diff options
| author |   Lars Wendler <polynomial-c@gentoo.org> | 2016-12-19 14:33:06 +0100 |
|---|---|---|
| committer | Lars Wendler <polynomial-c@gentoo.org> | 2016-12-19 14:33:23 +0100 |
| commit | 0aa1ea43d64b5c40839f1fbb4c1a176c5826ba6c (patch) | |
| tree | 23553878195d61e3c00ac6999f7577b242a380ca /net-fs | |
| parent | profiles/package.mask: mask dev-python/fuse-python for removal. (diff) | |
| download | gentoo-0aa1ea43d64b5c40839f1fbb4c1a176c5826ba6c.tar.gz gentoo-0aa1ea43d64b5c40839f1fbb4c1a176c5826ba6c.tar.bz2 gentoo-0aa1ea43d64b5c40839f1fbb4c1a176c5826ba6c.zip | |
net-fs/samba: Security cleanup (bug #578004).
Package-Manager: Portage-2.3.3, Repoman-2.3.1
Diffstat (limited to 'net-fs')
| -rw-r--r-- | net-fs/samba/Manifest | 1 | ||||
| -rw-r--r-- | net-fs/samba/files/3.6/lmhosts | 2 | ||||
| -rw-r--r-- | net-fs/samba/files/3.6/samba.confd | 28 | ||||
| -rw-r--r-- | net-fs/samba/files/3.6/samba.initd | 60 | ||||
| -rw-r--r-- | net-fs/samba/files/3.6/samba.pam | 8 | ||||
| -rw-r--r-- | net-fs/samba/files/3.6/smb.conf.default.patch | 68 | ||||
| -rw-r--r-- | net-fs/samba/files/3.6/smbusers | 7 | ||||
| -rw-r--r-- | net-fs/samba/files/3.6/swat.xinetd | 17 | ||||
| -rw-r--r-- | net-fs/samba/files/3.6/system-auth-winbind.pam | 18 | ||||
| -rw-r--r-- | net-fs/samba/files/named.conf.dlz.patch | 15 | ||||
| -rw-r--r-- | net-fs/samba/files/samba-3.4.2-lib.tevent.python.mk | 6 | ||||
| -rw-r--r-- | net-fs/samba/files/samba-4.0.19-automagic_aio_fix.patch | 57 | ||||
| -rw-r--r-- | net-fs/samba/files/samba-4.1.14-libsystemd.patch | 51 | ||||
| -rw-r--r-- | net-fs/samba/files/samba-4.1.14-named.conf.dlz.patch | 15 | ||||
| -rw-r--r-- | net-fs/samba/samba-3.6.25.ebuild | 483 |
15 files changed, 0 insertions, 836 deletions
diff --git a/net-fs/samba/Manifest b/net-fs/samba/Manifest index 57358b265ebf..8545d9baacaf 100644 --- a/net-fs/samba/Manifest +++ b/net-fs/samba/Manifest @@ -1,4 +1,3 @@ -DIST samba-3.6.25.tar.gz 34121828 SHA256 8f2c8a7f2bd89b0dfd228ed917815852f7c625b2bc0936304ac3ed63aaf83751 SHA512 25a5c56dae4517e82e196b59fa301b661ec75db57effbb0ede35fb23b018f78cdea6513e8760966caf58abc43335fcebda77fe5bf5bb9d4b27fd3ca6e5a3b626 WHIRLPOOL 68c4a335b3912bf3c6baecae337b1131127515191052366ca9a04ec6d919f2fb69c912aefb087e2578134f3a9bde7b496ea880f2197a8dbf8221058dd1e8444d DIST samba-4.2.11.tar.gz 20875348 SHA256 75bce53c922e51352933c9846f2c4b1e251fabb80927adb426a773a321ee01f8 SHA512 293365f2718e756b66ccaec4b0dbce7044ade615b332f58968cf42dd1ec6b6445576590eaf5bd35fa00ba9aa4ba3be7720afc33763652e97731eebc3149f4820 WHIRLPOOL 1e04fd527e55c8d438c96a43d9a25a9b3e09a3edc504a2a5fe44bc8f9101c833c90e3ba3188b8872b046370916f3798e4fce0ffa7848b65f452b5c51ec7107f1 DIST samba-4.2.14.tar.gz 20883281 SHA256 db820a9947e44f04b0eb25e4aa0c3db32c4042fca541775ee8e2905093e888e6 SHA512 269dd74ba788657434f51ac70953a293c94bcf98280eaa6f44634c5da54169a5ea7865d543a7c23860c4750a40cdee7caeaf5c7fc3dbc137f444e90f31a09890 WHIRLPOOL 925369c2f9c222d718bf4aacc7b1a83b8275acd96bbc1eca52ad96c86847327807560674ee9b180173d17a1e6109307ec4f70f1acbebe2efc8a9e67f2141e17d DIST samba-4.3.12.tar.gz 20587617 SHA256 7e9c75b1e269224fd2fcd80415c813c7cf8021389e40777c7b63348d94a25180 SHA512 cba129bae5bb01e85b48e82336ddf8e348852e922829a3ed37a8aa02860057441f3b941cab6d9989cd09099ca4c45ee89cb343f30c10de51dff398ffbcaa43ce WHIRLPOOL 8f885da2ea0a15a04d7deb6aeb1919214b9a19306285e4e1c1ee1557e26b6dcc6f252f50e41fe5d3bc0ac537c446610c820909321c4e6aeb22e4708e6e05dcbc diff --git a/net-fs/samba/files/3.6/lmhosts b/net-fs/samba/files/3.6/lmhosts deleted file mode 100644 index fe7b466eb16a..000000000000 --- a/net-fs/samba/files/3.6/lmhosts +++ /dev/null @@ -1,2 +0,0 @@ -# $Id$ -127.0.0.1 localhost diff --git a/net-fs/samba/files/3.6/samba.confd b/net-fs/samba/files/3.6/samba.confd deleted file mode 100644 index 1b329dae6b18..000000000000 --- a/net-fs/samba/files/3.6/samba.confd +++ /dev/null @@ -1,28 +0,0 @@ -#add "winbind" to the daemon_list if you also want winbind