Gentoo Archives: gentoo-commits

From: Lars Wendler <polynomial-c@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-fs/samba/files/, net-fs/samba/
Date: Fri, 03 Dec 2021 13:00:27
Message-Id: 1638536405.c602f884e34ee08f6a76b11f03a1946170d16d55.polynomial-c@gentoo
1 commit: c602f884e34ee08f6a76b11f03a1946170d16d55
2 Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
3 AuthorDate: Fri Dec 3 12:59:10 2021 +0000
4 Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
5 CommitDate: Fri Dec 3 13:00:05 2021 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c602f884
7
8 net-fs/samba: Attempt to fix winbindd regression
9
10 Bug: https://bugs.gentoo.org/828063
11 Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>
12
13 .../samba-4.14.10-winbindd_regression_fix.patch | 42 +++
14 .../samba-4.15.2-winbindd_regression_fix.patch | 42 +++
15 net-fs/samba/samba-4.14.10-r1.ebuild | 346 +++++++++++++++++++++
16 net-fs/samba/samba-4.15.2-r1.ebuild | 343 ++++++++++++++++++++
17 4 files changed, 773 insertions(+)
18
19 diff --git a/net-fs/samba/files/samba-4.14.10-winbindd_regression_fix.patch b/net-fs/samba/files/samba-4.14.10-winbindd_regression_fix.patch
20 new file mode 100644
21 index 000000000000..23411dad6bec
22 --- /dev/null
23 +++ b/net-fs/samba/files/samba-4.14.10-winbindd_regression_fix.patch
24 @@ -0,0 +1,42 @@
25 +From bc07c3b70702100975f8921e56cf9b733ec3b826 Mon Sep 17 00:00:00 2001
26 +From: Stefan Metzmacher <metze@×××××.org>
27 +Date: Tue, 9 Nov 2021 20:50:20 +0100
28 +Subject: [PATCH] s3:winbindd: fix "allow trusted domains = no" regression
29 +
30 +add_trusted_domain() should only reject domains
31 +based on is_allowed_domain(), which now also
32 +checks "allow trusted domains = no", if we don't
33 +have an explicit trust to the domain (SEC_CHAN_NULL).
34 +
35 +We use at least SEC_CHAN_LOCAL for local domains like
36 +BUILTIN.
37 +
38 +BUG: https://bugzilla.samba.org/show_bug.cgi?id=14899
39 +
40 +Signed-off-by: Stefan Metzmacher <metze@×××××.org>
41 +Reviewed-by: Andreas Schneider <asn@×××××.org>
42 +
43 +Autobuild-User(master): Stefan Metzmacher <metze@×××××.org>
44 +Autobuild-Date(master): Wed Nov 10 11:21:31 UTC 2021 on sn-devel-184
45 +
46 +(cherry picked from commit a7f6c60cb037b4bc9eee276236539b8282213935)
47 +---
48 + source3/winbindd/winbindd_util.c | 2 +-
49 + 1 file changed, 1 insertion(+), 1 deletion(-)
50 +
51 +diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
52 +index 42ddbfd2f44e..9d54e462c425 100644
53 +--- a/source3/winbindd/winbindd_util.c
54 ++++ b/source3/winbindd/winbindd_util.c
55 +@@ -134,7 +134,7 @@ static NTSTATUS add_trusted_domain(const char *domain_name,
56 + return NT_STATUS_INVALID_PARAMETER;
57 + }
58 +
59 +- if (!is_allowed_domain(domain_name)) {
60 ++ if (secure_channel_type == SEC_CHAN_NULL && !is_allowed_domain(domain_name)) {
61 + return NT_STATUS_NO_SUCH_DOMAIN;
62 + }
63 +
64 +--
65 +2.25.1
66 +
67
68 diff --git a/net-fs/samba/files/samba-4.15.2-winbindd_regression_fix.patch b/net-fs/samba/files/samba-4.15.2-winbindd_regression_fix.patch
69 new file mode 100644
70 index 000000000000..457bad16a6e2
71 --- /dev/null
72 +++ b/net-fs/samba/files/samba-4.15.2-winbindd_regression_fix.patch
73 @@ -0,0 +1,42 @@
74 +From 9f73f8a784f2de9211601f92729a47aaa3e51a1a Mon Sep 17 00:00:00 2001
75 +From: Stefan Metzmacher <metze@×××××.org>
76 +Date: Tue, 9 Nov 2021 20:50:20 +0100
77 +Subject: [PATCH] s3:winbindd: fix "allow trusted domains = no" regression
78 +
79 +add_trusted_domain() should only reject domains
80 +based on is_allowed_domain(), which now also
81 +checks "allow trusted domains = no", if we don't
82 +have an explicit trust to the domain (SEC_CHAN_NULL).
83 +
84 +We use at least SEC_CHAN_LOCAL for local domains like
85 +BUILTIN.
