summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTiziano Müller <dev-zero@gentoo.org>2008-05-29 06:37:20 +0000
committerTiziano Müller <dev-zero@gentoo.org>2008-05-29 06:37:20 +0000
commitc3a9a0e995361cb81b7cc97d8f5d46604b5c9d58 (patch)
tree3b947b031c26a1755ee2576ab817bb7165f01045 /net-fs/samba
parentRemoving Lars Weiler (Pylon) from metadata.xml (as per #215644). (diff)
downloadhistorical-c3a9a0e995361cb81b7cc97d8f5d46604b5c9d58.tar.gz
historical-c3a9a0e995361cb81b7cc97d8f5d46604b5c9d58.tar.bz2
historical-c3a9a0e995361cb81b7cc97d8f5d46604b5c9d58.zip
Revision bump for security bug #222299
Package-Manager: portage-2.1.5_rc7 RepoMan-Options: --force
Diffstat (limited to 'net-fs/samba')
-rw-r--r--net-fs/samba/ChangeLog8
-rw-r--r--net-fs/samba/Manifest4
-rw-r--r--net-fs/samba/files/3.0.28a-CVE-2008-1105.patch168
-rw-r--r--net-fs/samba/samba-3.0.28a-r1.ebuild322
4 files changed, 500 insertions, 2 deletions
diff --git a/net-fs/samba/ChangeLog b/net-fs/samba/ChangeLog
index b597b3039a7d..c4a9c09939d6 100644
--- a/net-fs/samba/ChangeLog
+++ b/net-fs/samba/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for net-fs/samba
# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/ChangeLog,v 1.333 2008/05/17 12:33:00 dev-zero Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/ChangeLog,v 1.334 2008/05/29 06:37:19 dev-zero Exp $
+
+*samba-3.0.28a-r1 (29 May 2008)
+
+ 29 May 2008; Tiziano Müller <dev-zero@gentoo.org>
+ +files/3.0.28a-CVE-2008-1105.patch, +samba-3.0.28a-r1.ebuild:
+ Revision bump for security bug #222299
17 May 2008; Tiziano Müller <dev-zero@gentoo.org>
+files/3.0.28a-wrong_python_ldflags.patch, samba-3.0.28a.ebuild:
diff --git a/net-fs/samba/Manifest b/net-fs/samba/Manifest
index 34c6c0c54e01..718fe9f8d9a1 100644
--- a/net-fs/samba/Manifest
+++ b/net-fs/samba/Manifest
@@ -5,6 +5,7 @@ AUX 3.0.28-autoconf-2.62-fix.patch 524 RMD160 843a8adb134376259485fba22deceeebf4
AUX 3.0.28-fix_broken_readdir_detection.patch 430 RMD160 f881e5a61ee2de714b9409a5a4f4c87d7a9a6dc0 SHA1 092b1ed0abce1eaf90aece7f637e72c3d4a902ff SHA256 7756d512df664d6f55851566d050797a6fc33f13ded4b1df5e2484a578ffd3f4
AUX 3.0.28-inotify_include.patch 1675 RMD160 056cde16ad2b1e2e84a184b8c07002bd25a832b2 SHA1 ab989d0d4f102ed574f34af9292f5109368e749b SHA256 bcc4e5f4853d40ad66246c540ff3a7f2299185e5729aaaffa06230de9fbc3c14
AUX 3.0.28-libcap_detection.patch 1676 RMD160 72cb751432db3911aedb32cf21a822bf9fceb278 SHA1 0348cc988150169b42a420a52fbf418aaf90e9e6 SHA256 73540a245115288f43dfd6abe6983a015886c93a14d906f38d59732e390cd070
+AUX 3.0.28a-CVE-2008-1105.patch 5774 RMD160 09a38e2a0e72e25f575789a3ded62fe00217dbc9 SHA1 9f7491b6ae88941881243445e35087b9bc811b5b SHA256 fba679976538265312d2545944e78b20442774d3ff54509d015a11867c15c0ff
AUX 3.0.28a-wrong_python_ldflags.patch 996 RMD160 9514ef1b21129a950388ccabf797243dc92b390c SHA1 432366d841bbd2ec97c7a529c0c48d352aace356 SHA256 6f75e2e797d4a7a9f8758c5b3066cc1af86d392457d6f9ae8804427d74be4696
