[samba4/f17] Backport changes from rawhide (Update to alpha18)
Milan Crha
mcrha at fedoraproject.org
Wed Apr 4 15:00:27 UTC 2012
commit 58a02e8999d13f33076bd7a1cdc6296cb700d65e
Author: Milan Crha <mcrha at redhat.com>
Date: Wed Apr 4 16:59:06 2012 +0200
Backport changes from rawhide (Update to alpha18)
I left the original samba4.spec file as is, with yesterday's date
and signed by original committer.
.gitignore | 1 +
nmb.init | 114 ++
pam_winbind.conf | 38 +
samba-4.0.0alpha16-another-buildfix.patch | 13 -
...-4.0.0alpha16-ignore-disable-silent-rules.patch | 14 -
samba-4.0.0alpha16.buildfix.patch | 24 -
samba.conf.tmp | 1 +
samba.log | 7 +
samba.pamd | 6 +
samba.xinetd | 15 +
samba4-external_ldap_callback.patch | 86 ++
samba4-libpdb-soversion.patch | 15 +
samba4-samr-lsa-session_key.patch | 434 ++++++
samba4-waf_target.patch | 29 +
samba4.spec | 1490 ++++++++++++--------
smb.conf.default | 315 +++++
smb.init | 114 ++
sources | 2 +-
swat.desktop | 8 +
winbind.init | 102 ++
20 files changed, 2184 insertions(+), 644 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 462e82c..3eb8912 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@ samba-4.0.0alpha11.tar.gz
/samba-4.0.0alpha15-GIT-29f850a.tar.gz
/samba-4.0.0alpha15-GIT-3560db3.tar.gz
/samba-4.0.0alpha15-GIT-a6a722b.tar.gz
+/samba-4.0.0alpha18.tar.bz2
diff --git a/nmb.init b/nmb.init
new file mode 100644
index 0000000..6234ff9
--- /dev/null
+++ b/nmb.init
@@ -0,0 +1,114 @@
+#!/bin/sh
+#
+# chkconfig: - 91 35
+# description: Starts and stops the Samba smbd and nmbd daemons \
+# used to provide SMB network services.
+#
+# pidfile: /var/run/samba/nmbd.pid
+# config: /etc/samba/smb.conf
+
+
+# Source function library.
+if [ -f /etc/init.d/functions ] ; then
+ . /etc/init.d/functions
+elif [ -f /etc/rc.d/init.d/functions ] ; then
+ . /etc/rc.d/init.d/functions
+else
+ exit 1
+fi
+
+# Avoid using root's TMPDIR
+unset TMPDIR
+
+# Source networking configuration.
+. /etc/sysconfig/network
+
+if [ -f /etc/sysconfig/samba ]; then
+ . /etc/sysconfig/samba
+fi
+
+# Check that networking is up.
+[ ${NETWORKING} = "no" ] && exit 1
+
+# Check that smb.conf exists.
+[ -f /etc/samba/smb.conf ] || exit 6
+
+RETVAL=0
+
+
+start() {
+ KIND="NMB"
+ echo -n $"Starting $KIND services: "
+ daemon nmbd $NMBDOPTIONS
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && touch /var/lock/subsys/nmb || \
+ RETVAL=1
+ return $RETVAL
+}
+
+stop() {
+ KIND="NMB"
+ echo -n $"Shutting down $KIND services: "
+ killproc nmbd
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/nmb
+ return $RETVAL
+}
+
+restart() {
+ stop
+ start
+}
+
+reload() {
+ echo -n $"Reloading smb.conf file: "
+ killproc nmbd -HUP
+ RETVAL=$?
+ echo
+ return $RETVAL
+}
+
+rhstatus() {
+ status -l nmb nmbd
+ return $?
+}
+
+
+# Allow status as non-root.
+if [ "$1" = status ]; then
+ rhstatus
+ exit $?
+fi
+
+# Check that we can write to it... so non-root users stop here
+[ -w /etc/samba/smb.conf ] || exit 4
+
+
+
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ restart)
+ restart
+ ;;
+ reload)
+ reload
+ ;;
+ status)
+ rhstatus
+ ;;
+ condrestart)
+ [ -f /var/lock/subsys/nmb ] && restart || :
+ ;;
+ *)
+ echo $"Usage: $0 {start|stop|restart|reload|status|condrestart}"
+ exit 2
+esac
+
+exit $?
diff --git a/pam_winbind.conf b/pam_winbind.conf
new file mode 100644
index 0000000..dd0b112
--- /dev/null
+++ b/pam_winbind.conf
@@ -0,0 +1,38 @@
+#
+# pam_winbind configuration file
+#
+# /etc/security/pam_winbind.conf
+#
+
+[global]
+
+# turn on debugging
+;debug = no
+
+# turn on extended PAM state debugging
+;debug_state = no
+
+# request a cached login if possible
+# (needs "winbind offline logon = yes" in smb.conf)
+;cached_login = no
+
+# authenticate using kerberos
+;krb5_auth = no
+
+# when using kerberos, request a "FILE" krb5 credential cache type
+# (leave empty to just do krb5 authentication but not have a ticket
+# afterwards)
+;krb5_ccache_type =
+
+# make successful authentication dependend on membership of one SID
+# (can also take a name)
+;require_membership_of =
+
+# password expiry warning period in days
+;warn_pwd_expire = 14
+
+# omit pam conversations
+;silent = no
+
+# create homedirectory on the fly
+;mkhomedir = no
diff --git a/samba.conf.tmp b/samba.conf.tmp
new file mode 100644
index 0000000..8a29577
--- /dev/null
+++ b/samba.conf.tmp
@@ -0,0 +1 @@
+d /var/run/samba 755 root root
diff --git a/samba.log b/samba.log
new file mode 100644
index 0000000..6ccd04d
--- /dev/null
+++ b/samba.log
@@ -0,0 +1,7 @@
+/var/log/samba/* {
+ notifempty
+ olddir /var/log/samba/old
+ missingok
+ sharedscripts
+ copytruncate
+}
diff --git a/samba.pamd b/samba.pamd
new file mode 100644
index 0000000..66cd2a9
--- /dev/null
+++ b/samba.pamd
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth required pam_nologin.so
+auth include password-auth
+account include password-auth
+session include password-auth
+password include password-auth
diff --git a/samba.xinetd b/samba.xinetd
new file mode 100644
index 0000000..8b62348
--- /dev/null
+++ b/samba.xinetd
@@ -0,0 +1,15 @@
+# default: off
+# description: SWAT is the Samba Web Admin Tool. Use swat \
+# to configure your Samba server. To use SWAT, \
+# connect to port 901 with your favorite web browser.
+service swat
+{
+ port = 901
+ socket_type = stream
+ wait = no
+ only_from = 127.0.0.1
+ user = root
+ server = /usr/sbin/swat
+ log_on_failure += USERID
+ disable = yes
+}
diff --git a/samba4-external_ldap_callback.patch b/samba4-external_ldap_callback.patch
new file mode 100644
index 0000000..b66f930
--- /dev/null
+++ b/samba4-external_ldap_callback.patch
@@ -0,0 +1,86 @@
+From eb19fce5b473b1297305c3c6ba11f9d59b325991 Mon Sep 17 00:00:00 2001
+From: Alexander Bokovoy <ab at samba.org>
+Date: Thu, 15 Mar 2012 16:02:05 +0200
+Subject: [PATCH] Add ability to use external callback to perform LDAP bind in
+ smbldap
+
+In order to support other bind methods, introduce a generic bind callback.
+When smbldap_state.bind_callback is set, it means there is an alternative
+way to perform LDAP bind to ldap_simple_bind_s() so call it instead.
+
+The API expectation is similar to ldap_simple_bind_s().
+
+A caller of smbldap API can pass additional information to the callback by setting
+smbldap_state.bind_callback_data pointer.
+
+Both callback and the data pointer elements of smbldap_state structure get
+cleaned up if someone sets proper credentials on smbldap_state with
+smbldap_set_creds() so if you are interested in using smbldap_state.bind_dn
+with the callback, make sure to set callback after credentials are set.