86 +
87 +BUG: https://bugzilla.samba.org/show_bug.cgi?id=14899
88 +
89 +Signed-off-by: Stefan Metzmacher <metze@×××××.org>
90 +Reviewed-by: Andreas Schneider <asn@×××××.org>
91 +
92 +Autobuild-User(master): Stefan Metzmacher <metze@×××××.org>
93 +Autobuild-Date(master): Wed Nov 10 11:21:31 UTC 2021 on sn-devel-184
94 +
95 +(cherry picked from commit a7f6c60cb037b4bc9eee276236539b8282213935)
96 +---
97 + source3/winbindd/winbindd_util.c | 2 +-
98 + 1 file changed, 1 insertion(+), 1 deletion(-)
99 +
100 +diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
101 +index fe68adec534a..a8c510fafc67 100644
102 +--- a/source3/winbindd/winbindd_util.c
103 ++++ b/source3/winbindd/winbindd_util.c
104 +@@ -135,7 +135,7 @@ static NTSTATUS add_trusted_domain(const char *domain_name,
105 + return NT_STATUS_INVALID_PARAMETER;
106 + }
107 +
108 +- if (!is_allowed_domain(domain_name)) {
109 ++ if (secure_channel_type == SEC_CHAN_NULL && !is_allowed_domain(domain_name)) {
110 + return NT_STATUS_NO_SUCH_DOMAIN;
111 + }
112 +
113 +--
114 +2.25.1
115 +
116
117 diff --git a/net-fs/samba/samba-4.14.10-r1.ebuild b/net-fs/samba/samba-4.14.10-r1.ebuild
118 new file mode 100644
119 index 000000000000..9c5d6e8d0e5f
120 --- /dev/null
121 +++ b/net-fs/samba/samba-4.14.10-r1.ebuild
122 @@ -0,0 +1,346 @@
123 +# Copyright 1999-2021 Gentoo Authors
124 +# Distributed under the terms of the GNU General Public License v2
125 +
126 +EAPI=7
127 +
128 +PYTHON_COMPAT=( python3_{8..9} )
129 +PYTHON_REQ_USE="threads(+),xml(+)"
130 +inherit python-single-r1 waf-utils multilib-minimal linux-info systemd pam tmpfiles
131 +
132 +DESCRIPTION="Samba Suite Version 4"
133 +HOMEPAGE="https://samba.org/"
134 +
135 +MY_PV="${PV/_rc/rc}"
136 +MY_P="${PN}-${MY_PV}"
137 +if [[ ${PV} = *_rc* ]]; then
138 + SRC_URI="mirror://samba/rc/${MY_P}.tar.gz"
139 +else
140 + SRC_URI="mirror://samba/stable/${MY_P}.tar.gz"
141 + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86"
142 +fi
143 +S="${WORKDIR}/${MY_P}"
144 +
145 +LICENSE="GPL-3"
146 +SLOT="0"
147 +IUSE="acl addc addns ads ceph client cluster cups debug dmapi fam glusterfs
148 +gpg iprint json ldap ntvfs pam profiling-data python quota +regedit selinux
149 +snapper spotlight syslog system-heimdal +system-mitkrb5 systemd test winbind
150 +zeroconf"
151 +
152 +REQUIRED_USE="${PYTHON_REQUIRED_USE}
153 + addc? ( python json winbind )
154 + addns? ( python )
155 + ads? ( acl ldap winbind )
156 + cluster? ( ads )
157 + gpg? ( addc )
158 + ntvfs? ( addc )
159 + spotlight? ( json )
160 + test? ( python )
161 + !ads? ( !addc )
162 + ?? ( system-heimdal system-mitkrb5 )
163 +"
164 +
165 +# the test suite is messed, it uses system-installed samba
166 +# bits instead of what was built, tests things disabled via use
167 +# flags, and generally just fails to work in a way ebuilds could
168 +# rely on in its current state
169 +RESTRICT="test"
170 +
171 +MULTILIB_WRAPPED_HEADERS=(
172 + /usr/include/samba-4.0/policy.h
173 + /usr/include/samba-4.0/dcerpc_server.h
174 + /usr/include/samba-4.0/ctdb.h
175 + /usr/include/samba-4.0/ctdb_client.h
176 + /usr/include/samba-4.0/ctdb_protocol.h
177 + /usr/include/samba-4.0/ctdb_private.h
178 + /usr/include/samba-4.0/ctdb_typesafe_cb.h
179 + /usr/include/samba-4.0/ctdb_version.h
180 +)
181 +
182 +COMMON_DEPEND="
183 + >=app-arch/libarchive-3.1.2[${MULTILIB_USEDEP}]
184 + dev-lang/perl:=
185 + dev-libs/icu:=[${MULTILIB_USEDEP}]
186 + dev-libs/libbsd[${MULTILIB_USEDEP}]
187 + dev-libs/libtasn1[${MULTILIB_USEDEP}]
188 + dev-libs/popt[${MULTILIB_USEDEP}]
189 + dev-perl/Parse-Yapp
