summaryrefslogtreecommitdiff
path: root/net-fs
diff options
context:
space:
mode:
authorLars Wendler <polynomial-c@gentoo.org>2020-06-25 10:30:39 +0200
committerLars Wendler <polynomial-c@gentoo.org>2020-06-25 10:34:42 +0200
commitb32c611babc168729365872f34b036c3e85e4d03 (patch)
tree711cc6d0bb6f8d9a226fdd9b4371e7b20460ff80 /net-fs
parentnet-misc/rsync: Security cleanup (diff)
downloadgentoo-b32c611babc168729365872f34b036c3e85e4d03.tar.gz
gentoo-b32c611babc168729365872f34b036c3e85e4d03.tar.bz2
gentoo-b32c611babc168729365872f34b036c3e85e4d03.zip
net-fs/samba: Security cleanup
Bug: https://bugs.gentoo.org/719120 Package-Manager: Portage-2.3.103, Repoman-2.3.23 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
Diffstat (limited to 'net-fs')
-rw-r--r--net-fs/samba/Manifest1
-rw-r--r--net-fs/samba/samba-4.11.6-r2.ebuild316
2 files changed, 0 insertions, 317 deletions
diff --git a/net-fs/samba/Manifest b/net-fs/samba/Manifest
index 343ff7d3f78e..6b058ec2b28d 100644
--- a/net-fs/samba/Manifest
+++ b/net-fs/samba/Manifest
@@ -1,4 +1,3 @@
-DIST samba-4.11.6.tar.gz 18541566 BLAKE2B 2b4a40be7cec8a9706cbc344796885f59403aa11ca3d8a7dc40b3d287ec222c11d7395fd193c4b66c4116f1bffd869caf444a950d508f5a9a596db32553e1461 SHA512 3815080a1693c596a126371a5ea4e8534317a7266803c7de13a7e5b3ee9757dfbf13c0de20d498a6683d3aaf56941ed42f289e3c24f88713529a5f047a691af2
DIST samba-4.11.8.tar.gz 18571308 BLAKE2B 024920789ac8fcedfc79f4d094a47e4c1399a0bbc3ad79908f66b9bbabd765865795763c1017cc0caba18dbc11ce6a7e25231804d7dff11ab3d97a599ab8d9ed SHA512 a036c46e060d9edc11bf4e45e0449042fe44b74ff083d305779c68dad943f87fb6d2680f3a68e6bbcd0b19c8c397ec9fc5794229a311c25dad9efc366add613a
DIST samba-4.11.9.tar.gz 18576961 BLAKE2B 584e62df96bd7de6c0ff93f8fb45b85583b048c300cae020e1e1b467e773b4198c215cbef3b9c34ddf2e138118cca1dd7002ab9c671d111606e735ba8595f720 SHA512 77c1e928d23115eed0cc20f5836b02e73a26b0c23b2061c6148177fbf5b140e3d3a7a9fabfee3a2306158bc157708636c58c6655a57a64f0ff9a20c1a91e4f23
DIST samba-4.12.2.tar.gz 18192360 BLAKE2B 1ef1b128dc628d5b8b69183fa99eceac27feaea54207eb2e5e2af5882cdf17d2819efbfc9f91cf73a9c744b5ef17c6b8dcd135783da9a36d8c41246d2c4515d0 SHA512 c1d5f62ea2e43c246988aa65c4b690de232f73c0213cbc5d532e43c8cfbea17f1ac92435526b64c9a85c582b29381eecfb57713861efc32f6e6257000c393562
diff --git a/net-fs/samba/samba-4.11.6-r2.ebuild b/net-fs/samba/samba-4.11.6-r2.ebuild
deleted file mode 100644
index d4dbcb43bbb1..000000000000
--- a/net-fs/samba/samba-4.11.6-r2.ebuild
+++ /dev/null
@@ -1,316 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-PYTHON_COMPAT=( python3_{6,7,8} )
-PYTHON_REQ_USE='threads(+),xml(+)'
-inherit python-single-r1 waf-utils multilib-minimal linux-info systemd pam
-
-MY_PV="${PV/_rc/rc}"
-MY_P="${PN}-${MY_PV}"
-
-SRC_PATH="stable"
-[[ ${PV} = *_rc* ]] && SRC_PATH="rc"
-
-SRC_URI="mirror://samba/${SRC_PATH}/${MY_P}.tar.gz"
-[[ ${PV} = *_rc* ]] || \
-KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ppc ppc64 sparc x86"
-
-DESCRIPTION="Samba Suite Version 4"
