161 |
+ !ads? ( !addc ) |
162 |
+ ?? ( system-heimdal system-mitkrb5 ) |
163 |
+" |
164 |
+ |
165 |
+# the test suite is messed, it uses system-installed samba |
166 |
+# bits instead of what was built, tests things disabled via use |
167 |
+# flags, and generally just fails to work in a way ebuilds could |
168 |
+# rely on in its current state |
169 |
+RESTRICT="test" |
170 |
+ |
171 |
+MULTILIB_WRAPPED_HEADERS=( |
172 |
+ /usr/include/samba-4.0/policy.h |
173 |
+ /usr/include/samba-4.0/dcerpc_server.h |
174 |
+ /usr/include/samba-4.0/ctdb.h |
175 |
+ /usr/include/samba-4.0/ctdb_client.h |
176 |
+ /usr/include/samba-4.0/ctdb_protocol.h |
177 |
+ /usr/include/samba-4.0/ctdb_private.h |
178 |
+ /usr/include/samba-4.0/ctdb_typesafe_cb.h |
179 |
+ /usr/include/samba-4.0/ctdb_version.h |
180 |
+) |
181 |
+ |
182 |
+COMMON_DEPEND=" |
183 |
+ >=app-arch/libarchive-3.1.2[${MULTILIB_USEDEP}] |
184 |
+ dev-lang/perl:= |
185 |
+ dev-libs/icu:=[${MULTILIB_USEDEP}] |
186 |
+ dev-libs/libbsd[${MULTILIB_USEDEP}] |
187 |
+ dev-libs/libtasn1[${MULTILIB_USEDEP}] |
188 |
+ dev-libs/popt[${MULTILIB_USEDEP}] |
189 |
+ dev-perl/Parse-Yapp |
190 |
+ >=net-libs/gnutls-3.4.7[${MULTILIB_USEDEP}] |
191 |
+ net-libs/libnsl:=[${MULTILIB_USEDEP}] |
192 |
+ sys-libs/e2fsprogs-libs[${MULTILIB_USEDEP}] |
193 |
+ >=sys-libs/ldb-2.3.2[ldap(+)?,${MULTILIB_USEDEP}] |
194 |
+ <sys-libs/ldb-2.4.0[ldap(+)?,${MULTILIB_USEDEP}] |
195 |
+ sys-libs/libcap[${MULTILIB_USEDEP}] |
196 |
+ sys-libs/liburing:=[${MULTILIB_USEDEP}] |
197 |
+ sys-libs/ncurses:0= |
198 |
+ sys-libs/readline:0= |
199 |
+ >=sys-libs/talloc-2.3.2[${MULTILIB_USEDEP}] |
200 |
+ >=sys-libs/tdb-1.4.3[${MULTILIB_USEDEP}] |
201 |
+ >=sys-libs/tevent-0.10.2[${MULTILIB_USEDEP}] |
202 |
+ sys-libs/zlib[${MULTILIB_USEDEP}] |
203 |
+ virtual/libcrypt:=[${MULTILIB_USEDEP}] |
204 |
+ virtual/libiconv |
205 |
+ $(python_gen_cond_dep " |
206 |
+ addc? ( |
207 |
+ dev-python/dnspython:=[\${PYTHON_USEDEP}] |
208 |
+ dev-python/markdown[\${PYTHON_USEDEP}] |
209 |
+ ) |
210 |
+ addns? ( |
211 |
+ dev-python/dnspython:=[\${PYTHON_USEDEP}] |
212 |
+ net-dns/bind-tools[gssapi] |
213 |
+ ) |
214 |
+ ") |
215 |
+ !alpha? ( !sparc? ( sys-libs/libunwind:= ) ) |
216 |
+ acl? ( virtual/acl ) |
217 |
+ ceph? ( sys-cluster/ceph ) |
218 |
+ cluster? ( net-libs/rpcsvc-proto ) |
219 |
+ cups? ( net-print/cups ) |
220 |
+ debug? ( dev-util/lttng-ust ) |
221 |
+ dmapi? ( sys-apps/dmapi ) |
222 |
+ fam? ( virtual/fam ) |
223 |
+ gpg? ( app-crypt/gpgme ) |
224 |
+ json? ( dev-libs/jansson:= ) |
225 |
+ ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] ) |
226 |
+ pam? ( sys-libs/pam ) |
227 |
+ python? ( |
228 |
+ sys-libs/ldb[python,${PYTHON_SINGLE_USEDEP}] |
229 |
+ sys-libs/talloc[python,${PYTHON_SINGLE_USEDEP}] |
230 |
+ sys-libs/tdb[python,${PYTHON_SINGLE_USEDEP}] |
231 |
+ sys-libs/tevent[python,${PYTHON_SINGLE_USEDEP}] |
232 |
+ ) |
233 |
+ snapper? ( sys-apps/dbus ) |
234 |
+ system-heimdal? ( >=app-crypt/heimdal-1.5[-ssl,${MULTILIB_USEDEP}] ) |
235 |
+ system-mitkrb5? ( >=app-crypt/mit-krb5-1.15.1[${MULTILIB_USEDEP}] ) |
236 |
+ systemd? ( sys-apps/systemd:0= ) |
