From 1a4b7ee28bf7413af6513fb45ad0d0736048f866 Mon Sep 17 00:00:00 2001 From: Brad Bishop Date: Sun, 16 Dec 2018 17:11:34 -0800 Subject: reset upstream subtrees to yocto 2.6 Reset the following subtrees on thud HEAD: poky: 87e3a9739d meta-openembedded: 6094ae18c8 meta-security: 31dc4e7532 meta-raspberrypi: a48743dc36 meta-xilinx: c42016e2e6 Also re-apply backports that didn't make it into thud: poky: 17726d0 systemd-systemctl-native: handle Install wildcards meta-openembedded: 4321a5d libtinyxml2: update to 7.0.1 042f0a3 libcereal: Add native and nativesdk classes e23284f libcereal: Allow empty package 030e8d4 rsyslog: curl-less build with fmhttp PACKAGECONFIG 179a1b9 gtest: update to 1.8.1 Squashed OpenBMC subtree compatibility updates: meta-aspeed: Brad Bishop (1): aspeed: add yocto 2.6 compatibility meta-ibm: Brad Bishop (1): ibm: prepare for yocto 2.6 meta-ingrasys: Brad Bishop (1): ingrasys: set layer compatibility to yocto 2.6 meta-openpower: Brad Bishop (1): openpower: set layer compatibility to yocto 2.6 meta-phosphor: Brad Bishop (3): phosphor: set layer compatibility to thud phosphor: libgpg-error: drop patches phosphor: react to fitimage artifact rename Ed Tanous (4): Dropbear: upgrade options for latest upgrade yocto2.6: update openssl options busybox: remove upstream watchdog patch systemd: Rebase CONFIG_CGROUP_BPF patch Change-Id: I7b1fe71cca880d0372a82d94b5fd785323e3a9e7 Signed-off-by: Brad Bishop --- ...to-build-Samba-against-a-newer-minor-vers.patch | 86 ++++++ ...void-timeout-for-nmbd-if-started-offline-.patch | 32 --- ...006-avoid-using-colon-in-the-checking-msg.patch | 32 --- .../samba/samba-4.3.9-remove-getpwent_r.patch | 36 ++- .../samba/samba/samba-pam.patch | 21 +- .../recipes-connectivity/samba/samba/smb.conf | 254 ++++++++++++++++ .../samba/samba/smb_conf-4.7.0.patch | 17 +- .../recipes-connectivity/samba/samba_4.7.6.bb | 318 --------------------- .../recipes-connectivity/samba/samba_4.8.4.bb | 313 ++++++++++++++++++++ 9 files changed, 702 insertions(+), 407 deletions(-) create mode 100644 meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0001-ldb-Refuse-to-build-Samba-against-a-newer-minor-vers.patch delete mode 100644 meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0001-packaging-Avoid-timeout-for-nmbd-if-started-offline-.patch delete mode 100644 meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0006-avoid-using-colon-in-the-checking-msg.patch create mode 100644 meta-openembedded/meta-networking/recipes-connectivity/samba/samba/smb.conf delete mode 100644 meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.7.6.bb create mode 100644 meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.8.4.bb (limited to 'meta-openembedded/meta-networking/recipes-connectivity/samba') diff --git a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0001-ldb-Refuse-to-build-Samba-against-a-newer-minor-vers.patch b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0001-ldb-Refuse-to-build-Samba-against-a-newer-minor-vers.patch new file mode 100644 index 000000000..4c94831d7 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0001-ldb-Refuse-to-build-Samba-against-a-newer-minor-vers.patch @@ -0,0 +1,86 @@ +From 0bc8bc4143a58f91f6d7ce228b6763f377fdf45a Mon Sep 17 00:00:00 2001 +From: Andrew Bartlett +Date: Thu, 12 Jul 2018 12:34:56 +1200 +Subject: [PATCH] ldb: Refuse to build Samba against a newer minor version of + ldb + +Samba is not compatible with new versions of ldb (except release versions) + +Other users would not notice the breakages, but Samba makes many +more assuptions about the LDB internals than any other package. + +(Specifically, LDB 1.2 and 1.4 broke builds against released +Samba versions) + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13519 + +Signed-off-by: Andrew Bartlett +Reviewed-by: Gary Lockyer +(cherry picked from commit 52efa796538ae004ca62ea32fc8c833472991be6) +--- + lib/ldb/wscript | 32 ++++++++++++++++++++++---------- + 1 file changed, 22 insertions(+), 10 deletions(-) + +diff --git a/lib/ldb/wscript b/lib/ldb/wscript +index d94086b..2bb0832 100644 +--- a/lib/ldb/wscript ++++ b/lib/ldb/wscript +@@ -62,23 +62,33 @@ def configure(conf): + conf.env.standalone_ldb = conf.IN_LAUNCH_DIR() + + if not conf.env.standalone_ldb: ++ max_ldb_version = [int(x) for x in VERSION.split(".")] ++ max_ldb_version[2] = 999 ++ max_ldb_version_dots = "%d.%d.%d" % tuple(max_ldb_version) ++ + if conf.env.disable_python: +- if conf.CHECK_BUNDLED_SYSTEM_PKG('ldb', minversion=VERSION, +- onlyif='talloc tdb tevent', +- implied_deps='replace talloc tdb tevent'): ++ if conf.CHECK_BUNDLED_SYSTEM_PKG('ldb', ++ minversion=VERSION, ++ maxversion=max_ldb_version_dots, ++ onlyif='talloc tdb tevent', ++ implied_deps='replace talloc tdb tevent'): + conf.define('USING_SYSTEM_LDB', 1) + else: + using_system_pyldb_util = True +- if not conf.CHECK_BUNDLED_SYSTEM_PKG('pyldb-util', minversion=VERSION, +- onlyif='talloc tdb tevent', +- implied_deps='replace talloc tdb tevent ldb'): ++ if not conf.CHECK_BUNDLED_SYSTEM_PKG('pyldb-util', ++ minversion=VERSION, ++ maxversion=max_ldb_version_dots, ++ onlyif='talloc tdb tevent', ++ implied_deps='replace talloc tdb tevent ldb'): + using_system_pyldb_util = False + + # We need to get a pyldb-util for all the python versions + # we are building for + if conf.env['EXTRA_PYTHON']: + name = 'pyldb-util' + conf.all_envs['extrapython']['PYTHON_SO_ABI_FLAG'] +- if not conf.CHECK_BUNDLED_SYSTEM_PKG(name, minversion=VERSION, ++ if not conf.CHECK_BUNDLED_SYSTEM_PKG(name, ++ minversion=VERSION, ++ maxversion=max_ldb_version_dots, + onlyif='talloc tdb tevent', + implied_deps='replace talloc tdb tevent ldb'): + using_system_pyldb_util = False +@@ -86,9 +96,11 @@ def configure(conf): + if using_system_pyldb_util: + conf.define('USING_SYSTEM_PYLDB_UTIL', 1) + +- if conf.CHECK_BUNDLED_SYSTEM_PKG('ldb', minversion=VERSION, +- onlyif='talloc tdb tevent pyldb-util', +- implied_deps='replace talloc tdb tevent'): ++ if conf.CHECK_BUNDLED_SYSTEM_PKG('ldb', ++ minversion=VERSION, ++ maxversion=max_ldb_version_dots, ++ onlyif='talloc tdb tevent pyldb-util', ++ implied_deps='replace talloc tdb tevent'): + conf.define('USING_SYSTEM_LDB', 1) + + if conf.CONFIG_SET('USING_SYSTEM_LDB'): +-- +2.18.0 + diff --git a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0001-packaging-Avoid-timeout-for-nmbd-if-started-offline-.patch b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0001-packaging-Avoid-timeout-for-nmbd-if-started-offline-.patch deleted file mode 100644 index 0e89a9be0..