-HOMEPAGE="https://www.samba.org/"
-LICENSE="GPL-3"
-
-SLOT="0"
-
-IUSE="acl addc addns ads ceph client cluster cups debug dmapi fam gpg iprint
-json ldap pam profiling-data python quota selinux syslog system-heimdal
-+system-mitkrb5 systemd test winbind zeroconf"
-
-MULTILIB_WRAPPED_HEADERS=(
- /usr/include/samba-4.0/policy.h
- /usr/include/samba-4.0/dcerpc_server.h
- /usr/include/samba-4.0/ctdb.h
- /usr/include/samba-4.0/ctdb_client.h
- /usr/include/samba-4.0/ctdb_protocol.h
- /usr/include/samba-4.0/ctdb_private.h
- /usr/include/samba-4.0/ctdb_typesafe_cb.h
- /usr/include/samba-4.0/ctdb_version.h
-)
-
-# sys-apps/attr is an automagic dependency (see bug #489748)
-CDEPEND="
- >=app-arch/libarchive-3.1.2[${MULTILIB_USEDEP}]
- dev-lang/perl:=
- dev-libs/libaio[${MULTILIB_USEDEP}]
- dev-libs/libbsd[${MULTILIB_USEDEP}]
- dev-libs/libgcrypt:0
- dev-libs/iniparser:0
- dev-libs/popt[${MULTILIB_USEDEP}]
- >=dev-util/cmocka-1.1.1[${MULTILIB_USEDEP}]
- >=net-libs/gnutls-3.2.0
- net-libs/libnsl:=[${MULTILIB_USEDEP}]
- sys-apps/attr[${MULTILIB_USEDEP}]
- >=sys-libs/ldb-2.0.8[ldap(+)?,python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}]
- <sys-libs/ldb-2.1.0[ldap(+)?,python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}]
- sys-libs/libcap
- sys-libs/ncurses:0=[${MULTILIB_USEDEP}]
- sys-libs/readline:0=
- >=sys-libs/talloc-2.2.0[python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}]
- >=sys-libs/tdb-1.4.2[python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}]
- >=sys-libs/tevent-0.10.0[python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}]
- sys-libs/zlib[${MULTILIB_USEDEP}]
- virtual/libiconv
- pam? ( sys-libs/pam )
- acl? ( virtual/acl )
- $(python_gen_cond_dep "
- dev-python/subunit[\${PYTHON_MULTI_USEDEP},${MULTILIB_USEDEP}]
- addns? (
- net-dns/bind-tools[gssapi]
- dev-python/dnspython:=[\${PYTHON_MULTI_USEDEP}]
- )
- ")
- ceph? ( sys-cluster/ceph )
- cluster? (
- net-libs/rpcsvc-proto
- !dev-db/ctdb
- )
- cups? ( net-print/cups )
- debug? ( dev-util/lttng-ust )
- dmapi? ( sys-apps/dmapi )
- fam? ( virtual/fam )
- gpg? ( app-crypt/gpgme )
- json? ( dev-libs/jansson )
- ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
- system-heimdal? ( >=app-crypt/heimdal-1.5[-ssl,${MULTILIB_USEDEP}] )
- system-mitkrb5? ( >=app-crypt/mit-krb5-1.15.1[${MULTILIB_USEDEP}] )
- systemd? ( sys-apps/systemd:0= )
- zeroconf? ( net-dns/avahi )
-"
-DEPEND="${CDEPEND}
- ${PYTHON_DEPS}
- app-text/docbook-xsl-stylesheets
- dev-libs/libxslt
- net-libs/libtirpc[${MULTILIB_USEDEP}]
- virtual/pkgconfig
- || (
- net-libs/rpcsvc-proto
- <sys-libs/glibc-2.26[rpc(+)]
- )
- test? (
- !system-mitkrb5? (
- >=sys-libs/nss_wrapper-1.1.3
- >=net-dns/resolv_wrapper-1.1.4
- >=net-libs/socket_wrapper-1.1.9
- >=sys-libs/uid_wrapper-1.2.1
- )
- )"
-RDEPEND="${CDEPEND}
- python? ( ${PYTHON_DEPS} )
- client? ( net-fs/cifs-utils[ads?] )
- selinux? ( sec-policy/selinux-samba )
- !dev-perl/Parse-Yapp
-"
-
-REQUIRED_USE="
- addc? ( python json winbind )
- addns? ( python )