to start -daemon_list="smbd nmbd" - -#---------------------------------------------------------------------------- -# Daemons calls: <daemon_name>_<command_option> -#---------------------------------------------------------------------------- -my_service_name="samba" -my_service_PRE="unset TMP TMPDIR" -my_service_POST="" - -#---------------------------------------------------------------------------- -# Daemons calls: <daemon_name>_<command_option> -#---------------------------------------------------------------------------- -smbd_start_options="-D" -smbd_start="start-stop-daemon --start --exec /usr/sbin/smbd -- ${smbd_start_options}" -smbd_stop="start-stop-daemon --stop --exec /usr/sbin/smbd" -smbd_reload="killall -HUP smbd" - -nmbd_start_options="-D" -nmbd_start="start-stop-daemon --start --exec /usr/sbin/nmbd -- ${nmbd_start_options}" -nmbd_stop="start-stop-daemon --stop --exec /usr/sbin/nmbd" -nmbd_reload="killall -HUP nmbd" - -winbind_start_options="" -winbind_start="start-stop-daemon --start --exec /usr/sbin/winbindd -- ${winbind_start_options}" -winbind_stop="start-stop-daemon --stop --exec /usr/sbin/winbindd" -winbind_reload="killall -HUP winbindd" - diff --git a/net-fs/samba/files/3.6/samba.initd b/net-fs/samba/files/3.6/samba.initd deleted file mode 100644 index 3d238fe21ea7..000000000000 --- a/net-fs/samba/files/3.6/samba.initd +++ /dev/null @@ -1,60 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License, v2 or later -# $Id$ - -extra_started_commands="reload" -piddir="/var/run/samba" - -depend() { - after slapd - need net - use cupsd -} - -DAEMONNAME="${SVCNAME##samba.}" -[ "${DAEMONNAME}" != "samba" ] && daemon_list=${DAEMONNAME} - -signal_do() { - local signal="$1" - [ -z "${signal}" ] && return 0 - - local result=0 last_result=0 daemon= cmd_exec= - for daemon in ${daemon_list} ; do - eval cmd_exec=\$${daemon}_${signal} - if [ -n "${cmd_exec}" ]; then - ebegin "${my_service_name} -> ${signal}: ${daemon}" - #echo ${cmd} '->' ${!cmd} - ${cmd_exec} > /dev/null - last_result=$? - eend ${last_result} - fi - result=$(( ${result} + ${last_result} )) - done - return ${result} -} - -mkdir_sambadirs() { - [ -d "${piddir}" ] || mkdir -p ${piddir} -} - -start() { - ${my_service_PRE} - mkdir_sambadirs - signal_do start && return 0 - - eerror "Error: starting services (see system logs)" - signal_do stop - return 1 -} -stop() { - ${my_service_PRE} - if signal_do stop ; then - ${my_service_POST} - return 0 - fi -} -reload() { - ${my_service_PRE} - signal_do reload -} diff --git a/net-fs/samba/files/3.6/samba.pam b/net-fs/samba/files/3.6/samba.pam deleted file mode 100644 index 91beadd478a4..000000000000 --- a/net-fs/samba/files/3.6/samba.pam +++ /dev/null @@ -1,8 +0,0 @@ -#%PAM-1.0 -# * pam_smbpass.so authenticates against the smbpasswd file -# * changed Redhat's 'pam_stack' with 'include' for *BSD compatibility -# (Diego "Flameeyes" Petteno'): enable with pam>=0.78 only -auth required pam_smbpass.so nodelay -account include system-auth -session include system-auth -password required pam_smbpass.so nodelay smbconf=/etc/samba/smb.conf diff --git a/net-fs/samba/files/3.6/smb.conf.default.patch b/net-fs/samba/files/3.6/smb.conf.default.patch deleted file mode 100644 index c2a9a72cedad..000000000000 --- a/net-fs/samba/files/3.6/smb.conf.default.patch +++ /dev/null @@ -1,68 +0,0 @@ ---- samba-3.6.0rc2/examples/smb.conf.default~ 2011-06-07 19:13:47.000000000 +0100 -+++ samba-3.6.0rc2/examples/smb.conf.default 2011-06-30 16:12:42.388102480 +0100 -@@ -63,7 +63,7 @@ - - # this tells Samba to use a separate log file for each machine - # that connects -- log file = /usr/local/samba/var/log.%m -+ log file = /var/log/samba/log.