237 |
+ zeroconf? ( net-dns/avahi[dbus] ) |
238 |
+" |
239 |
+DEPEND="${COMMON_DEPEND} |
240 |
+ >=dev-util/cmocka-1.1.3[${MULTILIB_USEDEP}] |
241 |
+ net-libs/libtirpc[${MULTILIB_USEDEP}] |
242 |
+ || ( |
243 |
+ net-libs/rpcsvc-proto |
244 |
+ <sys-libs/glibc-2.26[rpc(+)] |
245 |
+ ) |
246 |
+ spotlight? ( dev-libs/glib ) |
247 |
+ test? ( |
248 |
+ $(python_gen_cond_dep "dev-python/subunit[\${PYTHON_USEDEP},${MULTILIB_USEDEP}]" ) |
249 |
+ !system-mitkrb5? ( |
250 |
+ >=net-dns/resolv_wrapper-1.1.4 |
251 |
+ >=net-libs/socket_wrapper-1.1.9 |
252 |
+ >=sys-libs/nss_wrapper-1.1.3 |
253 |
+ >=sys-libs/uid_wrapper-1.2.1 |
254 |
+ ) |
255 |
+ )" |
256 |
+RDEPEND="${COMMON_DEPEND} |
257 |
+ client? ( net-fs/cifs-utils[ads?] ) |
258 |
+ python? ( ${PYTHON_DEPS} ) |
259 |
+ selinux? ( sec-policy/selinux-samba ) |
260 |
+" |
261 |
+BDEPEND="${PYTHON_DEPS} |
262 |
+ app-text/docbook-xsl-stylesheets |
263 |
+ dev-libs/libxslt |
264 |
+ virtual/pkgconfig |
265 |
+" |
266 |
+ |
267 |
+PATCHES=( |
268 |
+ "${FILESDIR}/${PN}-4.4.0-pam.patch" |
269 |
+ |
270 |
+ # https://bugs.gentoo.org/828063 |
271 |
+ "${FILESDIR}/${P}-winbindd_regression_fix.patch" |
272 |
+) |
273 |
+ |
274 |
+#CONFDIR="${FILESDIR}/$(get_version_component_range 1-2)" |
275 |
+CONFDIR="${FILESDIR}/4.4" |
276 |
+ |
277 |
+WAF_BINARY="${S}/buildtools/bin/waf" |
278 |
+ |
279 |
+SHAREDMODS="" |
280 |
+ |
281 |
+pkg_setup() { |
282 |
+ # Package fails to build with distcc |
283 |
+ export DISTCC_DISABLE=1 |
284 |
+ |
285 |
+ python-single-r1_pkg_setup |
286 |
+ |
287 |
+ SHAREDMODS="$(usex snapper '' '!')vfs_snapper" |
288 |
+ if use cluster ; then |
289 |
+ SHAREDMODS+=",idmap_rid,idmap_tdb2,idmap_ad" |
290 |
+ elif use ads ; then |
291 |
+ SHAREDMODS+=",idmap_ad" |
292 |
+ fi |
293 |
+} |
294 |
+ |
295 |
+src_prepare() { |
296 |
+ default |
297 |
+ |
298 |
+ # un-bundle dnspython |
299 |
+ sed -i -e '/"dns.resolver":/d' "${S}"/third_party/wscript || die |
300 |
+ |
301 |
+ # unbundle iso8601 unless tests are enabled |
302 |
+ if ! use test ; then |
303 |
+ sed -i -e '/"iso8601":/d' "${S}"/third_party/wscript || die |
304 |
+ fi |
305 |
+ |
306 |
+ ## ugly hackaround for bug #592502 |
307 |
+ #cp /usr/include/tevent_internal.h "${S}"/lib/tevent/ || die |
308 |
+ |
309 |
+ sed -e 's:<gpgme\.h>:<gpgme/gpgme.h>:' \ |
310 |
+ -i source4/dsdb/samdb/ldb_modules/password_hash.c \ |
311 |
+ || die |
312 |
+ |
313 |
+ # Friggin' WAF shit |
314 |
+ multilib_copy_sources |
315 |
+} |
316 |
+ |
317 |
+multilib_src_configure() { |
318 |
+ # when specifying libs for samba build you must append NONE to the end to |
319 |
+ # stop it automatically including things |
320 |
+ local bundled_libs="NONE" |
321 |
+ if ! use system-heimdal && ! use system-mitkrb5 ; then |
322 |
+ bundled_libs="heimbase,heimntlm,hdb,kdc,krb5,wind,gssapi,hcrypto,hx509,roken,asn1,com_err,NONE" |
323 |
+ fi |
324 |
+ |
325 |
+ local myconf=( |
326 |
+ --enable-fhs |
327 |
+ --sysconfdir="${EPREFIX}/etc" |
328 |
+ --localstatedir="${EPREFIX}/var" |
329 |
+ --with-modulesdir="${EPREFIX}/usr/$(get_libdir)/samba" |
330 |
+ --with-piddir="${EPREFIX}/run/${PN}" |
