depends on PACKAGE_samba4-server
help
installs:
- modules: (vfs_btrfs) vfs_fruit vfs_shadow_copy2 vfs_recycle vfs_fake_perms vfs_readonly vfs_cap vfs_offline vfs_crossrename vfs_catia vfs_streams_xattr
+ modules: (vfs_btrfs) vfs_fruit vfs_shadow_copy2 vfs_recycle vfs_fake_perms vfs_readonly vfs_cap vfs_offline vfs_crossrename vfs_catia vfs_streams_xattr vfs_default_quota
Commonly used VFS modules, vfs_btrfs requires kmod-fs-btrfs to be selected separately
default y
Additional VFS modules that aren't commonly used, vfs_linux_xfs_sgid requires kmod-fs-xfs to be selected separately
default n
-config SAMBA4_SERVER_ACL
- bool "ACL support (xattr)"
- depends on PACKAGE_samba4-server
- help
- installs: sharesec
- modules: vfs_acl_xattr vfs_acl_tdb vfs_posixacl
-
- Extended access control list support
- default n
-
-config SAMBA4_SERVER_QUOTAS
- bool "Disk quota support"
+config SAMBA4_SERVER_AD_DC
+ bool "Active Directory Domain Controller support (EXPERIMENTAL)"
depends on PACKAGE_samba4-server
+ select SAMBA4_SERVER_VFS
help
- installs:
- modules: vfs_default_quota
+ installs: samba (meta-daemon) PyCryptodome ntlm_auth
+ scripts: samba-tool
- Support for disk quotas using the quotas VFS module (vfs_default_quota)
+ Run as a Active Directory Domain Controller
+ see: https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
+ HINT: see section (# Using the Domain Controller as a File Server)
+ NOTE: Extroot is recommend for this setup, as it is not optimized to run completely from RAM/tempfs!
default n
include $(TOPDIR)/rules.mk
PKG_NAME:=samba
-PKG_VERSION:=4.9.16
+PKG_VERSION:=4.11.4
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
http://www.nic.funet.fi/index/samba/pub/samba/stable/ \
http://samba.mirror.bit.nl/samba/ftp/stable/ \
https://download.samba.org/pub/samba/stable/
-PKG_HASH:=613987fac719ed90f3daad6ca12517329f0754dd51c573f6b3623e6b03cb3916
+PKG_HASH:=b95471ba450757109dce65acfe75dafc719c5cc5d464fc65ee442433a461db24
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_LICENSE:=GPL-3.0-only
PKG_LICENSE_FILES:=COPYING
PKG_CPE_ID:=cpe:/a:samba:samba
-# samba4=(asn1_compile,compile_et) nfs-kernel-server=(rpcgen)
-HOST_BUILD_DEPENDS:=python/host nfs-kernel-server/host
-PKG_BUILD_DEPENDS:=samba4/host
+# samba4=(asn1_compile,compile_et) rpcsvc-proto=(rpcgen)
+HOST_BUILD_DEPENDS:=python3/host perl/host
+PKG_BUILD_DEPENDS:=samba4/host libtasn1/host rpcsvc-proto/host
PKG_CONFIG_DEPENDS:= \
CONFIG_SAMBA4_SERVER_NETBIOS \
CONFIG_SAMBA4_SERVER_AVAHI \
CONFIG_SAMBA4_SERVER_VFS \
CONFIG_SAMBA4_SERVER_VFSX \
- CONFIG_SAMBA4_SERVER_QUOTAS \
- CONFIG_SAMBA4_SERVER_ACL \
+ CONFIG_SAMBA4_SERVER_AD_DC \
CONFIG_PACKAGE_kmod-fs-btrfs \
CONFIG_PACKAGE_kmod-fs-xfs
include $(INCLUDE_DIR)/host-build.mk
include $(INCLUDE_DIR)/kernel.mk
include $(INCLUDE_DIR)/version.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-host.mk
+#include $(TOPDIR)/feeds/packages/lang/python/python-package.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk
define Package/samba4/Default
SECTION:=net
define Package/samba4-libs
$(call Package/samba4/Default)
TITLE+= libs
- DEPENDS:= +zlib +libtirpc +libpopt +libreadline +libcap \
- +PACKAGE_libpthread:libpthread +PACKAGE_libnettle:libnettle +PACKAGE_libgcrypt:libgcrypt +PACKAGE_libpam:libpam +PACKAGE_dbus:dbus +PACKAGE_libavahi-client:libavahi-client \
+ DEPENDS:= +libtirpc +libreadline +libpopt +libcap +zlib +libgnutls +libtasn1 +libuuid +libopenssl +USE_GLIBC:libpthread \
+SAMBA4_SERVER_VFS:attr \
- +SAMBA4_SERVER_ACL:acl +SAMBA4_SERVER_ACL:attr \
- +SAMBA4_SERVER_AVAHI:libavahi-client
+ +SAMBA4_SERVER_VFSX:libaio \
+ +SAMBA4_SERVER_AVAHI:libavahi-client \
+ +SAMBA4_SERVER_AD_DC:python3-cryptodome +SAMBA4_SERVER_AD_DC:libopenldap +SAMBA4_SERVER_AD_DC:jansson +SAMBA4_SERVER_AD_DC:libarchive +SAMBA4_SERVER_AD_DC:acl +SAMBA4_SERVER_AD_DC:attr
endef
define Package/samba4-server
$(call Package/samba4/Default)
TITLE+= server
DEPENDS:= +samba4-libs
+ CONFLICTS:=samba36-server
endef
define Package/samba4-server/description
- installs: smbd, nmbd (daemon) smbpasswd pdbedit testparm
+ installs: smbd (nmbd) smbpasswd pdbedit testparm (nmblookup) (smbcacls sharesec)
+ (samba samba-tool ntlm_auth samba-gpupdate samba_dnsupdate samba_kcc samba_spnupdate samba_upgradedns samba_downgrade_db)
This provides the basic fileserver service and is the minimum needed to serve file shares.