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0001-packaging-Avoid-timeout-for-nmbd-if-started-offline-.patch +++ /dev/null @@ -1,32 +0,0 @@ -Upstream-Status: Submitted [https://github.com/samba-team/samba/pull/70] - -Signed-off-by: Andreas Oberritter - -From 50eac4fd30944e5e1d83060757633fe0ed572723 Mon Sep 17 00:00:00 2001 -From: Andreas Oberritter -Date: Wed, 30 Nov 2016 16:25:06 +0100 -Subject: [PATCH] packaging: Avoid timeout for nmbd if started offline with - systemd - -If no network connection appears within DefaultTimeoutStartSec -(~ 90s) after startup, nmbd fails to notify systemd and will -therefore get killed. - -Signed-off-by: Andreas Oberritter - ---- - packaging/systemd/nmb.service | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/packaging/systemd/nmb.service b/packaging/systemd/nmb.service -index 71c93d6..f3d2fc2 100644 ---- a/packaging/systemd/nmb.service -+++ b/packaging/systemd/nmb.service -@@ -10,6 +10,7 @@ EnvironmentFile=-/etc/sysconfig/samba - ExecStart=/usr/sbin/nmbd --foreground --no-process-group $NMBDOPTIONS - ExecReload=/usr/bin/kill -HUP $MAINPID - LimitCORE=infinity -+TimeoutStartSec=0 - - [Install] - WantedBy=multi-user.target diff --git a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0006-avoid-using-colon-in-the-checking-msg.patch b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0006-avoid-using-colon-in-the-checking-msg.patch deleted file mode 100644 index cdf7a38c1..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0006-avoid-using-colon-in-the-checking-msg.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 5413f97290d3126262eb309ecbcf7769509f2a11 Mon Sep 17 00:00:00 2001 -From: Jackie Huang -Date: Tue, 10 Nov 2015 00:48:35 -0500 -Subject: [PATCH 6/7] avoid using colon in the checking msg - -Upstream-Status: Pending - -colon is used as the separator when parse from -a answers file, the colon here makes it never -get the right answer. - -Signed-off-by: Jackie Huang ---- - wscript_configure_system_mitkrb5 | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/wscript_configure_system_mitkrb5 b/wscript_configure_system_mitkrb5 -index a62d00b..a2d89f0 100644 ---- a/wscript_configure_system_mitkrb5 -+++ b/wscript_configure_system_mitkrb5 -@@ -240,7 +240,7 @@ conf.CHECK_CODE(''' - ''', - 'HAVE_WRFILE_KEYTAB', - headers='krb5.h', lib='krb5', execute=True, -- msg="Checking whether the WRFILE:-keytab is supported"); -+ msg="Checking whether the WRFILE -keytab is supported"); - # Check for KRB5_DEPRECATED handling - conf.CHECK_CODE('''#define KRB5_DEPRECATED 1 - #include ''', --- -1.9.1 - diff --git a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/samba-4.3.9-remove-getpwent_r.patch b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/samba-4.3.9-remove-getpwent_r.patch index 71db99c5d..a75ac2bba 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/samba-4.3.9-remove-getpwent_r.patch +++ b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/samba-4.3.9-remove-getpwent_r.patch @@ -1,15 +1,23 @@ -Musl does not have _r versions of getent() and getpwent() APIs +From 02e0b14d8fa025a5db410d60a7c0dfebd536aaeb Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Sun, 6 Nov 2016 23:40:54 -0800 +Subject: [PATCH] Musl does not have _r versions of getent() and getpwent() + APIs Taken from gentoo http://data.gpo.zugaina.org/musl/net-fs/samba/files/samba-4.3.9-remove-getpwent_r.patch Signed-off-by: Khem Raj -Index: samba-4.4.5/source4/torture/local/nss_tests.c -=================================================================== ---- samba-4.4.5.orig/source4/torture/local/nss_tests.c -+++ samba-4.4.5/source4/torture/local/nss_tests.c -@@ -247,7 +247,6 @@ static bool test_getgrnam_r(struct tortu +--- + source4/torture/local/nss_tests.c | 13 ++++++++----- + 1 file changed, 8 insertions(+), 5 deletions(-) + +diff --git a/source4/torture/local/nss_tests.c b/source4/torture/local/nss_tests.c +index 2cd6122..04f13c6 100644 +--- a/source4/torture/local/nss_tests.c ++++ b/source4/torture/local/nss_tests.c +@@ -247,7 +247,6 @@ static bool test_getgrnam_r(struct torture_context *tctx, return true; } @@ -17,7 +25,7 @@ Index: samba-4.4.5/source4/torture/local/nss_tests.c static bool test_getgrgid(struct torture_context *tctx, gid_t gid, struct group *grp_p) -@@ -333,6 +332,7 @@ static bool test_enum_passwd(struct tort +@@ -333,6 +332,7 @@ static bool test_enum_passwd(struct torture_context *tctx, return true; } @@ -25,7 +33,7 @@ Index: samba-4.4.5/source4/torture/local/nss_tests.c static bool test_enum_r_passwd(struct torture_context *tctx, struct passwd **pwd_array_p, size_t *num_pwd_p) -@@ -381,6 +381,7 @@ static bool test_enum_r_passwd(struct to +@@ -381,6 +381,7 @@ static bool test_enum_r_passwd(struct torture_context *tctx, return true; } @@ -33,7 +41,7 @@ Index: samba-4.4.5/source4/torture/local/nss_tests.c static bool torture_assert_passwd_equal(struct torture_context *tctx, const struct passwd *p1, -@@ -432,7 +433,7 @@ static bool test_passwd_r(struct torture +@@ -432,7 +433,7 @@ static bool test_passwd_r(struct torture_context *tctx) struct passwd *pwd, pwd1, pwd2; size_t num_pwd; @@ -42,7 +50,7 @@ Index: samba-4.4.5/source4/torture/local/nss_tests.c "failed to enumerate passwd"); for (i=0; i < num_pwd; i++) { -@@ -460,7 +461,7 @@ static bool test_passwd_r_cross(struct t +@@ -460,7 +461,7 @@ static bool test_passwd_r_cross(struct torture_context *tctx) struct passwd *pwd, pwd1, pwd2, pwd3, pwd4; size_t num_pwd; @@ -51,7 +59,7 @@ Index: samba-4.4.5/source4/torture/local/nss_tests.c "failed to enumerate passwd"); for (i=0; i < num_pwd; i++) { -@@ -531,6 +532,7 @@ static bool test_enum_group(struct tortu +@@ -531,6 +532,7 @@ static bool test_enum_group(struct torture_context *tctx, return true; } @@ -59,7 +67,7 @@ Index: samba-4.4.5/source4/torture/local/nss_tests.c static bool test_enum_r_group(struct