331 |
+ --bundled-libraries="${bundled_libs}" |
332 |
+ --builtin-libraries=NONE |
333 |
+ --disable-rpath |
334 |
+ --disable-rpath-install |
335 |
+ --nopyc |
336 |
+ --nopyo |
337 |
+ --without-winexe |
338 |
+ $(multilib_native_use_with acl acl-support) |
339 |
+ $(multilib_native_usex addc '' '--without-ad-dc') |
340 |
+ $(multilib_native_use_with addns dnsupdate) |
341 |
+ $(multilib_native_use_with ads) |
342 |
+ $(multilib_native_use_enable ceph cephfs) |
343 |
+ $(multilib_native_use_with cluster cluster-support) |
344 |
+ $(multilib_native_use_enable cups) |
345 |
+ $(multilib_native_use_with dmapi) |
346 |
+ $(multilib_native_use_with fam) |
347 |
+ $(multilib_native_use_enable glusterfs) |
348 |
+ $(multilib_native_use_with gpg gpgme) |
349 |
+ $(multilib_native_use_with json) |
350 |
+ $(multilib_native_use_enable iprint) |
351 |
+ $(multilib_native_use_with ntvfs ntvfs-fileserver) |
352 |
+ $(multilib_native_use_with pam) |
353 |
+ $(multilib_native_usex pam "--with-pammodulesdir=${EPREFIX}/$(get_libdir)/security" '') |
354 |
+ $(multilib_native_use_with quota quotas) |
355 |
+ $(multilib_native_use_with regedit) |
356 |
+ $(multilib_native_use_enable spotlight) |
357 |
+ $(multilib_native_use_with syslog) |
358 |
+ $(multilib_native_use_with systemd) |
359 |
+ --systemd-install-services |
360 |
+ --with-systemddir="$(systemd_get_systemunitdir)" |
361 |
+ $(multilib_native_use_with winbind) |
362 |
+ $(multilib_native_usex python '' '--disable-python') |
363 |
+ $(multilib_native_use_enable zeroconf avahi) |
364 |
+ $(multilib_native_usex test '--enable-selftest' '') |
365 |
+ $(usex system-mitkrb5 "--with-system-mitkrb5 $(multilib_native_usex addc --with-experimental-mit-ad-dc '')" '') |
366 |
+ $(use_with debug lttng) |
367 |
+ $(use_with ldap) |
368 |
+ $(use_with profiling-data) |
369 |
+ # bug #683148 |
370 |
+ --jobs 1 |
371 |
+ ) |
372 |
+ |
373 |
+ if multilib_is_native_abi ; then |
374 |
+ myconf+=( --with-shared-modules=${SHAREDMODS} ) |
375 |
+ else |
376 |
+ myconf+=( --with-shared-modules=DEFAULT,!vfs_snapper ) |
377 |
+ fi |
378 |
+ |
379 |
+ CPPFLAGS="-I${SYSROOT}${EPREFIX}/usr/include/et ${CPPFLAGS}" \ |
380 |
+ waf-utils_src_configure ${myconf[@]} |
381 |
+} |
382 |
+ |
383 |
+multilib_src_compile() { |
384 |
+ waf-utils_src_compile |
385 |
+} |
386 |
+ |
387 |
+multilib_src_install() { |
388 |
+ waf-utils_src_install |
389 |
+ |
390 |
+ # Make all .so files executable |
391 |
+ find "${ED}" -type f -name "*.so" -exec chmod +x {} + || die |
392 |
+ |
393 |
+ if multilib_is_native_abi ; then |
394 |
+ # install ldap schema for server (bug #491002) |
395 |
+ if use ldap ; then |
396 |
+ insinto /etc/openldap/schema |
397 |
+ doins examples/LDAP/samba.schema |
398 |
+ fi |
399 |
+ |
400 |
+ # create symlink for cups (bug #552310) |
401 |
+ if use cups ; then |
402 |
+ dosym ../../../bin/smbspool \ |
403 |
+ /usr/libexec/cups/backend/smb |
404 |
+ fi |
405 |
+ |
406 |
+ # install example config file |
407 |
+ insinto /etc/samba |
408 |
+ doins examples/smb.conf.default |
409 |
+ |
410 |
+ # Fix paths in example file (#603964) |