AUX README.gentoo 3208 RMD160 858aee78e07bdc0ebee7bc6c2212d4c528325633 SHA1 819ae809566e967cdc03024adae4443c5833dfc5 SHA256 9e87efa3fcea73becdfad4adb0fe677e1969c2951f03c47d1b0f4aeb00999578
AUX config-3.2/lmhosts 134 RMD160 7c99b13a2f273ee190c7df9392b1678b00ec461a SHA1 d63d8d846c3cecfc706d28d916ea323f2eae4ef1 SHA256 b891ca7448db3fadefd9f5ddaeb28ea19bad63c3ee21ea8f74cdc2dfecd6ab6b
@@ -34,7 +35,8 @@ DIST samba-3.0.28a.tar.gz 18172643 RMD160 646680c49fd56d98430d325884a5911d406e13
DIST samba-3.2.0pre2.tar.gz 16593448 RMD160 8e233f98623b7a31a7c745d69a108997e803c7f5 SHA1 4b656ae17ebfb5ce1ecdc7124673eb7da19f515c SHA256 bb71293c8587b2def6c35553c8f062252f18f4a5f0e871dcbed8f747c90a4e69
EBUILD samba-3.0.27.ebuild 8773 RMD160 a3a889c643267c254309f36d2bd08447186bb6b5 SHA1 aa91fab445d3e3f94c4cbbd35cddf0df84f0c956 SHA256 e3d330432891f3f3b6ef441587f283e3c72b6364207e7eaea0d1346b1e72fb2b
EBUILD samba-3.0.28.ebuild 9283 RMD160 7b7b2c477fb2abcafd32067575c33eb712a92140 SHA1 afb536f0dcafcdd411ed0ac51d7f852c6925ed1b SHA256 857d28fc7d3dfdf424b23ad5d03cd34030051a95932ca6797ed41b504bc358ec
+EBUILD samba-3.0.28a-r1.ebuild 9387 RMD160 e74f82ef98524e0fc935e6abbc02b0b4e9304775 SHA1 17b68f30718abceb43a83718a6b426b55c6bf988 SHA256 0097998f73761bc3df0b510419ca39bfdaf12a907595f33492388f0acd904287
EBUILD samba-3.0.28a.ebuild 9347 RMD160 17a39d9fc440f1a3aaca46d8eca6f166a4e71c99 SHA1 83c849b4c33007f6a147dd1919227be7fa8e8f3a SHA256 a9868f2d6fbab25f31460f29e9abe541ff3d5e58e7bc542a9c688c1c170439f5
EBUILD samba-3.2.0_pre2.ebuild 8681 RMD160 146b3c435100eccec6b7bdcef510b0847f7b317f SHA1 af627d61a536c2055fb693b8ae5334f0721172d6 SHA256 d4f80695aaf4b3ba7f5e505f1b422efcb5c6fdc859aa9296c69060aaccc0fc44
-MISC ChangeLog 57142 RMD160 f4481aaabd69db9e799f541b0296e85fd17fb2c4 SHA1 9c4d91ebc46941157b13a474fea360d0f9bbf84b SHA256 47e4df71b97b327f8b31f5959a803b525dc692cec2a6c5da03f33e455f885367
+MISC ChangeLog 57334 RMD160 b435a39bd3c1e4bea8ede60f54b4761eb882957b SHA1 300893bc026371afdda4ee71c4ed36b20a6ac553 SHA256 125d256723ca3f03839227512577deb488e494d5acc0b314d20b88b42ee62e81
MISC metadata.xml 489 RMD160 36eed0edca609c521314ae415efd57ca9acfecb4 SHA1 317e61704a10a3bd888d32c6834721f5d40d00ff SHA256 6f35f13dd39bb51d304fd59b5352c92bc35a957c9c9412c5c1f3f58e98519792
diff --git a/net-fs/samba/files/3.0.28a-CVE-2008-1105.patch b/net-fs/samba/files/3.0.28a-CVE-2008-1105.patch
new file mode 100644
index 000000000000..20712d844fa8
--- /dev/null
+++ b/net-fs/samba/files/3.0.28a-CVE-2008-1105.patch
@@ -0,0 +1,168 @@
+diff --git a/source/client/client.c b/source/client/client.c
+index 3f96f63..e87623a 100644
+--- a/source/client/client.c
++++ b/source/client/client.c
+@@ -3626,7 +3626,7 @@ static void readline_callback(void)
+ session keepalives and then drop them here.