torture_context *tctx, struct group **grp_array_p, size_t *num_grp_p) -@@ -579,6 +581,7 @@ static bool test_enum_r_group(struct tor +@@ -579,6 +581,7 @@ static bool test_enum_r_group(struct torture_context *tctx, return true; } @@ -67,7 +75,7 @@ Index: samba-4.4.5/source4/torture/local/nss_tests.c static bool torture_assert_group_equal(struct torture_context *tctx, const struct group *g1, -@@ -635,7 +638,7 @@ static bool test_group_r(struct torture_ +@@ -635,7 +638,7 @@ static bool test_group_r(struct torture_context *tctx) struct group *grp, grp1, grp2; size_t num_grp; @@ -76,7 +84,7 @@ Index: samba-4.4.5/source4/torture/local/nss_tests.c "failed to enumerate group"); for (i=0; i < num_grp; i++) { -@@ -663,7 +666,7 @@ static bool test_group_r_cross(struct to +@@ -663,7 +666,7 @@ static bool test_group_r_cross(struct torture_context *tctx) struct group *grp, grp1, grp2, grp3, grp4; size_t num_grp; diff --git a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/samba-pam.patch b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/samba-pam.patch index 0cbacb6c0..27b40f215 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/samba-pam.patch +++ b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/samba-pam.patch @@ -1,14 +1,21 @@ -Lifted from gentoo and ported to 4.4.5 +From 54a5279cb33abd23ef7c094d51f16078ece2da0c Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Sun, 6 Nov 2016 23:40:54 -0800 +Subject: [PATCH] Lifted from gentoo and ported to 4.4.5 http://data.gpo.zugaina.org/musl/net-fs/samba/files/samba-4.2.7-pam.patch Signed-off-by: Khem Raj -Index: samba-4.7.0/source3/wscript -=================================================================== ---- samba-4.7.0.orig/source3/wscript -+++ samba-4.7.0/source3/wscript -@@ -875,7 +875,7 @@ msg.msg_accrightslen = sizeof(fd); +--- + source3/wscript | 13 ++++++++++++- + 1 file changed, 12 insertions(+), 1 deletion(-) + +diff --git a/source3/wscript b/source3/wscript +index 5436db2..864f614 100644 +--- a/source3/wscript ++++ b/source3/wscript +@@ -879,7 +879,7 @@ msg.msg_accrightslen = sizeof(fd); if conf.env.with_iconv: conf.DEFINE('HAVE_ICONV', 1) @@ -17,7 +24,7 @@ Index: samba-4.7.0/source3/wscript use_pam=True conf.CHECK_HEADERS('security/pam_appl.h pam/pam_appl.h') if not conf.CONFIG_SET('HAVE_SECURITY_PAM_APPL_H') and not conf.CONFIG_SET('HAVE_PAM_PAM_APPL_H'): -@@ -952,6 +952,17 @@ int i; i = PAM_RADIO_TYPE; +@@ -956,6 +956,17 @@ int i; i = PAM_RADIO_TYPE; "or headers not found. Use --without-pam to disable " "PAM support."); diff --git a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/smb.conf b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/smb.conf new file mode 100644 index 000000000..a0b87c373 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/smb.conf @@ -0,0 +1,254 @@ +# +# Sample configuration file for the Samba suite for Debian GNU/Linux. +# +# +# This is the main Samba configuration file. You should read the +# smb.conf(5) manual page in order to understand the options listed +# here. Samba has a huge number of configurable options most of which +# are not shown in this example +# +# Some options that are often worth tuning have been included as +# commented-out examples in this file. +# - When such options are commented with ";", the proposed setting +# differs from the default Samba behaviour +# - When commented with "#", the proposed setting is the default +# behaviour of Samba but the option is considered important +# enough to be mentioned here +# +# NOTE: Whenever you modify this file you should run the command +# "testparm" to check that you have not made any basic syntactic +# errors. + +#======================= Global Settings ======================= + +[global] + +## Browsing/Identification ### + +# Change this to the workgroup/NT-domain name your Samba server will part of + workgroup = WORKGROUP + +# Windows Internet Name Serving Support Section: +# WINS Support - Tells the NMBD component of Samba to enable its WINS Server +# wins support = no + +# WINS Server - Tells the NMBD components of Samba to be a WINS Client +# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both +; wins server = w.x.y.z + +# This will prevent nmbd to search for NetBIOS names through DNS. + dns proxy = no + +#### Networking #### + +# The specific set of interfaces / networks to bind to +# This can be either the interface name or an IP address/netmask; +# interface names are normally preferred +; interfaces = 127.0.0.0/8 eth0 + +# Only bind to the named interfaces and/or networks; you must use the +# 'interfaces' option above to use this. +# It is recommended that you enable this feature if your Samba machine is +# not protected by a firewall or is a firewall itself. However, this +# option cannot handle dynamic or non-broadcast interfaces correctly. +; bind interfaces only = yes + + + +#### Debugging/Accounting #### + +# This tells Samba to use a separate log file for each machine +# that connects + log file = /var/log/samba/log.%m + +# Cap the size of the individual log files (in KiB). + max log size = 1000 + +# If you want Samba to only log through syslog then set the following +# parameter to 'yes'. +# syslog only = no + +# We want Samba to log a minimum amount of information to syslog. Everything +# should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log +# through syslog you should set the following parameter to something higher. + syslog = 0 + +# Do something sensible when Samba crashes: mail the admin a backtrace + panic action = /usr/share/samba/panic-action %d + + +####### Authentication ####### + +# Server role. Defines in which mode Samba will operate. Possible +# values are "standalone server", "member server", "classic primary +# domain controller", "classic backup domain controller", "active +# directory domain controller". +# +# Most people will want "standalone server" or "member server". +# Running as "active directory domain controller" will require first +# running "samba-tool domain provision" to wipe databases and create a +# new domain. + server role = standalone server + +# If you are using encrypted passwords, Samba will need to know what +# password database type