diff options
author | Lars Wendler <polynomial-c@gentoo.org> | 2021-03-25 09:28:15 +0100 |
---|---|---|
committer | Lars Wendler <polynomial-c@gentoo.org> | 2021-03-25 09:29:29 +0100 |
commit | 794ecf10b2db99d01345ed5ec87085da56f8ef89 (patch) | |
tree | c3cd465f380528f091f93a73e488edfed41c06b3 /net-fs | |
parent | sys-libs/ldb: Bump to versions 2.1.5, 2.2.1 and 2.3.0 (diff) | |
download | gentoo-794ecf10b2db99d01345ed5ec87085da56f8ef89.tar.gz gentoo-794ecf10b2db99d01345ed5ec87085da56f8ef89.tar.bz2 gentoo-794ecf10b2db99d01345ed5ec87085da56f8ef89.zip |
net-fs/samba: Security bump to versions 4.12.13, 4.13.7 and 4.14.2
Dropped keywords on alpha and sparc due to sys-libs/libunwind dep
Bug: https://bugs.gentoo.org/778026
Closes: https://bugs.gentoo.org/715490
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
Diffstat (limited to 'net-fs')
-rw-r--r-- | net-fs/samba/Manifest | 3 | ||||
-rw-r--r-- | net-fs/samba/samba-4.12.14.ebuild | 329 | ||||
-rw-r--r-- | net-fs/samba/samba-4.13.7.ebuild | 332 | ||||
-rw-r--r-- | net-fs/samba/samba-4.14.2.ebuild | 336 |
4 files changed, 1000 insertions, 0 deletions
diff --git a/net-fs/samba/Manifest b/net-fs/samba/Manifest index 0542ca6e634c..1d4cb5698efe 100644 --- a/net-fs/samba/Manifest +++ b/net-fs/samba/Manifest @@ -1,6 +1,9 @@ DIST samba-4.12.11.tar.gz 18249361 BLAKE2B 74208769d42f3cb534855c77933b3e820cf1cbb02ea8748e4d208281427640b0b3071099ca51fde43454c2d24733a9ba81ef489fd17597e7cf8bdb2e450c7864 SHA512 8147f36bc56dd1b7b6603e1e51b83cef59273a591bac77ba8cbefe9df85b0f85886f983979cbfc8fd11eb4e7552944ab4e8ac2400acb3e2b89ec584363961df5 DIST samba-4.12.12.tar.gz 18252232 BLAKE2B 4e5fabdbbcbf1df5e4a8966fbd55923c7fe97c4449574f0c17864dd9376197539ea29f59e00fc4fbb58ce18d4c7fcd8ab24e8f892edc9b32c646215287fc4bb7 SHA512 45ebed4cc73990993e800605391715afa2aa044e92bf89a62eb3ccbff97be2c9c4bf4a1f840a5d5d1d0c02704435c074e4ae386ca1729066b706c236c898c08f +DIST samba-4.12.14.tar.gz 18260926 BLAKE2B 0a90d481b8c7ad44b5ceeb3586cc246f038c21c0dffbeded76707ac9f6993edac3dc469a37742c02bcb9e1808cad0df3dc6a4277c71422323c05d111bad5fe7e SHA512 40561c5cbf5988c45166e21a1eadf7050026083a0ad7aef8076c9b8a053113bbe9397b1a507abd75b52eb4e69dcdbf8bc2404ac72c515c5ee62c30fba4c768f0 DIST samba-4.12.9.tar.gz 18236198 BLAKE2B e19cbbbb8416626ca2fe769bf26f3645e94f23781538b3c5e1f94ce618efb807d0732e5591525ec066a31cc0211463b9b66105d1d499989012d624edaa2a132c SHA512 8bd3122bcaab2f5a16a73902a9b628384063a8116a08f0254541e05c148016839b3215c60ff0d3291a332e7884708950ad64137204b0ac19801012d3b6684fa6 DIST samba-4.13.4.tar.gz 18429050 BLAKE2B b2141f5b39e849dce4607430fdde217535c6d9aa236807de2e8072415c0e408b2690ea7b335915d87f9a4b574615f282c6724886210d62ad1a059eed447a3e34 SHA512 fb7b0e2ad122a72ef534de6446e5a44b842553963fc331c68454e8ff761f16e921a0dcdd653fe6b5e90d4ccf28869bd13df53d615d86cccd85a5ec3589268cf6 DIST samba-4.13.5.tar.gz 18426722 BLAKE2B d84b71cd8a925270670b7d302b527ee116cecf9d603baf1fc69c8527c657d5e2430e1b51e951476525fd95dc3392e5642a829a646c0eb254ccd7530bd393f1a4 SHA512 4187337fecf60fa133c6e81e894634f36028d34ccc521e5e856a5736a4f58fc2ad2cd136a206d141f17f7bc519a6168a27e83705fb2d38559667a60b24ad1c1f +DIST samba-4.13.7.tar.gz 18432921 BLAKE2B 55e5a470a594bc56c942daa394e2d8e8b90dd0d1408236f7d69a60c609f1f4b1d5389209ef57e245ca326b271fba0b58fceea47681a90ab09828a4e68e40693a SHA512 eac0c0b60d50591ecd8e730bd6f24ec3d5731a9dd4172640259d841cca988f20265e5a57967a070713ab7b4bd95766a21247cc8e6b32177b79eb766520a3288a DIST samba-4.14.0.tar.gz 18635518 BLAKE2B ad1d091886b5da536a73bdbd4075f7ddc247e13a514e26c9bf993e8da5a3d737662ddd859c60d47a9a597e1326b96d7e8d083d5b15074f5875495cf68db58a24 SHA512 cf5767fc49b8c5832dd9711765e0b395a07964c3a618de10ae491123de7141eb4f083194b6120f302f5c4a196837a14070b8a8324412e8957af3706a5bbc6f11 +DIST samba-4.14.2.tar.gz 18636757 BLAKE2B 51b0b2a1543256cbd1ab121f0b90e6546761f2c0377256d3f9e804368ce73d07f6bfdc0cbb6725d438358e1e92e8e2f59f0b54e6fff52f8c07ff25398728e9da SHA512 8dd97abb14d531c3865747512abdf4d2db84b4daa5c15b67cd4f03326e30270d947ba0154493c5897aaa357039b472cfa669c80698b0f572e46d730f70a29b43 diff --git a/net-fs/samba/samba-4.12.14.ebuild b/net-fs/samba/samba-4.12.14.ebuild new file mode 100644 index 000000000000..7fd875de113b --- /dev/null +++ b/net-fs/samba/samba-4.12.14.ebuild @@ -0,0 +1,329 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +PYTHON_COMPAT=( python3_{7,8} ) +PYTHON_REQ_USE='threads(+),xml(+)' +inherit