diff options
author | Lars Wendler <polynomial-c@gentoo.org> | 2020-10-23 14:08:27 +0200 |
---|---|---|
committer | Lars Wendler <polynomial-c@gentoo.org> | 2020-10-23 14:08:36 +0200 |
commit | b2360fc8a42d1077ce86766c1d4cf05d4e5b3eca (patch) | |
tree | 72b4e34be1ff0d4f047c683519ab29ef664a6879 /net-fs | |
parent | net-fs/samba: Security cleanup (diff) | |
download | gentoo-b2360fc8a42d1077ce86766c1d4cf05d4e5b3eca.tar.gz gentoo-b2360fc8a42d1077ce86766c1d4cf05d4e5b3eca.tar.bz2 gentoo-b2360fc8a42d1077ce86766c1d4cf05d4e5b3eca.zip |
net-fs/samba: Bump to version 4.12.8
Package-Manager: Portage-3.0.8, Repoman-3.0.2
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
Diffstat (limited to 'net-fs')
-rw-r--r-- | net-fs/samba/Manifest | 2 | ||||
-rw-r--r-- | net-fs/samba/samba-4.12.8.ebuild | 319 |
2 files changed, 320 insertions, 1 deletions
diff --git a/net-fs/samba/Manifest b/net-fs/samba/Manifest index b43bd06ac699..4cf648bc35f2 100644 --- a/net-fs/samba/Manifest +++ b/net-fs/samba/Manifest @@ -1,4 +1,4 @@ DIST samba-4.11.13.tar.gz 18598813 BLAKE2B 5671498058e61c1afbdb0976b6931dc4e13087792612d4fdc3073e8e40a60be82f578836e3baa48f111a600da5c6e0e08aa7ba638fbc1285bbb57644ae7e8b1d SHA512 396ab636db6f9583b772935d58a3cf1860109bb9e1ef841a38c08d7be9f3839d6e198d5cdc80ef0803fcbfa6c06f1173585f3b582937e8834857fc47d90f7181 -DIST samba-4.12.6.tar.gz 18224870 BLAKE2B 5a8086c3575dd46cc8f428db818dc3db8772fa08fb7a431940377219f782555923f9b0a62b067b4c89a0208aa022bfa0c0664706a1241487183344e822c20bc3 SHA512 16a4ced3942bc6d51e80db257e8caeaa426980f66caf2aaf2324f091ec5063bc6b9029d90ff2f321b68be4cede7555d1ebf142405105468bd581e7a7bf9f0be5 DIST samba-4.12.7.tar.gz 18230157 BLAKE2B cf0ed50177e1e0d840892753537d8fab8c31ed4a6ba9b4e6bfc12e56c9f14a760c9e3dd230dc8e6caf2d7493e204bffb2fbd1bfa0931ae3fd93311ae2d5b3e32 SHA512 5afb1f24b029e665bb4f6bd7b7cf915243476b09b304942b2105586fa99adc6a19b46b4753ca116e230e5bb7b82e011fbe296c62bc70a8a897e56aece55a7f0b +DIST samba-4.12.8.tar.gz 18235713 BLAKE2B cdebcc3203c1eb7972f63d1844f91423729d7296261756e6a9250a6732c908822e01aeb4914f00f890c359d23c1ddb2e51d477db63cb559d3e029a2b15607cd6 SHA512 63f6db229e1393f4e3bd0381f8336f4620b2178c88a35acde69826567c4cca4030eb8c71c45d8f249ecd95d453916442c0500e408f3683517c3894cc8d11a9ed DIST samba-4.13.0.tar.gz 18406380 BLAKE2B d54db52102c6d507c3e6f32fc6c64051a95ef8ccfdb1e81a379d2c0325f6f9fe79c64ce9a26ddf48ae11351912ad988f6f532474a81284c7a7147521ceacc509 SHA512 0c15e887efa79ba8c1d24eda2f03898a1a080cb947056df12abc361f12eb5659f9ee37132767f5ef7e4ecb9c431759e5b619cb785921276fda17f4a9411af81c diff --git a/net-fs/samba/samba-4.12.8.ebuild b/net-fs/samba/samba-4.12.8.ebuild new file mode 100644 index 000000000000..5de205e7c8b0 --- /dev/null +++ b/net-fs/samba/samba-4.12.8.ebuild @@ -0,0 +1,319 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +PYTHON_COMPAT=( python3_{6,7,8} ) +PYTHON_REQ_USE='threads(+),xml(+)' +inherit python-single-r1 waf-utils multilib-minimal linux-info systemd pam + +MY_PV="${PV/_rc/rc}" +MY_P="${PN}-${MY_PV}" + +SRC_PATH="stable" +[[ ${PV} = *_rc* ]] && SRC_PATH="rc" + +SRC_URI="mirror://samba/${SRC_PATH}/${MY_P}.tar.gz" +[[ ${PV} = *_rc* ]] || \ +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" + +DESCRIPTION="Samba Suite Version 4" +HOMEPAGE="https://www.samba.org/" +LICENSE="GPL-3" + +SLOT="0" + +IUSE="acl addc addns ads ceph client cluster cups debug dmapi fam gpg iprint +json ldap pam profiling-data python quota selinux snapper syslog +system-heimdal +system-mitkrb5 systemd test winbind zeroconf" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/samba-4.0/policy.h + /usr/include/samba-4.0/dcerpc_server.h + /usr/include/samba-4.0/ctdb.h + /usr/include/samba-4.0/ctdb_client.h + /usr/include/samba-4.0/ctdb_protocol.h + /usr/include/samba-4.0/ctdb_private.h + /usr/include/samba-4.0/ctdb_typesafe_cb.h + /usr/include/samba-4.0/ctdb_version.h +) + +CDEPEND=" + >=app-arch/libarchive-3.1.2[${MULTILIB_USEDEP}] + dev-lang/perl:= + dev-libs/icu:=[${MULTILIB_USEDEP}] + dev-libs/libbsd[${MULTILIB_USEDEP}] + dev-libs/libtasn1[${MULTILIB_USEDEP}] + dev-libs/popt[${MULTILIB_USEDEP}] + dev-perl/Parse-Yapp + >=net-libs/gnutls-3.4.7[${MULTILIB_USEDEP}] + net-libs/libnsl:=[${MULTILIB_USEDEP}] + sys-libs/e2fsprogs-libs[${MULTILIB_USEDEP}] + >=sys-libs/ldb-2.1.4[ldap(+)?,python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}] + <sys-libs/ldb-2.2.0[ldap(+)?,python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}] + sys-libs/libcap[${MULTILIB_USEDEP}] + sys-libs/liburing[${MULTILIB_USEDEP}] + sys-libs/ncurses:0= + sys-libs/readline:0= + >=sys-libs/talloc-2.3.1[python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}] + >=sys-libs/tdb-1.4.3[python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}] + >=sys-libs/tevent-0.10.2[python?,${PYTHON_SINGLE_USEDEP},${MULTILIB_USEDEP}] + sys-libs/zlib[${MULTILIB_USEDEP}] + virtual/libiconv + pam? ( sys-libs/pam ) + acl? ( virtual/acl ) + $(python_gen_cond_dep " + dev-python/subunit[\${PYTHON_MULTI_USEDEP},${MULTILIB_USEDEP}] + addns? ( + net-dns/bind-tools[gssapi] + dev-python/dnspython:=[\${PYTHON_MULTI_USEDEP}] + ) + ") + ceph? ( sys-cluster/ceph ) + cluster? ( + net-libs/rpcsvc-proto + !dev-db/ctdb + ) + cups? ( net-print/cups ) + debug? ( dev-util/lttng-ust ) + dmapi? ( sys-apps/dmapi ) + fam? ( virtual/fam ) + gpg? ( app-crypt/gpgme ) + json? ( dev-libs/jansson ) + ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] ) + snapper? ( sys-apps/dbus ) + system-heimdal? ( >=app-crypt/heimdal-1.5[-ssl,${MULTILIB_USEDEP}] ) + system-mitkrb5? ( >=app-crypt/mit-krb5-1.15.1[${MULTILIB_USEDEP}] ) + systemd? ( sys-apps/systemd:0= ) + zeroconf? ( net-dns/avahi[dbus] ) +" +DEPEND="${CDEPEND} + ${PYTHON_DEPS} + app-text/docbook-xsl-stylesheets + dev-libs/libxslt + >=dev-util/cmocka-1.1.3[${MULTILIB_USEDEP}] + net-libs/libtirpc[${MULTILIB_USEDEP}] + virtual/pkgconfig + || ( + net-libs/rpcsvc-proto + <sys-libs/glibc-2.26[rpc(+)] + ) + test? ( + !system-mitkrb5? ( + >=sys-libs/nss_wrapper-1.1.3 + >=net-dns/resolv_wrapper-1.1.4 + >=net-libs/socket_wrapper-1.1.9 + >=sys-libs/uid_wrapper-1.2.1 + ) + )" +RDEPEND="${CDEPEND} + python? ( ${PYTHON_DEPS} ) + client? ( net-fs/cifs-utils[ads?] ) + selinux? ( sec-policy/selinux-samba ) +" + +REQUIRED_USE=" + addc? ( python json winbind ) + addns? ( python ) + ads? ( acl ldap winbind ) + cluster? ( ads ) + gpg? ( addc ) + test? ( python ) + ?? ( system-heimdal system-mitkrb5 ) + ${PYTHON_REQUIRED_USE} +" + +# the test suite is messed, it uses system-installed samba +# bits instead of what was built, tests things disabled via use +# flags, and generally just fails to work in a way ebuilds could +# rely on in its current state +RESTRICT="test" + +S="${WORKDIR}/${MY_P}" + +PATCHES=( + "${FILESDIR}/${PN}-4.4.0-pam.patch" + "${FILESDIR}/${PN}-4.9.2-timespec.patch" + "${FILESDIR}/${PN}-4.13-winexe_option.patch" + "${FILESDIR}/${PN}-4.13-vfs_snapper_configure_option.patch" +) + +#CONFDIR="${FILESDIR}/$(get_version_component_range 1-2)" +CONFDIR="${FILESDIR}/4.4" + +WAF_BINARY="${S}/buildtools/bin/waf" + +SHAREDMODS="" + +pkg_setup() { + # Package fails to build with distcc + export DISTCC_DISABLE=1 + + python-single-r1_pkg_setup + if use cluster ; then + SHAREDMODS="idmap_rid,idmap_tdb2,idmap_ad" + elif use ads ; then + SHAREDMODS="idmap_ad" + fi +} + +src_prepare() { + default + + # un-bundle dnspython + sed -i -e '/"dns.resolver":/d' "${S}"/third_party/wscript || die + + # unbundle iso8601 unless tests are enabled + if ! use test ; then + sed -i -e '/"iso8601":/d' "${S}"/third_party/wscript || die + fi + + ## ugly hackaround for bug #592502 + #cp /usr/include/tevent_internal.h "${S}"/lib/tevent/ || die + + sed -e 's:<gpgme\.h>:<gpgme/gpgme.h>:' \ + -i source4/dsdb/samdb/ldb_modules/password_hash.c \ + || die + + # Friggin' WAF shit + multilib_copy_sources +} + +multilib_src_configure() { + # when specifying libs for samba build you must append NONE to the end to + # stop it automatically including things + local bundled_libs="NONE" + if ! use system-heimdal && ! use system-mitkrb5 ; then + bundled_libs="heimbase,heimntlm,hdb,kdc,krb5,wind,gssapi,hcrypto,hx509,roken,asn1,com_err,NONE" + fi + + local myconf=( + --enable-fhs + --sysconfdir="${EPREFIX}/etc" + --localstatedir="${EPREFIX}/var" + --with-modulesdir="${EPREFIX}/usr/$(get_libdir)/samba" + --with-piddir="${EPREFIX}/run/${PN}" + --bundled-libraries="${bundled_libs}" + --builtin-libraries=NONE + --disable-rpath + --disable-rpath-install + --nopyc + --nopyo + --without-winexe + $(multilib_native_use_with acl acl-support) + $(multilib_native_usex addc '' '--without-ad-dc') + $(multilib_native_use_with addns dnsupdate) + $(multilib_native_use_with ads) + $(multilib_native_use_enable ceph cephfs) + $(multilib_native_use_with cluster cluster-support) + $(multilib_native_use_enable cups) + $(multilib_native_use_with dmapi) + $(multilib_native_use_with fam) + $(multilib_native_use_with gpg gpgme) + $(multilib_native_use_with json) + $(multilib_native_use_enable iprint) + $(multilib_native_use_with pam) + $(multilib_native_usex pam "--with-pammodulesdir=${EPREFIX}/$(get_libdir)/security" '') + $(multilib_native_use_with quota quotas) + $(multilib_native_use_enable snapper) + $(multilib_native_use_with syslog) + $(multilib_native_use_with systemd) + --systemd-install-services + --with-systemddir="$(systemd_get_systemunitdir)" + $(multilib_native_use_with winbind) + $(multilib_native_usex python '' '--disable-python') + $(multilib_native_use_enable zeroconf avahi) + $(multilib_native_usex test '--enable-selftest' '') + $(usex system-mitkrb5 "--with-system-mitkrb5 $(multilib_native_usex addc --with-experimental-mit-ad-dc '')" '') + $(use_with debug lttng) + $(use_with ldap) + $(use_with profiling-data) + # bug #683148 + --jobs 1 + ) + + multilib_is_native_abi && myconf+=( --with-shared-modules=${SHAREDMODS} ) + + CPPFLAGS="-I${SYSROOT}${EPREFIX}/usr/include/et ${CPPFLAGS}" \ + waf-utils_src_configure ${myconf[@]} +} + +multilib_src_compile() { + waf-utils_src_compile +} + +multilib_src_install() { + waf-utils_src_install + + # Make all .so files executable + find "${ED}" -type f -name "*.so" -exec chmod +x {} + || die + + if multilib_is_native_abi ; then + # install ldap schema for server (bug #491002) + if use ldap ; then + insinto /etc/openldap/schema + doins examples/LDAP/samba.schema + fi + + # create symlink for cups (bug #552310) + if use cups ; then + dosym ../../../bin/smbspool /usr/libexec/cups/backend/smb + fi + + # install example config file + insinto /etc/samba + doins examples/smb.conf.default + + # Fix paths in example file (#603964) + sed \ + -e '/log file =/s@/usr/local/samba/var/@/var/log/samba/@' \ + -e '/include =/s@/usr/local/samba/lib/@/etc/samba/@' \ + -e '/path =/s@/usr/local/samba/lib/@/var/lib/samba/@' \ + -e '/path =/s@/usr/local/samba/@/var/lib/samba/@' \ + -e '/path =/s@/usr/spool/samba@/var/spool/samba@' \ + -i "${ED%/}"/etc/samba/smb.conf.default || die + + # Install init script and conf.d file + newinitd "${CONFDIR}/samba4.initd-r1" samba + newconfd "${CONFDIR}/samba4.confd" samba + + systemd_dotmpfilesd "${FILESDIR}"/samba.conf + use addc || rm "${D}/$(systemd_get_systemunitdir)/samba.service" || die + + # Preserve functionality for old gentoo-specific unit names + dosym nmb.service "$(systemd_get_systemunitdir)/nmbd.service" + dosym smb.service "$(systemd_get_systemunitdir)/smbd.service" + dosym winbind.service "$(systemd_get_systemunitdir)/winbindd.service" + fi + + if use pam && use winbind ; then + newpamd "${CONFDIR}/system-auth-winbind.pam" system-auth-winbind + # bugs #376853 and #590374 + insinto /etc/security + doins examples/pam_winbind/pam_winbind.conf + fi + + keepdir /var/cache/samba + keepdir /var/lib/ctdb + keepdir /var/lib/samba/{bind-dns,private} + keepdir /var/lock/samba + keepdir /var/log/samba + keepdir /var/run/samba +} + +multilib_src_test() { + if multilib_is_native_abi ; then + "${WAF_BINARY}" test || die "test failed" + fi +} + +pkg_postinst() { + ewarn "Be aware that this release contains the best of all of Samba's" + ewarn "technology parts, both a file server (that you can reasonably expect" + ewarn "to upgrade existing Samba 3.x releases to) and the AD domain" + ewarn "controller work previously known as 'samba4'." + + elog "For further information and migration steps make sure to read " + elog "https://samba.org/samba/history/${P}.html " + elog "https://wiki.samba.org/index.php/Samba4/HOWTO " +} |