you are using. + passdb backend = tdbsam + + obey pam restrictions = yes + +# This boolean parameter controls whether Samba attempts to sync the Unix +# password with the SMB password when the encrypted SMB password in the +# passdb is changed. + unix password sync = yes + +# For Unix password sync to work on a Debian GNU/Linux system, the following +# parameters must be set (thanks to Ian Kahan < for +# sending the correct chat script for the passwd program in Debian Sarge). + passwd program = /usr/bin/passwd %u + passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . + +# This boolean controls whether PAM will be used for password changes +# when requested by an SMB client instead of the program listed in +# 'passwd program'. The default is 'no'. + pam password change = yes + +# This option controls how unsuccessful authentication attempts are mapped +# to anonymous connections + map to guest = bad user + +########## Domains ########### + +# +# The following settings only takes effect if 'server role = primary +# classic domain controller', 'server role = backup domain controller' +# or 'domain logons' is set +# + +# It specifies the location of the user's +# profile directory from the client point of view) The following +# required a [profiles] share to be setup on the samba server (see +# below) +; logon path = \\%N\profiles\%U +# Another common choice is storing the profile in the user's home directory +# (this is Samba's default) +# logon path = \\%N\%U\profile + +# The following setting only takes effect if 'domain logons' is set +# It specifies the location of a user's home directory (from the client +# point of view) +; logon drive = H: +# logon home = \\%N\%U + +# The following setting only takes effect if 'domain logons' is set +# It specifies the script to run during logon. The script must be stored +# in the [netlogon] share +# NOTE: Must be store in 'DOS' file format convention +; logon script = logon.cmd + +# This allows Unix users to be created on the domain controller via the SAMR +# RPC pipe. The example command creates a user account with a disabled Unix +# password; please adapt to your needs +; add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u + +# This allows machine accounts to be created on the domain controller via the +# SAMR RPC pipe. +# The following assumes a "machines" group exists on the system +; add machine script = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u + +# This allows Unix groups to be created on the domain controller via the SAMR +# RPC pipe. +; add group script = /usr/sbin/addgroup --force-badname %g + +############ Misc ############ + +# Using the following line enables you to customise your configuration +# on a per machine basis. The %m gets replaced with the netbios name +# of the machine that is connecting +; include = /home/samba/etc/smb.conf.%m + +# Some defaults for winbind (make sure you're not using the ranges +# for something else.) +; idmap uid = 10000-20000 +; idmap gid = 10000-20000 +; template shell = /bin/bash + +# Setup usershare options to enable non-root users to share folders +# with the net usershare command. + +# Maximum number of usershare. 0 (default) means that usershare is disabled. +; usershare max shares = 100 + +# Allow users who've been granted usershare privileges to create +# public shares, not just authenticated ones + usershare allow guests = yes + +#======================= Share Definitions ======================= + +[homes] + comment = Home Directories + browseable = no + +# By default, the home directories are exported read-only. Change the +# next parameter to 'no' if you want to be able to write to them. + read only = yes + +# File creation mask is set to 0700 for security reasons. If you want to +# create files with group=rw permissions, set next parameter to 0775. + create mask = 0700 + +# Directory creation mask is set to 0700 for security reasons. If you want to +# create dirs. with group=rw permissions, set next parameter to 0775. + directory mask = 0700 + +# By default, \\server\username shares can be connected to by anyone +# with access to the samba server. +# The following parameter makes sure that only "username" can connect +# to \\server\username +# This might need tweaking when using external authentication schemes + valid users = %S + +# Un-comment the following and create the netlogon directory for Domain Logons +# (you need to configure Samba to act as a domain controller too.) +;[netlogon] +; comment = Network Logon Service +; path = /home/samba/netlogon +; guest ok = yes +; read only = yes + +# Un-comment the following and create the profiles directory to store +# users profiles (see the "logon path" option above) +# (you need to configure Samba to act as a domain controller too.) +# The path below should be writable by all users so that their +# profile directory may be created the first time they log on +;[profiles] +; comment = Users profiles +; path = /home/samba/profiles +; guest ok = no +; browseable = no +; create mask = 0600 +; directory mask = 0700 + +[printers] + comment = All Printers + browseable = no + path = /var/spool/samba + printable = yes + guest ok = no + read only = yes + create mask = 0700 + +# Windows clients look for this share name as a source of downloadable +# printer drivers +[print$] + comment = Printer Drivers + path = /var/lib/samba/printers + browseable = yes + read only = yes + guest ok = no +# Uncomment to allow remote administration of Windows print drivers. +# You may need to replace 'lpadmin' with the name of the group your +# admin users are members of. +# Please note that you also need to set appropriate Unix permissions +# to the drivers directory for these users to have write rights in it +; write list = root, @lpadmin + diff --git a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/smb_conf-4.7.0.patch b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/smb_conf-4.7.0.patch index 77c8b3626..6ae292835 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/smb_conf-4.7.0.patch +++ b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/smb_conf-4.7.0.patch @@ -1,4 +1,7 @@ -samba: correct log files location +From f99b6a8617df6a46f41fb68ffafb2608dbb6681e Mon Sep 17 00:00:00 2001 +From: Joe Slater +Date: Wed, 8 Nov 2017 11:58:05 -0800 +Subject: [PATCH] samba: correct log files location We use /var/log/samba. @@ -6,9 +9,15 @@ Upstream-Status: Pending Signed-off-by: Joe Slater ---- a/packaging/RHEL/setup/smb.conf -+++ b/packaging/RHEL/setup/smb.conf -@@ -63,7 +63,7 @@ +--- + examples/smb.conf.default | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/examples/smb.conf.default b/examples/smb.conf.default +index 2f20720..44c1aa8 100644 +--- a/examples/smb.conf.default ++++ b/examples/smb.conf.default +@@ -52,7 +52,7 @@ # this tells Samba to use a separate log file for each machine # that connects diff --git a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.7.6.bb b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.7.6.bb deleted file mode 100644 index a8517c541..