+ */
+ if (FD_ISSET(cli->fd,&fds)) {
+- if (!receive_smb(cli->fd,cli->inbuf,0)) {
++ if (!receive_smb(cli->fd,cli->inbuf,cli->bufsize,0)) {
+ DEBUG(0, ("Read from server failed, maybe it closed the "
+ "connection\n"));
+ return;
+diff --git a/source/client/smbctool.c b/source/client/smbctool.c
+index 2063418..a18505b 100644
+--- a/source/client/smbctool.c
++++ b/source/client/smbctool.c
+@@ -3304,7 +3304,7 @@ static void readline_callback(void)
+ session keepalives and then drop them here.
+ */
+ if (FD_ISSET(cli->fd,&fds)) {
+- receive_smb(cli->fd,cli->inbuf,0);
++ receive_smb(cli->fd,cli->inbuf,cli->bufsize,0);
+ goto again;
+ }
+
+diff --git a/source/lib/util_sock.c b/source/lib/util_sock.c
+index 94c5e82..4715ca7 100644
+--- a/source/lib/util_sock.c
++++ b/source/lib/util_sock.c
+@@ -654,14 +654,13 @@ ssize_t read_smb_length(int fd, char *inbuf, unsigned int timeout)
+ }
+
+ /****************************************************************************
+- Read an smb from a fd. Note that the buffer *MUST* be of size
+- BUFFER_SIZE+SAFETY_MARGIN.
++ Read an smb from a fd.
+ The timeout is in milliseconds.
+ This function will return on receipt of a session keepalive packet.
+ Doesn't check the MAC on signed packets.
+ ****************************************************************************/
+
+-BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout)
++BOOL receive_smb_raw(int fd, char *buffer, size_t buflen, unsigned int timeout)
+ {
+ ssize_t len,ret;
+
+@@ -682,25 +681,18 @@ BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout)
+ return False;
+ }
+
+- /*
+- * A WRITEX with CAP_LARGE_WRITEX can be 64k worth of data plus 65 bytes
+- * of header. Don't print the error if this fits.... JRA.
+- */
+-
+- if (len > (BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE)) {
++ if (len > buflen) {
+ DEBUG(0,("Invalid packet length! (%lu bytes).\n",(unsigned long)len));
+- if (len > BUFFER_SIZE + (SAFETY_MARGIN/2)) {
+
+- /*
+- * Correct fix. smb_read_error may have already been
+- * set. Only set it here if not already set. Global
+- * variables still suck :-). JRA.
+- */
++ /*
++ * smb_read_error may have already been
++ * set. Only set it here if not already set. Global
++ * variables still suck :-). JRA.
++ */
+
+- if (smb_read_error == 0)
+- smb_read_error = READ_ERROR;
+- return False;
+- }
++ if (smb_read_error == 0)
++ smb_read_error = READ_ERROR;
++ return False;
+ }
+
+ if(len > 0) {
+@@ -730,9 +722,9 @@ BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout)
+ Checks the MAC on signed packets.
+ ****************************************************************************/
+
+-BOOL receive_smb(int fd, char *buffer, unsigned int timeout)
++BOOL receive_smb(int fd, char *buffer, size_t buflen, unsigned int timeout)
+ {
+- if (!receive_smb_raw(fd, buffer, timeout)) {
++ if (!receive_smb_raw(fd, buffer, buflen, timeout)) {
+ return False;
+ }
+
+diff --git a/source/libsmb/clientgen.c b/source/libsmb/clientgen.c
+index c6cef08..7d7ab9e 100644
+--- a/source/libsmb/clientgen.c
++++ b/source/libsmb/clientgen.c
+@@ -44,8 +44,7 @@ int cli_set_port(struct cli_state *cli, int port)
+ }
+
+ /****************************************************************************
+- Read an smb from a fd ignoring all keepalive packets. Note that the buffer
+- *MUST* be of size BUFFER_SIZE+SAFETY_MARGIN.