python-single-r1 waf-utils multilib-minimal linux-info systemd pam tmpfiles + +MY_PV="${PV/_rc/rc}" +MY_P="${PN}-${MY_PV}" + +SRC_PATH="stable" +[[ ${PV} = *_rc* ]] && SRC_PATH="rc" + +SRC_URI="mirror://samba/${SRC_PATH}/${MY_P}.tar.gz" +[[ ${PV} = *_rc* ]] || \ +KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~x86" + +DESCRIPTION="Samba Suite Version 4" +HOMEPAGE="https://www.samba.org/" +LICENSE="GPL-3" + +SLOT="0" + +IUSE="acl addc addns ads ceph client cluster cups debug dmapi fam glusterfs +gpg iprint json ldap ntvfs pam profiling-data python quota +regedit selinux +snapper spotlight syslog system-heimdal +system-mitkrb5 systemd test winbind +zeroconf" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/samba-4.0/policy.h + /usr/include/samba-4.0/dcerpc_server.h + /usr/include/samba-4.0/ctdb.h + /usr/include/samba-4.0/ctdb_client.h + /usr/include/samba-4.0/ctdb_protocol.h + /usr/include/samba-4.0/ctdb_private.h + /usr/include/samba-4.0/ctdb_typesafe_cb.h + /usr/include/samba-4.0/ctdb_version.h +) + +CDEPEND=" + >=app-arch/libarchive-3.1.2[${MULTILIB_USEDEP}] + dev-lang/perl:= + dev-libs/icu:=[${MULTILIB_USEDEP}] + dev-libs/libbsd[${MULTILIB_USEDEP}] + dev-libs/libtasn1[${MULTILIB_USEDEP}] + dev-libs/popt[${MULTILIB_USEDEP}] + dev-perl/Parse-Yapp + >=net-libs/gnutls-3.4.7[${MULTILIB_USEDEP}] + net-libs/libnsl:=[${MULTILIB_USEDEP}] + sys-libs/e2fsprogs-libs[${MULTILIB_USEDEP}] + >=sys-libs/ldb-2.1.5[ldap(+)?,python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}] + <sys-libs/ldb-2.2.0[ldap(+)?,python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}] + sys-libs/libcap[${MULTILIB_USEDEP}] + sys-libs/libunwind + sys-libs/liburing:=[${MULTILIB_USEDEP}] + sys-libs/ncurses:0= + sys-libs/readline:0= + >=sys-libs/talloc-2.3.1[python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}] + >=sys-libs/tdb-1.4.3[python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}] + >=sys-libs/tevent-0.10.2[python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}] + sys-libs/zlib[${MULTILIB_USEDEP}] + virtual/libiconv + pam? ( sys-libs/pam ) + acl? ( virtual/acl ) + $(python_gen_cond_dep " + dev-python/subunit[\${PYTHON_MULTI_USEDEP},${MULTILIB_USEDEP}] + addns? ( + net-dns/bind-tools[gssapi] + dev-python/dnspython:=[\${PYTHON_MULTI_USEDEP}] + ) + ") + ceph? ( sys-cluster/ceph ) + cluster? ( + net-libs/rpcsvc-proto + !dev-db/ctdb + ) + cups? ( net-print/cups ) + debug? ( dev-util/lttng-ust ) + dmapi? ( sys-apps/dmapi ) + fam? ( virtual/fam ) + gpg? ( app-crypt/gpgme ) + json? ( dev-libs/jansson ) + ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] ) + snapper? ( sys-apps/dbus ) + system-heimdal? ( >=app-crypt/heimdal-1.5[-ssl,${MULTILIB_USEDEP}] ) + system-mitkrb5? ( >=app-crypt/mit-krb5-1.15.1[${MULTILIB_USEDEP}] ) + systemd? ( sys-apps/systemd:0= ) + zeroconf? ( net-dns/avahi[dbus] ) +" +DEPEND="${CDEPEND} + ${PYTHON_DEPS} + >=dev-util/cmocka-1.1.3[${MULTILIB_USEDEP}] + net-libs/libtirpc[${MULTILIB_USEDEP}] + virtual/pkgconfig + || ( + net-libs/rpcsvc-proto + <sys-libs/glibc-2.26[rpc(+)] + ) + spotlight? ( dev-libs/glib ) + test? ( + !system-mitkrb5? ( + >=sys-libs/nss_wrapper-1.1.3 + >=net-dns/resolv_wrapper-1.1.4 + >=net-libs/socket_wrapper-1.1.9 + >=sys-libs/uid_wrapper-1.2.1 + ) + )" +RDEPEND="${CDEPEND} + python? ( ${PYTHON_DEPS} ) + client? ( net-fs/cifs-utils[ads?] ) + selinux? ( sec-policy/selinux-samba ) +" + +BDEPEND=" + app-text/docbook-xsl-stylesheets + dev-libs/libxslt +" + +REQUIRED_USE=" + addc? ( python json winbind ) + addns? ( python ) + ads? ( acl ldap winbind ) + cluster? ( ads ) + gpg? ( addc ) + ntvfs? ( addc ) + spotlight? ( json ) + test? ( python ) + ?? ( system-heimdal system-mitkrb5 ) + ${PYTHON_REQUIRED_USE} +" + +# the test suite is messed, it uses system-installed samba +# bits instead of what was built, tests things disabled via use +# flags, and generally just fails to work in a way ebuilds could +# rely on in its current state +RESTRICT="test" + +S="${WORKDIR}/${MY_P}" + +PATCHES=( + "${FILESDIR}/${PN}-4.4.0-pam.patch" + "${FILESDIR}/${PN}-4.9.2-timespec.patch" + "${FILESDIR}/${PN}-4.13-vfs_snapper_configure_option.patch" +) + +#CONFDIR="${FILESDIR}/$(get_version_component_range 1-2)" +CONFDIR="${FILESDIR}/4.4" + +WAF_BINARY="${S}/buildtools/bin/waf" + +SHAREDMODS="" + +pkg_setup() { + # Package