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.7.6.bb +++ /dev/null @@ -1,318 +0,0 @@ -HOMEPAGE = "https://www.samba.org/" -SECTION = "console/network" - -LICENSE = "GPL-3.0+ & LGPL-3.0+ & GPL-2.0+" -LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ - file://${COREBASE}/meta/files/common-licenses/LGPL-3.0;md5=bfccfe952269fff2b407dd11f2f3083b \ - file://${COREBASE}/meta/files/common-licenses/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6 " - -SAMBA_MIRROR = "http://samba.org/samba/ftp" -MIRRORS += "\ -${SAMBA_MIRROR} http://mirror.internode.on.net/pub/samba \n \ -${SAMBA_MIRROR} http://www.mirrorservice.org/sites/ftp.samba.org \n \ -" - -SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ - file://16-do-not-check-xsltproc-manpages.patch \ - file://20-do-not-import-target-module-while-cross-compile.patch \ - file://21-add-config-option-without-valgrind.patch \ - file://0001-packaging-Avoid-timeout-for-nmbd-if-started-offline-.patch \ - file://0006-avoid-using-colon-in-the-checking-msg.patch \ - file://netdb_defines.patch \ - file://glibc_only.patch \ - file://iconv-4.7.0.patch \ - file://dnsserver-4.7.0.patch \ - file://smb_conf-4.7.0.patch \ - file://volatiles.03_samba \ - " -SRC_URI_append_libc-musl = " \ - file://samba-pam.patch \ - file://samba-4.3.9-remove-getpwent_r.patch \ - " - -SRC_URI[md5sum] = "0253021a45c479cec1e135b004a0177a" -SRC_URI[sha256sum] = "1eede30fc8ef6504e24602fb72b00baa0a7b73b59f16d25cb0771dc8c7c57d6e" - -inherit systemd waf-samba cpan-base perlnative update-rc.d -# remove default added RDEPENDS on perl -RDEPENDS_${PN}_remove = "perl" - -DEPENDS += "readline virtual/libiconv zlib popt libtalloc libtdb libtevent libldb libbsd libaio libpam" - -inherit distro_features_check -REQUIRED_DISTRO_FEATURES = "pam" - -DEPENDS_append_libc-musl = " libtirpc" -CFLAGS_append_libc-musl = " -I${STAGING_INCDIR}/tirpc" -LDFLAGS_append_libc-musl = " -ltirpc" - -LSB = "" -LSB_linuxstdbase = "lsb" - -INITSCRIPT_NAME = "samba" -INITSCRIPT_PARAMS = "start 20 3 5 . stop 20 0 1 6 ." - -SYSTEMD_PACKAGES = "${PN}-base ${PN}-ad-dc winbind" -SYSTEMD_SERVICE_${PN}-base = "nmb.service smb.service" -SYSTEMD_SERVICE_${PN}-ad-dc = "${@bb.utils.contains('PACKAGECONFIG', 'ad-dc', 'samba.service', '', d)}" -SYSTEMD_SERVICE_winbind = "winbind.service" - -# There are prerequisite settings to enable ad-dc, so disable the service by default. -# Reference: -# https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller -SYSTEMD_AUTO_ENABLE_${PN}-ad-dc = "disable" - -# Use krb5. Build active domain controller. -# -PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd zeroconf', d)} \ - acl ad-dc cups gnutls ldap mitkrb5 \ -" - -RDEPENDS_${PN}-base += "${LSB}" -RDEPENDS_${PN}-ctdb-tests += "bash util-linux-getopt" - -PACKAGECONFIG[acl] = "--with-acl-support,--without-acl-support,acl" -PACKAGECONFIG[fam] = "--with-fam,--without-fam,gamin" -PACKAGECONFIG[cups] = "--enable-cups,--disable-cups,cups" -PACKAGECONFIG[ldap] = "--with-ldap,--without-ldap,openldap" -PACKAGECONFIG[sasl] = ",,cyrus-sasl" -PACKAGECONFIG[systemd] = "--with-systemd,--without-systemd,systemd" -PACKAGECONFIG[dmapi] = "--with-dmapi,--without-dmapi,dmapi" -PACKAGECONFIG[zeroconf] = "--enable-avahi,--disable-avahi,avahi" -PACKAGECONFIG[valgrind] = ",--without-valgrind,valgrind," -PACKAGECONFIG[lttng] = "--with-lttng, --without-lttng,lttng-ust" -PACKAGECONFIG[archive] = "--with-libarchive, --without-libarchive, libarchive" - -# Building the AD (Active Directory) DC (Domain Controller) requires GnuTLS, -# And ad-dc doesn't work with mitkrb5 for versions prior to 4.7.0 according to: -# http://samba.2283325.n4.nabble.com/samba-4-6-6-Unknown-dependency-kdc-in-service-kdc-objlist-td4722096.html -# So the working combination is: -# 1) ad-dc: enable, gnutls: enable, mitkrb5: disable -# 2) ad-dc: disable, gnutls: enable/disable, mitkrb5: enable -# -# We are now at 4.7.0, so take the above with a grain of salt. We do not need to know where -# krb5kdc is unless ad-dc is enabled, but we tell configure anyhow. -# -PACKAGECONFIG[ad-dc] = ",--without-ad-dc,," -PACKAGECONFIG[gnutls] = "--enable-gnutls,--disable-gnutls,gnutls," -PACKAGECONFIG[mitkrb5] = "--with-system-mitkrb5 --with-system-mitkdc=/usr/sbin/krb5kdc,,krb5," - -SAMBA4_IDMAP_MODULES="idmap_ad,idmap_rid,idmap_adex,idmap_hash,idmap_tdb2" -SAMBA4_PDB_MODULES="pdb_tdbsam,${@bb.utils.contains('PACKAGECONFIG', 'ldap', 'pdb_ldap,', '', d)}pdb_ads,pdb_smbpasswd,pdb_wbc_sam,pdb_samba4" -SAMBA4_AUTH_MODULES="auth_unix,auth_wbc,auth_server,auth_netlogond,auth_script,auth_samba4" -SAMBA4_MODULES="${SAMBA4_IDMAP_MODULES},${SAMBA4_PDB_MODULES},${SAMBA4_AUTH_MODULES}" - -# These libraries are supposed to replace others supplied by packages, but decorate the names of -# .so files so there will not be a conflict. This is not done consistantly, so be very careful -# when adding to this list. -# -SAMBA4_LIBS="heimdal,cmocka,NONE" - -EXTRA_OECONF += "--enable-fhs \ - --with-piddir=/run \ - --with-sockets-dir=/run/samba \ - --with-modulesdir=${libdir}/samba \ - --with-lockdir=${localstatedir}/lib/samba \ - --with-cachedir=${localstatedir}/lib/samba \ - --disable-rpath-install \ - --with-shared-modules=${SAMBA4_MODULES} \ - --bundled-libraries=${SAMBA4_LIBS} \ - ${@oe.utils.conditional('TARGET_ARCH', 'x86_64', '', '--disable-glusterfs', d)} \ - --with-cluster-support \ - --with-profiling-data \ - --with-libiconv=${STAGING_DIR_HOST}${prefix} \ - --with-pam --with-pammodulesdir=${base_libdir}/security \ - " - -LDFLAGS += "-Wl,-z,relro,-z,now ${@bb.utils.contains('DISTRO_FEATURES', 'ld-is-gold', ' -fuse-ld=bfd ', '', d)}" - -do_install_append() { - for section in 1 5 7; do - install -d ${D}${mandir}/man$section - install -m 0644 ctdb/doc/*.