190 + >=net-libs/gnutls-3.4.7[${MULTILIB_USEDEP}]
191 + net-libs/libnsl:=[${MULTILIB_USEDEP}]
192 + sys-libs/e2fsprogs-libs[${MULTILIB_USEDEP}]
193 + >=sys-libs/ldb-2.3.2[ldap(+)?,${MULTILIB_USEDEP}]
194 + <sys-libs/ldb-2.4.0[ldap(+)?,${MULTILIB_USEDEP}]
195 + sys-libs/libcap[${MULTILIB_USEDEP}]
196 + sys-libs/liburing:=[${MULTILIB_USEDEP}]
197 + sys-libs/ncurses:0=
198 + sys-libs/readline:0=
199 + >=sys-libs/talloc-2.3.2[${MULTILIB_USEDEP}]
200 + >=sys-libs/tdb-1.4.3[${MULTILIB_USEDEP}]
201 + >=sys-libs/tevent-0.10.2[${MULTILIB_USEDEP}]
202 + sys-libs/zlib[${MULTILIB_USEDEP}]
203 + virtual/libcrypt:=[${MULTILIB_USEDEP}]
204 + virtual/libiconv
205 + $(python_gen_cond_dep "
206 + addc? (
207 + dev-python/dnspython:=[\${PYTHON_USEDEP}]
208 + dev-python/markdown[\${PYTHON_USEDEP}]
209 + )
210 + addns? (
211 + dev-python/dnspython:=[\${PYTHON_USEDEP}]
212 + net-dns/bind-tools[gssapi]
213 + )
214 + ")
215 + !alpha? ( !sparc? ( sys-libs/libunwind:= ) )
216 + acl? ( virtual/acl )
217 + ceph? ( sys-cluster/ceph )
218 + cluster? ( net-libs/rpcsvc-proto )
219 + cups? ( net-print/cups )
220 + debug? ( dev-util/lttng-ust )
221 + dmapi? ( sys-apps/dmapi )
222 + fam? ( virtual/fam )
223 + gpg? ( app-crypt/gpgme )
224 + json? ( dev-libs/jansson:= )
225 + ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
226 + pam? ( sys-libs/pam )
227 + python? (
228 + sys-libs/ldb[python,${PYTHON_SINGLE_USEDEP}]
229 + sys-libs/talloc[python,${PYTHON_SINGLE_USEDEP}]
230 + sys-libs/tdb[python,${PYTHON_SINGLE_USEDEP}]
231 + sys-libs/tevent[python,${PYTHON_SINGLE_USEDEP}]
232 + )
233 + snapper? ( sys-apps/dbus )
234 + system-heimdal? ( >=app-crypt/heimdal-1.5[-ssl,${MULTILIB_USEDEP}] )
235 + system-mitkrb5? ( >=app-crypt/mit-krb5-1.15.1[${MULTILIB_USEDEP}] )
236 + systemd? ( sys-apps/systemd:0= )
237 + zeroconf? ( net-dns/avahi[dbus] )
238 +"
239 +DEPEND="${COMMON_DEPEND}
240 + >=dev-util/cmocka-1.1.3[${MULTILIB_USEDEP}]
241 + net-libs/libtirpc[${MULTILIB_USEDEP}]
242 + || (
243 + net-libs/rpcsvc-proto
244 + <sys-libs/glibc-2.26[rpc(+)]
245 + )
246 + spotlight? ( dev-libs/glib )
247 + test? (
248 + $(python_gen_cond_dep "dev-python/subunit[\${PYTHON_USEDEP},${MULTILIB_USEDEP}]" )
249 + !system-mitkrb5? (
250 + >=net-dns/resolv_wrapper-1.1.4
251 + >=net-libs/socket_wrapper-1.1.9
252 + >=sys-libs/nss_wrapper-1.1.3
253 + >=sys-libs/uid_wrapper-1.2.1
254 + )
255 + )"
256 +RDEPEND="${COMMON_DEPEND}
257 + client? ( net-fs/cifs-utils[ads?] )
258 + python? ( ${PYTHON_DEPS} )
259 + selinux? ( sec-policy/selinux-samba )
260 +"
261 +BDEPEND="${PYTHON_DEPS}
262 + app-text/docbook-xsl-stylesheets
263 + dev-libs/libxslt
264 + virtual/pkgconfig
265 +"
266 +
267 +PATCHES=(
268 + "${FILESDIR}/${PN}-4.4.0-pam.patch"
269 +
270 + # https://bugs.gentoo.org/828063
271 + "${FILESDIR}/${P}-winbindd_regression_fix.patch"
272 +)
273 +
274 +#CONFDIR="${FILESDIR}/$(get_version_component_range 1-2)"
275 +CONFDIR="${FILESDIR}/4.4"
276 +
277 +WAF_BINARY="${S}/buildtools/bin/waf"
278 +
279 +SHAREDMODS=""
280 +
281 +pkg_setup() {
282 + # Package fails to build with distcc
283 + export DISTCC_DISABLE=1
284 +
285 + python-single-r1_pkg_setup
286 +
287 + SHAREDMODS="$(usex snapper '' '!')vfs_snapper"
288 + if use cluster ; then
289 + SHAREDMODS+=",idmap_rid,idmap_tdb2,idmap_ad"
290 + elif use ads ; then
291 + SHAREDMODS+=",idmap_ad"
292 + fi
293 +}
294 +
295 +src_prepare() {
296 + default
297 +
298 + # un-bundle dnspython
299 + sed -i -e '/"dns.resolver":/d' "${S}"/third_party/wscript || die
300 +
301 + # unbundle iso8601 unless tests are enabled