HINT: https://fitzcarraldoblog.wordpress.com/2016/10/17/a-correct-method-of-configuring-samba-for-browsing-smb-shares-in-a-home-network/
endef
define Package/samba4-client/description
- installs: smbclient cifsdd
+ installs: cifsdd smbclient smbget
The smbclient program implements a simple ftp-like client for accessing SMB shares
endef
endef
define Package/samba4-admin/description
- installs: net smbcontrol profiles rpcclient smbcacls smbcquotas
+ installs: net smbcontrol profiles rpcclient dbwrap_tool eventlogadm
+ ldbadd ldbdel ldbedit ldbmodify ldbrename ldbsearch
+ tdbbackup tdbdump tdbrestore tdbtool
Administration tools collection
endef
endef
define Package/samba4-utils/description
- installs: smbstatus smbtree smbget nmblookup mvxattr
+ installs: smbstatus smbtree mvxattr smbtar smbcquotas
Utilities collection
endef
-TARGET_CFLAGS += -ffunction-sections -fdata-sections
-TARGET_LDFLAGS += -Wl,--gc-sections
+TARGET_CFLAGS += $(FPIC) -ffunction-sections -fdata-sections -I$(STAGING_DIR)/usr/include/tirpc
+TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
+# dont mess with sambas private rpath!
+RSTRIP:=:
CONFIGURE_VARS += \
CPP="$(TARGET_CROSS)cpp"
--disable-cephfs \
--disable-fault-handling \
--disable-glusterfs \
- --disable-rpath \
- --disable-rpath-install \
- --disable-rpath-private-install \
--enable-fhs \
--without-automount \
--without-iconv \
--without-gpgme
HOST_CONFIGURE_ARGS += --disable-avahi --without-quotas --without-acl-support --without-winbind \
- --without-ad-dc --without-json-audit --without-libarchive --disable-python --nopyc --nopyo \
- --disable-gnutls --without-dnsupdate --without-ads --without-ldap
+ --without-ad-dc --without-json --without-libarchive --disable-python --nopyc --nopyo \
+ --without-dnsupdate --without-ads --without-ldap --without-ldb-lmdb
HOST_CONFIGURE_VARS += python_LDFLAGS="" python_LIBDIR=""
# Optional AES-NI support - https://lists.samba.org/archive/samba-technical/2017-September/122738.html
--with-piddir=/var/run \
--with-privatedir=/etc/samba
+# features
+ifeq ($(CONFIG_SAMBA4_SERVER_VFS),y)
+ CONFIGURE_ARGS += --with-quotas
+else
+ CONFIGURE_ARGS += --without-quotas
+endif
ifeq ($(CONFIG_SAMBA4_SERVER_AVAHI),y)
CONFIGURE_ARGS += --enable-avahi
else
CONFIGURE_ARGS += --disable-avahi
endif
-ifeq ($(CONFIG_SAMBA4_SERVER_QUOTAS),y)
- CONFIGURE_ARGS += --with-quotas
-else
- CONFIGURE_ARGS += --without-quotas
-endif
-ifeq ($(CONFIG_SAMBA4_SERVER_ACL),y)
- CONFIGURE_ARGS += --with-acl-support
+
+# NOTE: We need host python-bin, but target python-config here!
