diff --git a/net-fs/samba/Manifest b/net-fs/samba/Manifest index 9f2bac67c0..8eb1c20fc0 100644 --- a/net-fs/samba/Manifest +++ b/net-fs/samba/Manifest @@ -1 +1,2 @@ DIST samba-4.13.4.tar.gz 18429050 SHA512 fb7b0e2ad122a72ef534de6446e5a44b842553963fc331c68454e8ff761f16e921a0dcdd653fe6b5e90d4ccf28869bd13df53d615d86cccd85a5ec3589268cf6 +DIST samba-4.22.1.tar.gz 42866082 BLAKE2B cc2fa24d26f7b8f491aa51f995a9a56e22ecafa475912fa0ff9f476aef12da2dad0545aafa970b452c145fbd03b8de3ac2cf9f8c7abb16a9612ff47cfb76d2da SHA512 4e0d8e171b883f9ef4c302905fb805704f0ed6c5bf88a71b5f1752f8e2ca97c61e9cf5d9d1c75b47fbe6da5e179f8fb8bb0d03a97f1c8b8a853ed2cd812e732e diff --git a/net-fs/samba/files/samba4.confd b/net-fs/samba/files/samba4.confd new file mode 100644 index 0000000000..629a605021 --- /dev/null +++ b/net-fs/samba/files/samba4.confd @@ -0,0 +1,45 @@ +# Add "winbind" to the daemon_list if you also want winbind to start. +# Replace "smbd nmbd" by "samba4" if you want the active directory domain controller part or the ntvfs +# file server part or the rpc proxy to start. +# Note that samba4 controls 'smbd' by itself, thus it can't be started manually. You can, however, +# tweak the behaviour of a samba4-controlled smbd by modifying your '/etc/samba/smb.conf' file +# accordingly. +daemon_list="smbd nmbd" + +piddir="/run/samba" + +#---------------------------------------------------------------------------- +# Daemons calls: _ +#---------------------------------------------------------------------------- +my_service_name="samba" +my_service_PRE="unset TMP TMPDIR" +my_service_POST="" + +#---------------------------------------------------------------------------- +# Daemons calls: _ +#---------------------------------------------------------------------------- +smbd_start_options="-D" +smbd_command="/usr/sbin/smbd" +smbd_start="start-stop-daemon --start --exec ${smbd_command} -- ${smbd_start_options}" +smbd_stop="start-stop-daemon --stop --exec ${smbd_command}" +smbd_reload="killall -HUP smbd" + +nmbd_start_options="-D" +nmbd_command="/usr/sbin/nmbd" +nmbd_start="start-stop-daemon --start --exec ${nmbd_command} -- ${nmbd_start_options}" +nmbd_stop="start-stop-daemon --stop --exec ${nmbd_command}" +nmbd_reload="killall -HUP nmbd" + +samba4_start_options="" +samba4_command="/usr/sbin/samba" +samba4_pidfile="${piddir}/samba.pid" +samba4_start="start-stop-daemon --start --exec ${samba4_command} --pidfile ${samba4_pidfile} -- ${samba4_start_options}" +samba4_stop="start-stop-daemon --stop --exec ${samba4_command} --pidfile ${samba4_pidfile}" +samba4_reload="killall -HUP samba" + +winbind_start_options="" +winbind_command="/usr/sbin/winbindd" +winbind_start="start-stop-daemon --start --exec ${winbind_command} -- ${winbind_start_options}" +winbind_stop="start-stop-daemon --stop --exec ${winbind_command}" +winbind_reload="killall -HUP winbindd" + diff --git a/net-fs/samba/files/samba4.initd-r1 b/net-fs/samba/files/samba4.initd-r1 new file mode 100644 index 0000000000..eb6d8e89f6 --- /dev/null +++ b/net-fs/samba/files/samba4.initd-r1 @@ -0,0 +1,54 @@ +#!