%m - - # Put a capping on the size of the log files (in Kb). - max log size = 50 -@@ -81,7 +81,10 @@ - - # Backend to store user information in. New installations should - # use either tdbsam or ldapsam. smbpasswd is available for backwards --# compatibility. tdbsam requires no further configuration. -+# compatibility. tdbsam requires no further configuration. If you're -+# migrating from < samba 3.4, you'll have to convert your old user -+# passwords to the new backend with the command: -+# pdbedit -i smbpasswd:/var/lib/samba/private/smbpasswd -e - ; passdb backend = tdbsam - - # Using the following line enables you to customise your configuration -@@ -89,7 +92,7 @@ - # of the machine that is connecting. - # Note: Consider carefully the location in the configuration file of - # this line. The included file is read at that point. --; include = /usr/local/samba/lib/smb.conf.%m -+; include = /etc/samba/smb.conf.%m - - # Configure Samba to use multiple interfaces - # If you have multiple network interfaces then you must list them -@@ -166,7 +169,7 @@ - # Un-comment the following and create the netlogon directory for Domain Logons - ; [netlogon] - ; comment = Network Logon Service --; path = /usr/local/samba/lib/netlogon -+; path = /var/lib/samba/netlogon - ; guest ok = yes - ; writable = no - ; share modes = no -@@ -175,7 +178,7 @@ - # Un-comment the following to provide a specific roving profile share - # the default is to use the user's home directory - ;[Profiles] --; path = /usr/local/samba/profiles -+; path = /var/lib/samba/profiles - ; browseable = no - ; guest ok = yes - -@@ -184,7 +187,7 @@ - # specifically define each individual printer - [printers] - comment = All Printers -- path = /usr/spool/samba -+ path = /var/spool/samba - browseable = no - # Set public = yes to allow user 'guest account' to print - guest ok = no -@@ -204,7 +207,7 @@ - ; comment = Public Stuff - ; path = /home/samba - ; public = yes --; writable = no -+; writable = yes - ; printable = no - ; write list = @staff - diff --git a/net-fs/samba/files/3.6/smbusers b/net-fs/samba/files/3.6/smbusers deleted file mode 100644 index 7acb6dc817af..000000000000 --- a/net-fs/samba/files/3.6/smbusers +++ /dev/null @@ -1,7 +0,0 @@ -# $Id$ - -# Syntax: -# Unix_name = SMB_name1 SMB_name2 ... - -root = Administrator admin -nobody = guest pcguest smbguest diff --git a/net-fs/samba/files/3.6/swat.xinetd b/net-fs/samba/files/3.6/swat.xinetd deleted file mode 100644 index 45e977df11aa..000000000000 --- a/net-fs/samba/files/3.6/swat.xinetd +++ /dev/null @@ -1,17 +0,0 @@ -# default: off -# description: SWAT is the Samba Web Admin Tool. Use swat \ -# to configure your Samba server. To use SWAT, \ -# connect to port 901 with your favorite web browser. -# $Id$ - -service swat -{ - port = 901 - socket_type = stream - wait = no - only_from = localhost - user = root - server = /usr/sbin/swat - log_on_failure += USERID - disable = yes -} diff --git a/net-fs/samba/files/3.6/system-auth-winbind.pam b/net-fs/samba/files/3.6/system-auth-winbind.pam deleted file mode 100644 index 8d6746b7aeb6..000000000000 --- a/net-fs/samba/files/3.6/system-auth-winbind.pam +++ /dev/null @@ -1,18 +0,0 @@ -#%PAM-1.0 -# $Id$ - -auth required pam_env.so -auth sufficient pam_winbind.so -auth sufficient pam_unix.so likeauth nullok use_first_pass -auth required pam_deny.so - -account sufficient pam_winbind.so -account required pam_unix.so - -password required pam_cracklib.so retry=3 -password sufficient pam_unix.so nullok use_authtok md5 shadow -password required pam_deny.so - -session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 -session required pam_limits.so -session required pam_unix.so diff --git a/net-fs/samba/files/named.conf.dlz.patch b/net-fs/samba/files/named.conf.dlz.patch deleted file mode 100644 index ad8486ce1c67..000000000000 --- a/net-fs/samba/files/named.conf.dlz.