- ads? ( acl ldap winbind )
- cluster? ( ads )
- gpg? ( addc )
- test? ( python )
- ?? ( system-heimdal system-mitkrb5 )
- ${PYTHON_REQUIRED_USE}
-"
-
-# the test suite is messed, it uses system-installed samba
-# bits instead of what was built, tests things disabled via use
-# flags, and generally just fails to work in a way ebuilds could
-# rely on in its current state
-RESTRICT="test"
-
-S="${WORKDIR}/${MY_P}"
-
-PATCHES=(
- "${FILESDIR}/${PN}-4.4.0-pam.patch"
- "${FILESDIR}/${PN}-4.9.2-timespec.patch"
-)
-
-#CONFDIR="${FILESDIR}/$(get_version_component_range 1-2)"
-CONFDIR="${FILESDIR}/4.4"
-
-WAF_BINARY="${S}/buildtools/bin/waf"
-
-SHAREDMODS=""
-
-pkg_setup() {
- python-single-r1_pkg_setup
- if use cluster ; then
- SHAREDMODS="idmap_rid,idmap_tdb2,idmap_ad"
- elif use ads ; then
- SHAREDMODS="idmap_ad"
- fi
-}
-
-src_prepare() {
- default
-
- # un-bundle dnspython
- sed -i -e '/"dns.resolver":/d' "${S}"/third_party/wscript || die
-
- # unbundle iso8601 unless tests are enabled
- if ! use test ; then
- sed -i -e '/"iso8601":/d' "${S}"/third_party/wscript || die
- fi
-
- # ugly hackaround for bug #592502
- cp /usr/include/tevent_internal.h "${S}"/lib/tevent/ || die
-
- sed -e 's:<gpgme\.h>:<gpgme/gpgme.h>:' \
- -i source4/dsdb/samdb/ldb_modules/password_hash.c \
- || die
-
- # Friggin' WAF shit
- multilib_copy_sources
-}
-
-multilib_src_configure() {
- # when specifying libs for samba build you must append NONE to the end to
- # stop it automatically including things
- local bundled_libs="NONE"
- if ! use system-heimdal && ! use system-mitkrb5 ; then
- bundled_libs="heimbase,heimntlm,hdb,kdc,krb5,wind,gssapi,hcrypto,hx509,roken,asn1,com_err,NONE"
- fi
-
- local myconf=(
- --enable-fhs
- --sysconfdir="${EPREFIX}/etc"
- --localstatedir="${EPREFIX}/var"
- --with-modulesdir="${EPREFIX}/usr/$(get_libdir)/samba"
- --with-piddir="${EPREFIX}/run/${PN}"
- --bundled-libraries="${bundled_libs}"
- --builtin-libraries=NONE
- --disable-rpath
- --disable-rpath-install
- --nopyc
- --nopyo
- $(multilib_native_use_with acl acl-support)
- $(multilib_native_usex addc '' '--without-ad-dc')
- $(multilib_native_use_with addns dnsupdate)
- $(multilib_native_use_with ads)
- $(multilib_native_use_enable ceph cephfs)
- $(multilib_native_use_with cluster cluster-support)
- $(multilib_native_use_enable cups)
- $(multilib_native_use_with dmapi)
- $(multilib_native_use_with fam)
- $(multilib_native_use_with gpg gpgme)
- $(multilib_native_use_with json)
- $(multilib_native_use_enable iprint)
- $(multilib_native_use_with pam)
- $(multilib_native_usex pam "--with-pammodulesdir=${EPREFIX}/$(get_libdir)/security" '')
- $(multilib_native_use_with quota quotas)
- $(multilib_native_use_with syslog)
- $(multilib_native_use_with systemd)
- --systemd-install-services
- --with-systemddir="$(systemd_get_systemunitdir)"
- $(multilib_native_use_with winbind)
- $(multilib_native_usex python '' '--disable-python')
- $(multilib_native_use_enable zeroconf avahi)
- $(multilib_native_usex test '--enable-selftest' '')