302 + if ! use test ; then
303 + sed -i -e '/"iso8601":/d' "${S}"/third_party/wscript || die
304 + fi
305 +
306 + ## ugly hackaround for bug #592502
307 + #cp /usr/include/tevent_internal.h "${S}"/lib/tevent/ || die
308 +
309 + sed -e 's:<gpgme\.h>:<gpgme/gpgme.h>:' \
310 + -i source4/dsdb/samdb/ldb_modules/password_hash.c \
311 + || die
312 +
313 + # Friggin' WAF shit
314 + multilib_copy_sources
315 +}
316 +
317 +multilib_src_configure() {
318 + # when specifying libs for samba build you must append NONE to the end to
319 + # stop it automatically including things
320 + local bundled_libs="NONE"
321 + if ! use system-heimdal && ! use system-mitkrb5 ; then
322 + bundled_libs="heimbase,heimntlm,hdb,kdc,krb5,wind,gssapi,hcrypto,hx509,roken,asn1,com_err,NONE"
323 + fi
324 +
325 + local myconf=(
326 + --enable-fhs
327 + --sysconfdir="${EPREFIX}/etc"
328 + --localstatedir="${EPREFIX}/var"
329 + --with-modulesdir="${EPREFIX}/usr/$(get_libdir)/samba"
330 + --with-piddir="${EPREFIX}/run/${PN}"
331 + --bundled-libraries="${bundled_libs}"
332 + --builtin-libraries=NONE
333 + --disable-rpath
334 + --disable-rpath-install
335 + --nopyc
336 + --nopyo
337 + --without-winexe
338 + $(multilib_native_use_with acl acl-support)
339 + $(multilib_native_usex addc '' '--without-ad-dc')
340 + $(multilib_native_use_with addns dnsupdate)
341 + $(multilib_native_use_with ads)
342 + $(multilib_native_use_enable ceph cephfs)
343 + $(multilib_native_use_with cluster cluster-support)
344 + $(multilib_native_use_enable cups)
345 + $(multilib_native_use_with dmapi)
346 + $(multilib_native_use_with fam)
347 + $(multilib_native_use_enable glusterfs)
348 + $(multilib_native_use_with gpg gpgme)
349 + $(multilib_native_use_with json)
350 + $(multilib_native_use_enable iprint)
351 + $(multilib_native_use_with ntvfs ntvfs-fileserver)
352 + $(multilib_native_use_with pam)
353 + $(multilib_native_usex pam "--with-pammodulesdir=${EPREFIX}/$(get_libdir)/security" '')
354 + $(multilib_native_use_with quota quotas)
355 + $(multilib_native_use_with regedit)
356 + $(multilib_native_use_enable spotlight)
357 + $(multilib_native_use_with syslog)
358 + $(multilib_native_use_with systemd)
359 + --systemd-install-services
360 + --with-systemddir="$(systemd_get_systemunitdir)"
361 + $(multilib_native_use_with winbind)
362 + $(multilib_native_usex python '' '--disable-python')
363 + $(multilib_native_use_enable zeroconf avahi)
364 + $(multilib_native_usex test '--enable-selftest' '')
365 + $(usex system-mitkrb5 "--with-system-mitkrb5 $(multilib_native_usex addc --with-experimental-mit-ad-dc '')" '')
366 + $(use_with debug lttng)
367 + $(use_with ldap)
368 + $(use_with profiling-data)
369 + # bug #683148
370 + --jobs 1
371 + )
372 +
373 + if multilib_is_native_abi ; then
374 + myconf+=( --with-shared-modules=${SHAREDMODS} )
375 + else
376 + myconf+=( --with-shared-modules=DEFAULT,!vfs_snapper )
377 + fi
378 +
379 + CPPFLAGS="-I${SYSROOT}${EPREFIX}/usr/include/et ${CPPFLAGS}" \
380 + waf-utils_src_configure ${myconf[@]}
381 +}
382 +
383 +multilib_src_compile() {
384 + waf-utils_src_compile
385 +}
386 +
387 +multilib_src_install() {
388 + waf-utils_src_install
389 +
390 + # Make all .so files executable
391 + find "${ED}" -type f -name "*.so" -exec chmod +x {} + || die
392 +
393 + if multilib_is_native_abi ; then
394 + # install ldap schema for server (bug #491002)
395 + if use ldap ; then
396 + insinto /etc/openldap/schema
397 + doins examples/LDAP/samba.schema
398 + fi
399 +
400 + # create symlink for cups (bug #552310)
401 + if use cups ; then