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff --git a/source4/setup/named.conf.dlz b/source4/setup/named.conf.dlz -index be20a57..d86f766 100644 ---- a/source4/setup/named.conf.dlz -+++ b/source4/setup/named.conf.dlz -@@ -11,9 +11,9 @@ - # - dlz "AD DNS Zone" { - # For BIND 9.8.0 -- database "dlopen ${MODULESDIR}/bind9/dlz_bind9.so"; -+ # database "dlopen ${MODULESDIR}/bind9/dlz_bind9.so"; - - # For BIND 9.9.0 -- # database "dlopen ${MODULESDIR}/bind9/dlz_bind9_9.so"; -+ database "dlopen ${MODULESDIR}/bind9/dlz_bind9_9.so"; - }; diff --git a/net-fs/samba/files/samba-3.4.2-lib.tevent.python.mk b/net-fs/samba/files/samba-3.4.2-lib.tevent.python.mk deleted file mode 100644 index 3a0375580bea..000000000000 --- a/net-fs/samba/files/samba-3.4.2-lib.tevent.python.mk +++ /dev/null @@ -1,6 +0,0 @@ -[PYTHON::pytevent] -LIBRARY_REALNAME = tevent.$(SHLIBEXT) -PRIVATE_DEPENDENCIES = LIBTEVENT PYTALLOC LIBSAMBA-UTIL LIBREPLACE - -pytevent_OBJ_FILES = $(libteventsrcdir)/pytevent.o - diff --git a/net-fs/samba/files/samba-4.0.19-automagic_aio_fix.patch b/net-fs/samba/files/samba-4.0.19-automagic_aio_fix.patch deleted file mode 100644 index ec351db7a2d0..000000000000 --- a/net-fs/samba/files/samba-4.0.19-automagic_aio_fix.patch +++ /dev/null @@ -1,57 +0,0 @@ -https://bugzilla.samba.org/show_bug.cgi?id=10370 - ---- samba-4.0.19/source3/wscript -+++ samba-4.0.19/source3/wscript -@@ -507,9 +507,10 @@ - else: - conf.DEFINE('HAVE_NO_AIO', '1') - -- if host_os.rfind('linux') > -1: -- conf.CHECK_FUNCS_IN('io_submit', 'aio') -- conf.CHECK_CODE(''' -+ if Options.options.with_aio_support != False: -+ if host_os.rfind('linux') > -1: -+ conf.CHECK_FUNCS_IN('io_submit', 'aio') -+ conf.CHECK_CODE(''' - struct io_event ioev; - struct iocb *ioc; - io_context_t ctx; -@@ -526,11 +527,11 @@ - io_getevents(ctx, 1, 1, &ioev, &ts); - ''', - 'HAVE_LINUX_KERNEL_AIO', -- msg='Checking for linux kernel asynchronous io support', -- headers='unistd.h stdlib.h sys/types.h fcntl.h sys/eventfd.h libaio.h', -- lib='aio') -+ msg='Checking for linux kernel asynchronous io support', -+ headers='unistd.h stdlib.h sys/types.h fcntl.h sys/eventfd.h libaio.h', -+ lib='aio') - -- conf.CHECK_CODE(''' -+ conf.CHECK_CODE(''' - struct msghdr msg; - union { - struct cmsghdr cm; -@@ -540,17 +541,17 @@ - msg.msg_controllen = sizeof(control_un.control); - ''', - 'HAVE_MSGHDR_MSG_CONTROL', -- msg='Checking if we can use msg_control for passing file descriptors', -- headers='sys/types.h stdlib.h stddef.h sys/socket.h sys/un.h') -- conf.CHECK_CODE(''' -+ msg='Checking if we can use msg_control for passing file descriptors', -+ headers='sys/types.h stdlib.h stddef.h sys/socket.h sys/un.h') -+ conf.CHECK_CODE(''' - struct msghdr msg; - int fd; - msg.msg_acctrights = (caddr_t) &fd; - msg.msg_acctrightslen = sizeof(fd); - ''', - 'HAVE_MSGHDR_MSG_ACCTRIGHTS', -- msg='Checking if we can use msg_acctrights for passing file descriptors', -- headers='sys/types.h stdlib.h stddef.h sys/socket.h sys/un.h') -+ msg='Checking if we can use msg_acctrights for passing file descriptors', -+ headers='sys/types.h stdlib.h stddef.h sys/socket.h sys/un.h') - - if Options.options.with_winbind: - conf.env.build_winbind = True diff --git a/net-fs/samba/files/samba-4.1.14-libsystemd.patch b/net-fs/samba/files/samba-4.1.14-libsystemd.patch deleted file mode 100644 index 94b30c00e162..000000000000 --- a/net-fs/samba/files/samba-4.1.14-libsystemd.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 0f9b06ade820ce165015526220569db81e00150b Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= <mgorny@gentoo.org> -Date: Sat, 3 Jan 2015 18:59:48 +0100 -Subject: [PATCH] Support libsystemd, renamed from libsystemd-daemon - ---- - lib/util/wscript_build | 2 +- - wscript | 4 ++++ - 2 files changed, 5 insertions(+), 1 deletion(-) - -diff --git a/lib/util/wscript_build b/lib/util/wscript_build -index f161f96..6b6b511 100755 ---- a/lib/util/wscript_build -+++ b/lib/util/wscript_build -@@ -10,7 +10,7 @@ bld.SAMBA_LIBRARY('samba-util', - server_id.c dprintf.c parmlist.c bitmap.c pidfile.c - tevent_debug.c util_process.c memcache.c''', - deps='DYNCONFIG', -- public_deps='talloc tevent execinfo uid_wrapper pthread LIBCRYPTO charset util_setid systemd-daemon', -+ public_deps='talloc tevent execinfo uid_wrapper