+---
+ source3/include/smbldap.h | 3 +++
+ source3/lib/smbldap.c | 13 ++++++++++++-
+ 2 files changed, 15 insertions(+), 1 deletion(-)
+
+diff --git a/source3/include/smbldap.h b/source3/include/smbldap.h
+index df9df76..ecb622b 100644
+--- a/source3/include/smbldap.h
++++ b/source3/include/smbldap.h
+@@ -32,6 +32,7 @@
+ * Struct to keep the state for all the ldap stuff
+ *
+ */
++typedef void* smbldap_bind_callback_data;
+
+ struct smbldap_state {
+ LDAP *ldap_struct;
+@@ -44,6 +45,8 @@ struct smbldap_state {
+ bool anonymous;
+ char *bind_dn;
+ char *bind_secret;
++ int (*bind_callback)(LDAP *ldap_struct, struct smbldap_state *ldap_state);
++ smbldap_bind_callback_data bind_callback_data;
+
+ bool paged_results;
+
+diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
+index 51bcabd..14da344 100644
+--- a/source3/lib/smbldap.c
++++ b/source3/lib/smbldap.c
+@@ -976,7 +976,13 @@ static int smbldap_connect_system(struct smbldap_state *ldap_state)
+ #endif /*defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)*/
+ #endif
+
+- rc = ldap_simple_bind_s(ldap_struct, ldap_state->bind_dn, ldap_state->bind_secret);
++ /* When there is an alternative bind callback is set,
++ attempt to use it to perform the bind */
++ if (ldap_state->bind_callback != NULL) {
++ rc = ldap_state->bind_callback(ldap_struct, ldap_state);
++ } else {
++ rc = ldap_simple_bind_s(ldap_struct, ldap_state->bind_dn, ldap_state->bind_secret);
++ }
+
+ if (rc != LDAP_SUCCESS) {
+ char *ld_error = NULL;
+@@ -1667,6 +1673,8 @@ void smbldap_free_struct(struct smbldap_state **ldap_state)
+
+ SAFE_FREE((*ldap_state)->bind_dn);
+ SAFE_FREE((*ldap_state)->bind_secret);
++ (*ldap_state)->bind_callback = NULL;
++ (*ldap_state)->bind_callback_data = NULL;
+
+ TALLOC_FREE(*ldap_state);
+
+@@ -1846,6 +1854,9 @@ bool smbldap_set_creds(struct smbldap_state *ldap_state, bool anon, const char *
+ /* free any previously set credential */
+
+ SAFE_FREE(ldap_state->bind_dn);
++ ldap_state->bind_callback = NULL;
++ ldap_state->bind_callback_data = NULL;
++
+ if (ldap_state->bind_secret) {
+ /* make sure secrets are zeroed out of memory */
+ memset(ldap_state->bind_secret, '\0', strlen(ldap_state->bind_secret));
+--
+1.7.9.3
+
diff --git a/samba4-libpdb-soversion.patch b/samba4-libpdb-soversion.patch
new file mode 100644
index 0000000..0fffef3
--- /dev/null
+++ b/samba4-libpdb-soversion.patch
@@ -0,0 +1,15 @@
+ source3/wscript_build | 1 +
+ 1 files changed, 1 insertions(+), 0 deletions(-)
+
+Index: samba-4.0.0alpha18/source3/wscript_build
+===================================================================
+--- samba-4.0.0alpha18.orig/source3/wscript_build
++++ samba-4.0.0alpha18/source3/wscript_build
+@@ -730,6 +730,7 @@ bld.SAMBA3_LIBRARY('pdb',
+ include/passdb.h
+ passdb/machine_sid.h
+ passdb/lookup_sid.h''',
++ vnum='0',
+ vars=locals())
+
+ bld.SAMBA3_SUBSYSTEM('SERVER_MUTEX',
diff --git a/samba4-samr-lsa-session_key.patch b/samba4-samr-lsa-session_key.patch
new file mode 100644
index 0000000..4a71f10
--- /dev/null
+++ b/samba4-samr-lsa-session_key.patch
@@ -0,0 +1,434 @@
+commit 23f06e8b48afdc9bdd698854bf7c8f80f9549911
+Author: Alexander Bokovoy <ab at samba.org>
+AuthorDate: Fri Mar 2 16:18:16 2012 +0200
+Commit: Andreas Schneider <asn at samba.org>
+CommitDate: Fri Mar 9 13:58:43 2012 +0100
+
+ s3-rpc: Decrypt with the proper session key in CreateTrustedDomainEx2.
+
+ On LSA and SAMR pipes session_key is truncated to 16 byte when doing encryption/decryption.
+ However, this was not done for trusted domain-related modifying operations.
+
+ As result, Samba 4 client libraries do not work against Samba 3 while working
+ against Windows 2008 r2.
+
+ Solved this by introducing 'session_extract_session_key()' function that allows to specify
+ intent of use of the key.
+
+ Signed-off-by: Andreas Schneider <asn at samba.org>
+---
+ source3/auth/auth_util.c | 28 +++++++
+ source3/auth/proto.h | 1 +
+ source3/include/auth.h | 6 ++
+ source3/rpc_server/lsa/srv_lsa_nt.c | 127 +++++++++++++++++----------------
+ source3/rpc_server/samr/srv_samr_nt.c | 37 +++++-----
+ 5 files changed, 120 insertions(+), 79 deletions(-)
+
+Index: samba-4.0.0alpha18/source3/auth/auth_util.c
+===================================================================
+--- samba-4.0.0alpha18.orig/source3/auth/auth_util.c
++++ samba-4.0.0alpha18/source3/auth/auth_util.c
+@@ -1596,3 +1596,31 @@ NTSTATUS do_map_to_guest_server_info(NTS
+
+ return status;
+ }
++
++/*
++ Extract session key from a session info and return it in a blob
++ if intent is KEY_USE_16BYTES, truncate it to 16 bytes
++
++ See sections 3.2.4.15 and 3.3.4.2 of MS-SMB
++ Also see https://lists.samba.org/archive/cifs-protocol/2012-January/002265.html for details
++
++ Note that returned session_key is referencing the original key, it is supposed to be
++ short-lived. If original session_info->session_key is gone, the reference will be broken.
++*/
++NTSTATUS session_extract_session_key(const struct auth_session_info *session_info, DATA_BLOB *session_key, enum session_key_use_intent intent)
++{
++
++ if (session_key == NULL || session_info == NULL) {
++ return NT_STATUS_INVALID_PARAMETER;
++ }
++
++ if (session_info->session_key.length == 0) {
++ return NT_STATUS_NO_USER_SESSION_KEY;
++ }
++
++ *session_key = session_info->session_key;
++ if (intent == KEY_USE_16BYTES) {
++ session_key->length = MIN(session_info->session_key.length, 16);
++ }
++ return NT_STATUS_OK;
++}
+Index: samba-4.0.0alpha18/source3/auth/proto.h
+===================================================================
+--- samba-4.0.0alpha18.orig/source3/auth/proto.h
++++ samba-4.0.0alpha18/source3/auth/proto.h
+@@ -220,6 +220,7 @@ NTSTATUS make_server_info_wbcAuthUserInf
+ struct auth_serversupplied_info **server_info);
+ void free_user_info(struct auth_usersupplied_info **user_info);
+ bool is_trusted_domain(const char* dom_name);
++NTSTATUS session_extract_session_key(const struct auth_session_info *session_info, DATA_BLOB *session_key, enum session_key_use_intent intent);
+
+ /* The following definitions come from auth/user_info.c */
+
+Index: samba-4.0.0alpha18/source3/include/auth.h
+===================================================================
+--- samba-4.0.0alpha18.orig/source3/include/auth.h
++++ samba-4.0.0alpha18/source3/include/auth.h
+@@ -134,6 +134,12 @@ struct auth_init_function_entry {
+
+ extern const struct gensec_security_ops gensec_ntlmssp3_server_ops;
+
++/* Intent of use for session key. LSA and SAMR pipes use 16 bytes of session key when doing create/modify calls */
++enum session_key_use_intent {
++ KEY_USE_FULL = 0,
++ KEY_USE_16BYTES
++};
++
+ /* Changed from 1 -> 2 to add the logon_parameters field. */
+ /* Changed from 2 -> 3 when we reworked many auth structures to use IDL or be in common with Samba4 */
+ #define AUTH_INTERFACE_VERSION 3
+Index: samba-4.0.0alpha18/source3/rpc_server/lsa/srv_lsa_nt.c
+===================================================================
+--- samba-4.0.0alpha18.orig/source3/rpc_server/lsa/srv_lsa_nt.c
++++ samba-4.0.0alpha18/source3/rpc_server/lsa/srv_lsa_nt.c
+@@ -287,7 +287,7 @@ static NTSTATUS lookup_lsa_sids(TALLOC_C
+ return NT_STATUS_NO_MEMORY;
+ }
+
+- DEBUG(5, ("init_lsa_sids: looking up name %s\n", full_name));
++ DEBUG(5, ("lookup_lsa_sids: looking up name %s\n", full_name));
+
+ if (!lookup_name(mem_ctx, full_name, flags, &domain, NULL,
+ &sid, &type)) {
+@@ -300,12 +300,12 @@ static NTSTATUS lookup_lsa_sids(TALLOC_C
+ case SID_NAME_DOMAIN:
+ case SID_NAME_ALIAS:
+ case SID_NAME_WKN_GRP:
+- DEBUG(5, ("init_lsa_sids: %s found\n", full_name));
++ DEBUG(5, ("lookup_lsa_sids: %s found\n", full_name));
+ /* Leave these unchanged */
+ break;
+ default:
+ /* Don't hand out anything but the list above */
+- DEBUG(5, ("init_lsa_sids: %s not found\n", full_name));
++ DEBUG(5, ("lookup_lsa_sids: %s not found\n", full_name));
+ type = SID_NAME_UNKNOWN;
+ break;
+ }
+@@ -1309,10 +1309,7 @@ NTSTATUS _lsa_LookupNames3(struct pipes_
+ DEBUG(5,("_lsa_LookupNames3: truncating name lookup list to %d\n", num_entries));
+ }
+
+- /* Probably the lookup_level is some sort of bitmask. */
+- if (r->in.level == 1) {
+- flags = LOOKUP_NAME_ALL;
+- }
++ flags = lsa_lookup_level_to_flags(r->in.level);
+
+ domains = talloc_zero(p->mem_ctx, struct lsa_RefDomainList);
+ if (!domains) {
+@@ -1660,6 +1657,46 @@ NTSTATUS _lsa_OpenTrustedDomainByName(st
+ r->out.trustdom_handle);
+ }
+
++static NTSTATUS get_trustdom_auth_blob(struct pipes_struct *p,
++ TALLOC_CTX *mem_ctx, DATA_BLOB *auth_blob,
++ struct trustDomainPasswords *auth_struct)
++{
++ enum ndr_err_code ndr_err;
++ DATA_BLOB lsession_key;
++ NTSTATUS status;
++
++ status = session_extract_session_key(p->session_info, &lsession_key, KEY_USE_16BYTES);
++ if (!NT_STATUS_IS_OK(status)) {
++ return NT_STATUS_INVALID_PARAMETER;
++ }
++
++ arcfour_crypt_blob(auth_blob->data, auth_blob->length, &lsession_key);
++ ndr_err = ndr_pull_struct_blob(auth_blob, mem_ctx,
++ auth_struct,