402 + dosym ../../../bin/smbspool \
403 + /usr/libexec/cups/backend/smb
404 + fi
405 +
406 + # install example config file
407 + insinto /etc/samba
408 + doins examples/smb.conf.default
409 +
410 + # Fix paths in example file (#603964)
411 + sed \
412 + -e '/log file =/s@/usr/local/samba/var/@/var/log/samba/@' \
413 + -e '/include =/s@/usr/local/samba/lib/@/etc/samba/@' \
414 + -e '/path =/s@/usr/local/samba/lib/@/var/lib/samba/@' \
415 + -e '/path =/s@/usr/local/samba/@/var/lib/samba/@' \
416 + -e '/path =/s@/usr/spool/samba@/var/spool/samba@' \
417 + -i "${ED}"/etc/samba/smb.conf.default || die
418 +
419 + # Install init script and conf.d file
420 + newinitd "${CONFDIR}/samba4.initd-r1" samba
421 + newconfd "${CONFDIR}/samba4.confd" samba
422 +
423 + dotmpfiles "${FILESDIR}"/samba.conf
424 + if ! use addc ; then
425 + rm "${D}/$(systemd_get_systemunitdir)/samba.service" \
426 + || die
427 + fi
428 +
429 + # Preserve functionality for old gentoo-specific unit names
430 + dosym nmb.service "$(systemd_get_systemunitdir)/nmbd.service"
431 + dosym smb.service "$(systemd_get_systemunitdir)/smbd.service"
432 + dosym winbind.service "$(systemd_get_systemunitdir)/winbindd.service"
433 + fi
434 +
435 + if use pam && use winbind ; then
436 + newpamd "${CONFDIR}/system-auth-winbind.pam" system-auth-winbind
437 + # bugs #376853 and #590374
438 + insinto /etc/security
439 + doins examples/pam_winbind/pam_winbind.conf
440 + fi
441 +
442 + keepdir /var/cache/samba
443 + keepdir /var/lib/ctdb
444 + keepdir /var/lib/samba/{bind-dns,private}
445 + keepdir /var/lock/samba
446 + keepdir /var/log/samba
447 +}
448 +
449 +multilib_src_test() {
450 + if multilib_is_native_abi ; then
451 + "${WAF_BINARY}" test || die "test failed"
452 + fi
453 +}
454 +
455 +pkg_postinst() {
456 + tmpfiles_process samba.conf
457 +
458 + if [[ -z ${REPLACING_VERSIONS} ]] ; then
459 + elog "Be aware that this release contains the best of all of Samba's"
460 + elog "technology parts, both a file server (that you can reasonably expect"
461 + elog "to upgrade existing Samba 3.x releases to) and the AD domain"
462 + elog "controller work previously known as 'samba4'."
463 + elog
464 + fi
465 + elog "For further information and migration steps make sure to read "
466 + elog "https://samba.org/samba/history/${P}.html "
467 + elog "https://wiki.samba.org/index.php/Samba4/HOWTO "
468 +}
469
470 diff --git a/net-fs/samba/samba-4.15.2-r1.ebuild b/net-fs/samba/samba-4.15.2-r1.ebuild
471 new file mode 100644
472 index 000000000000..fcf892dc2388
473 --- /dev/null
474 +++ b/net-fs/samba/samba-4.15.2-r1.ebuild
475 @@ -0,0 +1,343 @@
476 +# Copyright 1999-2021 Gentoo Authors
477 +# Distributed under the terms of the GNU General Public License v2
478 +
479 +EAPI=7
480 +
481 +PYTHON_COMPAT=( python3_{8..10} )
482 +PYTHON_REQ_USE="threads(+),xml(+)"
483 +inherit python-single-r1 waf-utils multilib-minimal linux-info systemd pam tmpfiles
484 +
485 +DESCRIPTION="Samba Suite Version 4"
486 +HOMEPAGE="https://samba.org/"
487 +
488 +MY_PV="${PV/_rc/rc}"
489 +MY_P="${PN}-${MY_PV}"
490 +if [[ ${PV} = *_rc* ]]; then
491 + SRC_URI="mirror://samba/rc/${MY_P}.tar.gz"
492 +else
493 + SRC_URI="mirror://samba/stable/${MY_P}.tar.gz"
494 + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86"
495 +fi
496 +S="${WORKDIR}/${MY_P}"
497 +
498 +LICENSE="GPL-3"
499 +SLOT="0"
500 +IUSE="acl addc ads ceph client cluster cups debug dmapi fam glusterfs
501 +gpg iprint json ldap pam profiling-data python quota +regedit selinux
502 +snapper spotlight syslog system-heimdal +system-mitkrb5 systemd test winbind