/sbin/openrc-run +# Distributed under the terms of the GNU General Public License, v2 or later + +extra_started_commands="reload" +[ -z "${piddir}" ] && piddir="/run/samba" + +depend() { + after slapd + need net + use cupsd +} + +DAEMONNAME="${SVCNAME##samba.}" +[ "${DAEMONNAME}" != "samba" ] && daemon_list=${DAEMONNAME} + +signal_do() { + local signal="$1" + [ -z "${signal}" ] && return 0 + + local result=0 last_result=0 daemon= cmd_exec= + for daemon in ${daemon_list} ; do + eval cmd_exec=\$${daemon}_${signal} + if [ -n "${cmd_exec}" ]; then + ebegin "${my_service_name} -> ${signal}: ${daemon}" + #echo ${cmd} '->' ${!cmd} + ${cmd_exec} > /dev/null + last_result=$? + eend ${last_result} + fi + result=$(( ${result} + ${last_result} )) + done + return ${result} +} + +start() { + ${my_service_PRE} + [ -d "${piddir}" ] || mkdir -p "${piddir}" + signal_do start && return 0 + + eerror "Error: starting services (see system logs)" + signal_do stop + return 1 +} +stop() { + ${my_service_PRE} + if signal_do stop ; then + ${my_service_POST} + return 0 + fi +} +reload() { + ${my_service_PRE} + signal_do reload +} diff --git a/net-fs/samba/files/system-auth-winbind.pam b/net-fs/samba/files/system-auth-winbind.pam new file mode 100644 index 0000000000..eac1fa04af --- /dev/null +++ b/net-fs/samba/files/system-auth-winbind.pam @@ -0,0 +1,17 @@ +#%PAM-1.0 + +auth required pam_env.so +auth sufficient pam_winbind.so +auth sufficient pam_unix.so likeauth nullok use_first_pass +auth required pam_deny.so + +account sufficient pam_winbind.so +account required pam_unix.so + +password required pam_cracklib.so retry=3 +password sufficient pam_unix.so nullok use_authtok md5 shadow +password required pam_deny.so + +session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 +session required pam_limits.so +session required pam_unix.so diff --git a/net-fs/samba/samba-4.22.1.ebuild b/net-fs/samba/samba-4.22.1.ebuild new file mode 100644 index 0000000000..20ae30bb39 --- /dev/null +++ b/net-fs/samba/samba-4.22.1.ebuild @@ -0,0 +1,288 @@ +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3+ ) +PYTHON_REQ_USE="threads(+),xml(+)" +inherit python-single-r1 waf-utils linux-info pam + +DESCRIPTION="Samba Suite" +HOMEPAGE="https://samba.org/" +SRC_URI="https://download.samba.org/pub/samba/stable/samba-4.22.1.tar.gz -> samba-4.22.1.tar.gz +" +LICENSE="LGPL-3" + +MY_PV="${PV/_rc/rc}" +MY_P="${PN}-${MY_PV}" + +KEYWORDS="*" +SLOT="0/2.10.0" + +IUSE="acl addc addns ads ceph client cluster cups debug dmapi fam glusterfs +gpg iprint json ldap ntvfs pam profiling-data python quota +regedit +snapper spotlight syslog system-heimdal +system-mitkrb5 test winbind +zeroconf" + +COMMON_DEPEND=" + >=app-arch/libarchive-3.1.2 + dev-lang/perl:= + spotlight? ( dev-libs/icu:= ) + dev-libs/libbsd + dev-libs/libtasn1 + dev-libs/popt + dev-perl/Parse-Yapp + >=net-libs/gnutls-3.4.7 + net-libs/libnsl + sys-libs/e2fsprogs-libs + !sys-libs/ldb + sys-libs/libcap + sys-libs/liburing + sys-libs/ncurses:0= + sys-libs/readline:0= + sys-libs/talloc + sys-libs/tdb + sys-libs/tevent + sys-libs/zlib + virtual/libiconv + acl? ( virtual/acl ) + $(python_gen_cond_dep " + dev-python/subunit[\${PYTHON_USEDEP}] + addns? ( + dev-python/dnspython:=[\${PYTHON_USEDEP}] + net-dns/bind-tools[gssapi] + ) + ") + ceph? ( sys-cluster/ceph ) + cluster? ( net-libs/rpcsvc-proto ) + cups? ( net-print/cups ) + debug? ( dev-util/lttng-ust ) + dmapi? ( sys-apps/dmapi ) + fam? ( virtual/fam ) + gpg? ( app-crypt/gpgme ) + json? ( dev-libs/jansson ) + ldap? ( net-nds/openldap ) + pam? ( sys-libs/pam ) + python? ( + sys-libs/talloc[python,${PYTHON_USEDEP}] + sys-libs/tdb[python,${PYTHON_USEDEP}] + sys-libs/tevent[python,${PYTHON_USEDEP}] + ) + snapper? ( sys-apps/dbus ) + system-heimdal? ( >=app-crypt/heimdal-1.5[-ssl] ) + system-mitkrb5? ( >=app-crypt/mit-krb5-1.15.1 ) + zeroconf? ( net-dns/avahi[dbus] ) +" +DEPEND="${COMMON_DEPEND} + >=dev-util/cmocka-1.1.3 + net-libs/libtirpc + || ( + net-libs/rpcsvc-proto + =net-dns/resolv_wrapper-1.1.4 + >=net-libs/socket_wrapper-1.1.9 + >=sys-libs/nss_wrapper-1.1.3 + >=sys-libs/uid_wrapper-1.2.1 + ) + )" +RDEPEND="${COMMON_DEPEND} + client? ( net-fs/cifs-utils[ads?] ) + python? ( ${PYTHON_DEPS} ) +" +BDEPEND="${PYTHON_DEPS} + app-text/docbook-xsl-stylesheets + dev-libs/libxslt + virtual/pkgconfig +" + +REQUIRED_USE=" + addc? ( python json winbind ) + addns? ( python ) + ads? ( acl ldap winbind ) + cluster? ( ads ) + gpg? ( addc ) + ntvfs? ( addc ) + spotlight? ( json ) + test? ( python ) + !ads? ( !addc ) + ?? ( system-heimdal system-mitkrb5 ) + ${PYTHON_REQUIRED_USE} +" + +# the test suite is messed, it uses system-installed samba +# bits instead of what was built, tests things disabled via use +# flags, and generally just fails to work in a way ebuilds could +# rely on in its current state +RESTRICT="test" + +S="${WORKDIR}/${MY_P}" + +PATCHES=( + "${FILESDIR}/${PN}-4.4.0-pam.patch" +) + +WAF_BINARY="${S}/buildtools/bin/waf" + +SHAREDMODS="" + +pkg_setup() { + # Package fails to build with distcc + export DISTCC_DISABLE=1 + + python-single-r1_pkg_setup + + SHAREDMODS="$(usex snapper '' '!')vfs_snapper" + if use cluster ; then + SHAREDMODS+=",idmap_rid,idmap_tdb2,idmap_ad" + elif use ads ; then + SHAREDMODS+=",idmap_ad" + fi +} + +src_prepare() { + default + + # un-bundle dnspython + sed -i -e '/"dns.resolver":/d' "${S}"/third_party/wscript || die + + # unbundle iso8601 unless tests are enabled + if ! use test ; then + sed -i -e '/"iso8601":/d' "${S}"/third_party/wscript || die + fi + + ## ugly hackaround for bug #592502 + #cp /usr/include/tevent_internal.h "${S}"/lib/tevent/ || die + + sed -e 's:::' \ + -i source4/dsdb/samdb/ldb_modules/password_hash.c \ + || die +} + +src_configure() { + export PYTHONHASHSEED=1 + + # when specifying libs for samba build you must append NONE to the end to + # stop it automatically including things + local bundled_libs="NONE" + if ! use system-heimdal && ! use system-mitkrb5 ; then + bundled_libs="heimbase,heimntlm,hdb,kdc,krb5,wind,gssapi,hcrypto,hx509,roken,asn1,com_err,NONE" + fi + + local myconf=( + --enable-fhs + --sysconfdir="${EPREFIX}/etc" + --localstatedir="${EPREFIX}/var" + --with-modulesdir="${EPREFIX}/usr/$(get_libdir)/samba" + --with-piddir="${EPREFIX}/run/${PN}" + --bundled-libraries="${bundled_libs}" + --builtin-libraries=NONE + --disable-rpath + --disable-rpath-install + --nopyc + --nopyo + --without-winexe + $(use_with acl acl-support) + $(usex addc '' '--without-ad-dc') + --with-ads + $(use_enable ceph cephfs) + $(use_with cluster cluster-support) + $(use_enable cups) + $(use_with dmapi) + $(use_with fam) + $(use_enable glusterfs) + $(use_with gpg gpgme) + $(use_with json) + $(use_enable iprint) + $(use_with pam) + $(usex pam "--with-pammodulesdir=${EPREFIX}/$(get_libdir)/security" '') + $(use_with quota quotas) + $(use_with regedit) + $(use_enable spotlight) + $(use_with syslog) + $(use_with winbind) + $(usex python '' '--disable-python') + $(use_enable zeroconf avahi) + $(usex test '--enable-selftest' '') + $(usex system-mitkrb5 "--with-system-mitkrb5 $(usex addc --with-experimental-mit-ad-dc '')" '') + $(use_with debug lttng) + $(use_with ldap) + $(use_with profiling-data) + --with-shared-modules=${SHAREDMODS} + --private-libraries='!ldb' + # bug #683148 + --jobs 1 + ) + + CPPFLAGS="-I${SYSROOT}${EPREFIX}/usr/include/et ${CPPFLAGS}" \ + waf-utils_src_configure ${myconf[@]} +} + +src_compile() { + waf-utils_src_compile +} + +src_install() { + waf-utils_src_install + + # Make all .so files executable + find "${ED}" -type f -name "*.so" -exec chmod +x {} + || die + + # install ldap schema for server (bug #491002) + if use ldap ; then + insinto /etc/openldap/schema + doins examples/LDAP/samba.schema + fi + + # create symlink for cups (bug #552310) + if use cups ; then + dosym ../../../bin/smbspool /usr/libexec/cups/backend/smb + fi + + # install example config file + insinto /etc/samba + doins examples/smb.conf.default + + # Fix paths in example file (#603964) + sed \ + -e '/log file =/s@/usr/local/samba/var/@/var/log/samba/@' \ + -e '/include =/s@/usr/local/samba/lib/@/etc/samba/@' \ + -e '/path =/s@/usr/local/samba/lib/@/var/lib/samba/@' \ + -e '/path =/s@/usr/local/samba/@/var/lib/samba/@' \ + -e '/path =/s@/usr/spool/samba@/var/spool/samba@' \ + -i "${ED}"/etc/samba/smb.conf.default || die + + # Install init script and conf.d file + newinitd "${FILESDIR}/samba4.initd-r1" samba + newconfd "${FILESDIR}/samba4.confd" samba + + if use pam && use winbind ; then + newpamd "${FILESDIR}/system-auth-winbind.pam" system-auth-winbind + # bugs #376853 and #590374 + insinto /etc/security + doins examples/pam_winbind/pam_winbind.conf + fi + + keepdir /var/cache/samba + keepdir /var/lib/ctdb + keepdir /var/lib/samba/{bind-dns,private} + keepdir /var/lock/samba + keepdir /var/log/samba +} + +src_test() { + "${WAF_BINARY}" test || die "test failed" +} + +pkg_postinst() { + elog "Be aware that this release contains the best of all of Samba's" + elog "technology parts, both a file server (that you can reasonably expect" + elog "to upgrade existing Samba 3.x releases to) and the AD domain" + elog "controller work previously known as 'samba4'." + + elog "For further information and migration steps make sure to read " + elog "https://samba.org/samba/history/${P}.html " + elog "https://wiki.samba.org/index.php/Samba4/HOWTO " +} \ No newline at end of file