411 |
+ sed \ |
412 |
+ -e '/log file =/s@/usr/local/samba/var/@/var/log/samba/@' \ |
413 |
+ -e '/include =/s@/usr/local/samba/lib/@/etc/samba/@' \ |
414 |
+ -e '/path =/s@/usr/local/samba/lib/@/var/lib/samba/@' \ |
415 |
+ -e '/path =/s@/usr/local/samba/@/var/lib/samba/@' \ |
416 |
+ -e '/path =/s@/usr/spool/samba@/var/spool/samba@' \ |
417 |
+ -i "${ED}"/etc/samba/smb.conf.default || die |
418 |
+ |
419 |
+ # Install init script and conf.d file |
420 |
+ newinitd "${CONFDIR}/samba4.initd-r1" samba |
421 |
+ newconfd "${CONFDIR}/samba4.confd" samba |
422 |
+ |
423 |
+ dotmpfiles "${FILESDIR}"/samba.conf |
424 |
+ if ! use addc ; then |
425 |
+ rm "${D}/$(systemd_get_systemunitdir)/samba.service" \ |
426 |
+ || die |
427 |
+ fi |
428 |
+ |
429 |
+ # Preserve functionality for old gentoo-specific unit names |
430 |
+ dosym nmb.service "$(systemd_get_systemunitdir)/nmbd.service" |
431 |
+ dosym smb.service "$(systemd_get_systemunitdir)/smbd.service" |
432 |
+ dosym winbind.service "$(systemd_get_systemunitdir)/winbindd.service" |
433 |
+ fi |
434 |
+ |
435 |
+ if use pam && use winbind ; then |
436 |
+ newpamd "${CONFDIR}/system-auth-winbind.pam" system-auth-winbind |
437 |
+ # bugs #376853 and #590374 |
438 |
+ insinto /etc/security |
439 |
+ doins examples/pam_winbind/pam_winbind.conf |
440 |
+ fi |
441 |
+ |
442 |
+ keepdir /var/cache/samba |
443 |
+ keepdir /var/lib/ctdb |
444 |
+ keepdir /var/lib/samba/{bind-dns,private} |
445 |
+ keepdir /var/lock/samba |
446 |
+ keepdir /var/log/samba |
447 |
+} |
448 |
+ |
449 |
+multilib_src_test() { |
450 |
+ if multilib_is_native_abi ; then |
451 |
+ "${WAF_BINARY}" test || die "test failed" |
452 |
+ fi |
453 |
+} |
454 |
+ |
455 |
+pkg_postinst() { |
456 |
+ tmpfiles_process samba.conf |
457 |
+ |
458 |
+ if [[ -z ${REPLACING_VERSIONS} ]] ; then |
459 |
+ elog "Be aware that this release contains the best of all of Samba's" |
460 |
+ elog "technology parts, both a file server (that you can reasonably expect" |
461 |
+ elog "to upgrade existing Samba 3.x releases to) and the AD domain" |
462 |
+ elog "controller work previously known as 'samba4'." |
463 |
+ elog |
464 |
+ fi |
465 |
+ elog "For further information and migration steps make sure to read " |
466 |
+ elog "https://samba.org/samba/history/${P}.html " |
467 |
+ elog "https://wiki.samba.org/index.php/Samba4/HOWTO " |
468 |
+} |
469 |
|
470 |
diff --git a/net-fs/samba/samba-4.15.2-r1.ebuild b/net-fs/samba/samba-4.15.2-r1.ebuild |
471 |
new file mode 100644 |
472 |
index 000000000000..fcf892dc2388 |
473 |
--- /dev/null |
474 |
+++ b/net-fs/samba/samba-4.15.2-r1.ebuild |
475 |
@@ -0,0 +1,343 @@ |
476 |
+# Copyright 1999-2021 Gentoo Authors |
477 |
+# Distributed under the terms of the GNU General Public License v2 |
478 |
+ |
479 |
+EAPI=7 |
480 |
+ |
481 |
+PYTHON_COMPAT=( python3_{8..10} ) |
482 |
+PYTHON_REQ_USE="threads(+),xml(+)" |
483 |
+inherit python-single-r1 waf-utils multilib-minimal linux-info systemd pam tmpfiles |
484 |
+ |
485 |
+DESCRIPTION="Samba Suite Version 4" |
486 |
+HOMEPAGE="https://samba.org/" |
487 |
+ |
488 |
+MY_PV="${PV/_rc/rc}" |
489 |