$section ${D}${mandir}/man$section - done - for section in 1 5 7 8; do - install -d ${D}${mandir}/man$section - install -m 0644 docs/manpages/*.$section ${D}${mandir}/man$section - done - - install -d ${D}${systemd_system_unitdir} - install -m 0644 packaging/systemd/*.service ${D}${systemd_system_unitdir} - sed -e 's,\(ExecReload=\).*\(/kill\),\1${base_bindir}\2,' \ - -e 's,/etc/sysconfig/samba,${sysconfdir}/default/samba,' \ - -i ${D}${systemd_system_unitdir}/*.service - - if [ "${@bb.utils.contains('PACKAGECONFIG', 'ad-dc', 'yes', 'no', d)}" = "no" ]; then - rm -f ${D}${systemd_system_unitdir}/samba.service - fi - - install -d ${D}${sysconfdir}/tmpfiles.d - install -m644 packaging/systemd/samba.conf.tmp ${D}${sysconfdir}/tmpfiles.d/samba.conf - echo "d ${localstatedir}/log/samba 0755 root root -" \ - >> ${D}${sysconfdir}/tmpfiles.d/samba.conf - if [ "${LSB}" = "lsb" ]; then - install -d ${D}${sysconfdir}/init.d - install -m 0755 packaging/LSB/samba.sh ${D}${sysconfdir}/init.d/samba - else - install -d ${D}${sysconfdir}/init.d - install -m 0755 packaging/sysv/samba.init ${D}${sysconfdir}/init.d/samba - sed -e 's,/opt/samba/bin,${sbindir},g' \ - -e 's,/opt/samba/smb.conf,${sysconfdir}/samba/smb.conf,g' \ - -e 's,/opt/samba/log,${localstatedir}/log/samba,g' \ - -e 's,/etc/init.d/samba.server,${sysconfdir}/init.d/samba,g' \ - -e 's,/usr/bin,${base_bindir},g' \ - -i ${D}${sysconfdir}/init.d/samba - fi - - install -d ${D}${sysconfdir}/samba - echo "127.0.0.1 localhost" > ${D}${sysconfdir}/samba/lmhosts - install -m644 packaging/RHEL/setup/smb.conf ${D}${sysconfdir}/samba/smb.conf - install -D -m 644 ${WORKDIR}/volatiles.03_samba ${D}${sysconfdir}/default/volatiles/03_samba - - install -d ${D}${sysconfdir}/default - install -m644 packaging/systemd/samba.sysconfig ${D}${sysconfdir}/default/samba - - # install ctdb config file and test cases - install -D -m 0644 ${S}/ctdb/tests/onnode/nodes ${D}${sysconfdir}/ctdb/nodes - # the items are from ctdb/tests/run_tests.sh - for d in onnode takeover tool eventscripts cunit simple complex; do - testdir=${D}${datadir}/ctdb-tests/$d - install -d $testdir - cp ${S}/ctdb/tests/$d/*.sh $testdir - cp -r ${S}/ctdb/tests/$d/scripts ${S}/ctdb/tests/$d/stubs $testdir || true - done - - # fix file-rdeps qa warning - if [ -f ${D}${bindir}/onnode ]; then - sed -i 's:\(#!/bin/\)bash:\1sh:' ${D}${bindir}/onnode - fi - - chmod 0750 ${D}${sysconfdir}/sudoers.d - rm -rf ${D}/run ${D}${localstatedir}/run ${D}${localstatedir}/log -} - -PACKAGES =+ "${PN}-python ${PN}-pidl \ - ${PN}-dsdb-modules ${PN}-testsuite registry-tools \ - winbind \ - ${PN}-common ${PN}-base ${PN}-ad-dc ${PN}-ctdb-tests \ - smbclient ${PN}-client ${PN}-server ${PN}-test" - -python samba_populate_packages() { - def module_hook(file, pkg, pattern, format, basename): - pn = d.getVar('PN', True) - d.appendVar('RRECOMMENDS_%s-base' % pn, ' %s' % pkg) - - mlprefix = d.getVar('MLPREFIX', True) or '' - pam_libdir = d.expand('${base_libdir}/security') - pam_pkgname = mlprefix + 'pam-plugin%s' - do_split_packages(d, pam_libdir, '^pam_(.*)\.so$', pam_pkgname, 'PAM plugin for %s', extra_depends='', prepend=True) - - libdir = d.getVar('libdir', True) - do_split_packages(d, libdir, '^lib(.*)\.so\..*$', 'lib%s', 'Samba %s library', extra_depends='${PN}-common', prepend=True, allow_links=True) - pkglibdir = '%s/samba' % libdir - do_split_packages(d, pkglibdir, '^lib(.*)\.so$', 'lib%s', 'Samba %s library', extra_depends='${PN}-common', prepend=True) - moduledir = '%s/samba/auth' % libdir - do_split_packages(d, moduledir, '^(.*)\.so$', 'samba-auth-%s', 'Samba %s authentication backend', hook=module_hook, extra_depends='', prepend=True) - moduledir = '%s/samba/pdb' % libdir - do_split_packages(d, moduledir, '^(.*)\.so$', 'samba-pdb-%s', 'Samba %s password backend', hook=module_hook, extra_depends='', prepend=True) -} - -PACKAGESPLITFUNCS_prepend = "samba_populate_packages " - -RDEPENDS_${PN} += "${PN}-base ${PN}-python ${PN}-dsdb-modules" -RDEPENDS_${PN}-python += "pytalloc python-tdb" - -FILES_${PN}-base = "${sbindir}/nmbd \ - ${sbindir}/smbd \ - ${sysconfdir}/init.d \ - ${localstatedir}/lib/samba \ - ${localstatedir}/nmbd \ - ${localstatedir}/spool/samba \ - ${systemd_system_unitdir}/nmb.service \ - ${systemd_system_unitdir}/smb.service" - -FILES_${PN}-ad-dc = "${sbindir}/samba \ - ${systemd_system_unitdir}/samba.service \ - ${libdir}/krb5/plugins/kdb/samba.so \ - " -RDEPENDS_${PN}-ad-dc = "krb5-kdc" - -FILES_${PN}-ctdb-tests = "${bindir}/ctdb_run_tests \ - ${bindir}/ctdb_run_cluster_tests \ - ${sysconfdir}/ctdb/nodes \ - ${datadir}/ctdb-tests \ - ${datadir}/ctdb/tests \ - " - -FILES_${BPN}-common = "${sysconfdir}/default \ - ${sysconfdir}/samba \ - ${sysconfdir}/tmpfiles.d \ -" - -FILES_${PN} += "${libdir}/vfs/*.so \ - ${libdir}/charset/*.so \ - ${libdir}/*.dat \ - ${libdir}/auth/*.so \ -" - -FILES_${PN}-dsdb-modules = "${libdir}/samba/ldb" - -FILES_${PN}-testsuite = "${bindir}/gentest \ - ${bindir}/locktest \ - ${bindir}/masktest \ - ${bindir}/ndrdump \ - ${bindir}/smbtorture" - -FILES_registry-tools = "${bindir}/regdiff \ - ${bindir}/regpatch \ - ${bindir}/regshell \ - ${bindir}/regtree" - -FILES_winbind = "${sbindir}/winbindd \ - ${bindir}/wbinfo \ - ${bindir}/ntlm_auth \ - ${libdir}/samba/idmap \ - ${libdir}/samba/nss_info \ - ${libdir}/winbind_krb5_locator.so \ - ${sysconfdir}/init.d/winbind \ - ${systemd_system_unitdir}/winbind.service" - -FILES_${PN}-python = "${PYTHON_SITEPACKAGES_DIR}" - -FILES_smbclient = "${bindir}/cifsdd \ - ${bindir}/rpcclient \ - ${bindir}/smbcacls \ - ${bindir}/smbclient \ - ${bindir}/smbcquotas \ - ${bindir}/smbget \ - ${bindir}/smbspool \ - ${bindir}/smbtar \ - ${bindir}/smbtree \ - ${libdir}/samba/smbspool_krb5_wrapper" - -RDEPENDS_${PN}-pidl_append = " perl" -FILES_${PN}-pidl = "${bindir}/pidl ${datadir}/perl5/Parse" - -RDEPENDS_${PN}-client = "\ - smbclient \ - winbind \ - registry-tools \ - ${PN}-pidl \ - " - -ALLOW_EMPTY_${PN}-client = "1" - -RDEPENDS_${PN}-server = "\ - ${PN} \ - winbind \ - registry-tools \ - " - -ALLOW_EMPTY_${PN}-server = "1" - -RDEPENDS_${PN}-test = "\ - ${PN}-ctdb-tests \ - ${PN}-testsuite \ - " - -ALLOW_EMPTY_${PN}-test = "1" diff --git a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.8.4.bb b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.8.4.bb new file mode 100644 index 000000000..da0ac322a --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.8.4.bb @@ -0,0 +1,313 @@ +HOMEPAGE = "https://www.samba.org/" +SECTION = "console/network" + +LICENSE = "GPL-3.0+ & LGPL-3.0+ & GPL-2.0+" +LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ + file://${COREBASE}/meta/files/common-licenses/LGPL-3.0;md5=bfccfe952269fff2b407dd11f2f3083b \ + file://${COREBASE}/meta/files/common-licenses/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6 " + +SAMBA_MIRROR = "http://samba.org/samba/ftp" +MIRRORS += "\ +${SAMBA_MIRROR} http://mirror.internode.on.net/pub/samba \n \ +${SAMBA_MIRROR} http://www.mirrorservice.org/sites/ftp.samba.org \n \ +" + +SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ + file://smb.conf \ + file://16-do-not-check-xsltproc-manpages.patch \ + file://20-do-not-import-target-module-while-cross-compile.patch \ + file://21-add-config-option-without-valgrind.patch \ + file://netdb_defines.patch \ + file://glibc_only.patch \ + file://iconv-4.7.0.patch \ + file://dnsserver-4.7.0.patch \ + file://smb_conf-4.7.0.patch \ + file://volatiles.03_samba \ + file://0001-ldb-Refuse-to-build-Samba-against-a-newer-minor-vers.patch \ + " +SRC_URI_append_libc-musl = " \ + file://samba-pam.patch \ + file://samba-4.3.9-remove-getpwent_r.patch \ + " + +SRC_URI[md5sum] = "ca5bfbebd8d9eb95506e16594b2bbee2" +SRC_URI[sha256sum] = "f5044d149e01894a08b1d114b8b69aed78171a7bb19608bd1fd771453b9a5406" + +UPSTREAM_CHECK_REGEX = "samba\-(?P4\.8(\.\d+)+).tar.gz" + +inherit systemd waf-samba cpan-base perlnative update-rc.d +# remove default added RDEPENDS on perl +RDEPENDS_${PN}_remove = "perl" + +DEPENDS += "readline virtual/libiconv zlib popt libtalloc libtdb libtevent libbsd libaio libpam" + +inherit distro_features_check +REQUIRED_DISTRO_FEATURES = "pam" + +DEPENDS_append_libc-musl = " libtirpc" +CFLAGS_append_libc-musl = " -I${STAGING_INCDIR}/tirpc" +LDFLAGS_append_libc-musl = " -ltirpc" + +INITSCRIPT_NAME = "samba" +INITSCRIPT_PARAMS = "start 20 3 5 . stop 20 0 1 6 ." + +SYSTEMD_PACKAGES = "${PN}-base ${PN}-ad-dc winbind" +SYSTEMD_SERVICE_${PN}-base = "nmb.service smb.service" +SYSTEMD_SERVICE_${PN}-ad-dc = "${@bb.utils.contains('PACKAGECONFIG', 'ad-dc', 'samba.service', '', d)}" +SYSTEMD_SERVICE_winbind = "winbind.service" + +# There are prerequisite settings to enable ad-dc, so disable the service by default. +# Reference: +# https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller +SYSTEMD_AUTO_ENABLE_${PN}-ad-dc = "disable" + +# Use krb5. Build active domain controller. +# +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd zeroconf', d)} \ + acl ad-dc cups gnutls ldap mitkrb5 \ +" + +RDEPENDS_${PN}-ctdb-tests += "bash util-linux-getopt" + +PACKAGECONFIG[acl] = "--with-acl-support,--without-acl-support,acl" +PACKAGECONFIG[fam] = "--with-fam,--without-fam,gamin" +PACKAGECONFIG[cups] = "--enable-cups,--disable-cups,cups" +PACKAGECONFIG[ldap] = "--with-ldap,--without-ldap,openldap" +PACKAGECONFIG[sasl] = ",,cyrus-sasl" +PACKAGECONFIG[systemd] = "--with-systemd,--without-systemd,systemd" +PACKAGECONFIG[dmapi] = "--with-dmapi,--without-dmapi,dmapi" +PACKAGECONFIG[zeroconf] = "--enable-avahi,--disable-avahi,avahi" +PACKAGECONFIG[valgrind] = ",--without-valgrind,valgrind," +PACKAGECONFIG[lttng] = "--with-lttng, --without-lttng,lttng-ust" +PACKAGECONFIG[archive] = "--with-libarchive, --without-libarchive, libarchive" + +# Building the AD (Active Directory) DC (Domain Controller) requires GnuTLS, +# And ad-dc doesn't work with mitkrb5 for versions prior to 4.7.0 according to: +# http://samba.2283325.n4.nabble.com/samba-4-6-6-Unknown-dependency-kdc-in-service-kdc-objlist-td4722096.html +# So the working combination is: +# 1) ad-dc: enable, gnutls: enable, mitkrb5: disable +# 2) ad-dc: disable, gnutls: enable/disable, mitkrb5: enable +# +# We are now at 4.7.0, so take the above with a grain of salt. We do not need to know where +# krb5kdc is unless ad-dc is enabled, but we tell configure anyhow. +# +PACKAGECONFIG[ad-dc] = ",--without-ad-dc,," +PACKAGECONFIG[gnutls] = "--enable-gnutls,--disable-gnutls,gnutls," +PACKAGECONFIG[mitkrb5] = "--with-system-mitkrb5 --with-system-mitkdc=/usr/sbin/krb5kdc,,krb5," + +SAMBA4_IDMAP_MODULES="idmap_ad,idmap_rid,idmap_adex,idmap_hash,idmap_tdb2" +SAMBA4_PDB_MODULES="pdb_tdbsam,${@bb.utils.contains('PACKAGECONFIG', 'ldap', 'pdb_ldap,', '', d)}pdb_ads,pdb_smbpasswd,pdb_wbc_sam,pdb_samba4" +SAMBA4_AUTH_MODULES="auth_unix,auth_wbc,auth_server,auth_netlogond,auth_script,auth_samba4" +SAMBA4_MODULES="${SAMBA4_IDMAP_MODULES},${SAMBA4_PDB_MODULES},${SAMBA4_AUTH_MODULES}" + +# These libraries are supposed to replace others supplied by packages, but decorate the names of +# .so files so there will not be a conflict. This is not done consistantly, so be very careful +# when adding to this list. +# +SAMBA4_LIBS="heimdal,cmocka,ldb,pyldb-util,NONE" + +EXTRA_OECONF += "--enable-fhs \ + --with-piddir=/run \ + --with-sockets-dir=/run/samba \ + --with-modulesdir=${libdir}/samba \ + --with-lockdir=${localstatedir}/lib/samba \ + --with-cachedir=${localstatedir}/lib/samba \ + --disable-rpath-install \ + --with-shared-modules=${SAMBA4_MODULES} \ + --bundled-libraries=${SAMBA4_LIBS} \ + ${@oe.utils.conditional('TARGET_ARCH', 'x86_64', '', '--disable-glusterfs', d)} \ + --with-cluster-support \ + --with-profiling-data \ + --with-libiconv=${STAGING_DIR_HOST}${prefix} \ + --with-pam --with-pammodulesdir=${base_libdir}/security \ + " + +LDFLAGS += "-Wl,-z,relro,-z,now ${@bb.utils.contains('DISTRO_FEATURES', 'ld-is-gold', ' -fuse-ld=bfd ', '', d)}" + +do_install_append() { + for section in 1 5 7; do + install -d ${D}${mandir}/man$section + install -m 0644 ctdb/doc/*.