- $(usex system-mitkrb5 "--with-system-mitkrb5 $(multilib_native_usex addc --with-experimental-mit-ad-dc '')" '')
- $(use_with debug lttng)
- $(use_with ldap)
- $(use_with profiling-data)
- # bug #683148
- --jobs 1
- )
-
- multilib_is_native_abi && myconf+=( --with-shared-modules=${SHAREDMODS} )
-
- CPPFLAGS="-I${SYSROOT}${EPREFIX}/usr/include/et ${CPPFLAGS}" \
- waf-utils_src_configure ${myconf[@]}
-}
-
-multilib_src_compile() {
- waf-utils_src_compile
-}
-
-multilib_src_install() {
- waf-utils_src_install
-
- # Make all .so files executable
- find "${ED}" -type f -name "*.so" -exec chmod +x {} + || die
-
- if multilib_is_native_abi ; then
- # install ldap schema for server (bug #491002)
- if use ldap ; then
- insinto /etc/openldap/schema
- doins examples/LDAP/samba.schema
- fi
-
- # create symlink for cups (bug #552310)
- if use cups ; then
- dosym ../../../bin/smbspool /usr/libexec/cups/backend/smb
- fi
-
- # install example config file
- insinto /etc/samba
- doins examples/smb.conf.default
-
- # Fix paths in example file (#603964)
- sed \
- -e '/log file =/s@/usr/local/samba/var/@/var/log/samba/@' \
- -e '/include =/s@/usr/local/samba/lib/@/etc/samba/@' \
- -e '/path =/s@/usr/local/samba/lib/@/var/lib/samba/@' \
- -e '/path =/s@/usr/local/samba/@/var/lib/samba/@' \
- -e '/path =/s@/usr/spool/samba@/var/spool/samba@' \
- -i "${ED%/}"/etc/samba/smb.conf.default || die
-
- # Install init script and conf.d file
- newinitd "${CONFDIR}/samba4.initd-r1" samba
- newconfd "${CONFDIR}/samba4.confd" samba
-
- systemd_dotmpfilesd "${FILESDIR}"/samba.conf
- use addc || rm "${D}/$(systemd_get_systemunitdir)/samba.service" || die
-
- # Preserve functionality for old gentoo-specific unit names
- dosym nmb.service "$(systemd_get_systemunitdir)/nmbd.service"
- dosym smb.service "$(systemd_get_systemunitdir)/smbd.service"
- dosym winbind.service "$(systemd_get_systemunitdir)/winbindd.service"
- fi
-
- if use pam && use winbind ; then
- newpamd "${CONFDIR}/system-auth-winbind.pam" system-auth-winbind
- # bugs #376853 and #590374
- insinto /etc/security
- doins examples/pam_winbind/pam_winbind.conf
- fi
-
- keepdir /var/cache/samba
- keepdir /var/lib/ctdb
- keepdir /var/lib/samba/{bind-dns,private}
- keepdir /var/log/samba
-}
-
-multilib_src_install_all() {
- # Attempt to fix bug #673168
- find "${ED}" -type d -name "Yapp" -print0 \
- | xargs -0 --no-run-if-empty rm -r || die
-}
-
-multilib_src_test() {
- if multilib_is_native_abi ; then
- "${WAF_BINARY}" test || die "test failed"
- fi
-}
-
-pkg_postinst() {
- ewarn "Be aware that this release contains the best of all of Samba's"
- ewarn "technology parts, both a file server (that you can reasonably expect"
- ewarn "to upgrade existing Samba 3.x releases to) and the AD domain"
- ewarn "controller work previously known as 'samba4'."
-
- elog "For further information and migration steps make sure to read "
- elog "https://samba.org/samba/history/${P}.html "
- elog "https://wiki.samba.org/index.php/Samba4/HOWTO "
-}