+MY_P="${PN}-${MY_PV}" |
490 |
+if [[ ${PV} = *_rc* ]]; then |
491 |
+ SRC_URI="mirror://samba/rc/${MY_P}.tar.gz" |
492 |
+else |
493 |
+ SRC_URI="mirror://samba/stable/${MY_P}.tar.gz" |
494 |
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86" |
495 |
+fi |
496 |
+S="${WORKDIR}/${MY_P}" |
497 |
+ |
498 |
+LICENSE="GPL-3" |
499 |
+SLOT="0" |
500 |
+IUSE="acl addc ads ceph client cluster cups debug dmapi fam glusterfs |
501 |
+gpg iprint json ldap pam profiling-data python quota +regedit selinux |
502 |
+snapper spotlight syslog system-heimdal +system-mitkrb5 systemd test winbind |
503 |
+zeroconf" |
504 |
+ |
505 |
+REQUIRED_USE="${PYTHON_REQUIRED_USE} |
506 |
+ addc? ( python json winbind ) |
507 |
+ ads? ( acl ldap python winbind ) |
508 |
+ cluster? ( ads ) |
509 |
+ gpg? ( addc ) |
510 |
+ spotlight? ( json ) |
511 |
+ test? ( python ) |
512 |
+ !ads? ( !addc ) |
513 |
+ ?? ( system-heimdal system-mitkrb5 ) |
514 |
+" |
515 |
+ |
516 |
+# the test suite is messed, it uses system-installed samba |
517 |
+# bits instead of what was built, tests things disabled via use |
518 |
+# flags, and generally just fails to work in a way ebuilds could |
519 |
+# rely on in its current state |
520 |
+RESTRICT="test" |
521 |
+ |
522 |
+MULTILIB_WRAPPED_HEADERS=( |
523 |
+ /usr/include/samba-4.0/policy.h |
524 |
+ /usr/include/samba-4.0/dcerpc_server.h |
525 |
+ /usr/include/samba-4.0/ctdb.h |
526 |
+ /usr/include/samba-4.0/ctdb_client.h |
527 |
+ /usr/include/samba-4.0/ctdb_protocol.h |
528 |
+ /usr/include/samba-4.0/ctdb_private.h |
529 |
+ /usr/include/samba-4.0/ctdb_typesafe_cb.h |
530 |
+ /usr/include/samba-4.0/ctdb_version.h |
531 |
+) |
532 |
+ |
533 |
+COMMON_DEPEND=" |
534 |
+ >=app-arch/libarchive-3.1.2[${MULTILIB_USEDEP}] |
535 |
+ dev-lang/perl:= |
536 |
+ dev-libs/icu:=[${MULTILIB_USEDEP}] |
537 |
+ dev-libs/libbsd[${MULTILIB_USEDEP}] |
538 |
+ dev-libs/libtasn1[${MULTILIB_USEDEP}] |
539 |
+ dev-libs/popt[${MULTILIB_USEDEP}] |
540 |
+ dev-perl/Parse-Yapp |
541 |
+ >=net-libs/gnutls-3.4.7[${MULTILIB_USEDEP}] |
542 |
+ sys-libs/e2fsprogs-libs[${MULTILIB_USEDEP}] |
543 |
+ >=sys-libs/ldb-2.4.1[ldap(+)?,${MULTILIB_USEDEP}] |
544 |
+ <sys-libs/ldb-2.5.0[ldap(+)?,${MULTILIB_USEDEP}] |
545 |
+ sys-libs/libcap[${MULTILIB_USEDEP}] |
546 |
+ sys-libs/liburing:=[${MULTILIB_USEDEP}] |
547 |
+ sys-libs/ncurses:0= |
548 |
+ sys-libs/readline:0= |
549 |
+ >=sys-libs/talloc-2.3.3[${MULTILIB_USEDEP}] |
550 |
+ >=sys-libs/tdb-1.4.4[${MULTILIB_USEDEP}] |
551 |
+ >=sys-libs/tevent-0.11.0[${MULTILIB_USEDEP}] |
552 |
+ sys-libs/zlib[${MULTILIB_USEDEP}] |
553 |
+ virtual/libcrypt:=[${MULTILIB_USEDEP}] |
554 |
+ virtual/libiconv |
555 |
+ $(python_gen_cond_dep " |
556 |
+ addc? ( |
557 |
+ dev-python/dnspython:=[\${PYTHON_USEDEP}] |
558 |
+ dev-python/markdown[\${PYTHON_USEDEP}] |
559 |
+ ) |
560 |
+ ads? ( |
561 |
+ dev-python/dnspython:=[\${PYTHON_USEDEP}] |
562 |
+ net-dns/bind-tools[gssapi] |
563 |
+ ) |
564 |
+ ") |
565 |
+ !alpha? ( !sparc? ( sys-libs/libunwind:= ) ) |
566 |
+ acl? ( virtual/acl ) |
567 |
+ ceph? ( sys-cluster/ceph ) |
568 |
+ cluster? ( net-libs/rpcsvc-proto ) |