+CONFIGURE_VARS += python_LDFLAGS="" python_LIBDIR=""
+ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y)
+ CONFIGURE_ARGS += --without-winbind --without-ldb-lmdb --with-acl-support
+ CONFIGURE_VARS += \
+ PYTHON="$(HOST_PYTHON3_BIN)" \
+ PYTHON_CONFIG="$(STAGING_DIR)/host/bin/$(PYTHON3)-config"
else
- CONFIGURE_ARGS += --without-acl-support
+ CONFIGURE_ARGS += --without-winbind --without-ads --without-ldap --without-ldb-lmdb --without-ad-dc \
+ --without-json --without-libarchive --disable-python --nopyc --nopyo --without-dnsupdate --without-acl-support
endif
-# features
-CONFIGURE_ARGS += --without-ad-dc --without-json-audit --without-libarchive --disable-python --nopyc --nopyo \
- --disable-gnutls --without-dnsupdate --without-ads --without-ldap
-CONFIGURE_VARS += \
- python_LDFLAGS="" \
- python_LIBDIR=""
SAMBA4_PDB_MODULES :=pdb_smbpasswd,pdb_tdbsam,
SAMBA4_AUTH_MODULES :=auth_builtin,auth_sam,auth_unix,auth_script,
SAMBA4_VFS_MODULES :=vfs_default,
SAMBA4_VFS_MODULES_SHARED :=
ifeq ($(CONFIG_SAMBA4_SERVER_VFS),y)
- SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_fruit,vfs_shadow_copy2,vfs_recycle,vfs_fake_perms,vfs_readonly,vfs_cap,vfs_offline,vfs_crossrename,vfs_catia,vfs_streams_xattr,vfs_xattr_tdb,
+ SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_fruit,vfs_shadow_copy2,vfs_recycle,vfs_fake_perms,vfs_readonly,vfs_cap,vfs_offline,vfs_crossrename,vfs_catia,vfs_streams_xattr,vfs_xattr_tdb,vfs_default_quota,
ifeq ($(CONFIG_PACKAGE_kmod-fs-btrfs),y)
SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_btrfs,
endif
SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_linux_xfs_sgid,
endif
endif
-ifeq ($(CONFIG_SAMBA4_SERVER_QUOTAS),y)
- SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_default_quota,
-endif
-ifeq ($(CONFIG_SAMBA4_SERVER_ACL),y)
+ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y)
+ SAMBA4_PDB_MODULES :=$(SAMBA4_PDB_MODULES)pdb_samba_dsdb,pdb_ldapsam,
+ SAMBA4_AUTH_MODULES :=$(SAMBA4_AUTH_MODULES)auth_samba4,
SAMBA4_VFS_MODULES :=$(SAMBA4_VFS_MODULES)vfs_posixacl,
- SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_acl_xattr,vfs_acl_tdb,
+ SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_audit,vfs_extd_audit,vfs_full_audit,vfs_acl_xattr,vfs_acl_tdb,
# vfs_zfsacl needs https://github.com/zfsonlinux/zfs/tree/master/include/sys/zfs_acl.h
# vfs_nfs4acl_xattr needs https://github.com/notriddle/libdrpc/blob/master/rpc/xdr.h
endif
--with-static-modules=!DEFAULT,!FORCED \
--with-shared-modules=!DEFAULT,!FORCED
-# Setup build/install targets
-# CONFIG_PACKAGE_samba4-server
-BUILD_TARGETS_SERVER :=smbd/smbd,smbpasswd,pdbedit,testparm
-# Optional server targets
-ifeq ($(CONFIG_SAMBA4_SERVER_ACL),y)
- BUILD_TARGETS_SERVER :=$(BUILD_TARGETS_SERVER),sharesec
-endif
-ifeq ($(CONFIG_SAMBA4_SERVER_NETBIOS),y)
- BUILD_TARGETS_SERVER :=$(BUILD_TARGETS_SERVER),nmbd
-endif
-# CONFIG_PACKAGE_samba4-client
-BUILD_TARGETS_CLIENT :=client/smbclient,client/cifsdd
-# CONFIG_PACKAGE_samba4-admin
-BUILD_TARGETS_ADMIN :=net,smbcontrol,profiles,rpcclient,smbcacls,smbcquotas,eventlogadm
-# CONFIG_PACKAGE_samba4-utils
-BUILD_TARGETS_UTILS :=smbstatus,smbtree,smbget,mvxattr,nmblookup
-
# lib bundling
+PY_VER:=$(PYTHON3_VERSION_MAJOR)$(PYTHON3_VERSION_MINOR)
# NOTE: bundle + make private, we want to avoid version configuration (build, link) conflicts
-CONFIGURE_ARGS += --builtin-libraries=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka,com_err
HOST_CONFIGURE_ARGS += --builtin-libraries=replace --nonshared-binary=asn1_compile,compile_et
-#CONFIGURE_ARGS += --bundled-libraries=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka,replace,!asn1_compile,!compile_et,!popt
-CONFIGURE_ARGS += --bundled-libraries=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka,replace,com_err,roken,wind,hx509,asn1,heimbase,hcrypto,krb5,gssapi,heimntlm,hdb,kdc,NONE
-# BUG: --private-libraries, Does not work for System possible libs, will not get "samba4" suffix!