pthread LIBCRYPTO charset util_setid systemd systemd-daemon', - public_headers='debug.h attr.h byteorder.h data_blob.h memory.h safe_string.h time.h talloc_stack.h xfile.h dlinklist.h samba_util.h string_wrappers.h', - header_path= [ ('dlinklist.h samba_util.h', '.'), ('*', 'util') ], - local_include=False, -diff --git a/wscript b/wscript -index f389f90..3c4fa21 100644 ---- a/wscript -+++ b/wscript -@@ -183,9 +183,12 @@ def configure(conf): - conf.env['ENABLE_PIE'] = True - - if Options.options.enable_systemd != False: -+ conf.check_cfg(package='libsystemd', args='--cflags --libs', -+ msg='Checking for libsystemd', uselib_store="SYSTEMD") - conf.check_cfg(package='libsystemd-daemon', args='--cflags --libs', - msg='Checking for libsystemd-daemon', uselib_store="SYSTEMD-DAEMON") - conf.CHECK_HEADERS('systemd/sd-daemon.h', lib='systemd-daemon') -+ conf.CHECK_LIB('systemd', shlib=True) - conf.CHECK_LIB('systemd-daemon', shlib=True) - - if conf.CONFIG_SET('HAVE_SYSTEMD_SD_DAEMON_H'): -@@ -193,6 +196,7 @@ def configure(conf): - conf.env['ENABLE_SYSTEMD'] = True - else: - conf.SET_TARGET_TYPE('systemd-daemon', 'EMPTY') -+ conf.SET_TARGET_TYPE('systemd', 'EMPTY') - conf.undefine('HAVE_SYSTEMD') - - conf.SAMBA_CONFIG_H('include/config.h') --- -2.2.1 - diff --git a/net-fs/samba/files/samba-4.1.14-named.conf.dlz.patch b/net-fs/samba/files/samba-4.1.14-named.conf.dlz.patch deleted file mode 100644 index 9f1ebb819906..000000000000 --- a/net-fs/samba/files/samba-4.1.14-named.conf.dlz.patch +++ /dev/null @@ -1,15 +0,0 @@ ---- samba-4.1.14/source4/setup/named.conf.dlz -+++ samba-4.1.14/source4/setup/named.conf.dlz -@@ -11,10 +11,10 @@ - # - dlz "AD DNS Zone" { - # For BIND 9.8.x -- database "dlopen ${MODULESDIR}/bind9/dlz_bind9.so"; -+ # database "dlopen ${MODULESDIR}/bind9/dlz_bind9.so"; - - # For BIND 9.9.x -- # database "dlopen ${MODULESDIR}/bind9/dlz_bind9_9.so"; -+ database "dlopen ${MODULESDIR}/bind9/dlz_bind9_9.so"; - - # For BIND 9.10.x - # database "dlopen ${MODULESDIR}/bind9/dlz_bind9_10.so"; diff --git a/net-fs/samba/samba-3.6.25.ebuild b/net-fs/samba/samba-3.6.25.ebuild deleted file mode 100644 index 79925e39e6fd..000000000000 --- a/net-fs/samba/samba-3.6.25.ebuild +++ /dev/null @@ -1,483 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI=5 - -inherit pam versionator multilib multilib-minimal eutils flag-o-matic systemd - -MY_PV=${PV/_/} -MY_P="${PN}-${MY_PV}" - -DESCRIPTION="Library bits of the samba network filesystem" -HOMEPAGE="http://www.samba.org/" -SRC_URI="mirror://samba/stable/${MY_P}.tar.gz" -LICENSE="GPL-3" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 sparc x86 ~amd64-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="acl addns ads +aio avahi caps +client cluster cups debug dmapi doc examples fam - ldap ldb +netapi pam quota +readline selinux +server +smbclient smbsharemodes - swat syslog +winbind" - -DEPEND="dev-libs/popt - >=sys-libs/talloc-2.0.8-r1[${MULTILIB_USEDEP}] - >=sys-libs/tdb-1.2.13[${MULTILIB_USEDEP}] - >=sys-libs/tevent-0.9.19[${MULTILIB_USEDEP}] - >=virtual/libiconv-0-r1[${MULTILIB_USEDEP}] - ads? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] sys-fs/e2fsprogs - client? ( sys-apps/keyutils ) ) - avahi? ( net-dns/avahi[dbus] ) - caps? ( >=sys-libs/libcap-2.22-r2[${MULTILIB_USEDEP}] ) - client? ( !net-fs/mount-cifs - >=dev-libs/iniparser-3.1-r1:0[${MULTILIB_USEDEP}] ) - cluster? ( >=dev-db/ctdb-1.13 ) - cups? ( net-print/cups ) - debug? ( dev-libs/dmalloc ) - dmapi? ( sys-apps/dmapi ) - fam? ( >=virtual/fam-0-r1[${MULTILIB_USEDEP}] ) - ldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] ) - ldb? ( sys-libs/ldb ) - pam? ( >=virtual/pam-0-r1[${MULTILIB_USEDEP}] - winbind? ( >=dev-libs/iniparser-3.1-r1:0[${MULTILIB_USEDEP}] ) - ) - readline? ( >=sys-libs/readline-5.2:= ) - syslog? ( virtual/logger )" - -RDEPEND="${DEPEND} - kernel_linux? ( ads? ( net-fs/cifs-utils[ads] ) - client? ( net-fs/cifs-utils ) ) - selinux? ( sec-policy/selinux-samba ) -" - -# Disable tests since we don't want to build that much here -RESTRICT="test" - -SBINPROGS="" -BINPROGS="" -KRBPLUGIN="" -PLUGINEXT=".so" -SHAREDMODS="" - -S=${WORKDIR}/${MY_P} - -# TODO: -# - enable iPrint on Prefix/OSX and Darwin? -# - selftest-prefix? selftest? -# - AFS? - -CONFDIR="${FILESDIR}/$(get_version_component_range 1-2)" - -REQUIRED_USE=" - ads? ( ldap ) - swat? ( server ) -" - -pkg_pretend() { - if [[ ${MERGE_TYPE} != binary ]]; then - if use winbind && - [[ $(tc-getCC)$ == *gcc* ]] && - [[ $(gcc-major-version)$(gcc-minor-version) -lt 43 ]] - then - eerror "It is a known issue that ${P} will not build with " - eerror "winbind use flag enabled when using gcc < 4.3 ." - eerror "Please use at least the latest stable gcc version." - die "Using sys-devel/gcc < 4.3 with winbind use flag." - fi - fi -} - -pkg_setup() { - if use server ; then - SBINPROGS="${SBINPROGS} bin/smbd bin/nmbd" - BINPROGS="${BINPROGS} bin/testparm bin/smbstatus bin/smbcontrol bin/pdbedit - bin/profiles bin/sharesec bin/eventlogadm bin/smbta-util - $(usex client "" "bin/smbclient")" - - use swat && SBINPROGS="${SBINPROGS} bin/swat" - use winbind && SBINPROGS="${SBINPROGS} bin/winbindd" - use ads && use winbind && KRBPLUGIN="${KRBPLUGIN} bin/winbind_krb5_locator" - fi - - if use client ; then - BINPROGS="${BINPROGS} bin/smbclient bin/net bin/smbget bin/smbtree - bin/nmblookup bin/smbpasswd bin/rpcclient bin/smbcacls bin/smbcquotas - bin/ntlm_auth" - - fi - - use cups && BINPROGS="${BINPROGS} bin/smbspool" -# use ldb && BINPROGS="${BINPROGS} bin/ldbedit bin/ldbsearch bin/ldbadd bin/ldbdel bin/ldbmodify bin/ldbrename"; - - if use winbind ; then - BINPROGS="${BINPROGS} bin/wbinfo" - SHAREDMODS="${SHAREDMODS}idmap_rid,idmap_hash" - use ads && SHAREDMODS="${SHAREDMODS},idmap_ad" - use cluster && SHAREDMODS="${SHAREDMODS},idmap_tdb2" - use ldap && SHAREDMODS="${SHAREDMODS},idmap_ldap,idmap_adex" - fi -} - -src_prepare() { - cp "${FILESDIR}/samba-3.4.2-lib.tevent.python.mk" "lib/tevent/python.mk" - - # ensure that winbind has correct ldflags (QA notice) - sed -i \ - -e 's|LDSHFLAGS="|LDSHFLAGS="\\${LDFLAGS} |g' \ - source3/configure || die "sed failed" - epatch "${CONFDIR}"/smb.conf.default.patch - - #bug #399141 wrap newer iniparser version - has_version ">=dev-libs/iniparser-3.0.0:0" && \ - append-cppflags "-Diniparser_getstr\(d,i\)=iniparser_getstring\(d,i,NULL\)" - - multilib_copy_sources -} - -multilib_src_configure() { - local myconf=() - - # we can't alter S since build system writes to '../' and therefore - # we need to duplicate the whole structure - cd source3 || die - - # Filter out -fPIE - [[ ${CHOST} == *-*bsd* ]] && myconf+=( --disable-pie ) - - #Allowing alpha/s390/sh to build - if use alpha || [[ ${ABI} == s390 ]] || use sh ; then - local CFLAGS=${CFLAGS} CXXFLAGS=${CXXFLAGS} - replace-flags -O? -O1 - fi - - # http://wiki.samba.org/index.php/CTDB_Setup - use cluster && myconf+=( --disable-pie ) - - # Upstream refuses to make this configurable - myconf+=( ac_cv_header_sys_capability_h=$(usex caps) ) - - # Notes: - # - automount is only needed in conjunction with NIS and we don't have that - # anymore => LDAP? - # - --without-dce-dfs and --without-nisplus-home can't be passed to configure but are disabled by default - econf "${myconf[@]}" \ - --with-piddir="${EPREFIX}"/var/run/samba \ - --sysconfdir="${EPREFIX}"/etc/samba \ - --localstatedir="${EPREFIX}"/var \ - $(multilib_native_use_enable debug developer) \ - --enable-largefile \ - --enable-socket-wrapper \ - --enable-nss-wrapper \ - $(multilib_native_use_enable swat) \ - $(multilib_native_use_enable debug dmalloc) \ - $(multilib_native_use_enable cups) \ - --disable-iprint \ - $(use_enable fam) \ - --enable-shared-libs \ - --disable-dnssd \ - $(multilib_native_use_enable avahi) \ - --with-fhs \ - --with-privatedir="${EPREFIX}"/var/lib/samba/private \ - --with-rootsbindir="${EPREFIX}"/var/cache/samba \ - --with-lockdir="${EPREFIX}"/var/cache/samba \ - --with-swatdir="${EPREFIX}"/usr/share/doc/${PF}/swat \ - --with-configdir="${EPREFIX}"/etc/samba \ - --with-logfilebase="${EPREFIX}"/var/log/samba \ - --with-pammodulesdir=$(getpam_mod_dir) \ - $(multilib_native_use_with dmapi) \ - --without-afs \ - --without-fake-kaserver \ - --without-vfs-afsacl \ - $(use_with ldap) \ - $(use_with ads) \ - $(use_with ads krb5 "${EPREFIX}"/usr) \ - $(use_with ads dnsupdate) \ - --without-automount \ - $(use_with pam) \ - $(use_with pam pam_smbpass) \ - $(use_with syslog) \ - $(use_with quota quotas) \ - $(use_with quota sys-quotas) \ - --without-utmp \ - --without-lib{talloc,tdb} \ - $(use_with netapi libnetapi) \ - $(use_with smbclient libsmbclient) \ - $(use_with smbsharemodes libsmbsharemodes) \ - $(use_with addns libaddns) \ - $(use_with cluster ctdb "${EPREFIX}"/usr) \ - $(use_with cluster cluster-support) \ - $(multilib_native_use_with acl acl-support) \ - $(use_with aio aio-support) \ - --with-sendfile-support \ - $(use_with winbind) \ - --with-shared-modules=${SHAREDMODS} \ - --without-included-popt \ - --without-included-iniparser -} - -multilib_src_compile() { - cd source3 || die - - # compile libs - if use addns ; then - einfo "make addns library" - emake libaddns - fi - if use netapi ; then - einfo "make netapi library" - emake libnetapi - fi - if use smbclient ; then - einfo "make smbclient library" - emake libsmbclient - fi - if use smbsharemodes ; then - einfo "make smbsharemodes library" - emake libsmbsharemodes - fi - - # compile modules - emake modules - - # compile pam moudles - if use pam ; then - einfo "make pam modules" - emake pam_modules - fi - - # compile winbind nss modules - if use winbind ; then - einfo "make nss modules" - emake nss_modules - fi - - # compile utilities - if multilib_is_native_abi; then - if [ -n "${BINPROGS}" ] ; then - einfo "make binprogs" - emake ${BINPROGS} - fi - if [ -n "${SBINPROGS}" ] ; then - einfo "make sbinprogs" - emake ${SBINPROGS} - fi - fi - - if [ -n "${KRBPLUGIN}" ] ; then - einfo "make krbplugin" - emake ${KRBPLUGIN}${PLUGINEXT} - fi -} - -multilib_src_install() { - cd source3 || die - - # pkgconfig files installation needed, bug #464818 - local pkgconfigdir=/usr/$(get_libdir)/pkgconfig - - # install libs - if use addns ; then - einfo "install addns library" - emake installlibaddns DESTDIR="${D}" - fi - if use netapi ; then - einfo "install netapi library" - emake installlibnetapi DESTDIR="${D}" - insinto $pkgconfigdir - doins pkgconfig/netapi.pc - fi - if use smbclient ; then - einfo "install smbclient library" - emake installlibsmbclient DESTDIR="${D}" - insinto $pkgconfigdir - doins pkgconfig/smbclient.pc - fi - if use smbsharemodes ; then - einfo "install smbsharemodes library" - emake installlibsmbsharemodes DESTDIR="${D}" - insinto $pkgconfigdir - doins pkgconfig/smbsharemodes.pc - fi - - # install modules - emake installmodules DESTDIR="${D}" - - if use pam ; then - einfo "install pam modules" - emake installpammodules DESTDIR="${D}" - - if use winbind ; then - newpamd "${CONFDIR}/system-auth-winbind.pam" system-auth-winbind - doman ../docs/manpages/pam_winbind.8 - # bug #376853 - insinto /etc/security - doins ../examples/pam_winbind/pam_winbind.conf || die - fi - - newpamd "${CONFDIR}/samba.pam" samba - dodoc pam_smbpass/README - fi - - # Nsswitch extensions. Make link for wins and winbind resolvers - if use winbind ; then - einfo "install libwbclient" - emake installlibwbclient DESTDIR="${D}" - dolib.so ../nsswitch/libnss_wins.so - dosym libnss_wins.so /usr/$(get_libdir)/libnss_wins.so.2 - dolib.so ../nsswitch/libnss_winbind.so - dosym libnss_winbind.so /usr/$(get_libdir)/libnss_winbind.so.2 - insinto $pkgconfigdir - doins pkgconfig/wbclient.pc - einfo "install libwbclient related manpages" - doman ../docs/manpages/idmap_rid.8 - doman ../docs/manpages/idmap_hash.8 - if use ldap ; then - doman ../docs/manpages/idmap_adex.8 - doman ../docs/manpages/idmap_ldap.8 - fi - if use ads ; then - doman ../docs/manpages/idmap_ad.8 - fi - fi - - # install binaries - if multilib_is_native_abi; then - insinto /usr - for prog in ${SBINPROGS} ; do - dosbin ${prog} - doman ../docs/manpages/${prog/bin\/}* - done - - for prog in ${BINPROGS} ; do - dobin ${prog} - doman ../docs/manpages/${prog/bin\/}* - done - - # install scripts - if use client ; then - dobin script/findsmb - doman ../docs/manpages/findsmb.1 - fi - fi - - # install krbplugin - if [ -n "${KRBPLUGIN}" ] ; then - if has_version app-crypt/mit-krb5 ; then - insinto /usr/$(get_libdir)/krb5/plugins/libkrb5 - doins ${KRBPLUGIN}${PLUGINEXT} - elif has_version app-crypt/heimdal ; then - insinto /usr/$(get_libdir)/plugin/krb5 - doins ${KRBPLUGIN}${PLUGINEXT} - fi - insinto /usr - for prog in ${KRBPLUGIN} ; do - doman ../docs/manpages/${prog/bin\/}* - done - fi -} - -multilib_src_install_all() { - # install server components - if use server ; then - doman docs/manpages/vfs* docs/manpages/samba.7 - - diropts -m0700 - keepdir /var/lib/samba/private - - diropts -m1777 - keepdir /var/spool/samba - - diropts -m0755 - keepdir /var/{cache,log}/samba - keepdir /var/lib/samba/{netlogon,profiles} - keepdir /var/lib/samba/printers/{W32X86,WIN40,W32ALPHA,W32MIPS,W32PPC,X64,IA64,COLOR} - keepdir /usr/$(get_libdir)/samba/{auth,pdb,rpc,idmap,nss_info,gpext} - - newconfd "${CONFDIR}/samba.confd" samba - newinitd "${CONFDIR}/samba.initd" samba - - insinto /etc/samba - doins "${CONFDIR}"/{smbusers,lmhosts} - - if use ldap ; then - insinto /etc/openldap/schema - doins examples/LDAP/samba.schema - fi - - if use swat ; then - insinto /etc/xinetd.d - newins "${CONFDIR}/swat.xinetd" swat - script/installswat.sh "${ED}" "${EROOT}/usr/share/doc/${PF}/swat" "${S}" - fi - - dodoc MAINTAINERS.txt README* Roadmap WHATSNEW.txt docs/THANKS - fi - - # install the spooler to cups - if use cups ; then - dosym /usr/bin/smbspool $(cups-config --serverbin)/backend/smb - fi - - # install misc files - insinto /etc/samba - doins examples/smb.conf.default - doman docs/manpages/smb.conf.5 - - insinto /usr/"$(get_libdir)"/samba - doins codepages/{valid.dat,upcase.dat,lowcase.dat} - - # install docs - if use doc ; then - dohtml -r docs/htmldocs/. - dodoc docs/*.pdf - fi - - # install examples - if use examples ; then - insinto /usr/share/doc/${PF}/examples - - if use smbclient ; then - doins -r examples/libsmbclient - fi - - if use winbind ; then - doins -r examples/pam_winbind examples/nss - fi - - if use server ; then - cd examples || die - doins -r auth autofs dce-dfs LDAP logon misc pdb \ - perfcounter printer-accounting printing scripts tridge \ - validchars VFS - fi - fi - - # Remove empty installation directories - rmdir --ignore-fail-on-non-empty \ - "${ED}/usr/$(get_libdir)/samba" \ - "${ED}/usr"/{sbin,bin} \ - "${ED}/usr/share"/{man,locale,} \ - "${ED}/var"/{run,lib/samba/private,lib/samba,lib,cache/samba,cache,} \ - # || die "tried to remove non-empty dirs, this seems like a bug in the ebuild" - - systemd_dotmpfilesd "${FILESDIR}"/samba.conf - systemd_dounit "${FILESDIR}"/nmbd.service - systemd_dounit "${FILESDIR}"/smbd.{service,socket} - systemd_newunit "${FILESDIR}"/smbd_at.service 'smbd@.service' - systemd_dounit "${FILESDIR}"/winbindd.service -} - -pkg_postinst() { - elog "Samba 3.6 has adopted a number of improved security defaults that" - elog "will impact on existing users of Samba." - elog " client ntlmv2 auth = yes" - elog " client use spnego principal = no" - elog " send spnego principal = no" - elog "" - elog "SMB2 protocol support in 3.6.0 is fully functional and can be " - elog "enabled by setting 'max protocol = smb2'. SMB2 is a new " - elog "implementation of the SMB protocol used by Windows Vista and higher" - elog "" - elog "For further information make sure to read the release notes at" - elog "http://samba.org/samba/history/${P}.html and " - elog "http://samba.org/samba/history/${PN}-3.6.0.html" -} |