569 |
+ cups? ( net-print/cups ) |
570 |
+ debug? ( dev-util/lttng-ust ) |
571 |
+ dmapi? ( sys-apps/dmapi ) |
572 |
+ fam? ( virtual/fam ) |
573 |
+ gpg? ( app-crypt/gpgme ) |
574 |
+ json? ( dev-libs/jansson:= ) |
575 |
+ ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] ) |
576 |
+ pam? ( sys-libs/pam ) |
577 |
+ python? ( |
578 |
+ sys-libs/ldb[python,${PYTHON_SINGLE_USEDEP}] |
579 |
+ sys-libs/talloc[python,${PYTHON_SINGLE_USEDEP}] |
580 |
+ sys-libs/tdb[python,${PYTHON_SINGLE_USEDEP}] |
581 |
+ sys-libs/tevent[python,${PYTHON_SINGLE_USEDEP}] |
582 |
+ ) |
583 |
+ snapper? ( sys-apps/dbus ) |
584 |
+ system-heimdal? ( >=app-crypt/heimdal-1.5[-ssl,${MULTILIB_USEDEP}] ) |
585 |
+ system-mitkrb5? ( >=app-crypt/mit-krb5-1.15.1[${MULTILIB_USEDEP}] ) |
586 |
+ systemd? ( sys-apps/systemd:0= ) |
587 |
+ zeroconf? ( net-dns/avahi[dbus] ) |
588 |
+" |
589 |
+DEPEND="${COMMON_DEPEND} |
590 |
+ >=dev-util/cmocka-1.1.3[${MULTILIB_USEDEP}] |
591 |
+ net-libs/libtirpc[${MULTILIB_USEDEP}] |
592 |
+ || ( |
593 |
+ net-libs/rpcsvc-proto |
594 |
+ <sys-libs/glibc-2.26[rpc(+)] |
595 |
+ ) |
596 |
+ spotlight? ( dev-libs/glib ) |
597 |
+ test? ( |
598 |
+ $(python_gen_cond_dep "dev-python/subunit[\${PYTHON_USEDEP},${MULTILIB_USEDEP}]" ) |
599 |
+ !system-mitkrb5? ( |
600 |
+ >=net-dns/resolv_wrapper-1.1.4 |
601 |
+ >=net-libs/socket_wrapper-1.1.9 |
602 |
+ >=sys-libs/nss_wrapper-1.1.3 |
603 |
+ >=sys-libs/uid_wrapper-1.2.1 |
604 |
+ ) |
605 |
+ )" |
606 |
+RDEPEND="${COMMON_DEPEND} |
607 |
+ client? ( net-fs/cifs-utils[ads?] ) |
608 |
+ python? ( ${PYTHON_DEPS} ) |
609 |
+ selinux? ( sec-policy/selinux-samba ) |
610 |
+" |
611 |
+BDEPEND="${PYTHON_DEPS} |
612 |
+ app-text/docbook-xsl-stylesheets |
613 |
+ dev-libs/libxslt |
614 |
+ virtual/pkgconfig |
615 |
+" |
616 |
+ |
617 |
+PATCHES=( |
618 |
+ "${FILESDIR}/${PN}-4.4.0-pam.patch" |
619 |
+ |
620 |
+ # https://bugs.gentoo.org/828063 |
621 |
+ "${FILESDIR}/${P}-winbindd_regression_fix.patch" |
622 |
+) |
623 |
+ |
624 |
+#CONFDIR="${FILESDIR}/$(get_version_component_range 1-2)" |
625 |
+CONFDIR="${FILESDIR}/4.4" |
626 |
+ |
627 |
+WAF_BINARY="${S}/buildtools/bin/waf" |
628 |
+ |
629 |
+SHAREDMODS="" |
630 |
+ |
631 |
+pkg_setup() { |
632 |
+ # Package fails to build with distcc |
633 |
+ export DISTCC_DISABLE=1 |
634 |
+ |
635 |
+ python-single-r1_pkg_setup |
636 |
+ |
637 |
+ SHAREDMODS="$(usex snapper '' '!')vfs_snapper" |
638 |
+ if use cluster ; then |
639 |
+ SHAREDMODS+=",idmap_rid,idmap_tdb2,idmap_ad" |
640 |
+ elif use ads ; then |
641 |
+ SHAREDMODS+=",idmap_ad" |
642 |
+ fi |
643 |
+} |
644 |
+ |
645 |
+src_prepare() { |
646 |
+ default |
647 |
+ |
648 |
+ # un-bundle dnspython |
649 |
+ sed -i -e '/"dns.resolver":/d' "${S}"/third_party/wscript || die |
650 |
+ |
651 |
+ # unbundle iso8601 unless tests are enabled |
652 |
+ if ! use test ; then |
653 |
+ sed -i -e '/"iso8601":/d' "${S}"/third_party/wscript || die |
654 |
+ fi |
655 |
+ |
656 |
+ ## ugly hackaround for bug #592502 |
657 |
+ #cp /usr/include/tevent_internal.h "${S}"/lib/tevent/ || die |
658 |
+ |
659 |
+ sed -e 's:<gpgme\.h>:<gpgme/gpgme.h>:' \ |