fails to build with distcc + export DISTCC_DISABLE=1 + + python-single-r1_pkg_setup + if use cluster ; then + SHAREDMODS="idmap_rid,idmap_tdb2,idmap_ad" + elif use ads ; then + SHAREDMODS="idmap_ad" + fi +} + +src_prepare() { + default + + # un-bundle dnspython + sed -i -e '/"dns.resolver":/d' "${S}"/third_party/wscript || die + + # unbundle iso8601 unless tests are enabled + if ! use test ; then + sed -i -e '/"iso8601":/d' "${S}"/third_party/wscript || die + fi + + ## ugly hackaround for bug #592502 + #cp /usr/include/tevent_internal.h "${S}"/lib/tevent/ || die + + sed -e 's:<gpgme\.h>:<gpgme/gpgme.h>:' \ + -i source4/dsdb/samdb/ldb_modules/password_hash.c \ + || die + + # Friggin' WAF shit + multilib_copy_sources +} + +multilib_src_configure() { + # when specifying libs for samba build you must append NONE to the end to + # stop it automatically including things + local bundled_libs="NONE" + if ! use system-heimdal && ! use system-mitkrb5 ; then + bundled_libs="heimbase,heimntlm,hdb,kdc,krb5,wind,gssapi,hcrypto,hx509,roken,asn1,com_err,NONE" + fi + + local myconf=( + --enable-fhs + --sysconfdir="${EPREFIX}/etc" + --localstatedir="${EPREFIX}/var" + --with-modulesdir="${EPREFIX}/usr/$(get_libdir)/samba" + --with-piddir="${EPREFIX}/run/${PN}" + --bundled-libraries="${bundled_libs}" + --builtin-libraries=NONE + --disable-rpath + --disable-rpath-install + --nopyc + --nopyo + --without-winexe + $(multilib_native_use_with acl acl-support) + $(multilib_native_usex addc '' '--without-ad-dc') + $(multilib_native_use_with addns dnsupdate) + $(multilib_native_use_with ads) + $(multilib_native_use_enable ceph cephfs) + $(multilib_native_use_with cluster cluster-support) + $(multilib_native_use_enable cups) + $(multilib_native_use_with dmapi) + $(multilib_native_use_with fam) + $(multilib_native_use_enable glusterfs) + $(multilib_native_use_with gpg gpgme) + $(multilib_native_use_with json) + $(multilib_native_use_enable iprint) + $(multilib_native_use_with ntvfs ntvfs-fileserver) + $(multilib_native_use_with pam) + $(multilib_native_usex pam "--with-pammodulesdir=${EPREFIX}/$(get_libdir)/security" '') + $(multilib_native_use_with quota quotas) + $(multilib_native_use_with regedit) + $(multilib_native_use_enable snapper) + $(multilib_native_use_enable spotlight) + $(multilib_native_use_with syslog) + $(multilib_native_use_with systemd) + --systemd-install-services + --with-systemddir="$(systemd_get_systemunitdir)" + $(multilib_native_use_with winbind) + $(multilib_native_usex python '' '--disable-python') + $(multilib_native_use_enable zeroconf avahi) + $(multilib_native_usex test '--enable-selftest' '') + $(usex system-mitkrb5 "--with-system-mitkrb5 $(multilib_native_usex addc --with-experimental-mit-ad-dc '')" '') + $(use_with debug lttng) + $(use_with ldap) + $(use_with profiling-data) + # bug #683148 + --jobs 1 + ) + + multilib_is_native_abi && myconf+=( --with-shared-modules=${SHAREDMODS} ) + + CPPFLAGS="-I${SYSROOT}${EPREFIX}/usr/include/et ${CPPFLAGS}" \ + waf-utils_src_configure ${myconf[@]} +} + +multilib_src_compile() { + waf-utils_src_compile +} + +multilib_src_install() { + waf-utils_src_install + + # Make all .so files executable + find "${ED}" -type f -name "*.so" -exec chmod +x {} + || die + + if multilib_is_native_abi ; then + # install ldap schema for server (bug #491002) + if use ldap ; then + insinto /etc/openldap/schema + doins examples/LDAP/samba.schema + fi + + # create symlink for cups (bug #552310) + if use cups ; then + dosym ../../../bin/smbspool /usr/libexec/cups/backend/smb + fi + + # install example config file + insinto /etc/samba + doins examples/smb.conf.default + + # Fix paths in example file (#603964) + sed \ + -e '/log file =/s@/usr/local/samba/var/@/var/log/samba/@' \ + -e '/include =/s@/usr/local/samba/lib/@/etc/samba/@' \ + -e '/path =/s@/usr/local/samba/lib/@/var/lib/samba/@' \ + -e '/path =/s@/usr/local/samba/@/var/lib/samba/@' \ + -e '/path =/s@/usr/spool/samba@/var/spool/samba@' \ + -i "${ED%/}"/etc/samba/smb.conf.default || die + + # Install init script and conf.d file + newinitd "${CONFDIR}/samba4.initd-r1" samba + newconfd "${CONFDIR}/samba4.confd" samba + + dotmpfiles "${FILESDIR}"/samba.conf + use addc || rm "${D}/$(systemd_get_systemunitdir)/samba.service" || die + + # Preserve functionality for old gentoo-specific unit names + dosym nmb.service "$(systemd_get_systemunitdir)/nmbd.service" + dosym smb.service "$(systemd_get_systemunitdir)/smbd.service" + dosym winbind.service "$(systemd_get_systemunitdir)/winbindd.service" + fi + + if use pam && use winbind ; then + newpamd "${CONFDIR}/system-auth-winbind.pam" system-auth-winbind + # bugs #376853 and #590374 + insinto /etc/security + doins examples/pam_winbind/pam_winbind.conf + fi + + keepdir /var/cache/samba + keepdir /var/lib/ctdb + keepdir /var/lib/samba/{bind-dns,private} + keepdir /var/lock/samba + keepdir /var/log/samba +} + +multilib_src_test() { + if multilib_is_native_abi ; then + "${WAF_BINARY}" test || die "test failed" + fi +} + +pkg_postinst() { + ewarn "Be aware that this release contains the best of all of Samba's" + ewarn "technology parts, both a file server (that you can reasonably expect" + ewarn "to upgrade existing Samba 3.x releases to) and the AD domain" + ewarn "controller work previously known as 'samba4'." + + elog "For further information and migration steps make sure to read " + elog "https://samba.org/samba/history/${P}.html " + elog "https://wiki.samba.org/index.php/Samba4/HOWTO " +} diff --git a/net-fs/samba/samba-4.13.7.ebuild b/net-fs/samba/samba-4.13.7.ebuild new file mode 100644 index 000000000000..1c467102c865 --- /dev/null +++ b/net-fs/samba/samba-4.13.7.ebuild @@ -0,0 +1,332 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3_{7..9} ) +PYTHON_REQ_USE="threads(+),xml(+)" +inherit python-single-r1 waf-utils multilib-minimal linux-info systemd pam tmpfiles + +DESCRIPTION="Samba Suite Version 4" +HOMEPAGE="https://samba.org/" + +MY_PV="${PV/_rc/rc}" +MY_P="${PN}-${MY_PV}" +if [[ ${PV} = *_rc* ]]; then + SRC_URI="mirror://samba/rc/${MY_P}.tar.gz" +else + SRC_URI="mirror://samba/stable/${MY_P}.tar.gz" + KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~x86" +fi +S="${WORKDIR}/${MY_P}" + +LICENSE="GPL-3" +SLOT="0" +IUSE="acl addc addns ads ceph client cluster cups debug dmapi fam glusterfs +gpg iprint json ldap ntvfs pam profiling-data python quota +regedit selinux +snapper spotlight syslog system-heimdal +system-mitkrb5 systemd test winbind +zeroconf" + +REQUIRED_USE="${PYTHON_REQUIRED_USE} + addc? ( python json winbind ) + addns? ( python ) + ads? ( acl ldap winbind ) + cluster? ( ads ) + gpg? ( addc ) + ntvfs? ( addc ) + spotlight? ( json ) + test? ( python ) + !ads? ( !addc ) + ?? ( system-heimdal system-mitkrb5 ) +" + +# the test suite is messed, it uses system-installed samba +# bits instead of what was built, tests things disabled via use +# flags, and generally just fails to work in a way ebuilds could +# rely on in its current state +RESTRICT="test" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/samba-4.0/policy.h + /usr/include/samba-4.0/dcerpc_server.h + /usr/include/samba-4.0/ctdb.h + /usr/include/samba-4.0/ctdb_client.h + /usr/include/samba-4.0/ctdb_protocol.h + /usr/include/samba-4.0/ctdb_private.h + /usr/include/samba-4.0/ctdb_typesafe_cb.h + /usr/include/samba-4.0/ctdb_version.h +) + +COMMON_DEPEND=" + >=app-arch/libarchive-3.1.2[${MULTILIB_USEDEP}] + dev-lang/perl:= + dev-libs/icu:=[${MULTILIB_USEDEP}] + dev-libs/libbsd[${MULTILIB_USEDEP}] + dev-libs/libtasn1[${MULTILIB_USEDEP}] + dev-libs/popt[${MULTILIB_USEDEP}] + dev-perl/Parse-Yapp + >=net-libs/gnutls-3.4.7[${MULTILIB_USEDEP}] + net-libs/libnsl:=[${MULTILIB_USEDEP}] + sys-libs/e2fsprogs-libs[${MULTILIB_USEDEP}] + >=sys-libs/ldb-2.2.1[ldap(+)?,${MULTILIB_USEDEP}] + <sys-libs/ldb-2.3.0[ldap(+)?,${MULTILIB_USEDEP}] + sys-libs/libcap[${MULTILIB_USEDEP}] + sys-libs/libunwind + sys-libs/liburing:=[${MULTILIB_USEDEP}] + sys-libs/ncurses:0= + sys-libs/readline:0= + >=sys-libs/talloc-2.3.1[${MULTILIB_USEDEP}] + >=sys-libs/tdb-1.4.3[${MULTILIB_USEDEP}] + >=sys-libs/tevent-0.10.2[${MULTILIB_USEDEP}] + sys-libs/zlib[${MULTILIB_USEDEP}] + virtual/libiconv + acl? ( virtual/acl ) + $(python_gen_cond_dep " + dev-python/subunit[\${PYTHON_MULTI_USEDEP},${MULTILIB_USEDEP}] + addns? ( + dev-python/dnspython:=[\${PYTHON_MULTI_USEDEP}] + net-dns/bind-tools[gssapi] + ) + ") + ceph? ( sys-cluster/ceph ) + cluster? ( net-libs/rpcsvc-proto ) + cups? ( net-print/cups ) + debug? ( dev-util/lttng-ust ) + dmapi? ( sys-apps/dmapi ) + fam? ( virtual/fam ) + gpg? ( app-crypt/gpgme ) + json? ( dev-libs/jansson ) + ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] ) + pam? ( sys-libs/pam ) + python? ( + sys-libs/ldb[python,${PYTHON_SINGLE_USEDEP}] + sys-libs/talloc[python,${PYTHON_SINGLE_USEDEP}] + sys-libs/tdb[python,${PYTHON_SINGLE_USEDEP}] + sys-libs/tevent[python,${PYTHON_SINGLE_USEDEP}] + ) + snapper? ( sys-apps/dbus ) + system-heimdal? ( >=app-crypt/heimdal-1.5[-ssl,${MULTILIB_USEDEP}] ) + system-mitkrb5? ( >=app-crypt/mit-krb5-1.15.1[${MULTILIB_USEDEP}] ) + systemd? ( sys-apps/systemd:0= ) + zeroconf? ( net-dns/avahi[dbus] ) +" +DEPEND="${COMMON_DEPEND} + >=dev-util/cmocka-1.1.3[${MULTILIB_USEDEP}] + net-libs/libtirpc[${MULTILIB_USEDEP}] + || ( + net-libs/rpcsvc-proto + <sys-libs/glibc-2.26[rpc(+)] + ) + spotlight? ( dev-libs/glib ) + test? ( + !system-mitkrb5? ( + >=net-dns/resolv_wrapper-1.1.4 + >=net-libs/socket_wrapper-1.1.9 + >=sys-libs/nss_wrapper-1.1.3 + >=sys-libs/uid_wrapper-1.2.1 + ) + )" +RDEPEND="${COMMON_DEPEND} + client? ( net-fs/cifs-utils[ads?] ) + python? ( ${PYTHON_DEPS} ) + selinux? ( sec-policy/selinux-samba ) +" +BDEPEND="${PYTHON_DEPS} + app-text/docbook-xsl-stylesheets + dev-libs/libxslt + virtual/pkgconfig +" + +PATCHES=( + "${FILESDIR}/${PN}-4.4.0-pam.patch" +) + +#CONFDIR="${FILESDIR}/$(get_version_component_range 1-2)" +CONFDIR="${FILESDIR}/4.4" + +WAF_BINARY="${S}/buildtools/bin/waf" + +SHAREDMODS="" + +pkg_setup() { + # Package fails to build with distcc + export DISTCC_DISABLE=1 + + python-single-r1_pkg_setup + + SHAREDMODS="$(usex snapper '' '!')vfs_snapper" + if use cluster ; then + SHAREDMODS+=",idmap_rid,idmap_tdb2,idmap_ad" + elif use ads ; then + SHAREDMODS+=",idmap_ad" + fi +} + +src_prepare() { + default + + # un-bundle dnspython + sed -i -e '/"dns.resolver":/d' "${S}"/third_party/wscript || die + + # unbundle iso8601 unless tests are enabled + if ! use test ; then + sed -i -e '/"iso8601":/d' "${S}"/third_party/wscript || die + fi + + ## ugly hackaround for bug #592502 + #cp /usr/include/tevent_internal.h "${S}"/lib/tevent/ || die + + sed -e 's:<gpgme\.h>:<gpgme/gpgme.h>:' \ + -i source4/dsdb/samdb/ldb_modules/password_hash.c \ + || die + + # Friggin' WAF shit + multilib_copy_sources +} + +multilib_src_configure() { + # when specifying libs for samba build you must append NONE to the end to + # stop it automatically including things + local bundled_libs="NONE" + if ! use system-heimdal && ! use system-mitkrb5 ; then + bundled_libs="heimbase,heimntlm,hdb,kdc,krb5,wind,gssapi,hcrypto,hx509,roken,asn1,com_err,NONE" + fi + + local myconf=( + --enable-fhs + --sysconfdir="${EPREFIX}/etc" + --localstatedir="${EPREFIX}/var" + --with-modulesdir="${EPREFIX}/usr/$(get_libdir)/samba" + --with-piddir="${EPREFIX}/run/${PN}" + --bundled-libraries="${bundled_libs}" + --builtin-libraries=NONE + --disable-rpath + --disable-rpath-install + --nopyc + --nopyo + --without-winexe + $(multilib_native_use_with acl acl-support) + $(multilib_native_usex addc '' '--without-ad-dc') + $(multilib_native_use_with addns dnsupdate) + $(multilib_native_use_with ads) + $(multilib_native_use_enable ceph cephfs) + $(multilib_native_use_with cluster cluster-support) + $(multilib_native_use_enable cups) + $(multilib_native_use_with dmapi) + $(multilib_native_use_with fam) + $(multilib_native_use_enable glusterfs) + $(multilib_native_use_with gpg gpgme) + $(multilib_native_use_with json) + $(multilib_native_use_enable iprint) + $(multilib_native_use_with ntvfs ntvfs-fileserver) + $(multilib_native_use_with pam) + $(multilib_native_usex pam "--with-pammodulesdir=${EPREFIX}/$(get_libdir)/security" '') + $(multilib_native_use_with quota quotas) + $(multilib_native_use_with regedit) + $(multilib_native_use_enable spotlight) + $(multilib_native_use_with syslog) + $(multilib_native_use_with systemd) + --systemd-install-services + --with-systemddir="$(systemd_get_systemunitdir)" + $(multilib_native_use_with winbind) + $(multilib_native_usex python '' '--disable-python') + $(multilib_native_use_enable zeroconf avahi) + $(multilib_native_usex test '--enable-selftest' '') + $(usex system-mitkrb5 "--with-system-mitkrb5 $(multilib_native_usex addc --with-experimental-mit-ad-dc '')" '') + $(use_with debug lttng) + $(use_with ldap) + $(use_with profiling-data) + # bug #683148 + --jobs 1 + ) + + if multilib_is_native_abi ; then + myconf+=( --with-shared-modules=${SHAREDMODS} ) + else + myconf+=( --with-shared-modules=DEFAULT,!vfs_snapper ) + fi + + CPPFLAGS="-I${SYSROOT}${EPREFIX}/usr/include/et ${CPPFLAGS}" \ + waf-utils_src_configure ${myconf[@]} +} + +multilib_src_compile() { + waf-utils_src_compile +} + +multilib_src_install() { + waf-utils_src_install + + # Make all .so files executable + find "${ED}" -type f -name "*.so" -exec chmod +x {} + || die + + if multilib_is_native_abi ; then + # install ldap schema for server (bug #491002) + if use ldap ; then + insinto /etc/openldap/schema + doins examples/LDAP/samba.schema + fi + + # create symlink for cups (bug #552310) + if use cups ; then + dosym ../../../bin/smbspool /usr/libexec/cups/backend/smb + fi + + # install example config file + insinto /etc/samba + doins examples/smb.conf.default + + # Fix paths in example file (#603964) + sed \ + -e '/log file =/s@/usr/local/samba/var/@/var/log/samba/@' \ + -e '/include =/s@/usr/local/samba/lib/@/etc/samba/@' \ + -e '/path =/s@/usr/local/samba/lib/@/var/lib/samba/@' \ + -e '/path =/s@/usr/local/samba/@/var/lib/samba/@' \ + -e '/path =/s@/usr/spool/samba@/var/spool/samba@' \ + -i "${ED}"/etc/samba/smb.conf.default || die + + # Install init script and conf.d file + newinitd "${CONFDIR}/samba4.initd-r1" samba + newconfd "${CONFDIR}/samba4.confd" samba + + dotmpfiles "${FILESDIR}"/samba.conf + use addc || rm "${D}/$(systemd_get_systemunitdir)/samba.service" || die + + # Preserve functionality for old gentoo-specific unit names + dosym nmb.service "$(systemd_get_systemunitdir)/nmbd.service" + dosym smb.service "$(systemd_get_systemunitdir)/smbd.service" + dosym winbind.service "$(systemd_get_systemunitdir)/winbindd.service" + fi + + if use pam && use winbind ; then + newpamd "${CONFDIR}/system-auth-winbind.pam" system-auth-winbind + # bugs #376853 and #590374 + insinto /etc/security + doins examples/pam_winbind/pam_winbind.conf + fi + + keepdir /var/cache/samba + keepdir /var/lib/ctdb + keepdir /var/lib/samba/{bind-dns,private} + keepdir /var/lock/samba + keepdir /var/log/samba +} + +multilib_src_test() { + if multilib_is_native_abi ; then + "${WAF_BINARY}" test || die "test failed" + fi +} + +pkg_postinst() { + if [[ -z ${REPLACING_VERSIONS} ]] ; then + elog "Be aware that this release contains the best of all of Samba's" + elog "technology parts, both a file server (that you can reasonably expect" + elog "to upgrade existing Samba 3.x releases to) and the AD domain" + elog "controller work previously known as 'samba4'." + elog + fi + elog "For further information and migration steps make sure to read " + elog "https://samba.org/samba/history/${P}.html " + elog "https://wiki.samba.org/index.php/Samba4/HOWTO " +} diff --git a/net-fs/samba/samba-4.14.2.ebuild b/net-fs/samba/samba-4.14.2.ebuild new file mode 100644 index 000000000000..09568278f8cf --- /dev/null +++ b/net-fs/samba/samba-4.14.2.ebuild @@ -0,0 +1,336 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3_{7..9} ) +PYTHON_REQ_USE="threads(+),xml(+)" +inherit python-single-r1 waf-utils multilib-minimal linux-info systemd pam tmpfiles + +DESCRIPTION="Samba Suite Version 4" +HOMEPAGE="https://samba.org/" + +MY_PV="${PV/_rc/rc}" +MY_P="${PN}-${MY_PV}" +if [[ ${PV} = *_rc* ]]; then + SRC_URI="mirror://samba/rc/${MY_P}.tar.gz" +else + SRC_URI="mirror://samba/stable/${MY_P}.tar.gz" + KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~x86" +fi +S="${WORKDIR}/${MY_P}" + +LICENSE="GPL-3" +SLOT="0" +IUSE="acl addc addns ads ceph client cluster cups debug dmapi fam glusterfs +gpg iprint json ldap ntvfs pam profiling-data python quota +regedit selinux +snapper spotlight syslog system-heimdal +system-mitkrb5 systemd test winbind +zeroconf" + +REQUIRED_USE="${PYTHON_REQUIRED_USE} + addc? ( python json winbind ) + addns? ( python ) + ads? ( acl ldap winbind ) + cluster? ( ads ) + gpg? ( addc ) + ntvfs? ( addc ) + spotlight? ( json ) + test? ( python ) + !ads? ( !addc ) + ?? ( system-heimdal system-mitkrb5 ) +" + +# the test suite is messed, it uses system-installed samba +# bits instead of what was built, tests things disabled via use +# flags, and generally just fails to work in a way ebuilds could +# rely on in its current state +RESTRICT="test" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/samba-4.0/policy.h + /usr/include/samba-4.0/dcerpc_server.h + /usr/include/samba-4.0/ctdb.h + /usr/include/samba-4.0/ctdb_client.h + /usr/include/samba-4.0/ctdb_protocol.h + /usr/include/samba-4.0/ctdb_private.h + /usr/include/samba-4.0/ctdb_typesafe_cb.h + /usr/include/samba-4.0/ctdb_version.h +) + +COMMON_DEPEND=" + >=app-arch/libarchive-3.1.2[${MULTILIB_USEDEP}] + dev-lang/perl:= + dev-libs/icu:=[${MULTILIB_USEDEP}] + dev-libs/libbsd[${MULTILIB_USEDEP}] + dev-libs/libtasn1[${MULTILIB_USEDEP}] + dev-libs/popt[${MULTILIB_USEDEP}] + dev-perl/Parse-Yapp + >=net-libs/gnutls-3.4.7[${MULTILIB_USEDEP}] + net-libs/libnsl:=[${MULTILIB_USEDEP}] + sys-libs/e2fsprogs-libs[${MULTILIB_USEDEP}] + >=sys-libs/ldb-2.3.0[ldap(+)?,${MULTILIB_USEDEP}] + <sys-libs/ldb-2.4.0[ldap(+)?,${MULTILIB_USEDEP}] + sys-libs/libcap[${MULTILIB_USEDEP}] + sys-libs/libunwind + sys-libs/liburing:=[${MULTILIB_USEDEP}] + sys-libs/ncurses:0= + sys-libs/readline:0= + >=sys-libs/talloc-2.3.2[${MULTILIB_USEDEP}] + >=sys-libs/tdb-1.4.3[${MULTILIB_USEDEP}] + >=sys-libs/tevent-0.10.2[${MULTILIB_USEDEP}] + sys-libs/zlib[${MULTILIB_USEDEP}] + virtual/libiconv + acl? ( virtual/acl ) + $(python_gen_cond_dep " + dev-python/subunit[\${PYTHON_MULTI_USEDEP},${MULTILIB_USEDEP}] + addc? ( + dev-python/dnspython:=[\${PYTHON_MULTI_USEDEP}] + dev-python/markdown[\${PYTHON_MULTI_USEDEP}] + ) + addns? ( + dev-python/dnspython:=[\${PYTHON_MULTI_USEDEP}] + net-dns/bind-tools[gssapi] + ) + ") + ceph? ( sys-cluster/ceph ) + cluster? ( net-libs/rpcsvc-proto ) + cups? ( net-print/cups ) + debug? ( dev-util/lttng-ust ) + dmapi? ( sys-apps/dmapi ) + fam? ( virtual/fam ) + gpg? ( app-crypt/gpgme ) + json? ( dev-libs/jansson ) + ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] ) + pam? ( sys-libs/pam ) + python? ( + sys-libs/ldb[python,${PYTHON_SINGLE_USEDEP}] + sys-libs/talloc[python,${PYTHON_SINGLE_USEDEP}] + sys-libs/tdb[python,${PYTHON_SINGLE_USEDEP}] + sys-libs/tevent[python,${PYTHON_SINGLE_USEDEP}] + ) + snapper? ( sys-apps/dbus ) + system-heimdal? ( >=app-crypt/heimdal-1.5[-ssl,${MULTILIB_USEDEP}] ) + system-mitkrb5? ( >=app-crypt/mit-krb5-1.15.1[${MULTILIB_USEDEP}] ) + systemd? ( sys-apps/systemd:0= ) + zeroconf? ( net-dns/avahi[dbus] ) +" +DEPEND="${COMMON_DEPEND} + >=dev-util/cmocka-1.1.3[${MULTILIB_USEDEP}] + net-libs/libtirpc[${MULTILIB_USEDEP}] + || ( + net-libs/rpcsvc-proto + <sys-libs/glibc-2.26[rpc(+)] + ) + spotlight? ( dev-libs/glib ) + test? ( + !system-mitkrb5? ( + >=net-dns/resolv_wrapper-1.1.4 + >=net-libs/socket_wrapper-1.1.9 + >=sys-libs/nss_wrapper-1.1.3 + >=sys-libs/uid_wrapper-1.2.1 + ) + )" +RDEPEND="${COMMON_DEPEND} + client? ( net-fs/cifs-utils[ads?] ) + python? ( ${PYTHON_DEPS} ) + selinux? ( sec-policy/selinux-samba ) +" +BDEPEND="${PYTHON_DEPS} + app-text/docbook-xsl-stylesheets + dev-libs/libxslt + virtual/pkgconfig +" + +PATCHES=( + "${FILESDIR}/${PN}-4.4.0-pam.patch" +) + +#CONFDIR="${FILESDIR}/$(get_version_component_range 1-2)" +CONFDIR="${FILESDIR}/4.4" + +WAF_BINARY="${S}/buildtools/bin/waf" + +SHAREDMODS="" + +pkg_setup() { + # Package fails to build with distcc + export DISTCC_DISABLE=1 + + python-single-r1_pkg_setup + + SHAREDMODS="$(usex snapper '' '!')vfs_snapper" + if use cluster ; then + SHAREDMODS+=",idmap_rid,idmap_tdb2,idmap_ad" + elif use ads ; then + SHAREDMODS+=",idmap_ad" + fi +} + +src_prepare() { + default + + # un-bundle dnspython + sed -i -e '/"dns.resolver":/d' "${S}"/third_party/wscript || die + + # unbundle iso8601 unless tests are enabled + if ! use test ; then + sed -i -e '/"iso8601":/d' "${S}"/third_party/wscript || die + fi + + ## ugly hackaround for bug #592502 + #cp /usr/include/tevent_internal.h "${S}"/lib/tevent/ || die + + sed -e 's:<gpgme\.h>:<gpgme/gpgme.h>:' \ + -i source4/dsdb/samdb/ldb_modules/password_hash.c \ + || die + + # Friggin' WAF shit + multilib_copy_sources +} + +multilib_src_configure() { + # when specifying libs for samba build you must append NONE to the end to + # stop it automatically including things + local bundled_libs="NONE" + if ! use system-heimdal && ! use system-mitkrb5 ; then + bundled_libs="heimbase,heimntlm,hdb,kdc,krb5,wind,gssapi,hcrypto,hx509,roken,asn1,com_err,NONE" + fi + + local myconf=( + --enable-fhs + --sysconfdir="${EPREFIX}/etc" + --localstatedir="${EPREFIX}/var" + --with-modulesdir="${EPREFIX}/usr/$(get_libdir)/samba" + --with-piddir="${EPREFIX}/run/${PN}" + --bundled-libraries="${bundled_libs}" + --builtin-libraries=NONE + --disable-rpath + --disable-rpath-install + --nopyc + --nopyo + --without-winexe + $(multilib_native_use_with acl acl-support) + $(multilib_native_usex addc '' '--without-ad-dc') + $(multilib_native_use_with addns dnsupdate) + $(multilib_native_use_with ads) + $(multilib_native_use_enable ceph cephfs) + $(multilib_native_use_with cluster cluster-support) + $(multilib_native_use_enable cups) + $(multilib_native_use_with dmapi) + $(multilib_native_use_with fam) + $(multilib_native_use_enable glusterfs) + $(multilib_native_use_with gpg gpgme) + $(multilib_native_use_with json) + $(multilib_native_use_enable iprint) + $(multilib_native_use_with ntvfs ntvfs-fileserver) + $(multilib_native_use_with pam) + $(multilib_native_usex pam "--with-pammodulesdir=${EPREFIX}/$(get_libdir)/security" '') + $(multilib_native_use_with quota quotas) + $(multilib_native_use_with regedit) + $(multilib_native_use_enable spotlight) + $(multilib_native_use_with syslog) + $(multilib_native_use_with systemd) + --systemd-install-services + --with-systemddir="$(systemd_get_systemunitdir)" + $(multilib_native_use_with winbind) + $(multilib_native_usex python '' '--disable-python') + $(multilib_native_use_enable zeroconf avahi) + $(multilib_native_usex test '--enable-selftest' '') + $(usex system-mitkrb5 "--with-system-mitkrb5 $(multilib_native_usex addc --with-experimental-mit-ad-dc '')" '') + $(use_with debug lttng) + $(use_with ldap) + $(use_with profiling-data) + # bug #683148 + --jobs 1 + ) + + if multilib_is_native_abi ; then + myconf+=( --with-shared-modules=${SHAREDMODS} ) + else + myconf+=( --with-shared-modules=DEFAULT,!vfs_snapper ) + fi + + CPPFLAGS="-I${SYSROOT}${EPREFIX}/usr/include/et ${CPPFLAGS}" \ + waf-utils_src_configure ${myconf[@]} +} + +multilib_src_compile() { + waf-utils_src_compile +} + +multilib_src_install() { + waf-utils_src_install + + # Make all .so files executable + find "${ED}" -type f -name "*.so" -exec chmod +x {} + || die + + if multilib_is_native_abi ; then + # install ldap schema for server (bug #491002) + if use ldap ; then + insinto /etc/openldap/schema + doins examples/LDAP/samba.schema + fi + + # create symlink for cups (bug #552310) + if use cups ; then + dosym ../../../bin/smbspool /usr/libexec/cups/backend/smb + fi + + # install example config file + insinto /etc/samba + doins examples/smb.conf.default + + # Fix paths in example file (#603964) + sed \ + -e '/log file =/s@/usr/local/samba/var/@/var/log/samba/@' \ + -e '/include =/s@/usr/local/samba/lib/@/etc/samba/@' \ + -e '/path =/s@/usr/local/samba/lib/@/var/lib/samba/@' \ + -e '/path =/s@/usr/local/samba/@/var/lib/samba/@' \ + -e '/path =/s@/usr/spool/samba@/var/spool/samba@' \ + -i "${ED}"/etc/samba/smb.conf.default || die + + # Install init script and conf.d file + newinitd "${CONFDIR}/samba4.initd-r1" samba + newconfd "${CONFDIR}/samba4.confd" samba + + dotmpfiles "${FILESDIR}"/samba.conf + use addc || rm "${D}/$(systemd_get_systemunitdir)/samba.service" || die + + # Preserve functionality for old gentoo-specific unit names + dosym nmb.service "$(systemd_get_systemunitdir)/nmbd.service" + dosym smb.service "$(systemd_get_systemunitdir)/smbd.service" + dosym winbind.service "$(systemd_get_systemunitdir)/winbindd.service" + fi + + if use pam && use winbind ; then + newpamd "${CONFDIR}/system-auth-winbind.pam" system-auth-winbind + # bugs #376853 and #590374 + insinto /etc/security + doins examples/pam_winbind/pam_winbind.conf + fi + + keepdir /var/cache/samba + keepdir /var/lib/ctdb + keepdir /var/lib/samba/{bind-dns,private} + keepdir /var/lock/samba + keepdir /var/log/samba +} + +multilib_src_test() { + if multilib_is_native_abi ; then + "${WAF_BINARY}" test || die "test failed" + fi +} + +pkg_postinst() { + if [[ -z ${REPLACING_VERSIONS} ]] ; then + elog "Be aware that this release contains the best of all of Samba's" + elog "technology parts, both a file server (that you can reasonably expect" + elog "to upgrade existing Samba 3.x releases to) and the AD domain" + elog "controller work previously known as 'samba4'." + elog + fi + elog "For further information and migration steps make sure to read " + elog "https://samba.org/samba/history/${P}.html " + elog "https://wiki.samba.org/index.php/Samba4/HOWTO " +} |