++ (ndr_pull_flags_fn_t)ndr_pull_trustDomainPasswords);
++ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
++ return NT_STATUS_INVALID_PARAMETER;
++ }
++
++ return NT_STATUS_OK;
++}
++
++static NTSTATUS get_trustauth_inout_blob(TALLOC_CTX *mem_ctx,
++ struct trustAuthInOutBlob *iopw,
++ DATA_BLOB *trustauth_blob)
++{
++ enum ndr_err_code ndr_err;
++
++ ndr_err = ndr_push_struct_blob(trustauth_blob, mem_ctx,
++ iopw,
++ (ndr_push_flags_fn_t)ndr_push_trustAuthInOutBlob);
++ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
++ return NT_STATUS_INVALID_PARAMETER;
++ }
++
++ return NT_STATUS_OK;
++}
++
+ /***************************************************************************
+ _lsa_CreateTrustedDomainEx2
+ ***************************************************************************/
+@@ -1674,7 +1711,6 @@ NTSTATUS _lsa_CreateTrustedDomainEx2(str
+ size_t sd_size;
+ struct pdb_trusted_domain td;
+ struct trustDomainPasswords auth_struct;
+- enum ndr_err_code ndr_err;
+ DATA_BLOB auth_blob;
+
+ if (!IS_DC) {
+@@ -1738,27 +1774,18 @@ NTSTATUS _lsa_CreateTrustedDomainEx2(str
+ auth_blob.length = r->in.auth_info_internal->auth_blob.size;
+ auth_blob.data = r->in.auth_info_internal->auth_blob.data;
+
+- arcfour_crypt_blob(auth_blob.data, auth_blob.length,
+- &p->session_info->session_key);
+-
+- ndr_err = ndr_pull_struct_blob(&auth_blob, p->mem_ctx,
+- &auth_struct,
+- (ndr_pull_flags_fn_t) ndr_pull_trustDomainPasswords);
+- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
++ status = get_trustdom_auth_blob(p, p->mem_ctx, &auth_blob, &auth_struct);
++ if (!NT_STATUS_IS_OK(status)) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+- ndr_err = ndr_push_struct_blob(&td.trust_auth_incoming, p->mem_ctx,
+- &auth_struct.incoming,
+- (ndr_push_flags_fn_t) ndr_push_trustAuthInOutBlob);
+- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
++ status = get_trustauth_inout_blob(p->mem_ctx, &auth_struct.incoming, &td.trust_auth_incoming);
++ if (!NT_STATUS_IS_OK(status)) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+- ndr_err = ndr_push_struct_blob(&td.trust_auth_outgoing, p->mem_ctx,
+- &auth_struct.outgoing,
+- (ndr_push_flags_fn_t) ndr_push_trustAuthInOutBlob);
+- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
++ status = get_trustauth_inout_blob(p->mem_ctx, &auth_struct.outgoing, &td.trust_auth_outgoing);
++ if (!NT_STATUS_IS_OK(status)) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ } else {
+@@ -2244,6 +2271,7 @@ NTSTATUS _lsa_SetSecret(struct pipes_str
+ DATA_BLOB cleartext_blob_old = data_blob_null;
+ DATA_BLOB *cleartext_blob_new_p = NULL;
+ DATA_BLOB *cleartext_blob_old_p = NULL;
++ DATA_BLOB session_key;
+
+ if (!find_policy_by_hnd(p, r->in.sec_handle, (void **)(void *)&info)) {
+ return NT_STATUS_INVALID_HANDLE;
+@@ -2257,12 +2285,17 @@ NTSTATUS _lsa_SetSecret(struct pipes_str
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
++ status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES);
++ if(!NT_STATUS_IS_OK(status)) {
++ return status;
++ }
++
+ if (r->in.new_val) {
+ blob_new = data_blob_const(r->in.new_val->data,
+ r->in.new_val->length);
+
+ status = sess_decrypt_blob(p->mem_ctx, &blob_new,
+- &p->session_info->session_key,
++ &session_key,
+ &cleartext_blob_new);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+@@ -2276,7 +2309,7 @@ NTSTATUS _lsa_SetSecret(struct pipes_str
+ r->in.old_val->length);
+
+ status = sess_decrypt_blob(p->mem_ctx, &blob_old,
+- &p->session_info->session_key,
++ &session_key,
+ &cleartext_blob_old);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+@@ -2310,6 +2343,7 @@ NTSTATUS _lsa_QuerySecret(struct pipes_s
+ struct lsa_info *info = NULL;
+ DATA_BLOB blob_new, blob_old;
+ DATA_BLOB blob_new_crypt, blob_old_crypt;
++ DATA_BLOB session_key;
+ NTTIME nttime_new, nttime_old;
+ NTSTATUS status;
+
+@@ -2333,6 +2367,11 @@ NTSTATUS _lsa_QuerySecret(struct pipes_s
+ return status;
+ }
+
++ status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES);
++ if(!NT_STATUS_IS_OK(status)) {
++ return status;
++ }
++
+ if (r->in.new_val) {
+ if (blob_new.length) {
+ if (!r->out.new_val->buf) {
+@@ -2343,7 +2382,7 @@ NTSTATUS _lsa_QuerySecret(struct pipes_s
+ }
+
+ blob_new_crypt = sess_encrypt_blob(p->mem_ctx, &blob_new,
+- &p->session_info->session_key);
++ &session_key);
+ if (!blob_new_crypt.length) {
+ return NT_STATUS_NO_MEMORY;
+ }
+@@ -2364,7 +2403,7 @@ NTSTATUS _lsa_QuerySecret(struct pipes_s
+ }
+
+ blob_old_crypt = sess_encrypt_blob(p->mem_ctx, &blob_old,
+- &p->session_info->session_key);
++ &session_key);
+ if (!blob_old_crypt.length) {
+ return NT_STATUS_NO_MEMORY;
+ }
+@@ -3467,40 +3506,6 @@ static NTSTATUS info_ex_2_pdb_trusted_do
+
+ return NT_STATUS_OK;
+ }
+-
+-static NTSTATUS get_trustdom_auth_blob(struct pipes_struct *p,
+- TALLOC_CTX *mem_ctx, DATA_BLOB *auth_blob,
+- struct trustDomainPasswords *auth_struct)
+-{
+- enum ndr_err_code ndr_err;
+-
+- arcfour_crypt_blob(auth_blob->data, auth_blob->length,
+- &p->session_info->session_key);
+- ndr_err = ndr_pull_struct_blob(auth_blob, mem_ctx,
+- auth_struct,
+- (ndr_pull_flags_fn_t)ndr_pull_trustDomainPasswords);
+- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+- return NT_STATUS_INVALID_PARAMETER;
+- }
+-
+- return NT_STATUS_OK;
+-}
+-
+-static NTSTATUS get_trustauth_inout_blob(TALLOC_CTX *mem_ctx,
+- struct trustAuthInOutBlob *iopw,
+- DATA_BLOB *trustauth_blob)
+-{
+- enum ndr_err_code ndr_err;
+-
+- ndr_err = ndr_push_struct_blob(trustauth_blob, mem_ctx,
+- iopw,
+- (ndr_push_flags_fn_t)ndr_push_trustAuthInOutBlob);
+- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+- return NT_STATUS_INVALID_PARAMETER;
+- }
+-
+- return NT_STATUS_OK;
+-}
+
+ static NTSTATUS setInfoTrustedDomain_base(struct pipes_struct *p,
+ TALLOC_CTX *mem_ctx,
+Index: samba-4.0.0alpha18/source3/rpc_server/samr/srv_samr_nt.c
+===================================================================
+--- samba-4.0.0alpha18.orig/source3/rpc_server/samr/srv_samr_nt.c
++++ samba-4.0.0alpha18/source3/rpc_server/samr/srv_samr_nt.c
+@@ -5036,6 +5036,7 @@ NTSTATUS _samr_SetUserInfo(struct pipes_
+ uint32_t fields = 0;
+ bool ret;
+ char *rhost;
++ DATA_BLOB session_key;
+
+ DEBUG(5,("_samr_SetUserInfo: %d\n", __LINE__));
+
+@@ -5193,10 +5194,14 @@ NTSTATUS _samr_SetUserInfo(struct pipes_
+ break;
+
+ case 18:
++ status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES);
++ if(!NT_STATUS_IS_OK(status)) {
++ return status;
++ }
+ /* Used by AS/U JRA. */
+ status = set_user_info_18(&info->info18,
+ p->mem_ctx,
+- &p->session_info->session_key,
++ &session_key,
+ pwd);
+ break;
+
+@@ -5206,18 +5211,20 @@ NTSTATUS _samr_SetUserInfo(struct pipes_
+ break;
+
+ case 21:
++ status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES);
++ if(!NT_STATUS_IS_OK(status)) {
++ return status;
++ }
+ status = set_user_info_21(&info->info21,
+ p->mem_ctx,
+- &p->session_info->session_key,
++ &session_key,
+ pwd);
+ break;
+
+ case 23:
+- if (!p->session_info->session_key.length) {
+- status = NT_STATUS_NO_USER_SESSION_KEY;
+- }
++ status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES);
+ arcfour_crypt_blob(info->info23.password.data, 516,
+- &p->session_info->session_key);
++ &session_key);
+
+ dump_data(100, info->info23.password.data, 516);
+
+@@ -5228,12 +5235,10 @@ NTSTATUS _samr_SetUserInfo(struct pipes_
+ break;
+
+ case 24:
+- if (!p->session_info->session_key.length) {
+- status = NT_STATUS_NO_USER_SESSION_KEY;
+- }
++ status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES);
+ arcfour_crypt_blob(info->info24.password.data,
+ 516,
+- &p->session_info->session_key);
++ &session_key);
+
+ dump_data(100, info->info24.password.data, 516);
+
+@@ -5243,12 +5248,10 @@ NTSTATUS _samr_SetUserInfo(struct pipes_
+ break;
+
+ case 25:
+- if (!p->session_info->session_key.length) {
+- status = NT_STATUS_NO_USER_SESSION_KEY;
+- }
++ status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES);
+ encode_or_decode_arc4_passwd_buffer(
+ info->info25.password.data,
+- &p->session_info->session_key);
++ &session_key);
+
+ dump_data(100, info->info25.password.data, 532);
+
+@@ -5258,12 +5261,10 @@ NTSTATUS _samr_SetUserInfo(struct pipes_
+ break;
+
+ case 26:
+- if (!p->session_info->session_key.length) {
+- status = NT_STATUS_NO_USER_SESSION_KEY;
+- }
++ status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES);
+ encode_or_decode_arc4_passwd_buffer(
+ info->info26.password.data,
+- &p->session_info->session_key);
++ &session_key);
+
+ dump_data(100, info->info26.password.data, 516);
+
diff --git a/samba4-waf_target.patch b/samba4-waf_target.patch
new file mode 100644
index 0000000..b9d076c
--- /dev/null
+++ b/samba4-waf_target.patch
@@ -0,0 +1,29 @@
+commit b6880efe1ad8fbc3fe24919ae84edf46d31bd984
+Author: Andreas Schneider <asn at samba.org>
+AuthorDate: Thu Mar 15 17:04:00 2012 +0100
+Commit: Andreas Schneider <asn at samba.org>
+CommitDate: Thu Mar 15 17:08:58 2012 +0100
+
+ waf: Add autoconf --target support.