++ Read an smb from a fd ignoring all keepalive packets.
+ The timeout is in milliseconds
+
+ This is exactly the same as receive_smb except that it never returns
+@@ -54,12 +53,12 @@ int cli_set_port(struct cli_state *cli, int port)
+ should never go into a blocking read.
+ ****************************************************************************/
+
+-static BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout)
++static BOOL client_receive_smb(int fd,char *buffer, size_t bufsize, unsigned int timeout)
+ {
+ BOOL ret;
+
+ for(;;) {
+- ret = receive_smb_raw(fd, buffer, timeout);
++ ret = receive_smb_raw(fd, buffer, bufsize, timeout);
+
+ if (!ret) {
+ DEBUG(10,("client_receive_smb failed\n"));
+@@ -88,7 +87,7 @@ BOOL cli_receive_smb(struct cli_state *cli)
+ return False;
+
+ again:
+- ret = client_receive_smb(cli->fd,cli->inbuf,cli->timeout);
++ ret = client_receive_smb(cli->fd,cli->inbuf, cli->bufsize, cli->timeout);
+
+ if (ret) {
+ /* it might be an oplock break request */
+diff --git a/source/smbd/process.c b/source/smbd/process.c
+index 8dec719..3d31c29 100644
+--- a/source/smbd/process.c
++++ b/source/smbd/process.c
+@@ -521,7 +521,8 @@ static BOOL receive_message_or_smb(char *buffer, int buffer_len, int timeout)
+ goto again;
+ }
+
+- return receive_smb(smbd_server_fd(), buffer, 0);
++ return receive_smb(smbd_server_fd(), buffer,
++ BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE, 0);
+ }
+
+ /*
+diff --git a/source/utils/smbfilter.c b/source/utils/smbfilter.c
+index 97d2223..2152e53 100644
+--- a/source/utils/smbfilter.c
++++ b/source/utils/smbfilter.c
+@@ -140,7 +140,7 @@ static void filter_child(int c, struct in_addr dest_ip)
+ if (num <= 0) continue;
+
+ if (c != -1 && FD_ISSET(c, &fds)) {
+- if (!receive_smb(c, packet, 0)) {
++ if (!receive_smb(c, packet, BUFFER_SIZE, 0)) {
+ d_printf("client closed connection\n");
+ exit(0);
+ }
+@@ -151,7 +151,7 @@ static void filter_child(int c, struct in_addr dest_ip)
+ }
+ }
+ if (s != -1 && FD_ISSET(s, &fds)) {
+- if (!receive_smb(s, packet, 0)) {
++ if (!receive_smb(s, packet, BUFFER_SIZE, 0)) {
+ d_printf("server closed connection\n");
+ exit(0);
+ }
diff --git a/net-fs/samba/samba-3.0.28a-r1.ebuild b/net-fs/samba/samba-3.0.28a-r1.ebuild
new file mode 100644
index 000000000000..b549eafffd83
--- /dev/null
+++ b/net-fs/samba/samba-3.0.28a-r1.ebuild
@@ -0,0 +1,322 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/samba-3.0.28a-r1.ebuild,v 1.1 2008/05/29 06:37:19 dev-zero Exp $
+
+inherit autotools eutils pam python multilib versionator confutils
+
+MY_P=${PN}-${PV/_/}
+
+DESCRIPTION="A suite of SMB and CIFS client/server programs for UNIX"
+HOMEPAGE="http://www.samba.org/"
+SRC_URI="mirror://samba/${MY_P}.tar.gz
+ mirror://samba/old-versions/${MY_P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="alpha amd64 ~arm hppa ~ia64 ~mips ppc ppc64 ~s390 ~sh sparc ~sparc-fbsd x86 ~x86-fbsd"
+IUSE_LINGUAS="linguas_ja linguas_pl"