660 |
+ -i source4/dsdb/samdb/ldb_modules/password_hash.c \ |
661 |
+ || die |
662 |
+ |
663 |
+ # Friggin' WAF shit |
664 |
+ multilib_copy_sources |
665 |
+} |
666 |
+ |
667 |
+multilib_src_configure() { |
668 |
+ # when specifying libs for samba build you must append NONE to the end to |
669 |
+ # stop it automatically including things |
670 |
+ local bundled_libs="NONE" |
671 |
+ if ! use system-heimdal && ! use system-mitkrb5 ; then |
672 |
+ bundled_libs="heimbase,heimntlm,hdb,kdc,krb5,wind,gssapi,hcrypto,hx509,roken,asn1,com_err,NONE" |
673 |
+ fi |
674 |
+ |
675 |
+ local myconf=( |
676 |
+ --enable-fhs |
677 |
+ --sysconfdir="${EPREFIX}/etc" |
678 |
+ --localstatedir="${EPREFIX}/var" |
679 |
+ --with-modulesdir="${EPREFIX}/usr/$(get_libdir)/samba" |
680 |
+ --with-piddir="${EPREFIX}/run/${PN}" |
681 |
+ --bundled-libraries="${bundled_libs}" |
682 |
+ --builtin-libraries=NONE |
683 |
+ --disable-rpath |
684 |
+ --disable-rpath-install |
685 |
+ --nopyc |
686 |
+ --nopyo |
687 |
+ --without-winexe |
688 |
+ $(multilib_native_use_with acl acl-support) |
689 |
+ $(multilib_native_usex addc '' '--without-ad-dc') |
690 |
+ $(multilib_native_use_with ads) |
691 |
+ $(multilib_native_use_enable ceph cephfs) |
692 |
+ $(multilib_native_use_with cluster cluster-support) |
693 |
+ $(multilib_native_use_enable cups) |
694 |
+ $(multilib_native_use_with dmapi) |
695 |
+ $(multilib_native_use_with fam) |
696 |
+ $(multilib_native_use_enable glusterfs) |
697 |
+ $(multilib_native_use_with gpg gpgme) |
698 |
+ $(multilib_native_use_with json) |
699 |
+ $(multilib_native_use_enable iprint) |
700 |
+ $(multilib_native_use_with pam) |
701 |
+ $(multilib_native_usex pam "--with-pammodulesdir=${EPREFIX}/$(get_libdir)/security" '') |
702 |
+ $(multilib_native_use_with quota quotas) |
703 |
+ $(multilib_native_use_with regedit) |
704 |
+ $(multilib_native_use_enable spotlight) |
705 |
+ $(multilib_native_use_with syslog) |
706 |
+ $(multilib_native_use_with systemd) |
707 |
+ --systemd-install-services |
708 |
+ --with-systemddir="$(systemd_get_systemunitdir)" |
709 |
+ $(multilib_native_use_with winbind) |
710 |
+ $(multilib_native_usex python '' '--disable-python') |
711 |
+ $(multilib_native_use_enable zeroconf avahi) |
712 |
+ $(multilib_native_usex test '--enable-selftest' '') |
713 |
+ $(usex system-mitkrb5 "--with-system-mitkrb5 $(multilib_native_usex addc --with-experimental-mit-ad-dc '')" '') |
714 |
+ $(use_with debug lttng) |
715 |
+ $(use_with ldap) |
716 |
+ $(use_with profiling-data) |
717 |
+ # bug #683148 |
718 |
+ --jobs 1 |
719 |
+ ) |
720 |
+ |
721 |
+ if multilib_is_native_abi ; then |
722 |
+ myconf+=( --with-shared-modules=${SHAREDMODS} ) |
723 |
+ else |
724 |
+ myconf+=( --with-shared-modules=DEFAULT,!vfs_snapper ) |
725 |
+ fi |
726 |
+ |
727 |
+ CPPFLAGS="-I${SYSROOT}${EPREFIX}/usr/include/et ${CPPFLAGS}" \ |
728 |
+ waf-utils_src_configure ${myconf[@]} |
729 |
+} |
730 |
+ |
731 |
+multilib_src_compile() { |
732 |
+ waf-utils_src_compile |
733 |
+} |
734 |
+ |
735 |
+multilib_src_install() { |
736 |
+ waf-utils_src_install |
737 |
+ |
738 |