+
+ This is needed on some platforms so that you can set it and it is not
+ automagically transformed into --targets. The --target option is
+ normally set by the RPM %configure macro.
+---
+ buildtools/wafsamba/wscript | 3 +++
+ 1 file changed, 3 insertions(+)
+
+Index: samba-4.0.0alpha18/buildtools/wafsamba/wscript
+===================================================================
+--- samba-4.0.0alpha18.orig/buildtools/wafsamba/wscript
++++ samba-4.0.0alpha18/buildtools/wafsamba/wscript
+@@ -156,6 +156,9 @@ def set_options(opt):
+ opt.add_option('--host',
+ help=SUPPRESS_HELP,
+ action='store', dest='AUTOCONF_HOST', default='')
++ opt.add_option('--target',
++ help=SUPPRESS_HELP,
++ action='store', dest='AUTOCONF_TARGET', default='')
+ opt.add_option('--program-prefix',
+ help=SUPPRESS_HELP,
+ action='store', dest='AUTOCONF_PROGRAM_PREFIX', default='')
diff --git a/samba4.spec b/samba4.spec
index 312e233..23620a7 100644
--- a/samba4.spec
+++ b/samba4.spec
@@ -1,141 +1,194 @@
-%define main_release 38
-%define samba4_version 4.0.0
+%define main_release 39
-%define talloc_version 2.0.5
+%define samba_version 4.0.0
+%define talloc_version 2.0.7
%define tdb_version 1.2.9
-%define tevent_version 0.9.11
-%define ldb_version 1.0.2
+%define tevent_version 0.9.15
+%define ldb_version 1.1.4
+%define pre_release alpha18
-%define pre_release alpha16
+%define samba_release %{main_release}%{pre_release}%{?dist}
-%define tarball_name samba-%{samba4_version}%{pre_release}
+%define with_pam_smbpass 0
+%define with_talloc 1
+%define with_tevent 1
+%define with_tdb 1
+%define with_ldb 1
-%define samba4_release %{main_release}.%{pre_release}
+%define with_usrmove 0
-# Most of these subpackages are disabled because they are not
-# needed by OpenChange, and to avoid file conflicts with Samba3.
-%define enable_samba4 0
-%define enable_client 0
-%define enable_common 0
-%define enable_python 0
-%define enable_winbind 0
+%if 0%{?fedora} > 15 || 0%{?rhel} > 6
+%define with_talloc 0
+%define with_tevent 0
+%define with_tdb 0
+%define with_ldb 0
+%endif
+
+%if 0%{?fedora} > 16
+%define with_usrmove 1
+%endif
+
+%if %with_usrmove
+%define smb_lib %{_libdir}
+%else
+%define smb_lib %{_lib}
+%endif
%{!?python_libdir: %define python_libdir %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1,1)")}
%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
-# Licensing Note: Some of the libraries are GPLv3+, others are LGPLv3+.
-# The rest of the code is GPLv3+. Library licensing is still volatile,
-# and subject to change.
+Name: samba4
+Version: %{samba_version}
+Release: %{samba_release}
+Epoch: 1
-Name: samba4
-Version: %{samba4_version}
-Release: %{samba4_release}%{?dist}
-Group: System Environment/Daemons
-Summary: The Samba4 CIFS and AD client and server suite
-License: GPLv3+ and LGPLv3+
-URL: http://www.samba.org/
-Source: http://download.samba.org/samba/ftp/samba4/%{tarball_name}.tar.gz
-BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
+%if 0%{?epoch} > 0
+%define samba_depver %{epoch}:%{version}-%{release}
+%else
+%define samba_depver %{version}-%{release}
+%endif
+
+Summary: Server and Client software to interoperate with Windows machines
+License: GPLv3+ and LGPLv3+
+Group: System Environment/Daemons
+URL: http://www.samba.org/
+
+Source0: samba-%{version}%{pre_release}.tar.bz2
# Red Hat specific replacement-files
-%if %enable_samba4
-Source1: %{name}.log
-Source4: %{name}.sysconfig
-Source5: %{name}.init
-%endif
+Source1: samba.log
+Source2: samba.xinetd
+Source3: swat.desktop
+Source4: smb.conf.default
+Source5: pam_winbind.conf
+Source6: samba.pamd
+Source7: samba.conf.tmp
-Patch01: samba-4.0.0alpha16.buildfix.patch
+Source100: nmb.init
+Source101: smb.init
+Source102: winbind.init
-Patch02: samba-4.0.0alpha16-another-buildfix.patch
+Patch1: samba4-libpdb-soversion.patch
+Patch2: samba4-samr-lsa-session_key.patch
+Patch3: samba4-waf_target.patch
+Patch4: samba4-external_ldap_callback.patch
-Requires(pre): /usr/sbin/groupadd
+BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
-%if %enable_samba4
+Requires(pre): /usr/sbin/groupadd
+%if 0%{?fedora} > 15 || 0%{?rhel} > 6
+Requires(post): /bin/systemctl
+Requires(preun): /bin/systemctl
+%else
Requires(post): /sbin/chkconfig, /sbin/service
Requires(preun): /sbin/chkconfig, /sbin/service
%endif
-%if %enable_common
-Requires(pre): %{name}-common = %{version}-%{release}
-%endif
-
+Requires(pre): %{name}-common = %{samba_depver}
Requires: logrotate
Requires: pam
Requires: perl(Parse::Yapp)
+Conflicts: samba < %{samba_depver}
+Provides: samba = %{samba_depver}
+
+BuildRequires: autoconf
+BuildRequires: ctdb-devel
+BuildRequires: cups-devel
+BuildRequires: docbook-style-xsl
BuildRequires: e2fsprogs-devel
+BuildRequires: gawk
+BuildRequires: krb5-devel
BuildRequires: libacl-devel
BuildRequires: libaio-devel
BuildRequires: libattr-devel
+BuildRequires: libcap-devel
+BuildRequires: libuuid-devel
+BuildRequires: libxslt
BuildRequires: ncurses-devel
+BuildRequires: openldap-devel
BuildRequires: pam-devel
BuildRequires: perl(ExtUtils::MakeMaker)
BuildRequires: perl(Parse::Yapp)
BuildRequires: popt-devel
BuildRequires: python-devel
+BuildRequires: quota-devel
BuildRequires: readline-devel
BuildRequires: sed
-BuildRequires: autoconf
-BuildRequires: openldap-devel
-BuildRequires: libxslt
-BuildRequires: docbook-style-xsl
-BuildRequires: pytalloc-devel
+BuildRequires: zlib-devel >= 1.2.3
+BuildRequires: libbsd-devel
-BuildRequires: libtalloc-devel >= %{talloc_version}
-BuildRequires: pytalloc >= %{talloc_version}
-BuildRequires: libtdb-devel >= %{tdb_version}
-BuildRequires: libtevent-devel >= %{tevent_version}
-BuildRequires: libldb-devel >= %{ldb_version}
-BuildRequires: pyldb-devel >= %{ldb_version}
+%if ! %with_talloc
+%define libtalloc_version 2.0.6
-BuildRequires: zlib-devel >= 1.2.3
+BuildRequires: libtalloc-devel >= %{libtalloc_version}
+BuildRequires: pytalloc-devel >= %{libtalloc_version}
+%endif
-%description
+%if ! %with_tevent
+%define libtevent_version 0.9.13
+
+BuildRequires: libtevent-devel >= %{libtevent_version}
+%endif
+
+%if ! %with_ldb
+%define libldb_version 1.1.0
+
+BuildRequires: libldb-devel >= %{libldb_version}
+BuildRequires: pyldb-devel >= %{libldb_version}
+%endif
+
+%if ! %with_tdb
+%define libtdb_version 1.2.9
+
+BuildRequires: libtdb-devel >= %{libtdb_version}
+%endif
-Samba 4 is the ambitious next version of the Samba suite that is being
-developed in parallel to the stable 3.0 series. The main emphasis in
-this branch is support for the Active Directory logon protocols used
-by Windows 2000 and above.
+%description
+Samba is the standard Windows interoperability suite of programs for Linux and Unix.
-%if %enable_client
%package client
Summary: Samba client programs
Group: Applications/System
-Requires: %{name}-common = %{version}-%{release}
-Requires: %{name}-libs = %{version}-%{release}
+Requires: %{name}-common = %{samba_depver}
+Requires: %{name}-libs = %{samba_depver}
+
+Conflicts: samba-client < 1:3.9.9
+Provides: samba-client = %{samba_depver}
%description client
-The %{name}-client package provides some SMB/CIFS clients to complement
+The samba4-client package provides some SMB/CIFS clients to complement
the built-in SMB/CIFS filesystem in Linux. These clients allow access
of SMB/CIFS shares and printing to SMB/CIFS printers.
-%endif
%package libs
Summary: Samba libraries
Group: Applications/System
+Requires: libwbclient
%description libs
-The %{name}-libs package contains the libraries needed by programs that
+The samba4-libs package contains the libraries needed by programs that
link against the SMB, RPC and other protocols provided by the Samba suite.
-%if %enable_python
%package python
Summary: Samba Python libraries
Group: Applications/System
-Requires: %{name}-libs = %{version}-%{release}
+Requires: %{name}-libs = %{samba_depver}
%description python
-The %{name}-python package contains the Python libraries needed by programs
+The samba4-python package contains the Python libraries needed by programs
that use SMB, RPC and other Samba provided protocols in Python programs.
-%endif
%package devel
Summary: Developer tools for Samba libraries
Group: Development/Libraries
-Requires: %{name}-libs = %{version}-%{release}
+Requires: %{name}-libs = %{samba_depver}
+
+Conflicts: samba-devel < 1:3.9.9
+Provides: samba-devel = %{samba_depver}
%description devel
-The %{name}-devel package contains the header files for the libraries
+The samba4-devel package contains the header files for the libraries
needed to develop programs that link against the SMB, RPC and other
libraries in the Samba suite.