503 +zeroconf"
504 +
505 +REQUIRED_USE="${PYTHON_REQUIRED_USE}
506 + addc? ( python json winbind )
507 + ads? ( acl ldap python winbind )
508 + cluster? ( ads )
509 + gpg? ( addc )
510 + spotlight? ( json )
511 + test? ( python )
512 + !ads? ( !addc )
513 + ?? ( system-heimdal system-mitkrb5 )
514 +"
515 +
516 +# the test suite is messed, it uses system-installed samba
517 +# bits instead of what was built, tests things disabled via use
518 +# flags, and generally just fails to work in a way ebuilds could
519 +# rely on in its current state
520 +RESTRICT="test"
521 +
522 +MULTILIB_WRAPPED_HEADERS=(
523 + /usr/include/samba-4.0/policy.h
524 + /usr/include/samba-4.0/dcerpc_server.h
525 + /usr/include/samba-4.0/ctdb.h
526 + /usr/include/samba-4.0/ctdb_client.h
527 + /usr/include/samba-4.0/ctdb_protocol.h
528 + /usr/include/samba-4.0/ctdb_private.h
529 + /usr/include/samba-4.0/ctdb_typesafe_cb.h
530 + /usr/include/samba-4.0/ctdb_version.h
531 +)
532 +
533 +COMMON_DEPEND="
534 + >=app-arch/libarchive-3.1.2[${MULTILIB_USEDEP}]
535 + dev-lang/perl:=
536 + dev-libs/icu:=[${MULTILIB_USEDEP}]
537 + dev-libs/libbsd[${MULTILIB_USEDEP}]
538 + dev-libs/libtasn1[${MULTILIB_USEDEP}]
539 + dev-libs/popt[${MULTILIB_USEDEP}]
540 + dev-perl/Parse-Yapp
541 + >=net-libs/gnutls-3.4.7[${MULTILIB_USEDEP}]
542 + sys-libs/e2fsprogs-libs[${MULTILIB_USEDEP}]
543 + >=sys-libs/ldb-2.4.1[ldap(+)?,${MULTILIB_USEDEP}]
544 + <sys-libs/ldb-2.5.0[ldap(+)?,${MULTILIB_USEDEP}]
545 + sys-libs/libcap[${MULTILIB_USEDEP}]
546 + sys-libs/liburing:=[${MULTILIB_USEDEP}]
547 + sys-libs/ncurses:0=
548 + sys-libs/readline:0=
549 + >=sys-libs/talloc-2.3.3[${MULTILIB_USEDEP}]
550 + >=sys-libs/tdb-1.4.4[${MULTILIB_USEDEP}]
551 + >=sys-libs/tevent-0.11.0[${MULTILIB_USEDEP}]
552 + sys-libs/zlib[${MULTILIB_USEDEP}]
553 + virtual/libcrypt:=[${MULTILIB_USEDEP}]
554 + virtual/libiconv
555 + $(python_gen_cond_dep "
556 + addc? (
557 + dev-python/dnspython:=[\${PYTHON_USEDEP}]
558 + dev-python/markdown[\${PYTHON_USEDEP}]
559 + )
560 + ads? (
561 + dev-python/dnspython:=[\${PYTHON_USEDEP}]
562 + net-dns/bind-tools[gssapi]
563 + )
564 + ")
565 + !alpha? ( !sparc? ( sys-libs/libunwind:= ) )
566 + acl? ( virtual/acl )
567 + ceph? ( sys-cluster/ceph )
568 + cluster? ( net-libs/rpcsvc-proto )
569 + cups? ( net-print/cups )
570 + debug? ( dev-util/lttng-ust )
571 + dmapi? ( sys-apps/dmapi )
572 + fam? ( virtual/fam )
573 + gpg? ( app-crypt/gpgme )
574 + json? ( dev-libs/jansson:= )
575 + ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
576 + pam? ( sys-libs/pam )
577 + python? (
578 + sys-libs/ldb[python,${PYTHON_SINGLE_USEDEP}]
579 + sys-libs/talloc[python,${PYTHON_SINGLE_USEDEP}]
580 + sys-libs/tdb[python,${PYTHON_SINGLE_USEDEP}]
581 + sys-libs/tevent[python,${PYTHON_SINGLE_USEDEP}]
582 + )
583 + snapper? ( sys-apps/dbus )
584 + system-heimdal? ( >=app-crypt/heimdal-1.5[-ssl,${MULTILIB_USEDEP}] )
585 + system-mitkrb5? ( >=app-crypt/mit-krb5-1.15.1[${MULTILIB_USEDEP}] )
586 + systemd? ( sys-apps/systemd:0= )
587 + zeroconf? ( net-dns/avahi[dbus] )
588 +"
589 +DEPEND="${COMMON_DEPEND}
590 + >=dev-util/cmocka-1.1.3[${MULTILIB_USEDEP}]
591 + net-libs/libtirpc[${MULTILIB_USEDEP}]
592 + || (
593 + net-libs/rpcsvc-proto
594 + <sys-libs/glibc-2.26[rpc(+)]
595 + )
596 + spotlight? ( dev-libs/glib )
597 + test? (
598 + $(python_gen_cond_dep "dev-python/subunit[\${PYTHON_USEDEP},${MULTILIB_USEDEP}]" )
599 + !system-mitkrb5? (
600 + >=net-dns/resolv_wrapper-1.1.4
601 + >=net-libs/socket_wrapper-1.1.9
602 + >=sys-libs/nss_wrapper-1.1.3