-CONFIGURE_ARGS += --private-libraries=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka,replace,com_err
-# CONFIGURE_ARGS += --disable-symbol-versions
+SYSTEM_BUNDLED_LIBS:=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka,replace,com_err
+PYTHON_BUNDLED_LIBS:=pytalloc-util.cpython-$(PY_VER),pyldb-util.cpython-$(PY_VER)
+# CONFIGURE_ARGS += --builtin-libraries=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka,com_err
+ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y)
+ CONFIGURE_ARGS += --bundled-libraries=NONE,$(SYSTEM_BUNDLED_LIBS),$(PYTHON_BUNDLED_LIBS)
+else
+ CONFIGURE_ARGS += --bundled-libraries=NONE,$(SYSTEM_BUNDLED_LIBS)
+endif
+CONFIGURE_ARGS += --private-libraries=$(SYSTEM_BUNDLED_LIBS)
+
+export COMPILE_ET=$(STAGING_DIR_HOSTPKG)/bin/compile_et_samba
+export ASN1_COMPILE=$(STAGING_DIR_HOSTPKG)/bin/asn1_compile_samba
+# we dont need GnuTLS for the host helpers
+define Host/Prepare
+ $(call Host/Prepare/Default)
+ $(SED) 's,mandatory=True,mandatory=False,g' $(HOST_BUILD_DIR)/wscript_configure_system_gnutls
+endef
define Host/Compile
(cd $(HOST_BUILD_DIR); \
./buildtools/bin/waf build \
define Build/Prepare
$(Build/Prepare/Default)
+ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),)
# un-bundle dnspython
$(SED) '/"dns.resolver":/d' $(PKG_BUILD_DIR)/third_party/wscript
# unbundle iso8601
$(SED) '/"iso8601":/d' $(PKG_BUILD_DIR)/third_party/wscript
+endif
endef
define Build/Configure
$(CP) ./waf-cross-answers/$(ARCH).txt $(PKG_BUILD_DIR)/cross-answers.txt
+ echo 'Checking uname sysname type: "$(VERSION_DIST)"' >> $(PKG_BUILD_DIR)/cross-answers.txt
echo 'Checking uname machine type: "$(ARCH)"' >> $(PKG_BUILD_DIR)/cross-answers.txt
echo 'Checking uname release type: "$(LINUX_VERSION)"' >> $(PKG_BUILD_DIR)/cross-answers.txt
echo 'Checking uname version type: "$(VERSION_DIST) Linux-$(LINUX_VERSION) $(shell date +%Y-%m-%d)"' >> $(PKG_BUILD_DIR)/cross-answers.txt
- # NOTE: For some unknown reason this answer is not needed on some hosts/distros, yet needed on others?
+ # NOTE: special answers for freeBSD/CircleCI
echo 'Checking whether POSIX capabilities are available: OK' >> $(PKG_BUILD_DIR)/cross-answers.txt
+ echo 'checking for clnt_create(): OK' >> $(PKG_BUILD_DIR)/cross-answers.txt
$(call Build/Configure/Default)
endef
-# Note: We need to build via "waf install --targets=". Why do we also need to add the modules as targets here?
+# Build via "waf install", avoid the make wrapper. (Samba logic is 'waf install' = build + install)
define Build/Compile
(cd $(PKG_BUILD_DIR); \
./buildtools/bin/waf install \
--jobs=$(shell nproc) \
--destdir="$(PKG_INSTALL_DIR)" \
- --targets=$(SAMBA4_MODULES)$(SAMBA4_MODULES_SHARDED)$(BUILD_TARGETS_SERVER),$(BUILD_TARGETS_UTILS),$(BUILD_TARGETS_ADMIN),$(BUILD_TARGETS_CLIENT) \
)
endef
define Package/samba4-libs/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib/
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/*.so* $(1)/usr/lib/
-
- $(INSTALL_DIR) $(1)/usr/lib/samba/vfs $(1)/usr/lib/samba/ldb $(1)/usr/lib/samba/krb5
- if [ -d $(PKG_INSTALL_DIR)/usr/lib/samba/vfs ]; then \
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/vfs $(1)/usr/lib/samba/; \
- fi
- if [ -d $(PKG_INSTALL_DIR)/usr/lib/samba/krb5 ]; then \
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/krb5 $(1)/usr/lib/samba/; \
- fi
+ # rpath-install
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba $(1)/usr/lib/
endef
define Package/samba4-client/install
$(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{smbclient,cifsdd} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{cifsdd,smbclient,smbget} $(1)/usr/bin/
endef
define Package/samba4-admin/install