@@ -145,599 +198,767 @@ Group: Development/Tools
Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
%description pidl
-The %{name}-pidl package contains the Perl IDL compiler used by Samba
+The samba4-pidl package contains the Perl IDL compiler used by Samba
and Wireshark to parse IDL and similar protocols
-%if %enable_common
%package common
Summary: Files used by both Samba servers and clients
Group: Applications/System
-Requires: %{name}-libs = %{version}-%{release}
+Requires: %{name}-libs = %{samba_depver}
+
+Conflicts: samba-common < 1:3.9.9
+Provides: samba-common = %{samba_depver}
%description common
-%{Name}-common provides files necessary for both the server and client
+samba4-common provides files necessary for both the server and client
+packages of Samba.
+
+%package test
+Summary: Testing tools for Samba servers and clients
+Group: Applications/System
+
+%description test
+samba4-test provides testing tools for both the server and client
packages of Samba.
-%endif
-%if %enable_winbind
%package winbind
Summary: Samba winbind
Group: Applications/System
-Requires: %{name} = %{version}-%{release}
+Requires: %{name} = %{samba_depver}
+
+Conflicts: samba-winbind < 1:3.9.9
+Provides: samba-winbind = %{samba_depver}
%description winbind
The samba-winbind package provides the winbind NSS library, and some
client tools. Winbind enables Linux to be a full member in Windows
domains and to use Windows user and group accounts on Linux.
-%endif
+
+%package winbind-krb5-locator
+Summary: Samba winbind krb5 locator
+Requires: %{name}-winbind-clients = %{samba_depver}
+Group: Applications/System
+
+Conflicts: samba-winbind-krb5-locator < %{samba_depver}
+Provides: samba-winbind-krb5-locator = %{samba_depver}
+
+%description winbind-krb5-locator
+The winbind krb5 locator is a plugin for the system kerberos library to allow
+the local kerberos library to use the same KDC as samba and winbind use
+
+%package winbind-clients
+Summary: Samba winbind clients
+Group: Applications/System
+Requires: libwbclient
+
+Conflicts: samba-winbind-clients < %{samba_depver}
+
+%description winbind-clients
+The samba-winbind-clients package provides the NSS library and a PAM
+module necessary to communicate to the Winbind Daemon
+
+
+%package swat
+Summary: The Samba SMB server Web configuration program
+Group: Applications/System
+Requires: %{name} = %{samba_depver}, xinetd
+
+%description swat
+The samba-swat package includes the new SWAT (Samba Web Administration
+Tool), for remotely managing Samba's smb.conf file using your favorite
+Web browser.
+
+%package -n libsmbclient4
+Summary: The SMB client library
+Group: Applications/System
+Requires: %{name}-common = %{samba_depver}
+
+Conflicts: libsmbclient < 1:3.9.9
+Provides: libsmbclient = %{samba_depver}
+
+%description -n libsmbclient4
+The libsmbclient4 contains the SMB client library from the Samba suite.
+
+%package -n libsmbclient4-devel
+Summary: Developer tools for the SMB client library
+Group: Development/Libraries
+Requires: libsmbclient4 = %{samba_depver}
+
+Conflicts: libsmbclient-devel < 1:3.9.9
+Provides: libsmbclient-devel = %{samba_depver}
+
+%description -n libsmbclient4-devel
+The libsmbclient4-devel package contains the header files and libraries needed to
+develop programs that link against the SMB client library in the Samba suite.
+
+%package -n libwbclient
+Summary: The winbind client library
+Group: Applications/System
+
+%description -n libwbclient
+The libwbclient package contains the winbind client library from the Samba suite.
+
+%package -n libwbclient-devel
+Summary: Developer tools for the winbind library
+Group: Development/Libraries
+Requires: libwbclient = %{samba_depver}
+
+%description -n libwbclient-devel
+The libwbclient-devel package provides developer tools for the wbclient library.
+
+%package dc
+Summary: Samba AD Domain Controller
+Group: Applications/System
+Requires: samba4-dc-libs = %{samba_depver}
+
+%description dc
+The samba-dc package provides AD Domain Controller functionality
+
+%package dc-libs
+Summary: Samba AD Domain Controller Libraries
+Group: Applications/System
+Requires: samba4-libs = %{samba_depver}
+Requires: samba4-common = %{samba_depver}
+
+%description dc-libs
+The samba4-dc-libs package contains the libraries needed by the DC to
+link against the SMB, RPC and other protocols.
%prep
-%setup -q -n %{tarball_name}
+%setup -q -n samba-%{version}%{pre_release}
-# copy Red Hat specific scripts
-%patch01 -p1 -b .buildfix
-%patch02 -p1 -b .another-buildfix
+%patch1 -p1 -b .waf_tdb
+%patch2 -p1 -b .session_key
+%patch3 -p1 -b .waf_target
+%patch4 -p1 -b .external_callback
%build
+%define _talloc_lib %nil
+%define _tevent_lib %nil
+%define _tdb_lib %nil
+%define _ldb_lib %nil
+
+%if ! %with_talloc
+%define _talloc_lib ,!talloc
+%endif
+
+%if ! %with_tevent
+%define _tevent_lib ,!tevent
+%endif
+
+%if ! %with_tdb
+%define _tdb_lib ,!tdb
+%endif
+
+%if ! %with_ldb
+%define _ldb_lib ,!ldb
+%endif
+
+%define _samba4_libraries heimdal,!zlib,!popt%{_talloc_lib}%{_tevent_lib}%{_tdb_lib}%{_ldb_lib}
+
+%define _samba4_idmap_modules idmap_ad,idmap_rid,idmap_adex,idmap_hash,idmap_tdb2
+%define _samba4_pdb_modules pdb_tdbsam,pdb_ldap,pdb_ads,pdb_smbpasswd,pdb_wbc_sam,pdb_samba4
+%define _samba4_auth_modules auth_sam,auth_unix,auth_winbind,auth_wbc,auth_server,auth_builtin,auth_netlogond,auth_script,auth_samba4
+# auth_domain needs to be static
+
+%define _samba4_modules %{_samba4_idmap_modules},%{_samba4_pdb_modules},%{_samba4_auth_modules}
+
%configure \
+ --enable-fhs \
+ --with-piddir=/run \
+ --with-sockets-dir=/run/samba \
--with-modulesdir=%{_libdir}/samba \
- --with-lockdir=/var/lib/%{name} \
- --with-piddir=/var/run \
- --with-privatedir=/var/lib/%{name}/private \
- --with-sockets-dir=/var/run \
- --sysconfdir=%{_sysconfdir}/%{name} \
- --datadir=%{_datadir}/samba \
- --disable-gnutls \
- --disable-rpath-install \
- --builtin-libraries=ccan,wbclient \
- --bundled-libraries=heimdal,!talloc,!tdb,!tevent,!ldb,!zlib
+ --with-pammodulesdir=/%{smb_lib}/security \
+ --with-lockdir=/var/lib/samba \
+ --disable-tdb2 \
+ --disable-gnutls \
+ --disable-rpath-install \
+ --with-shared-modules=%{_samba4_modules} \
+ --builtin-libraries=ccan \
+ --bundled-libraries=%{_samba4_libraries} \
+%if ! %with_pam_smbpass
+ --without-pam_smbpass
+%endif
+
+export WAFCACHE=/tmp/wafcache
+mkdir -p $WAFCACHE
+make %{?_smp_mflags}
# Build PIDL for installation into vendor directories before
# 'make proto' gets to it.
(cd pidl && %{__perl} Makefile.PL INSTALLDIRS=vendor )
-# Builds using PIDL the IDL and many other things.
-#make proto
-#make everything
-make -j
-
%install
-rm -rf $RPM_BUILD_ROOT
-
-# Don't call 'make install' as we want to call out to the PIDL
-# install manually.
-make install DESTDIR=$RPM_BUILD_ROOT
+rm -rf %{buildroot}
+make install DESTDIR=%{buildroot}
+
+install -d -m 0755 %{buildroot}/usr/{sbin,bin}
+install -d -m 0755 %{buildroot}/%{_sysconfdir}/{pam.d,logrotate.d,security}
+install -d -m 0755 %{buildroot}/%{smb_lib}/security
+install -d -m 0755 %{buildroot}/var/lib/samba
+install -d -m 0755 %{buildroot}/var/lib/samba/private
+install -d -m 0755 %{buildroot}/var/lib/samba/winbindd_privileged
+install -d -m 0755 %{buildroot}/var/lib/samba/scripts
+install -d -m 0755 %{buildroot}/var/lib/samba/sysvol
+install -d -m 0755 %{buildroot}/var/log/samba/old
+install -d -m 0755 %{buildroot}/var/spool/samba
+install -d -m 0755 %{buildroot}/%{_datadir}/swat/using_samba
+install -d -m 0755 %{buildroot}/var/run/winbindd
+install -d -m 0755 %{buildroot}/%{_libdir}/samba
+install -d -m 0755 %{buildroot}/%{_libdir}/pkgconfig
# Undo the PIDL install, we want to try again with the right options.
-rm -rf $RPM_BUILD_ROOT%{_libdir}/perl5
-rm -rf $RPM_BUILD_ROOT%{_datadir}/perl5
+rm -rf %{buildroot}/%{_libdir}/perl5
+rm -rf %{buildroot}/%{_datadir}/perl5
# Install PIDL.
-( cd pidl && make install PERL_INSTALL_ROOT=$RPM_BUILD_ROOT )
+( cd pidl && make install PERL_INSTALL_ROOT=%{buildroot} )
+
+# winbind
+%if ! %with_usrmove
+install -d -m 0755 %{buildroot}%{_libdir}
+install -d -m 0755 %{buildroot}/%{smb_lib}
+mv -f %{buildroot}/%{_libdir}/libnss_winbind.so.2 %{buildroot}/%{smb_lib}/libnss_winbind.so.2
+chmod 0755 %{buildroot}/%{smb_lib}/libnss_winbind.so.2
+mv -f %{buildroot}/%{_libdir}/libnss_wins.so.2 %{buildroot}/%{smb_lib}/libnss_wins.so.2
+chmod 0755 %{buildroot}/%{smb_lib}/libnss_wins.so.2
+%endif
+ln -sf /%{smb_lib}/libnss_winbind.so.2 %{buildroot}%{_libdir}/libnss_winbind.so
+ln -sf /%{smb_lib}/libnss_wins.so.2 %{buildroot}%{_libdir}/libnss_wins.so
-# Clean out crap left behind by the PIDL install.