603 + >=sys-libs/uid_wrapper-1.2.1
604 + )
605 + )"
606 +RDEPEND="${COMMON_DEPEND}
607 + client? ( net-fs/cifs-utils[ads?] )
608 + python? ( ${PYTHON_DEPS} )
609 + selinux? ( sec-policy/selinux-samba )
610 +"
611 +BDEPEND="${PYTHON_DEPS}
612 + app-text/docbook-xsl-stylesheets
613 + dev-libs/libxslt
614 + virtual/pkgconfig
615 +"
616 +
617 +PATCHES=(
618 + "${FILESDIR}/${PN}-4.4.0-pam.patch"
619 +
620 + # https://bugs.gentoo.org/828063
621 + "${FILESDIR}/${P}-winbindd_regression_fix.patch"
622 +)
623 +
624 +#CONFDIR="${FILESDIR}/$(get_version_component_range 1-2)"
625 +CONFDIR="${FILESDIR}/4.4"
626 +
627 +WAF_BINARY="${S}/buildtools/bin/waf"
628 +
629 +SHAREDMODS=""
630 +
631 +pkg_setup() {
632 + # Package fails to build with distcc
633 + export DISTCC_DISABLE=1
634 +
635 + python-single-r1_pkg_setup
636 +
637 + SHAREDMODS="$(usex snapper '' '!')vfs_snapper"
638 + if use cluster ; then
639 + SHAREDMODS+=",idmap_rid,idmap_tdb2,idmap_ad"
640 + elif use ads ; then
641 + SHAREDMODS+=",idmap_ad"
642 + fi
643 +}
644 +
645 +src_prepare() {
646 + default
647 +
648 + # un-bundle dnspython
649 + sed -i -e '/"dns.resolver":/d' "${S}"/third_party/wscript || die
650 +
651 + # unbundle iso8601 unless tests are enabled
652 + if ! use test ; then
653 + sed -i -e '/"iso8601":/d' "${S}"/third_party/wscript || die
654 + fi
655 +
656 + ## ugly hackaround for bug #592502
657 + #cp /usr/include/tevent_internal.h "${S}"/lib/tevent/ || die
658 +
659 + sed -e 's:<gpgme\.h>:<gpgme/gpgme.h>:' \
660 + -i source4/dsdb/samdb/ldb_modules/password_hash.c \
661 + || die
662 +
663 + # Friggin' WAF shit
664 + multilib_copy_sources
665 +}
666 +
667 +multilib_src_configure() {
668 + # when specifying libs for samba build you must append NONE to the end to
669 + # stop it automatically including things
670 + local bundled_libs="NONE"
671 + if ! use system-heimdal && ! use system-mitkrb5 ; then
672 + bundled_libs="heimbase,heimntlm,hdb,kdc,krb5,wind,gssapi,hcrypto,hx509,roken,asn1,com_err,NONE"
673 + fi
674 +
675 + local myconf=(
676 + --enable-fhs
677 + --sysconfdir="${EPREFIX}/etc"
678 + --localstatedir="${EPREFIX}/var"
679 + --with-modulesdir="${EPREFIX}/usr/$(get_libdir)/samba"
680 + --with-piddir="${EPREFIX}/run/${PN}"
681 + --bundled-libraries="${bundled_libs}"
682 + --builtin-libraries=NONE
683 + --disable-rpath
684 + --disable-rpath-install
685 + --nopyc
686 + --nopyo
687 + --without-winexe
688 + $(multilib_native_use_with acl acl-support)
689 + $(multilib_native_usex addc '' '--without-ad-dc')
690 + $(multilib_native_use_with ads)
691 + $(multilib_native_use_enable ceph cephfs)
692 + $(multilib_native_use_with cluster cluster-support)
693 + $(multilib_native_use_enable cups)
694 + $(multilib_native_use_with dmapi)
695 + $(multilib_native_use_with fam)
696 + $(multilib_native_use_enable glusterfs)
697 + $(multilib_native_use_with gpg gpgme)
698 + $(multilib_native_use_with json)
699 + $(multilib_native_use_enable iprint)
700 + $(multilib_native_use_with pam)
701 + $(multilib_native_usex pam "--with-pammodulesdir=${EPREFIX}/$(get_libdir)/security" '')
702 + $(multilib_native_use_with quota quotas)
703 + $(multilib_native_use_with regedit)
704 + $(multilib_native_use_enable spotlight)
705 + $(multilib_native_use_with syslog)
706 + $(multilib_native_use_with systemd)
707 + --systemd-install-services
708 + --with-systemddir="$(systemd_get_systemunitdir)"
709 + $(multilib_native_use_with winbind)
710 + $(multilib_native_usex python '' '--disable-python')
711 + $(multilib_native_use_enable zeroconf avahi)