+IUSE="${IUSE_LINGUAS} acl ads async automount caps cups doc examples ipv6 kernel_linux ldap fam
+ pam python quotas readline selinux swat syslog winbind"
+
+RDEPEND="dev-libs/popt
+ virtual/libiconv
+ acl? ( kernel_linux? ( sys-apps/acl ) )
+ cups? ( net-print/cups )
+ ipv6? ( sys-apps/xinetd )
+ ads? ( virtual/krb5 )
+ ldap? ( net-nds/openldap )
+ pam? ( virtual/pam )
+ python? ( dev-lang/python )
+ readline? ( sys-libs/readline )
+ selinux? ( sec-policy/selinux-samba )
+ swat? ( sys-apps/xinetd )
+ syslog? ( virtual/logger )
+ fam? ( virtual/fam )
+ caps? ( sys-libs/libcap )"
+DEPEND="${RDEPEND}"
+
+# Tests are broken now :-(
+RESTRICT="test"
+
+S=${WORKDIR}/${MY_P}
+CONFDIR=${FILESDIR}/config
+PRIVATE_DST=/var/lib/samba/private
+
+pkg_setup() {
+ confutils_use_depend_all ads ldap
+}
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}/source"
+
+ # lazyldflags.patch: adds "-Wl,-z,now" to smb{mnt,umount}
+ # invalid-free-fix.patch: Bug #196015 (upstream: #5021)
+
+ epatch \
+ "${FILESDIR}/3.0.26a-lazyldflags.patch" \
+ "${FILESDIR}/3.0.26a-invalid-free-fix.patch" \
+ "${FILESDIR}/3.0.28-libcap_detection.patch" \
+ "${FILESDIR}/3.0.28-fix_broken_readdir_detection.patch" \
+ "${FILESDIR}/3.0.28-autoconf-2.62-fix.patch" \
+ "${FILESDIR}/${PV}-wrong_python_ldflags.patch" \
+ "${FILESDIR}/${PV}-CVE-2008-1105.patch"
+
+ eautoconf -I. -Ilib/replace
+
+ # Ok, agreed, this is ugly. But it avoids a patch we
+ # need for every samba version and we don't need autotools
+ sed -i \
+ -e 's|"lib32" ||' \
+ -e 's|if test -d "$i/$l" ;|if test -d "$i/$l" -o -L "$i/$l";|' \
+ configure || die "sed failed"
+
+ rm "${S}/docs/manpages"/{mount,umount}.cifs.8
+
+}
+
+src_compile() {
+ cd "${S}/source"
+
+ local myconf
+ local mylangs
+ local mymod_shared
+
+ python_version
+ myconf="--with-python=no"
+ use python && myconf="--with-python=${python}"
+
+ mylangs="--with-manpages-langs=en"
+ use linguas_ja && mylangs="${mylangs},ja"
+ use linguas_pl && mylangs="${mylangs},pl"
+
+ use winbind && mymod_shared="--with-shared-modules=idmap_rid"
+ if use ldap ; then
+ myconf="${myconf} $(use_with ads)"
+ use winbind && mymod_shared="${mymod_shared},idmap_ad"
+ fi
+
+ [[ ${CHOST} == *-*bsd* ]] && myconf="${myconf} --disable-pie"
+ use hppa && myconf="${myconf} --disable-pie"
+
+ use caps && export ac_cv_header_sys_capability_h=yes || export ac_cv_header_sys_capability_h=no
+
+ # Otherwise we get the whole swat stuff installed
+ if ! use swat ; then
+ sed -i \
+ -e 's/^\(install:.*\)installswat \(.*\)/\1\2/' \
+ Makefile.in || die "sed failed"
+ fi
+
+ econf \
+ --with-fhs \
+ --sysconfdir=/etc/samba \
+ --localstatedir=/var \
+ --with-configdir=/etc/samba \
+ --with-libdir=/usr/$(get_libdir)/samba \
+ --with-pammodulesdir=$(getpam_mod_dir) \
+ --with-swatdir=/usr/share/doc/${PF}/swat \
+ --with-piddir=/var/run/samba \
+ --with-lockdir=/var/cache/samba \
+ --with-logfilebase=/var/log/samba \
+ --with-privatedir=${PRIVATE_DST} \
+ --with-libsmbclient \