$(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{net,smbcontrol,profiles,rpcclient,smbcacls,smbcquotas} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{net,smbcontrol,profiles,rpcclient,dbwrap_tool} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{ldbadd,ldbdel,ldbedit,ldbmodify,ldbrename,ldbsearch} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{tdbbackup,tdbdump,tdbrestore,tdbtool} $(1)/usr/bin/
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/eventlogadm $(1)/usr/sbin/
endef
define Package/samba4-utils/install
$(INSTALL_DIR) $(1)/usr/bin
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{smbstatus,smbtree,smbget,mvxattr,nmblookup} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{smbstatus,smbtree,mvxattr,smbtar} $(1)/usr/bin/
+ifeq ($(CONFIG_SAMBA4_SERVER_VFS),y)
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/smbcquotas $(1)/usr/bin/
+endif
endef
define Package/samba4-server/install
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/smbd $(1)/usr/sbin/
ifeq ($(CONFIG_SAMBA4_SERVER_NETBIOS),y)
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/nmbd $(1)/usr/sbin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nmblookup $(1)/usr/bin/
endif
-ifeq ($(CONFIG_SAMBA4_SERVER_ACL),y)
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sharesec $(1)/usr/bin/
+ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y)
+ $(INSTALL_DIR) $(1)/usr/lib
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/$(PYTHON3) $(1)/usr/lib/
+ $(INSTALL_DIR) $(1)/usr/share/
+ $(CP) $(PKG_INSTALL_DIR)/usr/share/samba $(1)/usr/share/
+ # fix wrong hardcoded python3 location
+ $(SED) '1s,^#!/.*python3.*,#!/usr/bin/python3,' $(PKG_INSTALL_DIR)/usr/bin/samba-tool
+ $(SED) '1s,^#!/.*python3.*,#!/usr/bin/python3,' $(PKG_INSTALL_DIR)/usr/sbin/{samba-gpupdate,samba_dnsupdate,samba_kcc,samba_spnupdate,samba_upgradedns,samba_downgrade_db}
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{samba-tool,ntlm_auth,oLschema2ldif} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{sharesec,smbcacls} $(1)/usr/bin/
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{samba,samba-gpupdate,samba_dnsupdate,samba_kcc,samba_spnupdate,samba_upgradedns,samba_downgrade_db} $(1)/usr/sbin/
endif
$(INSTALL_DIR) $(1)/etc/config $(1)/etc/samba $(1)/etc/init.d
$(INSTALL_CONF) ./files/samba.config $(1)/etc/config/samba4
/etc/samba/smbpasswd
/etc/samba/secrets.tdb
/etc/samba/passdb.tdb
+/etc/samba/lmhosts
+/etc/nsswitch.conf
+/etc/krb5.conf
endef
$(eval $(call HostBuild))
START=98
USE_PROCD=1
+SAMBA_IFACE=""
+
smb_header() {
- config_get samba_iface $1 interface "loopback lan"
+ config_get SAMBA_IFACE $1 interface "lan"
# resolve interfaces
local interfaces
. /lib/functions/network.sh
local net
- for net in $samba_iface; do
+ for net in $SAMBA_IFACE; do
local device
network_is_up $net || continue
network_get_device device "$net"
[ -e /etc/samba/smb.conf ] || ln -nsf /var/etc/smb.conf /etc/samba/smb.conf
- if ! [ -L /etc/samba/smb.conf ]; then
- logger -t 'samba4-server' "Local custom /etc/samba/smb.conf file detected, all luci/config settings are ignored!"
+ if [ ! -L /etc/samba/smb.conf ]; then
+ logger -p daemon.warn -t 'samba4-server' "Local custom /etc/samba/smb.conf file detected, all luci/config settings are ignored!"
fi
}
}
service_triggers() {
- PROCD_RELOAD_DELAY=2000
+ # PROCD_RELOAD_DELAY=1000
procd_add_reload_trigger "dhcp" "system" "samba4"
local i
- for i in $samba_iface; do
+ for i in $SAMBA_IFACE; do
procd_add_reload_interface_trigger $i
done
}
start_service() {
init_config
+
+ if [ ! -e /etc/samba/smb.conf ]; then
+ logger -p daemon.error -t 'samba4-server' "missing config /etc/samba/smb.conf!"