$section ${D}${mandir}/man$section + done + for section in 1 5 7 8; do + install -d ${D}${mandir}/man$section + install -m 0644 docs/manpages/*.$section ${D}${mandir}/man$section + done + + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${S}/bin/default/packaging/systemd/*.service ${D}${systemd_system_unitdir}/ + sed -e 's,\(ExecReload=\).*\(/kill\),\1${base_bindir}\2,' \ + -e 's,/etc/sysconfig/samba,${sysconfdir}/default/samba,' \ + -i ${D}${systemd_system_unitdir}/*.service + + if [ "${@bb.utils.contains('PACKAGECONFIG', 'ad-dc', 'yes', 'no', d)}" = "no" ]; then + rm -f ${D}${systemd_system_unitdir}/samba.service + fi + + install -d ${D}${sysconfdir}/tmpfiles.d + install -m644 packaging/systemd/samba.conf.tmp ${D}${sysconfdir}/tmpfiles.d/samba.conf + echo "d ${localstatedir}/log/samba 0755 root root -" \ + >> ${D}${sysconfdir}/tmpfiles.d/samba.conf + install -d ${D}${sysconfdir}/init.d + install -m 0755 packaging/sysv/samba.init ${D}${sysconfdir}/init.d/samba + sed -e 's,/opt/samba/bin,${sbindir},g' \ + -e 's,/opt/samba/smb.conf,${sysconfdir}/samba/smb.conf,g' \ + -e 's,/opt/samba/log,${localstatedir}/log/samba,g' \ + -e 's,/etc/init.d/samba.server,${sysconfdir}/init.d/samba,g' \ + -e 's,/usr/bin,${base_bindir},g' \ + -i ${D}${sysconfdir}/init.d/samba + + install -d ${D}${sysconfdir}/samba + echo "127.0.0.1 localhost" > ${D}${sysconfdir}/samba/lmhosts + install -m644 ${WORKDIR}/smb.conf ${D}${sysconfdir}/samba/smb.conf + install -D -m 644 ${WORKDIR}/volatiles.03_samba ${D}${sysconfdir}/default/volatiles/03_samba + + install -d ${D}${sysconfdir}/default + install -m644 packaging/systemd/samba.sysconfig ${D}${sysconfdir}/default/samba + + # install ctdb config file and test cases + install -D -m 0644 ${S}/ctdb/tests/onnode/nodes ${D}${sysconfdir}/ctdb/nodes + # the items are from ctdb/tests/run_tests.sh + for d in onnode takeover tool eventscripts cunit simple complex; do + testdir=${D}${datadir}/ctdb-tests/$d + install -d $testdir + cp ${S}/ctdb/tests/$d/*.sh $testdir + cp -r ${S}/ctdb/tests/$d/scripts ${S}/ctdb/tests/$d/stubs $testdir || true + done + + # fix file-rdeps qa warning + if [ -f ${D}${bindir}/onnode ]; then + sed -i 's:\(#!/bin/\)bash:\1sh:' ${D}${bindir}/onnode + fi + + chmod 0750 ${D}${sysconfdir}/sudoers.d + rm -rf ${D}/run ${D}${localstatedir}/run ${D}${localstatedir}/log +} + +PACKAGES =+ "${PN}-python ${PN}-pidl \ + ${PN}-dsdb-modules ${PN}-testsuite registry-tools \ + winbind \ + ${PN}-common ${PN}-base ${PN}-ad-dc ${PN}-ctdb-tests \ + smbclient ${PN}-client ${PN}-server ${PN}-test" + +python samba_populate_packages() { + def module_hook(file, pkg, pattern, format, basename): + pn = d.getVar('PN', True) + d.appendVar('RRECOMMENDS_%s-base' % pn, ' %s' % pkg) + + mlprefix = d.getVar('MLPREFIX', True) or '' + pam_libdir = d.expand('${base_libdir}/security') + pam_pkgname = mlprefix + 'pam-plugin%s' + do_split_packages(d, pam_libdir, '^pam_(.*)\.so$', pam_pkgname, 'PAM plugin for %s', extra_depends='', prepend=True) + + libdir = d.getVar('libdir', True) + do_split_packages(d, libdir, '^lib(.*)\.so\..*$', 'lib%s', 'Samba %s library', extra_depends='${PN}-common', prepend=True, allow_links=True) + pkglibdir = '%s/samba' % libdir + do_split_packages(d, pkglibdir, '^lib(.*)\.so$', 'lib%s', 'Samba %s library', extra_depends='${PN}-common', prepend=True) + moduledir = '%s/samba/auth' % libdir + do_split_packages(d, moduledir, '^(.*)\.so$', 'samba-auth-%s', 'Samba %s authentication backend', hook=module_hook, extra_depends='', prepend=True) + moduledir = '%s/samba/pdb' % libdir + do_split_packages(d, moduledir, '^(.*)\.so$', 'samba-pdb-%s', 'Samba %s password backend', hook=module_hook, extra_depends='', prepend=True) +} + +PACKAGESPLITFUNCS_prepend = "samba_populate_packages " +PACKAGES_DYNAMIC = "samba-auth-.* samba-pdb-.*" + +RDEPENDS_${PN} += "${PN}-base ${PN}-python ${PN}-dsdb-modules" +RDEPENDS_${PN}-python += "pytalloc python-tdb" + +FILES_${PN}-base = "${sbindir}/nmbd \ + ${sbindir}/smbd \ + ${sysconfdir}/init.d \ + ${localstatedir}/lib/samba \ + ${localstatedir}/nmbd \ + ${localstatedir}/spool/samba \ + ${systemd_system_unitdir}/nmb.service \ + ${systemd_system_unitdir}/smb.service" + +FILES_${PN}-ad-dc = "${sbindir}/samba \ + ${systemd_system_unitdir}/samba.service \ + ${libdir}/krb5/plugins/kdb/samba.so \ + " +RDEPENDS_${PN}-ad-dc = "krb5-kdc" + +FILES_${PN}-ctdb-tests = "${bindir}/ctdb_run_tests \ + ${bindir}/ctdb_run_cluster_tests \ + ${sysconfdir}/ctdb/nodes \ + ${datadir}/ctdb-tests \ + ${datadir}/ctdb/tests \ + " + +FILES_${BPN}-common = "${sysconfdir}/default \ + ${sysconfdir}/samba \ + ${sysconfdir}/tmpfiles.d \ +" + +FILES_${PN} += "${libdir}/vfs/*.so \ + ${libdir}/charset/*.so \ + ${libdir}/*.dat \ + ${libdir}/auth/*.so \ +" + +FILES_${PN}-dsdb-modules = "${libdir}/samba/ldb" + +FILES_${PN}-testsuite = "${bindir}/gentest \ + ${bindir}/locktest \ + ${bindir}/masktest \ + ${bindir}/ndrdump \ + ${bindir}/smbtorture" + +FILES_registry-tools = "${bindir}/regdiff \ + ${bindir}/regpatch \ + ${bindir}/regshell \ + ${bindir}/regtree" + +FILES_winbind = "${sbindir}/winbindd \ + ${bindir}/wbinfo \ + ${bindir}/ntlm_auth \ + ${libdir}/samba/idmap \ + ${libdir}/samba/nss_info \ + ${libdir}/winbind_krb5_locator.so \ + ${libdir}/winbind-krb5-localauth.so \ + ${sysconfdir}/init.d/winbind \ + ${systemd_system_unitdir}/winbind.service" + +FILES_${PN}-python = "${PYTHON_SITEPACKAGES_DIR}" + +FILES_smbclient = "${bindir}/cifsdd \ + ${bindir}/rpcclient \ + ${bindir}/smbcacls \ + ${bindir}/smbclient \ + ${bindir}/smbcquotas \ + ${bindir}/smbget \ + ${bindir}/smbspool \ + ${bindir}/smbtar \ + ${bindir}/smbtree \ + ${libdir}/samba/smbspool_krb5_wrapper" + +RDEPENDS_${PN}-pidl_append = " perl" +FILES_${PN}-pidl = "${bindir}/pidl ${datadir}/perl5/Parse" + +RDEPENDS_${PN}-client = "\ + smbclient \ + winbind \ + registry-tools \ + ${PN}-pidl \ + " + +ALLOW_EMPTY_${PN}-client = "1" + +RDEPENDS_${PN}-server = "\ + ${PN} \ + winbind \ + registry-tools \ + " + +ALLOW_EMPTY_${PN}-server = "1" + +RDEPENDS_${PN}-test = "\ + ${PN}-ctdb-tests \ + ${PN}-testsuite \ + " + +ALLOW_EMPTY_${PN}-test = "1" -- cgit v1.2.3