From 5635bfee3a3b8a937a1b43931ba6a091fc749675 Mon Sep 17 00:00:00 2001 From: coolsnowwolf Date: Fri, 21 Feb 2020 18:36:51 +0800 Subject: [PATCH] samba4: add python 3.5+ build support --- package/lean/samba4/Config.in | 76 ++--- package/lean/samba4/Makefile | 320 ++++++++++-------- package/lean/samba4/files/samba.config | 2 - package/lean/samba4/files/samba.init | 192 ++++++----- package/lean/samba4/files/smb.conf.template | 66 ++-- .../lean/samba4/patches/003-getpwent_r.patch | 80 +++++ .../samba4/patches/004-missing-headers.patch | 38 +++ .../samba4/patches/005-musl_uintptr.patch | 35 ++ .../samba4/patches/006-netdb-defines.patch | 19 ++ ...bldb-fix-musl-libc-unkown-type-error.patch | 31 ++ ...samba-4.11-add_missing___compar_fn_t.patch | 14 + .../patches/009-samba-4.11-qsort-compar.patch | 22 ++ ...mba-4-11-fix-host-tools-checks.patch.patch | 40 +++ ...ch => 020-source3-msgsock-nvram-fix.patch} | 4 +- ...ch => 021-source4-msgsock-nvram-fix.patch} | 0 ...rt-target-module-while-cross-compile.patch | 56 --- ...h => 102-samba-4.11-unbundle-libbsd.patch} | 22 +- ...102-samba-4.8.2-unbundle-libreadline.patch | 21 -- .../patches/103-tmsize-overflow-fix.patch | 21 ++ .../lean/samba4/waf-cross-answers/aarch64.txt | 2 +- package/lean/samba4/waf-cross-answers/arc.txt | 2 +- package/lean/samba4/waf-cross-answers/arm.txt | 2 +- .../lean/samba4/waf-cross-answers/armeb.txt | 2 +- .../lean/samba4/waf-cross-answers/i386.txt | 2 +- .../lean/samba4/waf-cross-answers/mips.txt | 2 +- .../lean/samba4/waf-cross-answers/mips64.txt | 2 +- .../samba4/waf-cross-answers/mips64el.txt | 2 +- .../lean/samba4/waf-cross-answers/mipsel.txt | 2 +- .../lean/samba4/waf-cross-answers/powerpc.txt | 2 +- .../lean/samba4/waf-cross-answers/x86_64.txt | 2 +- 30 files changed, 664 insertions(+), 417 deletions(-) create mode 100644 package/lean/samba4/patches/003-getpwent_r.patch create mode 100644 package/lean/samba4/patches/004-missing-headers.patch create mode 100644 package/lean/samba4/patches/005-musl_uintptr.patch create mode 100644 package/lean/samba4/patches/006-netdb-defines.patch create mode 100644 package/lean/samba4/patches/007-libldb-fix-musl-libc-unkown-type-error.patch create mode 100644 package/lean/samba4/patches/008-samba-4.11-add_missing___compar_fn_t.patch create mode 100644 package/lean/samba4/patches/009-samba-4.11-qsort-compar.patch create mode 100644 package/lean/samba4/patches/010-samba-4-11-fix-host-tools-checks.patch.patch rename package/lean/samba4/patches/{010-source3-msgsock-nvram-fix.patch => 020-source3-msgsock-nvram-fix.patch} (84%) rename package/lean/samba4/patches/{011-source4-msgsock-nvram-fix.patch => 021-source4-msgsock-nvram-fix.patch} (100%) delete mode 100644 package/lean/samba4/patches/100-do-not-import-target-module-while-cross-compile.patch rename package/lean/samba4/patches/{103-samba-4.8.5-unbundle-libbsd.patch => 102-samba-4.11-unbundle-libbsd.patch} (76%) delete mode 100644 package/lean/samba4/patches/102-samba-4.8.2-unbundle-libreadline.patch create mode 100644 package/lean/samba4/patches/103-tmsize-overflow-fix.patch diff --git a/package/lean/samba4/Config.in b/package/lean/samba4/Config.in index c59c7b291..988c05f20 100644 --- a/package/lean/samba4/Config.in +++ b/package/lean/samba4/Config.in @@ -1,37 +1,19 @@ -config SAMBA4_SERVER_ACL - bool "ACL support (xattr)" +config SAMBA4_SERVER_NETBIOS + bool "NetBIOS support" depends on PACKAGE_samba4-server - select PACKAGE_acl help - installs: sharesec - modules: vfs_acl_xattr vfs_acl_tdb vfs_posixacl + installs: nmbd (daemon) - Extended access control list support - default n - -config SAMBA4_SERVER_AD_DC - bool "Active Directory Domain Controller support (requires krb5-server) (EXPERIMENTAL)" - depends on PACKAGE_samba4-server - select PACKAGE_python-base - select PACKAGE_python-crypto - select PACKAGE_libopenssl - select PACKAGE_libgnutls - select PACKAGE_libopenldap - help - installs: samba (meta-daemon) python-crypt ntlm_auth - scripts: samba-tool - - Run as a Active Directory Domain Controller - see: https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller - HINT: see section (# Using the Domain Controller as a File Server) - NOTE: Extroot is recommend for this setup, as it is not optimized to run completely from RAM/tempfs! - default n + Announce Samba resources via NetBIOS using the nmbd daemon + WSD (Web Services for Devices) replaces the functionality of NetBIOS and is provided by the wsdd2 package (selected by default). + Note: As of Windows 10 Fall Creators Update (1709) NetBIOS isn't supported unless the old SMB1 feature is reinstalled (not recommended). + Network shares can be directly accessed via network paths '\\hostname\sharename' and mounted via 'map network drive' without NetBIOS or WSD. + default y config SAMBA4_SERVER_AVAHI bool "Avahi support" depends on PACKAGE_samba4-server select SAMBA4_SERVER_VFS - select PACKAGE_libavahi-client help Announce Samba resources via DNS/DNS-SD using the Avahi daemon, for Linux/Mac clients. default y @@ -41,20 +23,10 @@ config SAMBA4_SERVER_VFS depends on PACKAGE_samba4-server help installs: - modules: (vfs_btrfs) vfs_fruit vfs_shadow_copy2 vfs_recycle vfs_fake_perms vfs_readonly vfs_cap vfs_offline vfs_crossrename vfs_catia vfs_streams_xattr + modules: (vfs_btrfs) vfs_fruit vfs_shadow_copy2 vfs_recycle vfs_fake_perms vfs_readonly vfs_cap vfs_offline vfs_crossrename vfs_catia vfs_streams_xattr vfs_default_quota Commonly used VFS modules, vfs_btrfs requires kmod-fs-btrfs to be selected separately - default y - -config SAMBA4_SERVER_QUOTAS - bool "Disk quota support" - depends on PACKAGE_samba4-server - help - installs: - modules: vfs_default_quota - - Support for disk quotas using the quotas VFS module (vfs_default_quota) - default n + default y config SAMBA4_SERVER_VFSX bool "Extended VFS modules" @@ -66,26 +38,16 @@ config SAMBA4_SERVER_VFSX Additional VFS modules that aren't commonly used, vfs_linux_xfs_sgid requires kmod-fs-xfs to be selected separately default n -config SAMBA4_SERVER_NETBIOS - bool "NetBIOS support" +config SAMBA4_SERVER_AD_DC + bool "Active Directory Domain Controller support (EXPERIMENTAL)" depends on PACKAGE_samba4-server + select SAMBA4_SERVER_VFS help - installs: nmbd (daemon) + installs: samba (meta-daemon) PyCryptodome ntlm_auth + scripts: samba-tool - Announce Samba resources via NetBIOS using the nmbd daemon - WSD (Web Services for Devices) replaces the functionality of NetBIOS and is provided by the wsdd2 package (selected by default). - Note: As of Windows 10 Fall Creators Update (1709) NetBIOS isn't supported unless the old SMB1 feature is reinstalled (not recommended). - Network shares can be directly accessed via network paths '\\hostname\sharename' and mounted via 'map network drive' without NetBIOS or WSD. - default n - -config SAMBA4_SERVER_WINBIND - bool "Winbind support" - depends on PACKAGE_samba4-server - depends on SAMBA4_SERVER_AD_DC - help - installs: winbindd (daemon) wbinfo - - Support using domain users and groups in local commands, such as chown and chgrp. - Display domain users and groups in local command's output, such as ls. - see: https://wiki.samba.org/index.php/Configuring_Winbindd_on_a_Samba_AD_DC + Run as a Active Directory Domain Controller + see: https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller + HINT: see section (# Using the Domain Controller as a File Server) + NOTE: Extroot is recommend for this setup, as it is not optimized to run completely from RAM/tempfs! default n diff --git a/package/lean/samba4/Makefile b/package/lean/samba4/Makefile index e823114ed..8c8961cc4 100644 --- a/package/lean/samba4/Makefile +++ b/package/lean/samba4/Makefile @@ -2,41 +2,50 @@ include $(TOPDIR)/rules.mk PKG_NAME:=samba -PKG_VERSION:=4.9.2 -PKG_RELEASE:=3 +PKG_VERSION:=4.11.6 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:= \ + https://ftp.gwdg.de/pub/samba/stable/ \ + https://ftp.heanet.ie/mirrors/ftp.samba.org/stable/ \ + https://ftp.riken.jp/net/samba/samba/stable/ \ + http://www.nic.funet.fi/index/samba/pub/samba/stable/ \ + http://samba.mirror.bit.nl/samba/ftp/stable/ \ + https://download.samba.org/pub/samba/stable/ +PKG_HASH:=91438f4d7b71f673421435fa7f26b03b613f214139636ce50af35bc2ff09ef38 PKG_MAINTAINER:=Andy Walsh PKG_LICENSE:=GPL-3.0-only PKG_LICENSE_FILES:=COPYING +PKG_CPE_ID:=cpe:/a:samba:samba -PKG_SOURCE_URL:=https://download.samba.org/pub/samba/stable/ -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_HASH:=349c17b7bf1bf667167843470533da89ff1b2ca4a768b529aaacf5197af1efa2 - -# Buildroot bug? Can't add target deps via '+SAMBA4_SERVER_AD_DC:python-crypto' (as work-around we select via config.in) -PKG_BUILD_DEPENDS:=SAMBA4_SERVER_AD_DC:python-crypto nfs-kernel-server/host +# samba4=(asn1_compile,compile_et) rpcsvc-proto=(rpcgen) +HOST_BUILD_DEPENDS:=python3/host perl/host +PKG_BUILD_DEPENDS:=samba4/host libtasn1/host rpcsvc-proto/host PKG_CONFIG_DEPENDS:= \ CONFIG_SAMBA4_SERVER_NETBIOS \ CONFIG_SAMBA4_SERVER_AVAHI \ CONFIG_SAMBA4_SERVER_VFS \ CONFIG_SAMBA4_SERVER_VFSX \ - CONFIG_SAMBA4_SERVER_QUOTAS \ - CONFIG_SAMBA4_SERVER_ACL \ CONFIG_SAMBA4_SERVER_AD_DC \ - CONFIG_SAMBA4_SERVER_WINBIND \ CONFIG_PACKAGE_kmod-fs-btrfs \ CONFIG_PACKAGE_kmod-fs-xfs include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/host-build.mk include $(INCLUDE_DIR)/kernel.mk include $(INCLUDE_DIR)/version.mk +include $(TOPDIR)/feeds/packages/lang/python/python3-host.mk +#include $(TOPDIR)/feeds/packages/lang/python/python-package.mk +include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk define Package/samba4/Default SECTION:=net CATEGORY:=Network TITLE:=Samba $(PKG_VERSION) - URL:=http://www.samba.org/ + URL:=https://www.samba.org/ endef define Package/samba4/Default/description @@ -50,26 +59,27 @@ endef define Package/samba4-libs $(call Package/samba4/Default) TITLE+= libs - DEPENDS:= +zlib +libtirpc +krb5-libs +libpopt +libcap \ - +PACKAGE_libpthread:libpthread +PACKAGE_libnettle:libnettle \ - +PACKAGE_libgcrypt:libgcrypt +PACKAGE_libpam:libpam +PACKAGE_dbus:dbus +PACKAGE_libavahi-client:libavahi-client \ + DEPENDS:= +libtirpc +libreadline +libpopt +libcap +zlib +libgnutls +libtasn1 +libuuid +libopenssl +USE_GLIBC:libpthread \ + +PACKAGE_libpam:libpam \ +SAMBA4_SERVER_VFS:attr \ - +SAMBA4_SERVER_ACL:acl +SAMBA4_SERVER_ACL:attr \ + +SAMBA4_SERVER_VFSX:libaio \ +SAMBA4_SERVER_AVAHI:libavahi-client \ - +SAMBA4_SERVER_AD_DC:python-base +SAMBA4_SERVER_AD_DC:libopenssl +SAMBA4_SERVER_AD_DC:libgnutls +SAMBA4_SERVER_AD_DC:libopenldap +SAMBA4_SERVER_AD_DC:jansson +SAMBA4_SERVER_AD_DC:libarchive + +SAMBA4_SERVER_AD_DC:python3-cryptodome +SAMBA4_SERVER_AD_DC:libopenldap +SAMBA4_SERVER_AD_DC:jansson +SAMBA4_SERVER_AD_DC:libarchive +SAMBA4_SERVER_AD_DC:acl +SAMBA4_SERVER_AD_DC:attr endef define Package/samba4-server $(call Package/samba4/Default) TITLE+= server DEPENDS:= +samba4-libs + CONFLICTS:=samba36-server endef define Package/samba4-server/description - installs: smbd (daemon) smbpasswd pdbedit testparm + installs: smbd (nmbd) smbpasswd pdbedit testparm (nmblookup) (smbcacls sharesec) + (samba samba-tool ntlm_auth samba-gpupdate samba_dnsupdate samba_kcc samba_spnupdate samba_upgradedns samba_downgrade_db) - This provides the basic fileserver service and is the minimum needed to serve file shares. - HINT: https://fitzcarraldoblog.wordpress.com/2016/10/17/a-correct-method-of-configuring-samba-for-browsing-smb-shares-in-a-home-network/ + This provides the basic fileserver service and is the minimum needed to serve file shares. + HINT: https://fitzcarraldoblog.wordpress.com/2016/10/17/a-correct-method-of-configuring-samba-for-browsing-smb-shares-in-a-home-network/ endef define Package/samba4-server/config @@ -84,7 +94,7 @@ define Package/samba4-client endef define Package/samba4-client/description - installs: smbclient cifsdd + installs: cifsdd smbclient smbget The smbclient program implements a simple ftp-like client for accessing SMB shares endef @@ -96,7 +106,9 @@ define Package/samba4-admin endef define Package/samba4-admin/description - installs: net smbcontrol profiles rpcclient smbcacls smbcquotas + installs: net smbcontrol profiles rpcclient dbwrap_tool eventlogadm + ldbadd ldbdel ldbedit ldbmodify ldbrename ldbsearch + tdbbackup tdbdump tdbrestore tdbtool Administration tools collection endef @@ -108,28 +120,47 @@ define Package/samba4-utils endef define Package/samba4-utils/description - installs: smbstatus smbtree smbget nmblookup mvxattr + installs: smbstatus smbtree mvxattr smbtar smbcquotas Utilities collection endef -TARGET_CFLAGS += -ffunction-sections -fdata-sections -TARGET_LDFLAGS += -Wl,--gc-sections +TARGET_CFLAGS += $(FPIC) -ffunction-sections -fdata-sections -I$(STAGING_DIR)/usr/include/tirpc +TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed +# dont mess with sambas private rpath! +RSTRIP:=: CONFIGURE_VARS += \ CPP="$(TARGET_CROSS)cpp" CONFIGURE_CMD = ./buildtools/bin/waf +HOST_CONFIGURE_CMD = ./buildtools/bin/waf # Strip options that WAF configure script does not recognize CONFIGURE_ARGS:=$(filter-out \ - --host=% \ - --build=% \ - --program-suffix=% \ + --target=% \ + --host=% \ + --build=% \ + --program-prefix=% \ + --program-suffix=% \ --disable-nls \ --disable-ipv6 \ , $(CONFIGURE_ARGS)) +HOST_CONFIGURE_ARGS:=$(filter-out \ + --target=% \ + --host=% \ + --build=% \ + --program-prefix=% \ + --program-suffix=% \ + --disable-nls \ + --disable-ipv6 \ + , $(HOST_CONFIGURE_ARGS)) + +# Waf needs the "configure" argument +CONFIGURE_ARGS:=configure $(CONFIGURE_ARGS) +HOST_CONFIGURE_ARGS:=configure $(HOST_CONFIGURE_ARGS) + CONFIGURE_ARGS += \ --hostcc="$(HOSTCC)" \ --cross-compile \ @@ -139,6 +170,27 @@ CONFIGURE_ARGS += \ --disable-cephfs \ --disable-fault-handling \ --disable-glusterfs \ + --enable-fhs \ + --without-automount \ + --without-iconv \ + --without-lttng \ + --without-ntvfs-fileserver \ + --without-pam \ + --without-systemd \ + --without-utmp \ + --without-dmapi \ + --without-fam \ + --without-gettext \ + --without-regedit \ + --without-gpgme + +HOST_CONFIGURE_ARGS += \ + --hostcc="$(HOSTCC)" \ + --disable-cups \ + --disable-iprint \ + --disable-cephfs \ + --disable-fault-handling \ + --disable-glusterfs \ --disable-rpath \ --disable-rpath-install \ --disable-rpath-private-install \ @@ -156,6 +208,11 @@ CONFIGURE_ARGS += \ --without-regedit \ --without-gpgme +HOST_CONFIGURE_ARGS += --disable-avahi --without-quotas --without-acl-support --without-winbind \ + --without-ad-dc --without-json --without-libarchive --disable-python --nopyc --nopyo \ + --without-dnsupdate --without-ads --without-ldap --without-ldb-lmdb +HOST_CONFIGURE_VARS += python_LDFLAGS="" python_LIBDIR="" + # Optional AES-NI support - https://lists.samba.org/archive/samba-technical/2017-September/122738.html # Support for Nettle wasn't comitted ifdef CONFIG_TARGET_x86_64 @@ -170,121 +227,101 @@ CONFIGURE_ARGS += \ --with-piddir=/var/run \ --with-privatedir=/etc/samba -CONFIGURE_ARGS += \ - --with-system-mitkrb5 "$(STAGING_DIR)/usr" \ - --with-system-mitkdc=/usr/sbin/krb5kdc - - ## embedded-heimdal - # --bundled-libraries=talloc,tevent,tdb,ldb,com_err,cmocka,roken,wind,hx509,asn1,heimbase,hcrypto,krb5,gssapi,heimntlm,hdb,kdc,NONE - +# features +ifeq ($(CONFIG_SAMBA4_SERVER_VFS),y) + CONFIGURE_ARGS += --with-quotas +else + CONFIGURE_ARGS += --without-quotas +endif ifeq ($(CONFIG_SAMBA4_SERVER_AVAHI),y) CONFIGURE_ARGS += --enable-avahi else CONFIGURE_ARGS += --disable-avahi endif -ifeq ($(CONFIG_SAMBA4_SERVER_QUOTAS),y) - CONFIGURE_ARGS += --with-quotas -else - CONFIGURE_ARGS += --without-quotas -endif -ifeq ($(CONFIG_SAMBA4_SERVER_ACL),y) - CONFIGURE_ARGS += --with-acl-support -else - CONFIGURE_ARGS += --without-acl-support -endif + +# NOTE: We need host python-bin, but target python-config here! +CONFIGURE_VARS += python_LDFLAGS="" python_LIBDIR="" ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y) - CONFIGURE_ARGS += --enable-gnutls --with-dnsupdate --with-ads --with-ldap - TARGET_CFLAGS := -I$(STAGING_DIR)/usr/include/python2.7 $(TARGET_CFLAGS) -else - CONFIGURE_ARGS += --without-ad-dc --without-json-audit --without-libarchive --disable-python --nopyc --nopyo --disable-gnutls --without-dnsupdate --without-ads --without-ldap + CONFIGURE_ARGS += --without-winbind --without-ldb-lmdb --with-acl-support CONFIGURE_VARS += \ - python_LDFLAGS="" \ - python_LIBDIR="" -endif -ifeq ($(CONFIG_SAMBA4_SERVER_WINBIND),y) - CONFIGURE_ARGS += --with-winbind + PYTHON="$(HOST_PYTHON3_BIN)" \ + PYTHON_CONFIG="$(STAGING_DIR)/host/bin/$(PYTHON3)-config" else - CONFIGURE_ARGS += --without-winbind + CONFIGURE_ARGS += --without-winbind --without-ads --without-ldap --without-ldb-lmdb --without-ad-dc \ + --without-json --without-libarchive --disable-python --nopyc --nopyo --without-dnsupdate --without-acl-support endif -SAMBA4_IDMAP_MODULES := -SAMBA4_IDMAP_MODULES_SHARED := SAMBA4_PDB_MODULES :=pdb_smbpasswd,pdb_tdbsam, SAMBA4_AUTH_MODULES :=auth_builtin,auth_sam,auth_unix,auth_script, SAMBA4_VFS_MODULES :=vfs_default, +SAMBA4_VFS_MODULES_SHARED := ifeq ($(CONFIG_SAMBA4_SERVER_VFS),y) - SAMBA4_VFS_MODULES :=$(SAMBA4_VFS_MODULES)vfs_fruit,vfs_shadow_copy2,vfs_recycle,vfs_fake_perms,vfs_readonly,vfs_cap,vfs_offline,vfs_crossrename,vfs_catia,vfs_streams_xattr,vfs_xattr_tdb, + SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_fruit,vfs_shadow_copy2,vfs_recycle,vfs_fake_perms,vfs_readonly,vfs_cap,vfs_offline,vfs_crossrename,vfs_catia,vfs_streams_xattr,vfs_xattr_tdb,vfs_default_quota, ifeq ($(CONFIG_PACKAGE_kmod-fs-btrfs),y) - SAMBA4_VFS_MODULES :=$(SAMBA4_VFS_MODULES)vfs_btrfs, + SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_btrfs, endif endif ifeq ($(CONFIG_SAMBA4_SERVER_VFSX),y) - SAMBA4_VFS_MODULES :=$(SAMBA4_VFS_MODULES)vfs_virusfilter,vfs_shell_snap,vfs_commit,vfs_worm,vfs_aio_fork,vfs_aio_pthread,vfs_netatalk,vfs_dirsort,vfs_fileid, + SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_virusfilter,vfs_shell_snap,vfs_commit,vfs_worm,vfs_aio_fork,vfs_aio_pthread,vfs_netatalk,vfs_dirsort,vfs_fileid, ifeq ($(CONFIG_PACKAGE_kmod-fs-xfs),y) - SAMBA4_VFS_MODULES :=$(SAMBA4_VFS_MODULES)vfs_linux_xfs_sgid, + SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_linux_xfs_sgid, endif endif -ifeq ($(CONFIG_SAMBA4_SERVER_QUOTAS),y) - SAMBA4_VFS_MODULES :=$(SAMBA4_VFS_MODULES)vfs_default_quota, -endif -ifeq ($(CONFIG_SAMBA4_SERVER_ACL),y) - SAMBA4_VFS_MODULES :=$(SAMBA4_VFS_MODULES)vfs_posixacl,vfs_acl_xattr,vfs_acl_tdb, +ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y) + SAMBA4_PDB_MODULES :=$(SAMBA4_PDB_MODULES)pdb_samba_dsdb,pdb_ldapsam, + SAMBA4_AUTH_MODULES :=$(SAMBA4_AUTH_MODULES)auth_samba4, + SAMBA4_VFS_MODULES :=$(SAMBA4_VFS_MODULES)vfs_posixacl, + SAMBA4_VFS_MODULES_SHARED :=$(SAMBA4_VFS_MODULES_SHARED)vfs_audit,vfs_extd_audit,vfs_full_audit,vfs_acl_xattr,vfs_acl_tdb, # vfs_zfsacl needs https://github.com/zfsonlinux/zfs/tree/master/include/sys/zfs_acl.h # vfs_nfs4acl_xattr needs https://github.com/notriddle/libdrpc/blob/master/rpc/xdr.h endif -ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y) - SAMBA4_PDB_MODULES :=$(SAMBA4_PDB_MODULES)pdb_samba_dsdb, - SAMBA4_AUTH_MODULES :=$(SAMBA4_AUTH_MODULES)auth_samba4, - SAMBA4_VFS_MODULES :=$(SAMBA4_VFS_MODULES)vfs_audit,vfs_extd_audit,vfs_full_audit, -endif -ifeq ($(CONFIG_SAMBA4_SERVER_WINBIND),y) - SAMBA4_IDMAP_MODULES :=$(SAMBA4_IDMAP_MODULES)idmap_passdb,idmap_nss,idmap_tdb,idmap_tdb2,idmap_script,nss_info_template, - SAMBA4_IDMAP_MODULES_SHARED :=$(SAMBA4_IDMAP_MODULES_SHARED)idmap_autorid,idmap_rid,idmap_ad,idmap_rfc2307, - # idmap_ad needs --with-ads - # idmap_rfc2307 needs ldap headers - SAMBA4_AUTH_MODULES :=$(SAMBA4_AUTH_MODULES)auth_winbind, -endif -SAMBA4_MODULES :=${SAMBA4_AUTH_MODULES}${SAMBA4_PDB_MODULES}${SAMBA4_IDMAP_MODULES}${SAMBA4_VFS_MODULES} -SAMBA4_MODULES_SHARDED :=${SAMBA4_IDMAP_MODULES_SHARED} +SAMBA4_MODULES :=${SAMBA4_VFS_MODULES}${SAMBA4_AUTH_MODULES}${SAMBA4_PDB_MODULES} +SAMBA4_MODULES_SHARDED :=${SAMBA4_VFS_MODULES_SHARED} CONFIGURE_ARGS += \ --with-static-modules=$(SAMBA4_MODULES)!DEFAULT,!FORCED \ --with-shared-modules=$(SAMBA4_MODULES_SHARDED)!DEFAULT,!FORCED -# Setup build/install targets -# CONFIG_PACKAGE_samba4-server -BUILD_TARGETS_SERVER :=smbd/smbd,smbpasswd,pdbedit,testparm -# Optional server targets -ifeq ($(CONFIG_SAMBA4_SERVER_ACL),y) - BUILD_TARGETS_SERVER :=$(BUILD_TARGETS_SERVER),sharesec -endif -ifeq ($(CONFIG_SAMBA4_SERVER_NETBIOS),y) - BUILD_TARGETS_SERVER :=$(BUILD_TARGETS_SERVER),nmbd -endif -ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y) - BUILD_TARGETS_SERVER :=$(BUILD_TARGETS_SERVER),samba,nsstest,ntlm_auth -endif -ifeq ($(CONFIG_SAMBA4_SERVER_WINBIND),y) - BUILD_TARGETS_SERVER :=$(BUILD_TARGETS_SERVER),winbindd,wbinfo,winbind_krb5_locator -endif -# CONFIG_PACKAGE_samba4-client -BUILD_TARGETS_CLIENT :=client/smbclient,client/cifsdd -# CONFIG_PACKAGE_samba4-admin -BUILD_TARGETS_ADMIN :=net,smbcontrol,profiles,rpcclient,smbcacls,smbcquotas -# CONFIG_PACKAGE_samba4-utils -BUILD_TARGETS_UTILS :=smbstatus,smbtree,smbget,mvxattr,nmblookup +HOST_CONFIGURE_ARGS += \ + --with-static-modules=!DEFAULT,!FORCED \ + --with-shared-modules=!DEFAULT,!FORCED # lib bundling +PY_VER:=$(PYTHON3_VERSION_MAJOR)$(PYTHON3_VERSION_MINOR) # NOTE: bundle + make private, we want to avoid version configuration (build, link) conflicts -CONFIGURE_ARGS += --builtin-libraries=talloc,tevent,texpect,tdb,ldb,tdr,cmocka,replace -#CONFIGURE_ARGS += --nonshared-binary=$(BUILD_TARGETS_SERVER) +HOST_CONFIGURE_ARGS += --builtin-libraries=replace --nonshared-binary=asn1_compile,compile_et +SYSTEM_BUNDLED_LIBS:=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka,replace,com_err +PYTHON_BUNDLED_LIBS:=pytalloc-util.cpython-$(PY_VER),pyldb-util.cpython-$(PY_VER) +# CONFIGURE_ARGS += --builtin-libraries=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka,com_err ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y) -CONFIGURE_ARGS += --bundled-libraries=talloc,tevent,texpect,tdb,ldb,tdr,cmocka,replace,pytalloc-util,pyldb-util,NONE + CONFIGURE_ARGS += --bundled-libraries=NONE,$(SYSTEM_BUNDLED_LIBS),$(PYTHON_BUNDLED_LIBS) else -CONFIGURE_ARGS += --bundled-libraries=talloc,tevent,texpect,tdb,ldb,tdr,cmocka,replace,NONE + CONFIGURE_ARGS += --bundled-libraries=NONE,$(SYSTEM_BUNDLED_LIBS) endif -CONFIGURE_ARGS += --private-libraries=talloc,tevent,texpect,tdb,ldb,tdr,cmocka,replace +CONFIGURE_ARGS += --private-libraries=$(SYSTEM_BUNDLED_LIBS) + +export COMPILE_ET=$(STAGING_DIR_HOSTPKG)/bin/compile_et_samba +export ASN1_COMPILE=$(STAGING_DIR_HOSTPKG)/bin/asn1_compile_samba + +# we dont need GnuTLS for the host helpers +define Host/Prepare + $(call Host/Prepare/Default) + $(SED) 's,mandatory=True,mandatory=False,g' $(HOST_BUILD_DIR)/wscript_configure_system_gnutls +endef +define Host/Compile + (cd $(HOST_BUILD_DIR); \ + ./buildtools/bin/waf build \ + --targets=asn1_compile,compile_et \ + ) +endef + +define Host/Install + $(INSTALL_DIR) $(STAGING_DIR_HOSTPKG)/bin/ + # add host tools suffix, prevent conflicts with krb5 + $(INSTALL_BIN) $(HOST_BUILD_DIR)/bin/asn1_compile $(STAGING_DIR_HOSTPKG)/bin/asn1_compile_samba + $(INSTALL_BIN) $(HOST_BUILD_DIR)/bin/compile_et $(STAGING_DIR_HOSTPKG)/bin/compile_et_samba +endef define Build/Prepare $(Build/Prepare/Default) @@ -298,19 +335,21 @@ endef define Build/Configure $(CP) ./waf-cross-answers/$(ARCH).txt $(PKG_BUILD_DIR)/cross-answers.txt + echo 'Checking uname sysname type: "$(VERSION_DIST)"' >> $(PKG_BUILD_DIR)/cross-answers.txt echo 'Checking uname machine type: "$(ARCH)"' >> $(PKG_BUILD_DIR)/cross-answers.txt echo 'Checking uname release type: "$(LINUX_VERSION)"' >> $(PKG_BUILD_DIR)/cross-answers.txt echo 'Checking uname version type: "$(VERSION_DIST) Linux-$(LINUX_VERSION) $(shell date +%Y-%m-%d)"' >> $(PKG_BUILD_DIR)/cross-answers.txt - # NOTE: For some unknown reason this answer is not needed on some hosts/distros, yet needed on others? + # NOTE: special answers for freeBSD/CircleCI echo 'Checking whether POSIX capabilities are available: OK' >> $(PKG_BUILD_DIR)/cross-answers.txt - $(call Build/Configure/Default,configure) + echo 'checking for clnt_create(): OK' >> $(PKG_BUILD_DIR)/cross-answers.txt + $(call Build/Configure/Default) endef -# BUG: We need to use "waf install --targets=" otherwise a "make install" or "waf install" will retrigger a full recompile of all possible targets! +# Build via "waf install", avoid the make wrapper. (Samba logic is 'waf install' = build + install) define Build/Compile (cd $(PKG_BUILD_DIR); \ - ./buildtools/bin/waf install -j$(shell nproc) \ - --targets=$(SAMBA4_MODULES)$(SAMBA4_MODULES_SHARDED)$(BUILD_TARGETS_SERVER),$(BUILD_TARGETS_UTILS),$(BUILD_TARGETS_ADMIN),$(BUILD_TARGETS_CLIENT) \ + ./buildtools/bin/waf install \ + --jobs=$(shell nproc) \ --destdir="$(PKG_INSTALL_DIR)" \ ) endef @@ -322,59 +361,55 @@ endef define Package/samba4-libs/install $(INSTALL_DIR) $(1)/usr/lib $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/*.so* $(1)/usr/lib/ + # rpath-install + $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba $(1)/usr/lib/ endef define Package/samba4-client/install $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{smbclient,cifsdd} $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{cifsdd,smbclient,smbget} $(1)/usr/bin/ endef define Package/samba4-admin/install $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{net,smbcontrol,profiles,rpcclient,smbcacls,smbcquotas} $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{net,smbcontrol,profiles,rpcclient,dbwrap_tool} $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{ldbadd,ldbdel,ldbedit,ldbmodify,ldbrename,ldbsearch} $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{tdbbackup,tdbdump,tdbrestore,tdbtool} $(1)/usr/bin/ + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/eventlogadm $(1)/usr/sbin/ endef define Package/samba4-utils/install $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{smbstatus,smbtree,smbget,mvxattr,nmblookup} $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{smbstatus,smbtree,mvxattr,smbtar} $(1)/usr/bin/ +ifeq ($(CONFIG_SAMBA4_SERVER_VFS),y) + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/smbcquotas $(1)/usr/bin/ +endif endef define Package/samba4-server/install - $(INSTALL_DIR) $(1)/usr/lib/samba - if [ -d $(PKG_INSTALL_DIR)/usr/lib/samba/idmap ]; then \ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/idmap $(1)/usr/lib/samba/; \ - fi - if [ -d $(PKG_INSTALL_DIR)/usr/lib/samba/auth ]; then \ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/auth $(1)/usr/lib/samba/; \ - fi - if [ -d $(PKG_INSTALL_DIR)/usr/lib/samba/vfs ]; then \ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/vfs $(1)/usr/lib/samba/; \ - fi - if [ -d $(PKG_INSTALL_DIR)/usr/lib/samba/pdb ]; then \ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/pdb $(1)/usr/lib/samba/; \ - fi $(INSTALL_DIR) $(1)/usr/bin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{smbpasswd,pdbedit,testparm} $(1)/usr/bin/ $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/smbd $(1)/usr/sbin/ -ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y) - $(CP) $(PKG_INSTALL_DIR)/usr/lib/python2.7 $(1)/usr/lib/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{samba-tool,ntlm_auth,smbtar} $(1)/usr/bin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{samba,samba-gpupdate,samba_dnsupdate,samba_kcc,samba_spnupdate,samba_upgradedns} $(1)/usr/sbin/ -endif ifeq ($(CONFIG_SAMBA4_SERVER_NETBIOS),y) $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/nmbd $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/nmblookup $(1)/usr/bin/ endif -ifeq ($(CONFIG_SAMBA4_SERVER_WINBIND),y) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/wbinfo $(1)/usr/bin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/winbindd $(1)/usr/sbin/ -endif -ifeq ($(CONFIG_SAMBA4_SERVER_ACL),y) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sharesec $(1)/usr/bin/ +ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y) + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/$(PYTHON3) $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/share/ + $(CP) $(PKG_INSTALL_DIR)/usr/share/samba $(1)/usr/share/ + # fix wrong hardcoded python3 location + $(SED) '1s,^#!