712 + $(multilib_native_usex test '--enable-selftest' '')
713 + $(usex system-mitkrb5 "--with-system-mitkrb5 $(multilib_native_usex addc --with-experimental-mit-ad-dc '')" '')
714 + $(use_with debug lttng)
715 + $(use_with ldap)
716 + $(use_with profiling-data)
717 + # bug #683148
718 + --jobs 1
719 + )
720 +
721 + if multilib_is_native_abi ; then
722 + myconf+=( --with-shared-modules=${SHAREDMODS} )
723 + else
724 + myconf+=( --with-shared-modules=DEFAULT,!vfs_snapper )
725 + fi
726 +
727 + CPPFLAGS="-I${SYSROOT}${EPREFIX}/usr/include/et ${CPPFLAGS}" \
728 + waf-utils_src_configure ${myconf[@]}
729 +}
730 +
731 +multilib_src_compile() {
732 + waf-utils_src_compile
733 +}
734 +
735 +multilib_src_install() {
736 + waf-utils_src_install
737 +
738 + # Make all .so files executable
739 + find "${ED}" -type f -name "*.so" -exec chmod +x {} + || die
740 +
741 + if multilib_is_native_abi ; then
742 + # install ldap schema for server (bug #491002)
743 + if use ldap ; then
744 + insinto /etc/openldap/schema
745 + doins examples/LDAP/samba.schema
746 + fi
747 +
748 + # create symlink for cups (bug #552310)
749 + if use cups ; then
750 + dosym ../../../bin/smbspool \
751 + /usr/libexec/cups/backend/smb
752 + fi
753 +
754 + # install example config file
755 + insinto /etc/samba
756 + doins examples/smb.conf.default
757 +
758 + # Fix paths in example file (#603964)
759 + sed \
760 + -e '/log file =/s@/usr/local/samba/var/@/var/log/samba/@' \
761 + -e '/include =/s@/usr/local/samba/lib/@/etc/samba/@' \
762 + -e '/path =/s@/usr/local/samba/lib/@/var/lib/samba/@' \
763 + -e '/path =/s@/usr/local/samba/@/var/lib/samba/@' \
764 + -e '/path =/s@/usr/spool/samba@/var/spool/samba@' \
765 + -i "${ED}"/etc/samba/smb.conf.default || die
766 +
767 + # Install init script and conf.d file
768 + newinitd "${CONFDIR}/samba4.initd-r1" samba
769 + newconfd "${CONFDIR}/samba4.confd" samba
770 +
771 + dotmpfiles "${FILESDIR}"/samba.conf
772 + if ! use addc ; then
773 + rm "${D}/$(systemd_get_systemunitdir)/samba.service" \
774 + || die
775 + fi
776 +
777 + # Preserve functionality for old gentoo-specific unit names
778 + dosym nmb.service "$(systemd_get_systemunitdir)/nmbd.service"
779 + dosym smb.service "$(systemd_get_systemunitdir)/smbd.service"
780 + dosym winbind.service "$(systemd_get_systemunitdir)/winbindd.service"
781 + fi
782 +
783 + if use pam && use winbind ; then
784 + newpamd "${CONFDIR}/system-auth-winbind.pam" system-auth-winbind
785 + # bugs #376853 and #590374
786 + insinto /etc/security
787 + doins examples/pam_winbind/pam_winbind.conf
788 + fi
789 +
790 + keepdir /var/cache/samba
791 + keepdir /var/lib/ctdb
792 + keepdir /var/lib/samba/{bind-dns,private}
793 + keepdir /var/lock/samba
794 + keepdir /var/log/samba
795 +}
796 +
797 +multilib_src_test() {
798 + if multilib_is_native_abi ; then
799 + "${WAF_BINARY}" test || die "test failed"
800 + fi
801 +}
802 +
803 +pkg_postinst() {
804 + tmpfiles_process samba.conf
805 +
806 + if [[ -z ${REPLACING_VERSIONS} ]] ; then
807 + elog "Be aware that this release contains the best of all of Samba's"
808 + elog "technology parts, both a file server (that you can reasonably expect"
809 + elog "to upgrade existing Samba 3.x releases to) and the AD domain"
810 + elog "controller work previously known as 'samba4'."
811 + elog
812 + fi
813 + if [[ "${PV}" != *_rc* ]] ; then
814 + elog "For further information and migration steps make sure to read "
815 + elog "https://samba.org/samba/history/${P}.html "
816 + elog "https://wiki.samba.org/index.php/Samba4/HOWTO "
817 + fi
818 +}