+ # Make all .so files executable |
739 |
+ find "${ED}" -type f -name "*.so" -exec chmod +x {} + || die |
740 |
+ |
741 |
+ if multilib_is_native_abi ; then |
742 |
+ # install ldap schema for server (bug #491002) |
743 |
+ if use ldap ; then |
744 |
+ insinto /etc/openldap/schema |
745 |
+ doins examples/LDAP/samba.schema |
746 |
+ fi |
747 |
+ |
748 |
+ # create symlink for cups (bug #552310) |
749 |
+ if use cups ; then |
750 |
+ dosym ../../../bin/smbspool \ |
751 |
+ /usr/libexec/cups/backend/smb |
752 |
+ fi |
753 |
+ |
754 |
+ # install example config file |
755 |
+ insinto /etc/samba |
756 |
+ doins examples/smb.conf.default |
757 |
+ |
758 |
+ # Fix paths in example file (#603964) |
759 |
+ sed \ |
760 |
+ -e '/log file =/s@/usr/local/samba/var/@/var/log/samba/@' \ |
761 |
+ -e '/include =/s@/usr/local/samba/lib/@/etc/samba/@' \ |
762 |
+ -e '/path =/s@/usr/local/samba/lib/@/var/lib/samba/@' \ |
763 |
+ -e '/path =/s@/usr/local/samba/@/var/lib/samba/@' \ |
764 |
+ -e '/path =/s@/usr/spool/samba@/var/spool/samba@' \ |
765 |
+ -i "${ED}"/etc/samba/smb.conf.default || die |
766 |
+ |
767 |
+ # Install init script and conf.d file |
768 |
+ newinitd "${CONFDIR}/samba4.initd-r1" samba |
769 |
+ newconfd "${CONFDIR}/samba4.confd" samba |
770 |
+ |
771 |
+ dotmpfiles "${FILESDIR}"/samba.conf |
772 |
+ if ! use addc ; then |
773 |
+ rm "${D}/$(systemd_get_systemunitdir)/samba.service" \ |
774 |
+ || die |
775 |
+ fi |
776 |
+ |
777 |
+ # Preserve functionality for old gentoo-specific unit names |
778 |
+ dosym nmb.service "$(systemd_get_systemunitdir)/nmbd.service" |
779 |
+ dosym smb.service "$(systemd_get_systemunitdir)/smbd.service" |
780 |
+ dosym winbind.service "$(systemd_get_systemunitdir)/winbindd.service" |
781 |
+ fi |
782 |
+ |
783 |
+ if use pam && use winbind ; then |
784 |
+ newpamd "${CONFDIR}/system-auth-winbind.pam" system-auth-winbind |
785 |
+ # bugs #376853 and #590374 |
786 |
+ insinto /etc/security |
787 |
+ doins examples/pam_winbind/pam_winbind.conf |
788 |
+ fi |
789 |
+ |
790 |
+ keepdir /var/cache/samba |
791 |
+ keepdir /var/lib/ctdb |
792 |
+ keepdir /var/lib/samba/{bind-dns,private} |
793 |
+ keepdir /var/lock/samba |
794 |
+ keepdir /var/log/samba |
795 |
+} |
796 |
+ |
797 |
+multilib_src_test() { |
798 |
+ if multilib_is_native_abi ; then |
799 |
+ "${WAF_BINARY}" test || die "test failed" |
800 |
+ fi |
801 |
+} |
802 |
+ |
803 |
+pkg_postinst() { |
804 |
+ tmpfiles_process samba.conf |
805 |
+ |
806 |
+ if [[ -z ${REPLACING_VERSIONS} ]] ; then |
807 |
+ elog "Be aware that this release contains the best of all of Samba's" |
808 |
+ elog "technology parts, both a file server (that you can reasonably expect" |
809 |
+ elog "to upgrade existing Samba 3.x releases to) and the AD domain" |
810 |
+ elog "controller work previously known as 'samba4'." |
811 |
+ elog |
812 |
+ fi |
813 |
+ if [[ "${PV}" != *_rc* ]] ; then |
814 |
+ elog "For further information and migration steps make sure to read " |
815 |
+ elog "https://samba.org/samba/history/${P}.html " |
816 |
+ elog "https://wiki.samba.org/index.php/Samba4/HOWTO " |
817 |
+ fi |
818 |
+} |