+ exit 1
+ fi
+
+ local nice_value
+ config_get nice_value extra samba_nice 0
# start main AD-DC daemon, will spawn (smbd,nmbd,winbindd) as needed/configured.
if [ "$DISABLE_AD_DC" -ne 1 ] && [ -x /usr/sbin/samba ]; then
procd_open_instance
procd_set_param command /usr/sbin/samba -F
+ procd_set_param nice $nice_value
procd_set_param respawn
- procd_set_param file /var/etc/smb.conf
+ procd_set_param file /etc/samba/smb.conf
+ procd_set_param limits nofile=16384
procd_close_instance
else
# start fileserver daemon
procd_open_instance
procd_set_param command /usr/sbin/smbd -F
+ procd_set_param nice $nice_value
procd_set_param respawn
- procd_set_param file /var/etc/smb.conf
+ procd_set_param file /etc/samba/smb.conf
+ procd_set_param limits nofile=16384
procd_close_instance
# start netbios daemon
if [ "$DISABLE_NETBIOS" -ne 1 ] && [ -x /usr/sbin/nmbd ]; then
procd_open_instance
procd_set_param command /usr/sbin/nmbd -F
+ procd_set_param nice $nice_value
procd_set_param respawn
- procd_set_param file /var/etc/smb.conf
+ procd_set_param file /etc/samba/smb.conf
procd_close_instance
fi
# start winbind daemon
if [ "$DISABLE_WINBIND" -ne 1 ] && [ -x /usr/sbin/winbindd ]; then
procd_open_instance
procd_set_param command /usr/sbin/winbindd -F
+ procd_set_param nice $nice_value
procd_set_param respawn
- procd_set_param file /var/etc/smb.conf
+ procd_set_param file /etc/samba/smb.conf
procd_close_instance
fi
fi
- # lower priority using renice (if found)
- if [ -x /usr/bin/renice ]; then
- [ -x /usr/sbin/samba ] && renice -n 2 $(pidof samba)
- [ -x /usr/sbin/smbd ] && renice -n 2 $(pidof smbd)
- [ -x /usr/sbin/nmbd ] && renice -n 2 $(pidof nmbd)
- [ -x /usr/sbin/winbindd ] && renice -n 2 $(pidof winbindd)
- fi
}
--- /dev/null
+diff --git a/source4/torture/local/nss_tests.c b/source4/torture/local/nss_tests.c
+index 2cd6122..04f13c6 100644
+--- a/source4/torture/local/nss_tests.c
++++ b/source4/torture/local/nss_tests.c
+@@ -247,7 +247,6 @@ static bool test_getgrnam_r(struct torture_context *tctx,
+ return true;
+ }
+
+-
+ static bool test_getgrgid(struct torture_context *tctx,
+ gid_t gid,
+ struct group *grp_p)
+@@ -333,6 +332,7 @@ static bool test_enum_passwd(struct torture_context *tctx,
+ return true;
+ }
+
++#if HAVE_GETPWENT_R
+ static bool test_enum_r_passwd(struct torture_context *tctx,
+ struct passwd **pwd_array_p,
+ size_t *num_pwd_p)
+@@ -381,6 +381,7 @@ static bool test_enum_r_passwd(struct torture_context *tctx,
+
+ return true;
+ }
++#endif
+
+ static bool torture_assert_passwd_equal(struct torture_context *tctx,
+ const struct passwd *p1,
+@@ -432,7 +433,7 @@ static bool test_passwd_r(struct torture_context *tctx)
+ struct passwd *pwd, pwd1, pwd2;
+ size_t num_pwd;
+
+- torture_assert(tctx, test_enum_r_passwd(tctx, &pwd, &num_pwd),
++ torture_assert(tctx, test_enum_passwd(tctx, &pwd, &num_pwd),
+ "failed to enumerate passwd");
+
+ for (i=0; i < num_pwd; i++) {
+@@ -460,7 +461,7 @@ static bool test_passwd_r_cross(struct torture_context *tctx)
+ struct passwd *pwd, pwd1, pwd2, pwd3, pwd4;
+ size_t num_pwd;
+
+- torture_assert(tctx, test_enum_r_passwd(tctx, &pwd, &num_pwd),
++ torture_assert(tctx, test_enum_passwd(tctx, &pwd, &num_pwd),
+ "failed to enumerate passwd");
+
+ for (i=0; i < num_pwd; i++) {
+@@ -531,6 +532,7 @@ static bool test_enum_group(struct torture_context *tctx,
+ return true;
+ }
+
++#if HAVE_GETGRENT_R
+ static bool test_enum_r_group(struct torture_context *tctx,
+ struct group **grp_array_p,
+ size_t *num_grp_p)
+@@ -579,6 +581,7 @@ static bool test_enum_r_group(struct torture_context *tctx,
+
+ return true;
+ }
++#endif
+
+ static bool torture_assert_group_equal(struct torture_context *tctx,
+ const struct group *g1,
+@@ -635,7 +638,7 @@ static bool test_group_r(struct torture_context *tctx)
+ struct group *grp, grp1, grp2;
+ size_t num_grp;
+
+- torture_assert(tctx, test_enum_r_group(tctx, &grp, &num_grp),
++ torture_assert(tctx, test_enum_group(tctx, &grp, &num_grp),
+ "failed to enumerate group");