-find $RPM_BUILD_ROOT -type f -name .packlist -exec rm -f {} \;
-find $RPM_BUILD_ROOT -depth -type d -exec rmdir {} 2>/dev/null \;
-
-%if %enable_samba4
-mkdir -p $RPM_BUILD_ROOT%{_initrddir}
-mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d
-mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
-%endif
-
-mkdir -p $RPM_BUILD_ROOT/var/run/winbindd
-mkdir -p $RPM_BUILD_ROOT/var/run/ntp_signd
-mkdir -p $RPM_BUILD_ROOT/var/lib/%{name}/winbindd_privileged
-mkdir -p $RPM_BUILD_ROOT/var/log/%{name}/
-mkdir -p $RPM_BUILD_ROOT/var/log/%{name}/old
-
-mkdir -p $RPM_BUILD_ROOT/var/lib/%{name}
-mkdir -p $RPM_BUILD_ROOT/var/lib/%{name}/private
-mkdir -p $RPM_BUILD_ROOT/var/lib/%{name}/sysvol
-
-mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/%{name}
-
-%if %enable_samba4
-# Install other stuff.
-install -m755 %{SOURCE5} $RPM_BUILD_ROOT%{_initrddir}/%{name}
-install -m644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/%{name}
-install -m644 %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/%{name}
-%endif
-
-%if ! %enable_winbind
-rm $RPM_BUILD_ROOT%{_bindir}/ntlm_auth
-rm $RPM_BUILD_ROOT%{_bindir}/wbinfo
-rm $RPM_BUILD_ROOT%{_libdir}/libnss_winbind.so.2
-rm $RPM_BUILD_ROOT%{_libdir}/pam_winbind.so
-#rm $RPM_BUILD_ROOT%{_libdir}/libwbclient.so
-#rm $RPM_BUILD_ROOT%{_libdir}/libwbclient.so.*
-rm $RPM_BUILD_ROOT%{_mandir}/man1/ntlm_auth.*
-rm $RPM_BUILD_ROOT%{_includedir}/samba-4.0/wbclient.h
-%endif
-
-# Clean out some stuff we don't want in the Fedora package.
-rm $RPM_BUILD_ROOT%{_bindir}/gentest
-rm $RPM_BUILD_ROOT%{_mandir}/man1/gentest.*
-rm $RPM_BUILD_ROOT%{_bindir}/locktest
-rm $RPM_BUILD_ROOT%{_mandir}/man1/locktest.*
-rm $RPM_BUILD_ROOT%{_bindir}/masktest
-rm $RPM_BUILD_ROOT%{_mandir}/man1/masktest.*
-rm $RPM_BUILD_ROOT%{_bindir}/ndrdump
-rm $RPM_BUILD_ROOT%{_mandir}/man1/ndrdump.*
-rm $RPM_BUILD_ROOT%{_bindir}/nsstest
-rm $RPM_BUILD_ROOT%{_bindir}/smbtorture
-rm $RPM_BUILD_ROOT%{_mandir}/man1/smbtorture.*
-#depending on the environemnt this file might or might not be generated
-rm -f $RPM_BUILD_ROOT%{_bindir}/tdbtorture
-
-# Avoids a file conflict with perl-Parse-Yapp.
-rm -rf $RPM_BUILD_ROOT%{perl_vendorlib}/Parse/Yapp
-
-# Remove files for disabled subpackages.
-%if ! %enable_samba4
-rm $RPM_BUILD_ROOT%{_sbindir}/provision
-rm $RPM_BUILD_ROOT%{_sbindir}/samba
-rm $RPM_BUILD_ROOT%{_sbindir}/upgradeprovision
-rm $RPM_BUILD_ROOT%{_sbindir}/samba_dnsupdate
-rm $RPM_BUILD_ROOT%{_sbindir}/samba_spnupdate
-rm $RPM_BUILD_ROOT%{_bindir}/samba-tool
-rm $RPM_BUILD_ROOT%{_libdir}/mit_samba.so
-rm $RPM_BUILD_ROOT%{_mandir}/man8/samba.*
-rm -rf $RPM_BUILD_ROOT%{_datadir}/samba/setup
-rm -rf $RPM_BUILD_ROOT%{_datadir}/samba/swat
-%endif
-%if ! %enable_client
-rm $RPM_BUILD_ROOT%{_bindir}/nmblookup
-rm $RPM_BUILD_ROOT%{_bindir}/smbclient
-rm $RPM_BUILD_ROOT%{_bindir}/cifsdd
-rm $RPM_BUILD_ROOT%{_mandir}/man1/nmblookup.*
-%endif
-%if ! %enable_common
-rm $RPM_BUILD_ROOT%{_bindir}/regdiff
-rm $RPM_BUILD_ROOT%{_bindir}/regpatch
-rm $RPM_BUILD_ROOT%{_bindir}/regshell
-rm $RPM_BUILD_ROOT%{_bindir}/regtree
-rm $RPM_BUILD_ROOT%{_bindir}/testparm
-rm $RPM_BUILD_ROOT%{_mandir}/man1/regdiff.*
-rm $RPM_BUILD_ROOT%{_mandir}/man1/regpatch.*
-rm $RPM_BUILD_ROOT%{_mandir}/man1/regshell.*
-rm $RPM_BUILD_ROOT%{_mandir}/man1/regtree.*
-%endif
-
-# the samba4 build process rebuilds libraries internally,
-# but we want to use the standalone build for now.
-#rm $RPM_BUILD_ROOT%{_libdir}/libldb.so*
-#rm $RPM_BUILD_ROOT%{_bindir}/ad2oLschema
-#rm $RPM_BUILD_ROOT%{_bindir}/ldbadd
-#rm $RPM_BUILD_ROOT%{_bindir}/ldbdel
-#rm $RPM_BUILD_ROOT%{_bindir}/ldbedit
-#rm $RPM_BUILD_ROOT%{_bindir}/ldbmodify
-#rm $RPM_BUILD_ROOT%{_bindir}/ldbrename
-#rm $RPM_BUILD_ROOT%{_bindir}/ldbsearch
-rm $RPM_BUILD_ROOT%{_bindir}/oLschema2ldif
-#rm -f $RPM_BUILD_ROOT%{_bindir}/tdbbackup
-#rm -f $RPM_BUILD_ROOT%{_bindir}/tdbdump
-#rm -f $RPM_BUILD_ROOT%{_bindir}/tdbtool
-
-
-#rm -f $RPM_BUILD_ROOT%{_libdir}/lib*.a
-
-%if ! %enable_python
-rm -r $RPM_BUILD_ROOT%{python_sitearch}/*
-%endif
-
-# These may be created in non mock systems, but we do not want to package them
-# for now
-#rm $RPM_BUILD_ROOT%{_mandir}/man1/ad2oLschema.1
-rm $RPM_BUILD_ROOT%{_mandir}/man1/oLschema2ldif.1
-#rm $RPM_BUILD_ROOT/usr/share/swig/*/talloc.i
-
-rm $RPM_BUILD_ROOT%{_libdir}/pam_smbpass.so
-
-# Remove Files conflicting with regular samba 3.x packages
-rm $RPM_BUILD_ROOT%{_libdir}/samba/CHARSET/charset_CP437.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/CHARSET/charset_CP850.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/auth/script.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/idmap/autorid.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/ldb/dirsync.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libCHARSET3.so
-#rm $RPM_BUILD_ROOT%{_libdir}/samba/libLIBCLI_CLDAP.so
-#rm $RPM_BUILD_ROOT%{_libdir}/samba/libLIBCLI_LSA3.so
-#rm $RPM_BUILD_ROOT%{_libdir}/samba/libLIBCLI_RAW.so
-#rm $RPM_BUILD_ROOT%{_libdir}/samba/libLIBCLI_SMB_COMMON.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libLIBSMB.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libPOPT_SAMBA3.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libUTIL_CMDLINE.so
-#rm $RPM_BUILD_ROOT%{_libdir}/samba/libUTIL_TDB.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libaddns.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libads.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libadt_tree.so
-#rm $RPM_BUILD_ROOT%{_libdir}/samba/libasn1util.so
-#rm $RPM_BUILD_ROOT%{_libdir}/samba/libauth_sam_reply.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libbitmap.so
-#rm $RPM_BUILD_ROOT%{_libdir}/samba/libccan.so.0
-#rm $RPM_BUILD_ROOT%{_libdir}/samba/libccan.so.0.1-init-1161-g661d41f
-#rm $RPM_BUILD_ROOT%{_libdir}/samba/libcli-ldap-common.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libdbwrap_util.so
-#rm $RPM_BUILD_ROOT%{_libdir}/samba/libinterfaces.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libmemcache.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libmsrpc3.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libnamearray.so
-#rm $RPM_BUILD_ROOT%{_libdir}/samba/libnpa_tstream.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libpassdb.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libsmbd_base.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libsmbd_conn.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libsmbd_shim.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libsmbregistry.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libstring_init.so
-#rm $RPM_BUILD_ROOT%{_libdir}/samba/libtdb_compat.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libutil_malloc.so