+ --without-spinlocks \
+ --enable-socket-wrapper \
+ --with-cifsmount=no \
+ $(use_with acl acl-support) \
+ $(use_with async aio-support) \
+ $(use_with automount) \
+ $(use_enable cups) \
+ $(use_enable fam) \
+ $(use_with ads krb5) \
+ $(use_with ldap) \
+ $(use_with pam) $(use_with pam pam_smbpass) \
+ $(use_with quotas) $(use_with quotas sys-quotas) \
+ $(use_with readline) \
+ $(use_with kernel_linux smbmount) \
+ $(use_with syslog) \
+ $(use_with winbind) \
+ ${myconf} ${mylangs} ${mymod_shared} || die "econf failed"
+
+ emake proto || die "emake proto failed"
+ emake everything || die "emake everything failed"
+
+ if use python ; then
+ emake python_ext || die "emake python_ext failed"
+ fi
+}
+
+src_test() {
+ cd "${S}/source"
+ emake test || die "tests failed"
+}
+
+src_install() {
+ cd "${S}/source"
+
+ emake DESTDIR="${D}" install-everything || die "emake install-everything failed"
+
+ # Extra rpctorture progs
+ local extra_bins="rpctorture"
+ for i in ${extra_bins} ; do
+ [[ -x "${S}/bin/${i}" ]] && dobin "${S}/bin/${i}"
+ done
+
+ # remove .old stuff from /usr/bin:
+ rm -f "${D}"/usr/bin/*.old
+
+ # Removing executable bits from header-files
+ fperms 644 /usr/include/lib{msrpc,smbclient}.h
+
+ # Nsswitch extensions. Make link for wins and winbind resolvers
+ if use winbind ; then
+ dolib.so nsswitch/libnss_wins.so
+ dosym libnss_wins.so /usr/$(get_libdir)/libnss_wins.so.2
+ dolib.so nsswitch/libnss_winbind.so
+ dosym libnss_winbind.so /usr/$(get_libdir)/libnss_winbind.so.2
+ fi
+
+ if use kernel_linux ; then
+ # Warning: this can byte you if /usr is
+ # on a separate volume and you have to mount
+ # a smb volume before the local mount
+ dosym ../usr/bin/smbmount /sbin/mount.smbfs
+ fperms 4755 /usr/bin/smbmnt
+ fperms 4755 /usr/bin/smbumount
+ fi
+
+ # bug #46389: samba doesn't create symlink anymore
+ # beaviour seems to be changed in 3.0.6, see bug #61046
+ dosym samba/libsmbclient.so /usr/$(get_libdir)/libsmbclient.so.0
+ dosym samba/libsmbclient.so /usr/$(get_libdir)/libsmbclient.so
+
+ # make the smb backend symlink for cups printing support (bug #133133)
+ if use cups ; then
+ dodir $(cups-config --serverbin)/backend
+ dosym /usr/bin/smbspool $(cups-config --serverbin)/backend/smb
+ fi
+
+ if use python ; then
+ emake DESTDIR="${D}" python_install || die "emake installpython failed"
+ # We're doing that manually
+ find "${D}/usr/$(get_libdir)/python${PYVER}/site-packages" -iname "*.pyc" -delete
+ fi
+
+ cd "${S}/source"
+
+ # General config files
+ insinto /etc/samba
+ doins "${CONFDIR}"/{smbusers,lmhosts}
+ newins "${CONFDIR}/smb.conf.example-samba3" smb.conf.example
+
+ newpamd "${CONFDIR}/samba.pam" samba
+ use winbind && dopamd "${CONFDIR}/system-auth-winbind"
+ if use swat ; then
+ insinto /etc/xinetd.d
+ newins "${CONFDIR}/swat.xinetd" swat
+ else
+ rm -f "${D}/usr/sbin/swat"
+ rm -f "${D}/usr/share/man/man8/swat.8"
+ fi
+
+ newinitd "${FILESDIR}/samba-init" samba