/.*python3.*,#!/usr/bin/python3,' $(PKG_INSTALL_DIR)/usr/bin/samba-tool + $(SED) '1s,^#!/.*python3.*,#!/usr/bin/python3,' $(PKG_INSTALL_DIR)/usr/sbin/{samba-gpupdate,samba_dnsupdate,samba_kcc,samba_spnupdate,samba_upgradedns,samba_downgrade_db} + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{samba-tool,ntlm_auth,oLschema2ldif} $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{sharesec,smbcacls} $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{samba,samba-gpupdate,samba_dnsupdate,samba_kcc,samba_spnupdate,samba_upgradedns,samba_downgrade_db} $(1)/usr/sbin/ endif $(INSTALL_DIR) $(1)/etc/config $(1)/etc/samba $(1)/etc/init.d - $(INSTALL_DATA) ./files/samba.config $(1)/etc/config/samba4 + $(INSTALL_CONF) ./files/samba.config $(1)/etc/config/samba4 $(INSTALL_DATA) ./files/smb.conf.template $(1)/etc/samba $(INSTALL_BIN) ./files/samba.init $(1)/etc/init.d/samba4 endef @@ -386,11 +421,12 @@ define Package/samba4-server/conffiles /etc/samba/smbpasswd /etc/samba/secrets.tdb /etc/samba/passdb.tdb -/etc/samba/idmap.ldb /etc/samba/lmhosts /etc/nsswitch.conf +/etc/krb5.conf endef +$(eval $(call HostBuild)) $(eval $(call BuildPackage,samba4-libs)) $(eval $(call BuildPackage,samba4-server)) $(eval $(call BuildPackage,samba4-client)) diff --git a/package/lean/samba4/files/samba.config b/package/lean/samba4/files/samba.config index 332bb2791..38983aa91 100644 --- a/package/lean/samba4/files/samba.config +++ b/package/lean/samba4/files/samba.config @@ -2,5 +2,3 @@ config samba option 'workgroup' 'WORKGROUP' option 'description' 'Samba on OpenWrt' option 'charset' 'UTF-8' - option 'homes' '0' - diff --git a/package/lean/samba4/files/samba.init b/package/lean/samba4/files/samba.init index 09714f016..92313cf48 100644 --- a/package/lean/samba4/files/samba.init +++ b/package/lean/samba4/files/samba.init @@ -3,34 +3,40 @@ START=98 USE_PROCD=1 +SAMBA_IFACE="" + smb_header() { - config_get samba_iface $1 interface "loopback lan" + config_get SAMBA_IFACE $1 interface "lan" # resolve interfaces - local interfaces=$( + local interfaces + interfaces=$( . /lib/functions/network.sh local net - for net in $samba_iface; do + for net in $SAMBA_IFACE; do local device network_is_up $net || continue network_get_device device "$net" - echo -n "${device:-$net} " + printf "%s " "${device:-$net}" done ) local workgroup description charset # we dont use netbios anymore as default and wsd/avahi is dns based - local hostname="$(cat /proc/sys/kernel/hostname)" + local hostname + hostname="$(cat /proc/sys/kernel/hostname)" - config_get workgroup $1 workgroup "WORKGROUP" - config_get description $1 description "Samba on OpenWrt" - config_get charset $1 charset "UTF-8" - - config_get_bool MACOS $1 macos 0 - config_get_bool DISABLE_NETBIOS $1 disable_netbios 0 - config_get_bool DISABLE_AD_DC $1 disable_ad_dc 0 - config_get_bool DISABLE_WINBIND $1 disable_winbind 0 + config_get workgroup $1 workgroup "WORKGROUP" + config_get description $1 description "Samba on OpenWrt" + config_get charset $1 charset "UTF-8" + + config_get_bool MACOS $1 macos 0 + config_get_bool DISABLE_NETBIOS $1 disable_netbios 0 + config_get_bool DISABLE_AD_DC $1 disable_ad_dc 0 + config_get_bool DISABLE_WINBIND $1 disable_winbind 0 + config_get_bool DISABLE_ASYNC_IO $1 disable_async_io 0 + config_get_bool ALLOW_LEGACY_PROTOCOLS $1 allow_legacy_protocols 0 mkdir -p /var/etc sed -e "s#|NAME|#$hostname#g" \ @@ -40,26 +46,35 @@ smb_header() { -e "s#|CHARSET|#$charset#g" \ /etc/samba/smb.conf.template > /var/etc/smb.conf - echo -e "\n######### Dynamic written config options #########\n" >> /var/etc/smb.conf - if [ "$DISABLE_NETBIOS" -eq 1 ] || [ ! -x /usr/sbin/nmbd ]; then - echo -e "\tdisable netbios = yes" >> /var/etc/smb.conf + { + printf "\n######### Dynamic written config options #########\n" + if [ "$DISABLE_NETBIOS" -eq 1 ] || [ ! -x /usr/sbin/nmbd ]; then + printf "\tdisable netbios = yes\n" + # note: samba opens port 139 even if netbios is disabled via option above, so adjust listening ports + printf "\tsmb ports = 445\n" + fi + + if [ "$DISABLE_ASYNC_IO" -eq 1 ]; then + printf "\taio read size = 0\n" + printf "\taio write size = 0\n" + # sendfile bug: https://bugzilla.samba.org/show_bug.cgi?id=14095 + printf "\tuse sendfile = no\n" + fi + + if [ "$ALLOW_LEGACY_PROTOCOLS" -eq 1 ]; then + logger -p daemon.info -t 'samba4-server' "Legacy Protocols allowed, don't use this option for secure environments!" + printf "\tserver min protocol = NT1\n" + printf "\tlanman auth = yes\n" + printf "\tntlm auth = ntlmv1-permitted\n" + fi + } >> /var/etc/smb.conf + + [ -e /etc/samba/smb.conf ] || ln -nsf /var/etc/smb.conf /etc/samba/smb.conf + + if [ ! -L /etc/samba/smb.conf ]; then + logger -p daemon.warn -t 'samba4-server' "Local custom /etc/samba/smb.conf file detected, all luci/config settings are ignored!" fi - local homes - config_get_bool homes $1 homes 0 - [ $homes -gt 0 ] && { - cat <> /var/etc/smb.conf - -[homes] - comment = Home Directories - browsable = no - writable = yes - read only = no - create mask = 0750 -EOT - } - - [ -L /etc/samba/smb.conf ] || ln -nsf /var/etc/smb.conf /etc/samba/smb.conf } smb_add_share() { @@ -70,6 +85,7 @@ smb_add_share() { local dir_mask local browseable local read_only + local writeable local guest_ok local guest_only local inherit_owner @@ -77,6 +93,8 @@ smb_add_share() { local timemachine local timemachine_maxsize local force_root + local write_list + local read_list config_get name $1 name config_get path $1 path @@ -85,6 +103,7 @@ smb_add_share() { config_get dir_mask $1 dir_mask config_get browseable $1 browseable config_get read_only $1 read_only + config_get writeable $1 writeable config_get guest_ok $1 guest_ok config_get guest_only $1 guest_only config_get inherit_owner $1 inherit_owner @@ -92,40 +111,48 @@ smb_add_share() { config_get_bool timemachine $1 timemachine 0 config_get timemachine_maxsize $1 timemachine_maxsize config_get_bool force_root $1 force_root 0 + config_get write_list $1 write_list + config_get read_list $1 read_list - [ -z "$name" -o -z "$path" ] && return + [ -z "$name" ] || [ -z "$path" ] && return - echo -e "\n[$name]\n\tpath = $path" >> /var/etc/smb.conf - - if [ "$force_root" -eq 1 ]; then - echo -e "\tforce user = root" >> /var/etc/smb.conf - echo -e "\tforce group = root" >> /var/etc/smb.conf - else - [ -n "$users" ] && echo -e "\tvalid users = $users" >> /var/etc/smb.conf - fi + { + printf "\n[$name]\n\tpath = %s\n" "$path" - [ -n "$create_mask" ] && echo -e "\tcreate mask = $create_mask" >> /var/etc/smb.conf - [ -n "$dir_mask" ] && echo -e "\tdirectory mask = $dir_mask" >> /var/etc/smb.conf - - [ -n "$browseable" ] && echo -e "\tbrowseable = $browseable" >> /var/etc/smb.conf - [ -n "$read_only" ] && echo -e "\tread only = $read_only" >> /var/etc/smb.conf - [ -n "$guest_ok" ] && echo -e "\tguest ok = $guest_ok" >> /var/etc/smb.conf - [ -n "$guest_only" ] && echo -e "\tguest only = $guest_only" >> /var/etc/smb.conf - [ -n "$inherit_owner" ] && echo -e "\tinherit owner = $inherit_owner" >> /var/etc/smb.conf - - if [ "$MACOS" -eq 1 ]; then - vfs_objects="catia fruit streams_xattr $vfs_objects" - echo -e "\tfruit:encoding = native" >> /var/etc/smb.conf - echo -e "\tfruit:metadata = stream" >> /var/etc/smb.conf - echo -e "\tfruit:veto_appledouble = no" >> /var/etc/smb.conf - # avoid mixed shares order for aapl - if [ "$timemachine" -eq 1 ]; then - echo -e "\tfruit:time machine = yes" >> /var/etc/smb.conf - [ -n "$timemachine_maxsize" ] && echo -e "\tfruit:time machine max size = ${timemachine_maxsize}G" >> /var/etc/smb.conf + if [ "$force_root" -eq 1 ]; then + printf "\tforce user = root\n" + printf "\tforce group = root\n" + else + [ -n "$users" ] && printf "\tvalid users = %s\n" "$users" fi - fi - - [ -n "$vfs_objects" ] && echo -e "\tvfs objects = $vfs_objects" >> /var/etc/smb.conf + + [ -n "$create_mask" ] && printf "\tcreate mask = %s\n" "$create_mask" + [ -n "$dir_mask" ] && printf "\tdirectory mask = %s\n" "$dir_mask" + + [ -n "$browseable" ] && printf "\tbrowseable = %s\n" "$browseable" + [ -n "$read_only" ] && printf "\tread only = %s\n" "$read_only" + [ -n "$writeable" ] && printf "\twriteable = %s\n" "$writeable" + [ -n "$guest_ok" ] && printf "\tguest ok = %s\n" "$guest_ok" + [ -n "$guest_only" ] && printf "\tguest only = %s\n" "$guest_only" + [ -n "$inherit_owner" ] && printf "\tinherit owner = %s\n" "$inherit_owner" + + [ -n "$write_list" ] && printf "\twrite list = %s\n" "$write_list" + [ -n "$read_list" ] && printf "\tread list = %s\n" "$read_list" + + if [ "$MACOS" -eq 1 ]; then + vfs_objects="catia fruit streams_xattr $vfs_objects" + printf "\tfruit:encoding = native\n" + printf "\tfruit:metadata = stream\n" + printf "\tfruit:veto_appledouble = no\n" + # avoid mixed shares order for aapl + if [ "$timemachine" -eq 1 ]; then + printf "\tfruit:time machine = yes\n" + [ -n "$timemachine_maxsize" ] && printf "\tfruit:time machine max size = %sG\n" "${timemachine_maxsize}" + fi + fi + + [ -n "$vfs_objects" ] && printf "\tvfs objects = %s\n" "$vfs_objects" + } >> /var/etc/smb.conf } init_config() { @@ -134,10 +161,8 @@ init_config() { [ -d /var/cache/samba ] || mkdir -p /var/cache/samba [ -d /var/run/samba ] || mkdir -p /var/run/samba [ -d /var/log/samba ] || mkdir -p /var/log/samba - [ -d /var/lock ] && chmod 0755 /var/lock || { - mkdir -p /var/lock - chmod 0755 /var/lock - } + [ -d /var/lock ] || mkdir -p /var/lock + chmod 0755 /var/lock config_load samba4 config_foreach smb_header samba @@ -145,56 +170,63 @@ init_config() { } service_triggers() { - PROCD_RELOAD_DELAY=2000 - + # PROCD_RELOAD_DELAY=1000 + procd_add_reload_trigger "dhcp" "system" "samba4" - + local i - for i in $samba_iface; do + for i in $SAMBA_IFACE; do procd_add_reload_interface_trigger $i done } start_service() { init_config + + if [ ! -e /etc/samba/smb.conf ]; then + logger -p daemon.error -t 'samba4-server' "missing config /etc/samba/smb.conf!" + exit 1 + fi + + local nice_value + config_get nice_value extra samba_nice 0 # start main AD-DC daemon, will spawn (smbd,nmbd,winbindd) as needed/configured. if [ "$DISABLE_AD_DC" -ne 1 ] && [ -x /usr/sbin/samba ]; then procd_open_instance procd_set_param command /usr/sbin/samba -F + procd_set_param nice $nice_value procd_set_param respawn - procd_set_param file /var/etc/smb.conf + procd_set_param file /etc/samba/smb.conf + procd_set_param limits nofile=16384 procd_close_instance else # start fileserver daemon procd_open_instance procd_set_param command /usr/sbin/smbd -F + procd_set_param nice $nice_value procd_set_param respawn - procd_set_param file /var/etc/smb.conf + procd_set_param file /etc/samba/smb.conf + procd_set_param limits nofile=16384 procd_close_instance # start netbios daemon if [ "$DISABLE_NETBIOS" -ne 1 ] && [ -x /usr/sbin/nmbd ]; then procd_open_instance procd_set_param command /usr/sbin/nmbd -F + procd_set_param nice $nice_value procd_set_param respawn - procd_set_param file /var/etc/smb.conf + procd_set_param file /etc/samba/smb.conf procd_close_instance fi # start winbind daemon if [ "$DISABLE_WINBIND" -ne 1 ] && [ -x /usr/sbin/winbindd ]; then procd_open_instance procd_set_param command /usr/sbin/winbindd -F + procd_set_param nice $nice_value procd_set_param respawn - procd_set_param file /var/etc/smb.conf + procd_set_param file /etc/samba/smb.conf procd_close_instance fi fi - # lower priority using renice (if found) - if [ -x /usr/bin/renice ]; then - [ -x /usr/sbin/samba ] && renice -n 2 $(pidof samba) - [ -x /usr/sbin/smbd ] && renice -n 2 $(pidof smbd) - [ -x /usr/sbin/nmbd ] && renice -n 2 $(pidof nmbd) - [ -x /usr/sbin/winbindd ] && renice -n 2 $(pidof winbindd) - fi } diff --git a/package/lean/samba4/files/smb.conf.template b/package/lean/samba4/files/smb.conf.template index 9c18184b3..162559820 100644 --- a/package/lean/samba4/files/smb.conf.template +++ b/package/lean/samba4/files/smb.conf.template @@ -7,73 +7,87 @@ ## This global parameter allows the Samba admin to limit what interfaces on a machine will serve SMB requests. bind interfaces only = yes - + ## time for inactive connections to-be closed in minutes deadtime = 15 - + ## disable core dumps enable core files = no - + ## set security (auto, user, domain, ads) security = user - + ## This parameter controls whether a remote client is allowed or required to use SMB encryption. ## It has different effects depending on whether the connection uses SMB1 or SMB2 and newer: ## If the connection uses SMB1, then this option controls the use of a Samba-specific extension to the SMB protocol introduced in Samba 3.2 that makes use of the Unix extensions. ## If the connection uses SMB2 or newer, then this option controls the use of the SMB-level encryption that is supported in SMB version 3.0 and above and available in Windows 8 and newer. - ##(default/auto,desired,required,off) + ## (default/auto,desired,required,off) #smb encrypt = default - + ## set invalid users invalid users = root - + ## map unknow users to guest map to guest = Bad User ## allow client access to accounts that have null passwords. null passwords = yes - + ## The old plaintext passdb backend. Some Samba features will not work if this passdb backend is used. (NOTE: enabled for size reasons) ## (tdbsam,smbpasswd,ldapsam) passdb backend = smbpasswd - + ## Set location of smbpasswd ('smbd -b' will show default compiled location) #smb passwd file = /etc/samba/smbpasswd - + ## LAN/WAN options (IPTOS_LOWDELAY TCP_NODELAY) WAN (IPTOS_THROUGHPUT) socket options = IPTOS_LOWDELAY TCP_NODELAY - - ## lower CPU useage if supported - use sendfile = yes - + + ## If this integer parameter is set to a non-zero value, Samba will read from files asynchronously when the request size is bigger than this value. + ## Note that it happens only for non-chained and non-chaining reads and when not using write cache. + ## The only reasonable values for this parameter are 0 (no async I/O) and 1 (always do async I/O). + ## (1/0) + #aio read size = 0 + #aio write size = 0 + + ## If Samba has been built with asynchronous I/O support, Samba will not wait until write requests are finished before returning the result to the client for files listed in this parameter. + ## Instead, Samba will immediately return that the write request has been finished successfully, no matter if the operation will succeed or not. + ## This might speed up clients without aio support, but is really dangerous, because data could be lost and files could be damaged. + #aio write behind = /*.tmp/ + + ## lower CPU useage if supported and aio is disabled (aio read size = 0 ; aio write size = 0) + ## currently broken (NOTE: see https://bugzilla.samba.org/show_bug.cgi?id=14095 ) + ## (no, yes) + #use sendfile = yes + ## samba will behave as previous versions of Samba would and will fail the lock request immediately if the lock range cannot be obtained. #blocking locks = No - + ## disable loading of all printcap printers by default (iprint, cups, lpstat) load printers = No printcap name = /dev/null ## Enabling this parameter will disable Samba's support for the SPOOLSS set of MS-RPC's. disable spoolss = yes - + ## This parameters controls how printer status information is interpreted on your system. ## (BSD, AIX, LPRNG, PLP, SYSV, HPUX, QNX, SOFTQ) printing = bsd - + ## Disable that nmbd is acting as a WINS server for unknow netbios names #dns proxy = No - + ## win/unix user mapping backend #idmap config * : backend = tdb - + ## Allows the server name that is advertised through MDNS to be set to the hostname rather than the Samba NETBIOS name. ## This allows an administrator to make Samba registered MDNS records match the case of the hostname rather than being in all capitals. ## (netbios, mdns) mdns name = mdns - + ## Clients that only support netbios won't be able to see your samba server when netbios support is disabled. #disable netbios = Yes - + ## Setting this value to no will cause nmbd never to become a local master browser. #local master = no @@ -83,21 +97,21 @@ ## (445 139) Specifies which ports the server should listen on for SMB traffic. ## 139 is netbios/nmbd #smb ports = 445 139 - + ## This is a list of files and directories that are neither visible nor accessible. ## Each entry in the list must be separated by a '/', which allows spaces to be included in the entry. '*' and '?' can be used to specify multiple files or directories as in DOS wildcards. veto files = /Thumbs.db/.DS_Store/._.DS_Store/.apdisk/ - + ## If a directory that is to be deleted contains nothing but veto files this deletion will fail unless you also set the delete veto files parameter to yes. delete veto files = yes - + ################ Filesystem and creation rules ################ ## reported filesystem type (NTFS,Samba,FAT) #fstype = FAT - + ## Allows a user who has write access to the file (by whatever means, including an ACL permission) to modify the permissions (including ACL) on it. #dos filemode = Yes - + ## file/dir creating rules #create mask = 0666 #directory mask = 0777 diff --git a/package/lean/samba4/patches/003-getpwent_r.patch b/package/lean/samba4/patches/003-getpwent_r.patch new file mode 100644 index 000000000..99ebedacf --- /dev/null +++ b/package/lean/samba4/patches/003-getpwent_r.patch @@ -0,0 +1,80 @@ +diff --git a/source4/torture/local/nss_tests.c b/source4/torture/local/nss_tests.c +index 2cd6122..04f13c6 100644 +--- a/source4/torture/local/nss_tests.c ++++ b/source4/torture/local/nss_tests.c +@@ -247,7 +247,6 @@ static bool test_getgrnam_r(struct torture_context *tctx, + return true; + } + +- + static bool test_getgrgid(struct torture_context *tctx, + gid_t gid, + struct group *grp_p) +@@ -333,6 +332,7 @@ static bool test_enum_passwd(struct torture_context *tctx, + return true; + } + ++#if HAVE_GETPWENT_R + static bool test_enum_r_passwd(struct torture_context *tctx, + struct passwd **pwd_array_p, + size_t *num_pwd_p) +@@ -381,6 +381,7 @@ static bool test_enum_r_passwd(struct torture_context *tctx, + + return true; + } ++#endif + + static bool torture_assert_passwd_equal(struct torture_context *tctx, + const struct passwd *p1, +@@ -432,7 +433,7 @@ static bool test_passwd_r(struct torture_context *tctx) + struct passwd *pwd, pwd1, pwd2; + size_t num_pwd; + +- torture_assert(tctx, test_enum_r_passwd(tctx, &pwd, &num_pwd), ++ torture_assert(tctx, test_enum_passwd(tctx, &pwd, &num_pwd), + "failed to enumerate passwd"); + + for (i=0; i < num_pwd; i++) { +@@ -460,7 +461,7 @@ static bool test_passwd_r_cross(struct torture_context *tctx) + struct passwd *pwd, pwd1, pwd2, pwd3, pwd4; + size_t num_pwd; + +- torture_assert(tctx, test_enum_r_passwd(tctx, &pwd, &num_pwd), ++ torture_assert(tctx, test_enum_passwd(tctx, &pwd, &num_pwd), + "failed to enumerate passwd"); + + for (i=0; i < num_pwd; i++) { +@@ -531,6 +532,7 @@ static bool test_enum_group(struct torture_context *tctx, + return true; + } + ++#if HAVE_GETGRENT_R + static bool test_enum_r_group(struct torture_context *tctx, + struct group **grp_array_p, + size_t *num_grp_p) +@@ -579,6 +581,7 @@ static bool test_enum_r_group(struct torture_context *tctx, + + return true; + } ++#endif + + static bool torture_assert_group_equal(struct torture_context *tctx, + const struct group *g1, +@@ -635,7 +638,7 @@ static bool test_group_r(struct torture_context *tctx) + struct group *grp, grp1, grp2; + size_t num_grp; + +- torture_assert(tctx, test_enum_r_group(tctx, &grp, &num_grp), ++ torture_assert(tctx, test_enum_group(tctx, &grp, &num_grp), + "failed to enumerate group"); + + for (i=0; i < num_grp; i++) { +@@ -663,7 +666,7 @@ static bool test_group_r_cross(struct torture_context *tctx) + struct group *grp, grp1, grp2, grp3, grp4; + size_t num_grp; + +- torture_assert(tctx, test_enum_r_group(tctx, &grp, &num_grp), ++ torture_assert(tctx, test_enum_group(tctx, &grp, &num_grp), + "failed to enumerate group"); + + for (i=0; i < num_grp; i++) { diff --git a/package/lean/samba4/patches/004-missing-headers.patch b/package/lean/samba4/patches/004-missing-headers.patch new file mode 100644 index 000000000..58c26aece --- /dev/null +++ b/package/lean/samba4/patches/004-missing-headers.patch @@ -0,0 +1,38 @@ +diff --git a/lib/param/loadparm.h b/lib/param/loadparm.h +index b5d79b9..3f4eae0 100644 +--- a/lib/param/loadparm.h ++++ b/lib/param/loadparm.h +@@ -31,6 +31,7 @@ + #define _LOADPARM_H + + #include ++#include + + struct parmlist_entry { + struct parmlist_entry *prev, *next; +diff --git a/source3/lib/system_smbd.c b/source3/lib/system_smbd.c +index 3b1ac9c..4044d75 100644 +--- a/source3/lib/system_smbd.c ++++ b/source3/lib/system_smbd.c +@@ -27,6 +27,8 @@ + #include "system/passwd.h" + #include "nsswitch/winbind_client.h" + #include "../lib/util/setid.h" ++#include ++#include + + #ifndef HAVE_GETGROUPLIST + +diff --git a/source4/torture/local/nss_tests.c b/source4/torture/local/nss_tests.c +index 2cd6122..0c84ec2 100644 +--- a/source4/torture/local/nss_tests.c ++++ b/source4/torture/local/nss_tests.c +@@ -20,6 +20,8 @@ + */ + + #include "includes.h" ++#include ++#include + + #include "torture/torture.h" + #include "torture/local/proto.h" diff --git a/package/lean/samba4/patches/005-musl_uintptr.patch b/package/lean/samba4/patches/005-musl_uintptr.patch new file mode 100644 index 000000000..c5f36bef2 --- /dev/null +++ b/package/lean/samba4/patches/005-musl_uintptr.patch @@ -0,0 +1,35 @@ +commit f81e5b71ce78f33250347914dacc75c8463bf102 +Author: Breno Leitao +Date: Wed Mar 29 15:22:38 2017 -0300 + + include: Check for previous declaration of uintptr_t + + Adding a extra check before declaring uintptr_t. Currently musl uses + macro __DEFINED_uintptr_t once it defines uintptr_t type. Checking + this macro before defining it, and, defining it when uintptr_t is + defined. + + Signed-off-by: Breno Leitao + +diff --git a/third_party/cmocka/cmocka.h b/third_party/cmocka/cmocka.h +index 303d0ae..a2bfc40 100644 +--- a/third_party/cmocka/cmocka.h ++++ b/third_party/cmocka/cmocka.h +@@ -110,7 +110,7 @@ + ((LargestIntegralType)(value)) + + /* Smallest integral type capable of holding a pointer. */ +-#if !defined(_UINTPTR_T) && !defined(_UINTPTR_T_DEFINED) ++#if !defined(_UINTPTR_T) && !defined(_UINTPTR_T_DEFINED) && !defined(__DEFINED_uintptr_t) + # if defined(_WIN32) + /* WIN32 is an ILP32 platform */ + typedef unsigned int uintptr_t; +@@ -136,6 +136,8 @@ + + # define _UINTPTR_T + # define _UINTPTR_T_DEFINED ++# define __DEFINED_uintptr_t ++ + #endif /* !defined(_UINTPTR_T) || !defined(_UINTPTR_T_DEFINED) */ + + /* Perform an unsigned cast to uintptr_t. */ diff --git a/package/lean/samba4/patches/006-netdb-defines.patch b/package/lean/samba4/patches/006-netdb-defines.patch new file mode 100644 index 000000000..d7d6446ab --- /dev/null +++ b/package/lean/samba4/patches/006-netdb-defines.patch @@ -0,0 +1,19 @@ +diff --git a/nsswitch/wins.c b/nsswitch/wins.c +index dccb6dd..bb24acb 100644 +--- a/nsswitch/wins.c ++++ b/nsswitch/wins.c +@@ -39,6 +39,14 @@ static pthread_mutex_t wins_nss_mutex = PTHREAD_MUTEX_INITIALIZER; + #define INADDRSZ 4 + #endif + ++#ifndef NETDB_INTERNAL ++#define NETDB_INTERNAL -1 ++#endif ++ ++#ifndef NETDB_SUCCESS ++#define NETDB_SUCCESS 0 ++#endif ++ + NSS_STATUS _nss_wins_gethostbyname_r(const char *hostname, + struct hostent *he, + char *buffer, diff --git a/package/lean/samba4/patches/007-libldb-fix-musl-libc-unkown-type-error.patch b/package/lean/samba4/patches/007-libldb-fix-musl-libc-unkown-type-error.patch new file mode 100644 index 000000000..c0e7e8907 --- /dev/null +++ b/package/lean/samba4/patches/007-libldb-fix-musl-libc-unkown-type-error.patch @@ -0,0 +1,31 @@ +From d90534469c5c43bf2a97e5698a5ddb4b7471f92a Mon Sep 17 00:00:00 2001 +From: Changqing Li +Date: Tue, 24 Jul 2018 10:53:16 +0800 +Subject: [PATCH] libldb: fix musl libc unkoown type error + +tevent.h:1440:8: error: unknown type name 'pid_t'; did you mean 'div_t'? + pid_t *pid, + ^~~~~ + div_t + +Signed-off-by: Changqing Li +--- + lib/tevent/tevent.h | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/lib/tevent/tevent.h b/lib/tevent/tevent.h +index aa6fe0d..2572696 100644 +--- a/lib/tevent/tevent.h ++++ b/lib/tevent/tevent.h +@@ -32,6 +32,8 @@ + #include + #include + #include ++#include ++#include + + struct tevent_context; + struct tevent_ops; +-- +2.7.4 + diff --git a/package/lean/samba4/patches/008-samba-4.11-add_missing___compar_fn_t.patch b/package/lean/samba4/patches/008-samba-4.11-add_missing___compar_fn_t.patch new file mode 100644 index 000000000..96b65e6c5 --- /dev/null +++ b/package/lean/samba4/patches/008-samba-4.11-add_missing___compar_fn_t.patch @@ -0,0 +1,14 @@ +--- a/source4/dsdb/samdb/ldb_modules/count_attrs.c ++++ b/source4/dsdb/samdb/ldb_modules/count_attrs.c +@@ -38,6 +38,11 @@ + #define NULL_REQ_PSEUDO_N -2LL; + #define STAR_REQ_PSEUDO_N -4LL; + ++#ifndef __COMPAR_FN_T ++#define __COMPAR_FN_T ++typedef int (*__compar_fn_t)(const void *, const void *); ++#endif ++ + struct count_attrs_private { + struct tdb_wrap *requested; + struct tdb_wrap *duplicates; diff --git a/package/lean/samba4/patches/009-samba-4.11-qsort-compar.patch b/package/lean/samba4/patches/009-samba-4.11-qsort-compar.patch new file mode 100644 index 000000000..3b2e11a15 --- /dev/null +++ b/package/lean/samba4/patches/009-samba-4.11-qsort-compar.patch @@ -0,0 +1,22 @@ +diff --git a/source4/dsdb/samdb/ldb_modules/count_attrs.c b/source4/dsdb/samdb/ldb_modules/count_attrs.c +index b0d1b22..29f1b94 100644 +--- a/source4/dsdb/samdb/ldb_modules/count_attrs.c ++++ b/source4/dsdb/samdb/ldb_modules/count_attrs.c +@@ -222,7 +222,7 @@ static const char **get_sorted_attrs(TALLOC_CTX *mem_ctx, + attrs[i] = a; + } + +- qsort(attrs, n_attrs, sizeof(char *), (__compar_fn_t)strcasecmp_ptr); ++ qsort(attrs, n_attrs, sizeof(char *), (int (*)(const void *, const void *))strcasecmp_ptr); + return attrs; + } + +@@ -313,7 +313,7 @@ static int count_attrs_search_callback(struct ldb_request *req, + } + + qsort(found_attrs, msg->num_elements, sizeof(char *), +- (__compar_fn_t)strcasecmp_ptr); ++ (int (*)(const void *, const void *))strcasecmp_ptr); + + + /* find and report duplicates */ diff --git a/package/lean/samba4/patches/010-samba-4-11-fix-host-tools-checks.patch.patch b/package/lean/samba4/patches/010-samba-4-11-fix-host-tools-checks.patch.patch new file mode 100644 index 000000000..88c560d1a --- /dev/null +++ b/package/lean/samba4/patches/010-samba-4-11-fix-host-tools-checks.patch.patch @@ -0,0 +1,40 @@ +--- a/wscript_configure_embedded_heimdal 2019-12-17 ++++ b/wscript_configure_embedded_heimdal 2019-12-17 +@@ -1 +1,12 @@ + conf.RECURSE('source4/heimdal_build') ++ ++def check_system_heimdal_binary(name): ++ if conf.LIB_MAY_BE_BUNDLED(name): ++ return False ++ if not conf.find_program(name, var=name.upper()): ++ return False ++ conf.define('USING_SYSTEM_%s' % name.upper(), 1) ++ return True ++ ++check_system_heimdal_binary("compile_et") ++check_system_heimdal_binary("asn1_compile") +--- a/wscript_configure_system_heimdal 2019-12-17 ++++ b/wscript_configure_system_heimdal 2019-12-17 +@@ -37,14 +37,6 @@ def check_system_heimdal_lib(name, funct + conf.define('USING_SYSTEM_%s' % name.upper(), 1) + return True + +-def check_system_heimdal_binary(name): +- if conf.LIB_MAY_BE_BUNDLED(name): +- return False +- if not conf.find_program(name, var=name.upper()): +- return False +- conf.define('USING_SYSTEM_%s' % name.upper(), 1) +- return True +- + check_system_heimdal_lib("com_err", "com_right_r com_err", "com_err.h") + + if check_system_heimdal_lib("roken", "rk_socket_set_reuseaddr", "roken.h"): +@@ -96,7 +88,4 @@ finally: + #if conf.CHECK_BUNDLED_SYSTEM('tommath', checkfunctions='mp_init', headers='tommath.h'): + # conf.define('USING_SYSTEM_TOMMATH', 1) + +-check_system_heimdal_binary("compile_et") +-check_system_heimdal_binary("asn1_compile") +- + conf.define('USING_SYSTEM_KRB5', 1) diff --git a/package/lean/samba4/patches/010-source3-msgsock-nvram-fix.patch b/package/lean/samba4/patches/020-source3-msgsock-nvram-fix.patch similarity index 84% rename from package/lean/samba4/patches/010-source3-msgsock-nvram-fix.patch rename to package/lean/samba4/patches/020-source3-msgsock-nvram-fix.patch index 4c93a5a3e..682adec4e 100644 --- a/package/lean/samba4/patches/010-source3-msgsock-nvram-fix.patch +++ b/package/lean/samba4/patches/020-source3-msgsock-nvram-fix.patch @@ -5,7 +5,7 @@ } - priv_path = private_path("msg.sock"); -+ priv_path = lock_path("msg.sock"); ++ priv_path = lock_path(talloc_tos(), "msg.sock"); if (priv_path == NULL) { return NT_STATUS_NO_MEMORY; } @@ -14,7 +14,7 @@ msg_ctx->msg_dgm_ref = messaging_dgm_ref( msg_ctx, msg_ctx->event_ctx, &msg_ctx->id.unique_id, - private_path("msg.sock"), lck_path, -+ lock_path("msg.sock"), lck_path, ++ lock_path(talloc_tos(), "msg.sock"), lck_path, messaging_recv_cb, msg_ctx, &ret); if (msg_ctx->msg_dgm_ref == NULL) { diff --git a/package/lean/samba4/patches/011-source4-msgsock-nvram-fix.patch b/package/lean/samba4/patches/021-source4-msgsock-nvram-fix.patch similarity index 100% rename from package/lean/samba4/patches/011-source4-msgsock-nvram-fix.patch rename to package/lean/samba4/patches/021-source4-msgsock-nvram-fix.patch diff --git a/package/lean/samba4/patches/100-do-not-import-target-module-while-cross-compile.patch b/package/lean/samba4/patches/100-do-not-import-target-module-while-cross-compile.patch deleted file mode 100644 index e0766b60f..000000000 --- a/package/lean/samba4/patches/100-do-not-import-target-module-while-cross-compile.patch +++ /dev/null @@ -1,56 +0,0 @@ -Some modules such as dynamic library maybe cann't be imported while cross compile, -we just check whether does the module exist. - -Signed-off-by: Bian Naimeng - ---- a/buildtools/wafsamba/samba_bundled.py -+++ b/buildtools/wafsamba/samba_bundled.py -@@ -2,6 +2,7 @@ - - import sys - import Build, Options, Logs -+import imp, os - from Configure import conf - from samba_utils import TO_LIST - -@@ -249,17 +250,32 @@ def CHECK_BUNDLED_SYSTEM_PYTHON(conf, li - # versions - minversion = minimum_library_version(conf, libname, minversion) - -- try: -- m = __import__(modulename) -- except ImportError: -- found = False -- else: -+ # Find module in PYTHONPATH -+ stuff = imp.find_module(modulename, [os.environ["PYTHONPATH"]]) -+ if stuff: - try: -- version = m.__version__ -- except AttributeError: -+ m = imp.load_module(modulename, stuff[0], stuff[1], stuff[2]) -+ except ImportError: - found = False -+ -+ if conf.env.CROSS_COMPILE: -+ # Some modules such as dynamic library maybe cann't be imported -+ # while cross compile, we just check whether the module exist -+ Logs.warn('Cross module[%s] has been found, but can not be loaded.' % (stuff[1])) -+ found = True - else: -- found = tuplize_version(version) >= tuplize_version(minversion) -+ try: -+ version = m.__version__ -+ except AttributeError: -+ found = False -+ else: -+ found = tuplize_version(version) >= tuplize_version(minversion) -+ finally: -+ if stuff[0]: -+ stuff[0].close() -+ else: -+ found = False -+ - if not found and not conf.LIB_MAY_BE_BUNDLED(libname): - Logs.error('ERROR: Python module %s of version %s not found, and bundling disabled' % (libname, minversion)) - sys.exit(1) diff --git a/package/lean/samba4/patches/103-samba-4.8.5-unbundle-libbsd.patch b/package/lean/samba4/patches/102-samba-4.11-unbundle-libbsd.patch similarity index 76% rename from package/lean/samba4/patches/103-samba-4.8.5-unbundle-libbsd.patch rename to package/lean/samba4/patches/102-samba-4.11-unbundle-libbsd.patch index c8eae598d..1e2e11fcf 100644 --- a/package/lean/samba4/patches/103-samba-4.8.5-unbundle-libbsd.patch +++ b/package/lean/samba4/patches/102-samba-4.11-unbundle-libbsd.patch @@ -1,22 +1,3 @@ ---- a/lib/crypto/wscript_configure -+++ b/lib/crypto/wscript_configure -@@ -2,11 +2,11 @@ - import Options - import Utils - --if not conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h', -- checklibc=True): -- conf.CHECK_FUNCS_IN('MD5Init', 'md5', headers='sys/md5.h', -- checklibc=True) -- conf.CHECK_FUNCS_IN('MD5Init', 'md', headers='sys/md5.h', -+# if not conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h', -+ # checklibc=True): -+conf.CHECK_FUNCS_IN('MD5Init', 'md5', headers='sys/md5.h', -+ checklibc=True) -+conf.CHECK_FUNCS_IN('MD5Init', 'md', headers='sys/md5.h', - checklibc=True) - conf.CHECK_FUNCS_IN('CC_MD5_Init', '', headers='CommonCrypto/CommonDigest.h', - checklibc=True) --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -340,22 +340,13 @@ def configure(conf): @@ -72,6 +53,7 @@ extra_libs = '' - if bld.CONFIG_SET('HAVE_LIBBSD'): extra_libs += ' bsd' - + if bld.CONFIG_SET('HAVE_LIBRT'): extra_libs += ' rt' + bld.SAMBA_SUBSYSTEM('LIBREPLACE_HOSTCC', REPLACE_HOSTCC_SOURCE, diff --git a/package/lean/samba4/patches/102-samba-4.8.2-unbundle-libreadline.patch b/package/lean/samba4/patches/102-samba-4.8.2-unbundle-libreadline.patch deleted file mode 100644 index e164d56f5..000000000 --- a/package/lean/samba4/patches/102-samba-4.8.2-unbundle-libreadline.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- a/libcli/smbreadline/wscript_configure -+++ b/libcli/smbreadline/wscript_configure -@@ -1,11 +1,13 @@ - #!/usr/bin/env python - - --conf.CHECK_HEADERS('readline.h history.h readline/readline.h readline/history.h') --for termlib in ['ncurses', 'curses', 'termcap', 'terminfo', 'termlib', 'tinfo']: -- if conf.CHECK_FUNCS_IN('tgetent', termlib): -- conf.env['READLINE_TERMLIB'] = termlib -- break -+#conf.CHECK_HEADERS('readline.h history.h readline/readline.h readline/history.h') -+#for termlib in ['ncurses', 'curses', 'termcap', 'terminfo', 'termlib', 'tinfo']: -+# if conf.CHECK_FUNCS_IN('tgetent', termlib): -+# conf.env['READLINE_TERMLIB'] = termlib -+# break -+ -+conf.undefine('HAVE_READLINE_READLINE_H') - - # - # Check if we need to work around readline/readline.h diff --git a/package/lean/samba4/patches/103-tmsize-overflow-fix.patch b/package/lean/samba4/patches/103-tmsize-overflow-fix.patch new file mode 100644 index 000000000..5d6cebe16 --- /dev/null +++ b/package/lean/samba4/patches/103-tmsize-overflow-fix.patch @@ -0,0 +1,21 @@ +--- a/source3/modules/vfs_fruit.c 2019-07-09 ++++ b/source3/modules/vfs_fruit.c 2019-07-09 +@@ -6995,12 +6995,12 @@ static bool fruit_tmsize_do_dirent(vfs_h + return true; + } + +- if (bandsize > SIZE_MAX/nbands) { +- DBG_ERR("tmsize overflow: bandsize [%zu] nbands [%zu]\n", +- bandsize, nbands); +- return false; +- } +- tm_size = bandsize * nbands; ++ // if (bandsize > SIZE_MAX/nbands) { ++ // DBG_ERR("tmsize overflow: bandsize [%zu] nbands [%zu]\n", ++ // bandsize, nbands); ++ // return false; ++ // } ++ tm_size = (off_t)bandsize * (off_t)nbands; + + if (state->total_size + tm_size < state->total_size) { + DBG_ERR("tmsize overflow: bandsize [%zu] nbands [%zu]\n", diff --git a/package/lean/samba4/waf-cross-answers/aarch64.txt b/package/lean/samba4/waf-cross-answers/aarch64.txt index 9aae22c36..e57659bf0 100644 --- a/package/lean/samba4/waf-cross-answers/aarch64.txt +++ b/package/lean/samba4/waf-cross-answers/aarch64.txt @@ -25,7 +25,7 @@ Checking for kernel share modes: OK Checking if can we convert from CP850 to UCS-2LE: OK Checking if can we convert from UTF-8 to UCS-2LE: OK vfs_fileid checking for statfs() and struct statfs.f_fsid: OK -Checking whether we can use Linux thread-specific credentials: "OK" +Checking whether we can use Linux thread-specific credentials: OK Checking whether fcntl locking is available: OK Checking whether fcntl lock supports open file description locks: NO Checking for the maximum value of the 'time_t' type: OK diff --git a/package/lean/samba4/waf-cross-answers/arc.txt b/package/lean/samba4/waf-cross-answers/arc.txt index 57f38119f..37abf15ed 100644 --- a/package/lean/samba4/waf-cross-answers/arc.txt +++ b/package/lean/samba4/waf-cross-answers/arc.txt @@ -25,7 +25,7 @@ Checking for kernel share modes: OK Checking if can we convert from CP850 to UCS-2LE: OK Checking if can we convert from UTF-8 to UCS-2LE: OK vfs_fileid checking for statfs() and struct statfs.f_fsid: OK -Checking whether we can use Linux thread-specific credentials: "OK" +Checking whether we can use Linux thread-specific credentials: OK Checking whether fcntl locking is available: OK Checking whether fcntl lock supports open file description locks: NO Checking for the maximum value of the 'time_t' type: NO diff --git a/package/lean/samba4/waf-cross-answers/arm.txt b/package/lean/samba4/waf-cross-answers/arm.txt index 79ba994be..5a7c2ea94 100644 --- a/package/lean/samba4/waf-cross-answers/arm.txt +++ b/package/lean/samba4/waf-cross-answers/arm.txt @@ -25,7 +25,7 @@ Checking for kernel share modes: OK Checking if can we convert from CP850 to UCS-2LE: OK Checking if can we convert from UTF-8 to UCS-2LE: OK vfs_fileid checking for statfs() and struct statfs.f_fsid: OK -Checking whether we can use Linux thread-specific credentials with 32-bit system calls: "OK" +Checking whether we can use Linux thread-specific credentials with 32-bit system calls: OK Checking whether fcntl locking is available: OK Checking whether fcntl lock supports open file description locks: NO Checking for the maximum value of the 'time_t' type: NO diff --git a/package/lean/samba4/waf-cross-answers/armeb.txt b/package/lean/samba4/waf-cross-answers/armeb.txt index 79ba994be..5a7c2ea94 100644 --- a/package/lean/samba4/waf-cross-answers/armeb.txt +++ b/package/lean/samba4/waf-cross-answers/armeb.txt @@ -25,7 +25,7 @@ Checking for kernel share modes: OK Checking if can we convert from CP850 to UCS-2LE: OK Checking if can we convert from UTF-8 to UCS-2LE: OK vfs_fileid checking for statfs() and struct statfs.f_fsid: OK -Checking whether we can use Linux thread-specific credentials with 32-bit system calls: "OK" +Checking whether we can use Linux thread-specific credentials with 32-bit system calls: OK Checking whether fcntl locking is available: OK Checking whether fcntl lock supports open file description locks: NO Checking for the maximum value of the 'time_t' type: NO diff --git a/package/lean/samba4/waf-cross-answers/i386.txt b/package/lean/samba4/waf-cross-answers/i386.txt index 79ba994be..5a7c2ea94 100644 --- a/package/lean/samba4/waf-cross-answers/i386.txt +++ b/package/lean/samba4/waf-cross-answers/i386.txt @@ -25,7 +25,7 @@ Checking for kernel share modes: OK Checking if can we convert from CP850 to UCS-2LE: OK Checking if can we convert from UTF-8 to UCS-2LE: OK vfs_fileid checking for statfs() and struct statfs.f_fsid: OK -Checking whether we can use Linux thread-specific credentials with 32-bit system calls: "OK" +Checking whether we can use Linux thread-specific credentials with 32-bit system calls: OK Checking whether fcntl locking is available: OK Checking whether fcntl lock supports open file description locks: NO Checking for the maximum value of the 'time_t' type: NO diff --git a/package/lean/samba4/waf-cross-answers/mips.txt b/package/lean/samba4/waf-cross-answers/mips.txt index 9c1a2c67e..2919ea2c2 100644 --- a/package/lean/samba4/waf-cross-answers/mips.txt +++ b/package/lean/samba4/waf-cross-answers/mips.txt @@ -25,7 +25,7 @@ Checking for kernel share modes: OK Checking if can we convert from CP850 to UCS-2LE: OK Checking if can we convert from UTF-8 to UCS-2LE: OK vfs_fileid checking for statfs() and struct statfs.f_fsid: OK -Checking whether we can use Linux thread-specific credentials: "OK" +Checking whether we can use Linux thread-specific credentials: OK Checking whether fcntl locking is available: OK Checking whether fcntl lock supports open file description locks: NO Checking for the maximum value of the 'time_t' type: NO diff --git a/package/lean/samba4/waf-cross-answers/mips64.txt b/package/lean/samba4/waf-cross-answers/mips64.txt index a270f0860..9bb9b5fd5 100644 --- a/package/lean/samba4/waf-cross-answers/mips64.txt +++ b/package/lean/samba4/waf-cross-answers/mips64.txt @@ -25,7 +25,7 @@ Checking for kernel share modes: OK Checking if can we convert from CP850 to UCS-2LE: OK Checking if can we convert from UTF-8 to UCS-2LE: OK vfs_fileid checking for statfs() and struct statfs.f_fsid: OK -Checking whether we can use Linux thread-specific credentials: "OK" +Checking whether we can use Linux thread-specific credentials: OK Checking whether fcntl locking is available: OK Checking whether fcntl lock supports open file description locks: NO Checking for the maximum value of the 'time_t' type: OK diff --git a/package/lean/samba4/waf-cross-answers/mips64el.txt b/package/lean/samba4/waf-cross-answers/mips64el.txt index a270f0860..9bb9b5fd5 100644 --- a/package/lean/samba4/waf-cross-answers/mips64el.txt +++ b/package/lean/samba4/waf-cross-answers/mips64el.txt @@ -25,7 +25,7 @@ Checking for kernel share modes: OK Checking if can we convert from CP850 to UCS-2LE: OK Checking if can we convert from UTF-8 to UCS-2LE: OK vfs_fileid checking for statfs() and struct statfs.f_fsid: OK -Checking whether we can use Linux thread-specific credentials: "OK" +Checking whether we can use Linux thread-specific credentials: OK Checking whether fcntl locking is available: OK Checking whether fcntl lock supports open file description locks: NO Checking for the maximum value of the 'time_t' type: OK diff --git a/package/lean/samba4/waf-cross-answers/mipsel.txt b/package/lean/samba4/waf-cross-answers/mipsel.txt index 9c1a2c67e..2919ea2c2 100644 --- a/package/lean/samba4/waf-cross-answers/mipsel.txt +++ b/package/lean/samba4/waf-cross-answers/mipsel.txt @@ -25,7 +25,7 @@ Checking for kernel share modes: OK Checking if can we convert from CP850 to UCS-2LE: OK Checking if can we convert from UTF-8 to UCS-2LE: OK vfs_fileid checking for statfs() and struct statfs.f_fsid: OK -Checking whether we can use Linux thread-specific credentials: "OK" +Checking whether we can use Linux thread-specific credentials: OK Checking whether fcntl locking is available: OK Checking whether fcntl lock supports open file description locks: NO Checking for the maximum value of the 'time_t' type: NO diff --git a/package/lean/samba4/waf-cross-answers/powerpc.txt b/package/lean/samba4/waf-cross-answers/powerpc.txt index 4912acbde..c98557b2b 100644 --- a/package/lean/samba4/waf-cross-answers/powerpc.txt +++ b/package/lean/samba4/waf-cross-answers/powerpc.txt @@ -25,7 +25,7 @@ Checking for kernel share modes: OK Checking if can we convert from CP850 to UCS-2LE: OK Checking if can we convert from UTF-8 to UCS-2LE: OK vfs_fileid checking for statfs() and struct statfs.f_fsid: OK -Checking whether we can use Linux thread-specific credentials: "OK" +Checking whether we can use Linux thread-specific credentials: OK Checking whether fcntl locking is available: OK Checking whether fcntl lock supports open file description locks: NO Checking for the maximum value of the 'time_t' type: NO diff --git a/package/lean/samba4/waf-cross-answers/x86_64.txt b/package/lean/samba4/waf-cross-answers/x86_64.txt index 9aae22c36..e57659bf0 100644 --- a/package/lean/samba4/waf-cross-answers/x86_64.txt +++ b/package/lean/samba4/waf-cross-answers/x86_64.txt @@ -25,7 +25,7 @@ Checking for kernel share modes: OK Checking if can we convert from CP850 to UCS-2LE: OK Checking if can we convert from UTF-8 to UCS-2LE: OK vfs_fileid checking for statfs() and struct statfs.f_fsid: OK -Checking whether we can use Linux thread-specific credentials: "OK" +Checking whether we can use Linux thread-specific credentials: OK Checking whether fcntl locking is available: OK Checking whether fcntl lock supports open file description locks: NO Checking for the maximum value of the 'time_t' type: OK