-#rm $RPM_BUILD_ROOT%{_libdir}/samba/libutil_reg.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libutil_sec.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/libutil_str.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/acl_tdb.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/acl_xattr.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/aio_fork.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/audit.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/cap.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/catia.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/crossrename.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/default_quota.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/dirsort.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/expand_msdfs.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/extd_audit.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/fake_perms.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/fileid.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/full_audit.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/linux_xfs_sgid.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/netatalk.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/preopen.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/readahead.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/readonly.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/recycle.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/scannedonly.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/shadow_copy.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/shadow_copy2.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/smb_traffic_analyzer.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/streams_depot.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/streams_xattr.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/syncops.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/time_audit.so
-rm $RPM_BUILD_ROOT%{_libdir}/samba/vfs/xattr_tdb.so
-rm $RPM_BUILD_ROOT%{_libdir}/winbind_krb5_locator.so
-rm $RPM_BUILD_ROOT%{_libdir}/libsmb/libsmbclient.so*
-rm $RPM_BUILD_ROOT%{_libdir}/libsmbconf.so*
-rm $RPM_BUILD_ROOT%{_libdir}/libsmbsharemodes.so*
-rm $RPM_BUILD_ROOT%{_libdir}/libnetapi.so*
-rm $RPM_BUILD_ROOT%{_libdir}/libnss_wins.so.2
-rm $RPM_BUILD_ROOT%{_includedir}/samba-4.0/libsmbclient.h
-rm $RPM_BUILD_ROOT%{_includedir}/samba-4.0/netapi.h
-rm $RPM_BUILD_ROOT%{_includedir}/samba-4.0/smb_share_modes.h
-rm $RPM_BUILD_ROOT%{_includedir}/samba-4.0/smbconf.h
-rm $RPM_BUILD_ROOT%{_sbindir}/nmbd
-rm $RPM_BUILD_ROOT%{_sbindir}/smbd
-rm $RPM_BUILD_ROOT%{_sbindir}/swat
-rm $RPM_BUILD_ROOT%{_sbindir}/winbindd
-rm $RPM_BUILD_ROOT%{_bindir}/dbwrap_tool
-rm $RPM_BUILD_ROOT%{_bindir}/dbwrap_torture
-rm $RPM_BUILD_ROOT%{_bindir}/debug2html
-rm $RPM_BUILD_ROOT%{_bindir}/eventlogadm
-rm $RPM_BUILD_ROOT%{_bindir}/locktest2
-rm $RPM_BUILD_ROOT%{_bindir}/locktest3
-rm $RPM_BUILD_ROOT%{_bindir}/log2pcap
-rm $RPM_BUILD_ROOT%{_bindir}/masktest3
-rm $RPM_BUILD_ROOT%{_bindir}/msgtest
-rm $RPM_BUILD_ROOT%{_bindir}/net
-rm $RPM_BUILD_ROOT%{_bindir}/nmblookup3
-rm $RPM_BUILD_ROOT%{_bindir}/ntlm_auth3
-rm $RPM_BUILD_ROOT%{_bindir}/pdbedit
-rm $RPM_BUILD_ROOT%{_bindir}/pdbtest
-rm $RPM_BUILD_ROOT%{_bindir}/profiles
-rm $RPM_BUILD_ROOT%{_bindir}/pthreadpooltest
-rm $RPM_BUILD_ROOT%{_bindir}/rpc_open_tcp
-rm $RPM_BUILD_ROOT%{_bindir}/rpcclient
-rm $RPM_BUILD_ROOT%{_bindir}/sharesec
-rm $RPM_BUILD_ROOT%{_bindir}/smbcacls
-rm $RPM_BUILD_ROOT%{_bindir}/smbclient3
-rm $RPM_BUILD_ROOT%{_bindir}/smbconftort
-rm $RPM_BUILD_ROOT%{_bindir}/smbcontrol
-rm $RPM_BUILD_ROOT%{_bindir}/smbcquotas
-rm $RPM_BUILD_ROOT%{_bindir}/smbfilter
-rm $RPM_BUILD_ROOT%{_bindir}/smbget
-rm $RPM_BUILD_ROOT%{_bindir}/smbiconv
-rm $RPM_BUILD_ROOT%{_bindir}/smbpasswd
-rm $RPM_BUILD_ROOT%{_bindir}/smbspool
-rm $RPM_BUILD_ROOT%{_bindir}/smbstatus
-rm $RPM_BUILD_ROOT%{_bindir}/smbta-util
-rm $RPM_BUILD_ROOT%{_bindir}/smbtorture3
-rm $RPM_BUILD_ROOT%{_bindir}/smbtree
-rm $RPM_BUILD_ROOT%{_bindir}/split_tokens
-rm $RPM_BUILD_ROOT%{_bindir}/test_lp_load
-rm $RPM_BUILD_ROOT%{_bindir}/timelimit
-rm $RPM_BUILD_ROOT%{_bindir}/versiontest
-rm $RPM_BUILD_ROOT%{_bindir}/vfstest
-rm $RPM_BUILD_ROOT%{_bindir}/vlp
-rm $RPM_BUILD_ROOT%{_bindir}/wbinfo3
+# pdb FIXME
+ln -sf %{_libdir}/samba/libpdb.so.0 %{buildroot}%{_libdir}/samba/libpdb.so
+# Install other stuff
+install -m 0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/samba
+install -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/samba/smb.conf
+install -m 0644 %{SOURCE5} %{buildroot}%{_sysconfdir}/security/pam_winbind.conf
+install -m 0644 %{SOURCE6} %{buildroot}%{_sysconfdir}/pam.d/samba
-# This makes the right links, as rpmlint requires that
-# the ldconfig-created links be recorded in the RPM.
-/sbin/ldconfig -N -n $RPM_BUILD_ROOT%{_libdir}
+echo 127.0.0.1 localhost > %{buildroot}%{_sysconfdir}/samba/lmhosts
-# Fix up permission on perl install.
-%{_fixperms} $RPM_BUILD_ROOT%{perl_vendorlib}
+install -d -m 0755 %{buildroot}%{_sysconfdir}/openldap/schema
+install -m644 examples/LDAP/samba.schema %{buildroot}%{_sysconfdir}/openldap/schema/samba.schema
-# Fix up permissions for libraries
-find $RPM_BUILD_ROOT%{_libdir} -name '*.so*' -type f |xargs chmod +x
+install -d -m 0755 %{buildroot}%{_sysconfdir}/xinetd.d
+install -m644 %{SOURCE2} %{buildroot}%{_sysconfdir}/xinetd.d/swat
-# Fix up permissions in source tree, for debuginfo.
-find source4/heimdal -type f | xargs chmod -x
+install -d -m 0755 %{buildroot}%{_sysconfdir}/tmpfiles.d/
+install -m644 %{SOURCE7} %{buildroot}%{_sysconfdir}/tmpfiles.d/samba.conf
-%clean
-rm -rf $RPM_BUILD_ROOT
+install -d -m 0755 %{buildroot}%{_sysconfdir}/sysconfig
+install -m 0644 packaging/systemd/samba.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/samba
-%pre
-%if %enable_winbind
-getent group wbpriv >/dev/null || groupadd -g 88 wbpriv
+%if 0%{?fedora} > 15 || 0%{?rhel} > 6
+install -d -m 0755 %{buildroot}%{_unitdir}
+install -m 0644 packaging/systemd/nmb.service %{buildroot}%{_unitdir}/nmb.service
+install -m 0644 packaging/systemd/smb.service %{buildroot}%{_unitdir}/smb.service
+install -m 0644 packaging/systemd/winbind.service %{buildroot}%{_unitdir}/winbind.service
%endif
-exit 0
+
+%if 0%{?rhel} == 6
+install -d -m 0755 %{buildroot}%{_initrddir}
+install -m 0644 %{SOURCE100} %{buildroot}%{_initrddir}/nmb
+install -m 0644 %{SOURCE101} %{buildroot}%{_initrddir}/smb
+install -m 0644 %{SOURCE102} %{buildroot}%{_initrddir}/winbind
+%endif
+
+# winbind krb5 locator
+install -d -m 0755 %{buildroot}%{_libdir}/krb5/plugins/libkrb5
+install -m 755 %{buildroot}/%{_libdir}/winbind_krb5_locator.so %{buildroot}/%{_libdir}/krb5/plugins/libkrb5/winbind_krb5_locator.so
+rm -f %{buildroot}/%{_libdir}/winbind_krb5_locator.so
+
+# cleanup stuff that does not belong here
+rm -f %{buildroot}/%{_mandir}/man3/ldb.3*
+rm -f %{buildroot}/%{_mandir}/man3/talloc.3*
+
+# Clean out crap left behind by the PIDL install.
+find %{buildroot} -type f -name .packlist -exec rm -f {} \;
+rm -f %{buildroot}%{perl_vendorlib}/wscript_build
+rm -rf %{buildroot}%{perl_vendorlib}/Parse/Yapp
+
+# This makes the right links, as rpmlint requires that
+# the ldconfig-created links be recorded in the RPM.
+/sbin/ldconfig -N -n %{buildroot}%{_libdir}
+
+# Fix up permission on perl install.