+ newconfd "${FILESDIR}/samba-conf" samba
+
+ if use ldap ; then
+ insinto /etc/openldap/schema
+ doins "${S}/examples/LDAP/samba.schema"
+ fi
+
+ if use ipv6 ; then
+ insinto /etc/xinetd.d
+ newins "${FILESDIR}/samba-xinetd" smb
+ fi
+
+ # dirs
+ diropts -m0700 ; keepdir "${PRIVATE_DST}"
+ diropts -m1777 ; keepdir /var/spool/samba
+
+ diropts -m0755
+ keepdir /var/{log,run,cache}/samba
+ keepdir /var/lib/samba/{netlogon,profiles}
+ keepdir /var/lib/samba/printers/{W32X86,WIN40,W32ALPHA,W32MIPS,W32PPC,X64,IA64,COLOR}
+ keepdir /usr/$(get_libdir)/samba/{rpc,idmap,auth}
+
+ # docs
+ dodoc "${FILESDIR}/README.gentoo"
+ dodoc "${S}"/{MAINTAINERS,README,Roadmap,WHATSNEW.txt}
+ dodoc "${CONFDIR}/nsswitch.conf-wins"
+ use winbind && dodoc "${CONFDIR}/nsswitch.conf-winbind"
+
+ if use examples ; then
+ insinto /usr/share/doc/${PF}
+ doins -r "${S}/examples/"
+ find "${D}/usr/share/doc/${PF}" -type d -print0 | xargs -0 chmod 755
+ find "${D}/usr/share/doc/${PF}/examples" ! -type d -print0 | xargs -0 chmod 644
+ if use python ; then
+ insinto /usr/share/doc/${PF}/python
+ doins -r "${S}/source/python/examples"
+ fi
+ fi
+
+ if ! use doc ; then
+ if ! use swat ; then
+ rm -rf "${D}/usr/share/doc/${PF}/swat"
+ else
+ rm -rf "${D}/usr/share/doc/${PF}/swat/help"/{guide,howto,devel}
+ rm -rf "${D}/usr/share/doc/${PF}/swat/using_samba"
+ fi
+ fi
+
+}
+
+pkg_preinst() {
+ local PRIVATE_SRC=/etc/samba/private
+ if [[ ! -r "${ROOT}/${PRIVATE_DST}/secrets.tdb" \
+ && -r "${ROOT}/${PRIVATE_SRC}/secrets.tdb" ]] ; then
+ ebegin "Copying ${ROOT}/${PRIVATE_SRC}/* to ${ROOT}/${PRIVATE_DST}/"
+ mkdir -p "${D}/${PRIVATE_DST}"
+ cp -pPRf "${ROOT}/${PRIVATE_SRC}"/* "${D}/${PRIVATE_DST}/"
+ eend $?
+ fi
+
+ if [[ ! -f "${ROOT}/etc/samba/smb.conf" ]] ; then
+ touch "${D}/etc/samba/smb.conf"
+ fi
+}
+
+pkg_postinst() {
+ if use python ; then
+ python_version
+ python_mod_optimize /usr/$(get_libdir)/python${PYVER}/site-packages/samba
+ fi
+
+ if use swat ; then
+ einfo "swat must be enabled by xinetd:"
+ einfo " change the /etc/xinetd.d/swat configuration"
+ fi
+
+ if use ipv6 ; then
+ einfo "ipv6 support must be enabled by xinetd:"
+ einfo " change the /etc/xinetd.d/smb configuration"
+ fi
+
+ elog "It is possible to start/stop daemons separately:"
+ elog " Create a symlink from /etc/init.d/samba.{smbd,nmbd,winbind} to"
+ elog " /etc/init.d/samba. Calling /etc/init.d/samba directly will start"
+ elog " the daemons configured in /etc/conf.d/samba"
+
+ elog "The mount/umount.cifs helper applications are not included anymore."
+ elog "Please install net-fs/mount-cifs instead."
+
+ ewarn "If you're upgrading from 3.0.24 or earlier, please make sure to"
+ ewarn "restart your clients to clear any cached information about the server."
+ ewarn "Otherwise they might not be able to connect to the volumes."
+}
+
+pkg_postrm() {
+ if use python ; then
+ python_version
+ python_mod_cleanup /usr/$(get_libdir)/python${PYVER}/site-packages/samba
+ fi
+}