+
+ for (i=0; i < num_grp; i++) {
+@@ -663,7 +666,7 @@ static bool test_group_r_cross(struct torture_context *tctx)
+ struct group *grp, grp1, grp2, grp3, grp4;
+ size_t num_grp;
+
+- torture_assert(tctx, test_enum_r_group(tctx, &grp, &num_grp),
++ torture_assert(tctx, test_enum_group(tctx, &grp, &num_grp),
+ "failed to enumerate group");
+
+ for (i=0; i < num_grp; i++) {
--- /dev/null
+diff --git a/lib/param/loadparm.h b/lib/param/loadparm.h
+index b5d79b9..3f4eae0 100644
+--- a/lib/param/loadparm.h
++++ b/lib/param/loadparm.h
+@@ -31,6 +31,7 @@
+ #define _LOADPARM_H
+
+ #include <talloc.h>
++#include <time.h>
+
+ struct parmlist_entry {
+ struct parmlist_entry *prev, *next;
+diff --git a/source3/lib/system_smbd.c b/source3/lib/system_smbd.c
+index 3b1ac9c..4044d75 100644
+--- a/source3/lib/system_smbd.c
++++ b/source3/lib/system_smbd.c
+@@ -27,6 +27,8 @@
+ #include "system/passwd.h"
+ #include "nsswitch/winbind_client.h"
+ #include "../lib/util/setid.h"
++#include <grp.h>
++#include <uuid/uuid.h>
+
+ #ifndef HAVE_GETGROUPLIST
+
+diff --git a/source4/torture/local/nss_tests.c b/source4/torture/local/nss_tests.c
+index 2cd6122..0c84ec2 100644
+--- a/source4/torture/local/nss_tests.c
++++ b/source4/torture/local/nss_tests.c
+@@ -20,6 +20,8 @@
+ */
+
+ #include "includes.h"
++#include <grp.h>
++#include <uuid/uuid.h>
+
+ #include "torture/torture.h"
+ #include "torture/local/proto.h"
--- /dev/null
+diff --git a/nsswitch/wins.c b/nsswitch/wins.c
+index dccb6dd..bb24acb 100644
+--- a/nsswitch/wins.c
++++ b/nsswitch/wins.c
+@@ -39,6 +39,14 @@ static pthread_mutex_t wins_nss_mutex = PTHREAD_MUTEX_INITIALIZER;
+ #define INADDRSZ 4
+ #endif
+
++#ifndef NETDB_INTERNAL
++#define NETDB_INTERNAL -1
++#endif
++
++#ifndef NETDB_SUCCESS
++#define NETDB_SUCCESS 0
++#endif
++
+ NSS_STATUS _nss_wins_gethostbyname_r(const char *hostname,
+ struct hostent *he,
+ char *buffer,
--- /dev/null
+--- a/source4/dsdb/samdb/ldb_modules/count_attrs.c
++++ b/source4/dsdb/samdb/ldb_modules/count_attrs.c
+@@ -38,6 +38,11 @@
+ #define NULL_REQ_PSEUDO_N -2LL;
+ #define STAR_REQ_PSEUDO_N -4LL;
+
++#ifndef __COMPAR_FN_T
++#define __COMPAR_FN_T
++typedef int (*__compar_fn_t)(const void *, const void *);
++#endif
++
+ struct count_attrs_private {
+ struct tdb_wrap *requested;
+ struct tdb_wrap *duplicates;
--- /dev/null
+diff --git a/source4/dsdb/samdb/ldb_modules/count_attrs.c b/source4/dsdb/samdb/ldb_modules/count_attrs.c
+index b0d1b22..29f1b94 100644
+--- a/source4/dsdb/samdb/ldb_modules/count_attrs.c
++++ b/source4/dsdb/samdb/ldb_modules/count_attrs.c
+@@ -222,7 +222,7 @@ static const char **get_sorted_attrs(TALLOC_CTX *mem_ctx,
+ attrs[i] = a;
+ }
+
+- qsort(attrs, n_attrs, sizeof(char *), (__compar_fn_t)strcasecmp_ptr);
++ qsort(attrs, n_attrs, sizeof(char *), (int (*)(const void *, const void *))strcasecmp_ptr);
+ return attrs;
+ }
+
+@@ -313,7 +313,7 @@ static int count_attrs_search_callback(struct ldb_request *req,
+ }
+
+ qsort(found_attrs, msg->num_elements, sizeof(char *),
+- (__compar_fn_t)strcasecmp_ptr);
++ (int (*)(const void *, const void *))strcasecmp_ptr);
+
+
+ /* find and report duplicates */
--- /dev/null
+--- a/wscript_configure_embedded_heimdal 2019-12-17
++++ b/wscript_configure_embedded_heimdal 2019-12-17
+@@ -1 +1,12 @@
+ conf.RECURSE('source4/heimdal_build')
++
++def check_system_heimdal_binary(name):
++ if conf.LIB_MAY_BE_BUNDLED(name):
++ return False
++ if not conf.find_program(name, var=name.upper()):
++ return False
++ conf.define('USING_SYSTEM_%s' % name.upper(), 1)
++ return True
++
++check_system_heimdal_binary("compile_et")
++check_system_heimdal_binary("asn1_compile")
+--- a/wscript_configure_system_heimdal 2019-12-17
++++ b/wscript_configure_system_heimdal 2019-12-17
+@@ -37,14 +37,6 @@ def check_system_heimdal_lib(name, funct
+ conf.define('USING_SYSTEM_%s' % name.upper(), 1)
+ return True
+
+-def check_system_heimdal_binary(name):
+- if conf.LIB_MAY_BE_BUNDLED(name):
+- return False
+- if not conf.find_program(name, var=name.upper()):
+- return False
+- conf.define('USING_SYSTEM_%s' % name.upper(), 1)
+- return True
+-
+ check_system_heimdal_lib("com_err", "com_right_r com_err", "com_err.h")
+
+ if check_system_heimdal_lib("roken", "rk_socket_set_reuseaddr", "roken.h"):
+@@ -96,7 +88,4 @@ finally:
+ #if conf.CHECK_BUNDLED_SYSTEM('tommath', checkfunctions='mp_init', headers='tommath.h'):
+ # conf.define('USING_SYSTEM_TOMMATH', 1)
+
+-check_system_heimdal_binary("compile_et")
+-check_system_heimdal_binary("asn1_compile")
+-
+ conf.define('USING_SYSTEM_KRB5', 1)
+++ /dev/null
---- a/source4/heimdal_build/wscript_configure 2019-12-03
-+++ b/source4/heimdal_build/wscript_configure 2019-12-03
-@@ -199,7 +199,7 @@ def check_system_heimdal_lib(name, funct
- def check_system_heimdal_binary(name):
- if conf.LIB_MAY_BE_BUNDLED(name):
- return False
-- if not conf.find_program(name, var=name.upper()):
-+ if not conf.find_program(name + '_samba', var=name.upper()):
- return False
- conf.define('USING_SYSTEM_%s' % name.upper(), 1)
- return True
}
- priv_path = private_path("msg.sock");
-+ priv_path = lock_path("msg.sock");
++ priv_path = lock_path(talloc_tos(), "msg.sock");
if (priv_path == NULL) {
return NT_STATUS_NO_MEMORY;
}
msg_ctx->msg_dgm_ref = messaging_dgm_ref(
msg_ctx, msg_ctx->event_ctx, &msg_ctx->id.unique_id,
- private_path("msg.sock"), lck_path,
-+ lock_path("msg.sock"), lck_path,
++ lock_path(talloc_tos(), "msg.sock"), lck_path,
messaging_recv_cb, msg_ctx, &ret);
if (msg_ctx->msg_dgm_ref == NULL) {
---- a/lib/crypto/wscript_configure
-+++ b/lib/crypto/wscript_configure
-@@ -2,11 +2,11 @@
- import Options
- import Utils
-
--if not conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h',
-- checklibc=True):
-- conf.CHECK_FUNCS_IN('MD5Init', 'md5', headers='sys/md5.h',
-- checklibc=True)
-- conf.CHECK_FUNCS_IN('MD5Init', 'md', headers='sys/md5.h',
-+# if not conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h',
-+ # checklibc=True):
-+conf.CHECK_FUNCS_IN('MD5Init', 'md5', headers='sys/md5.h',
-+ checklibc=True)
-+conf.CHECK_FUNCS_IN('MD5Init', 'md', headers='sys/md5.h',
- checklibc=True)
- conf.CHECK_FUNCS_IN('CC_MD5_Init', '', headers='CommonCrypto/CommonDigest.h',
- checklibc=True)
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -340,22 +340,13 @@ def configure(conf):
extra_libs = ''
- if bld.CONFIG_SET('HAVE_LIBBSD'): extra_libs += ' bsd'
-
+ if bld.CONFIG_SET('HAVE_LIBRT'): extra_libs += ' rt'
+
bld.SAMBA_SUBSYSTEM('LIBREPLACE_HOSTCC',
REPLACE_HOSTCC_SOURCE,
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: OK
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: NO
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials with 32-bit system calls: "OK"
+Checking whether we can use Linux thread-specific credentials with 32-bit system calls: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: NO
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials with 32-bit system calls: "OK"
+Checking whether we can use Linux thread-specific credentials with 32-bit system calls: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: NO
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials with 32-bit system calls: "OK"
+Checking whether we can use Linux thread-specific credentials with 32-bit system calls: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: NO
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: NO
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: OK
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: OK
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: NO
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: NO
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
-Checking whether we can use Linux thread-specific credentials: "OK"
+Checking whether we can use Linux thread-specific credentials: OK
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: NO
Checking for the maximum value of the 'time_t' type: OK
git.99rst.org / openwrt-packages.git / commitdiff