+%{_fixperms} %{buildroot}%{perl_vendorlib}
+
+# Remove stuff the buildsystem did not handle correctly
+rm -f %{buildroot}/%{smb_lib}/security/pam_smbpass.so
+rm -f %{buildroot}%{python_sitelib}/tevent.py
%post
-%if %enable_samba4
-/sbin/chkconfig --add %{name}
+%if 0%{?rhel} == 6
+/sbin/chkconfig --add smb
+/sbin/chkconfig --add nmb
if [ "$1" -ge "1" ]; then
- /sbin/service %{name} condrestart >/dev/null 2>&1 || :
+ /sbin/service smb condrestart >/dev/null 2>&1 || :
+ /sbin/service nmb condrestart >/dev/null 2>&1 || :
fi
-%endif
exit 0
+%endif
+
+if [ $1 -eq 1 ] ; then
+ # Initial installation
+ /bin/systemctl daemon-reload >/dev/null 2>&1 || :
+fi
%preun
-%if %enable_samba4
+%if 0%{?rhel} == 6
if [ $1 = 0 ] ; then
- /sbin/service %{name} stop >/dev/null 2>&1 || :
- /sbin/chkconfig --del %{name}
+ /sbin/service smb stop >/dev/null 2>&1 || :
+ /sbin/service nmb stop >/dev/null 2>&1 || :
+ /sbin/chkconfig --del smb
+ /sbin/chkconfig --del nmb
fi
-%endif
exit 0
+%endif
+
+if [ $1 -eq 0 ] ; then
+ # Package removal, not upgrade
+ /bin/systemctl --no-reload disable smb.service > /dev/null 2>&1 || :
+ /bin/systemctl --no-reload disable nmb.service > /dev/null 2>&1 || :
+ /bin/systemctl stop smb.service > /dev/null 2>&1 || :
+ /bin/systemctl stop nmb.service > /dev/null 2>&1 || :
+fi
+
+%postun
+%if 0%{?fedora} > 15 || 0%{?rhel} > 6
+/bin/systemctl daemon-reload >/dev/null 2>&1 || :
+if [ $1 -ge 1 ] ; then
+ # Package upgrade, not uninstall
+ /bin/systemctl try-restart smb.service >/dev/null 2>&1 || :
+ /bin/systemctl try-restart nmb.service >/dev/null 2>&1 || :
+fi
+%endif
+
+%post -n libsmbclient4 -p /sbin/ldconfig
+
+%postun -n libsmbclient4 -p /sbin/ldconfig
%post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig
+%post dc-libs -p /sbin/ldconfig
+
+%postun dc-libs -p /sbin/ldconfig
+
+%post test -p /sbin/ldconfig
+
+%postun test -p /sbin/ldconfig
+
+%pre winbind
+/usr/sbin/groupadd -g 88 wbpriv >/dev/null 2>&1 || :
+
+%post winbind
+%if 0%{?rhel} == 6
+/sbin/chkconfig --add winbind
+if [ "$1" -ge "1" ]; then
+ /sbin/service winbind condrestart >/dev/null 2>&1 || :
+fi
+exit 0
+%endif
+
+if [ "$1" -ge "1" ]; then
+ /bin/systemctl try-restart winbind.service >/dev/null 2>&1 || :
+fi
+
+%preun winbind
+%if 0%{?rhel} == 6
+if [ $1 = 0 ] ; then
+ /sbin/service winbind stop >/dev/null 2>&1 || :
+ /sbin/chkconfig --del winbind
+fi
+exit 0
+%endif
+
+if [ $1 = 0 ] ; then
+ /bin/systemctl stop winbind.service >/dev/null 2>&1 || :
+ /bin/systemctl disable winbind.service
+fi
+exit 0
+
+%post common -p /sbin/ldconfig
+
+%postun common -p /sbin/ldconfig
+
+%post winbind-clients -p /sbin/ldconfig
+
+%postun winbind-clients -p /sbin/ldconfig
+
+%post -n libwbclient -p /sbin/ldconfig
+
+%postun -n libwbclient -p /sbin/ldconfig
+
+%clean
+rm -rf %{buildroot}
%files
%defattr(-,root,root,-)
%doc COPYING
-%if %enable_samba4
-%{_sbindir}/provision
-%{_sbindir}/samba
-%{_sbindir}/upgradeprovision
-%{_sbindir}/samba_dnsupdate
-%{_sbindir}/samba_spnupdate
-%{_bindir}/samba-tool
-%{_libdir}/mit_samba.so
-%{_mandir}/man8/samba.*
-%dir /var/lib/%{name}/sysvol
-%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
-%config(noreplace) %{_sysconfdir}/sysconfig/%{name}
-%attr(0755,root,root) %{_initrddir}/%{name}
-%attr(0700,root,root) %dir /var/log/%{name}
-%attr(0700,root,root) %dir /var/log/%{name}/old
+%{_sbindir}/nmbd
+%{_sbindir}/smbd
+%{_libdir}/samba/libsmbd_base.so
+%{_libdir}/samba/libsmbd_conn.so
+%{_libdir}/samba/auth
+%{_libdir}/samba/idmap
+%{_libdir}/samba/vfs
+%if 0%{?fedora} > 15 || 0%{?rhel} > 6
+%{_unitdir}/nmb.service
+%{_unitdir}/smb.service
+%endif
+%config(noreplace) %{_sysconfdir}/logrotate.d/samba
+%config(noreplace) %{_sysconfdir}/pam.d/samba
+%attr(0700,root,root) %dir /var/log/samba
+%attr(0700,root,root) %dir /var/log/samba/old
+%attr(1777,root,root) %dir /var/spool/samba
+%dir %{_sysconfdir}/openldap/schema
+%{_sysconfdir}/openldap/schema/samba.schema
+%{_sysconfdir}/tmpfiles.d/samba.conf
+%if 0%{?rhel} == 6
+%{_initrddir}/nmb
+%{_initrddir}/smb
%endif
%files libs
-%defattr(-,root,root,-)
-%doc PFIF.txt
-#%dir %{_sysconfdir}/%{name}
-#Need to mark this as being owned by Samba, but it is normally created
-#by the provision script, which runs best if there is no existing
-#smb.conf
-#%config(noreplace) %{_sysconfdir}/%{name}/smb.conf
-%dir %{_datadir}/samba
-%{_datadir}/samba/codepages/*.dat
-
+%defattr(-,root,root)
%{_libdir}/libdcerpc-atsvc.so.*
+%{_libdir}/libdcerpc-binding.so.*
%{_libdir}/libdcerpc-samr.so.*
-%{_libdir}/libdcerpc-server.so.*
%{_libdir}/libdcerpc.so.*
%{_libdir}/libgensec.so.*
%{_libdir}/libndr-krb5pac.so.*
-%{_libdir}/libndr.so.*
+%{_libdir}/libndr-nbt.so.*
%{_libdir}/libndr-standard.so.*
-%{_libdir}/libpolicy.so.*
+%{_libdir}/libndr.so.*
%{_libdir}/libregistry.so.*
+%{_libdir}/libsamba-credentials.so.*
%{_libdir}/libsamba-hostconfig.so.*
+%{_libdir}/libsamba-policy.so.*
%{_libdir}/libsamba-util.so.*
%{_libdir}/libsamdb.so.*
-%{_libdir}/libtorture.so.*
-
-# internal ldb modules
-%{_libdir}/samba/ldb/aclread.so
-%{_libdir}/samba/ldb/acl.so
-%{_libdir}/samba/ldb/anr.so
-%{_libdir}/samba/ldb/descriptor.so
-%{_libdir}/samba/ldb/extended_dn_in.so
-%{_libdir}/samba/ldb/extended_dn_out.so
-%{_libdir}/samba/ldb/extended_dn_store.so
-%{_libdir}/samba/ldb/ildap.so
-%{_libdir}/samba/ldb/instancetype.so
-%{_libdir}/samba/ldb/lazy_commit.so
-%{_libdir}/samba/ldb/ldbsamba_extensions.so
-%{_libdir}/samba/ldb/linked_attributes.so
-%{_libdir}/samba/ldb/local_password.so
-%{_libdir}/samba/ldb/naming_fsmo.so
-%{_libdir}/samba/ldb/new_partition.so
-%{_libdir}/samba/ldb/objectclass_attrs.so
-%{_libdir}/samba/ldb/objectclass.so
-%{_libdir}/samba/ldb/objectguid.so
-%{_libdir}/samba/ldb/operational.so
-%{_libdir}/samba/ldb/partition.so
-%{_libdir}/samba/ldb/password_hash.so
-%{_libdir}/samba/ldb/pdc_fsmo.so
-%{_libdir}/samba/ldb/ranged_results.so
-%{_libdir}/samba/ldb/repl_meta_data.so
-%{_libdir}/samba/ldb/resolve_oids.so
-%{_libdir}/samba/ldb/rootdse.so
-%{_libdir}/samba/ldb/samba3sam.so
-%{_libdir}/samba/ldb/samba3sid.so
-%{_libdir}/samba/ldb/samba_dsdb.so
-%{_libdir}/samba/ldb/samba_secrets.so
-%{_libdir}/samba/ldb/samldb.so
-%{_libdir}/samba/ldb/schema_data.so
-%{_libdir}/samba/ldb/schema_load.so
-%{_libdir}/samba/ldb/show_deleted.so
-%{_libdir}/samba/ldb/simple_dn.so
-%{_libdir}/samba/ldb/simple_ldap_map.so
-%{_libdir}/samba/ldb/subtree_delete.so
-%{_libdir}/samba/ldb/subtree_rename.so
-%{_libdir}/samba/ldb/update_keytab.so
-%{_libdir}/samba/ldb/wins_ldb.so
-
-# samba internal libraries
-%{_libdir}/samba/gensec/krb5.so
-%{_libdir}/samba/libasn1-samba4.so.*
-%{_libdir}/samba/libauth4.so
+%{_libdir}/libsmbclient-raw.so.*
+%{_libdir}/libsmbconf.so.*
+%{_libdir}/libtevent-util.so.*
+
+# libraries needed by the public libraries
+%{_libdir}/samba/libCHARSET3.so
+%{_libdir}/samba/libHDB_SAMBA4.so
+%{_libdir}/samba/libLIBWBCLIENT_OLD.so
+%{_libdir}/samba/libUTIL_TDB.so
+%{_libdir}/samba/libadt_tree.so
+%{_libdir}/samba/libasn1-samba4.so.8
+%{_libdir}/samba/libasn1-samba4.so.8.0.0
+%{_libdir}/samba/libasn1util.so
+%{_libdir}/samba/libauth_sam_reply.so
+%{_libdir}/samba/libauth_unix_token.so
%{_libdir}/samba/libauthkrb5.so
-%{_libdir}/samba/libcliauth.so
+%{_libdir}/samba/libcli-ldap-common.so
%{_libdir}/samba/libcli-ldap.so
%{_libdir}/samba/libcli-nbt.so
+%{_libdir}/samba/libcli_cldap.so
+%{_libdir}/samba/libcli_smb_common.so
+%{_libdir}/samba/libcliauth.so
%{_libdir}/samba/libcluster.so
-%{_libdir}/samba/libcmdline-credentials.so
-%{_libdir}/samba/libcredentials.so
%{_libdir}/samba/libdb-glue.so
-%{_libdir}/samba/libdcerpc-samba4.so
+%{_libdir}/samba/libdbwrap.so
%{_libdir}/samba/libdcerpc-samba.so
-%{_libdir}/samba/libdlz_bind9.so
-%{_libdir}/samba/libdsdb-module.so
+%{_libdir}/samba/libdcerpc-samba4.so
%{_libdir}/samba/liberrors.so
%{_libdir}/samba/libevents.so
-%{_libdir}/samba/libgssapi-samba4.so.*
-%{_libdir}/samba/libhcrypto-samba4.so.*
-%{_libdir}/samba/libhdb-samba4.so.*
-%{_libdir}/samba/libheimbase-samba4.so.*
-%{_libdir}/samba/libheimntlm-samba4.so.*
-%{_libdir}/samba/libhx509-samba4.so.*
+%{_libdir}/samba/libflag_mapping.so
+%{_libdir}/samba/libgse.so
+%{_libdir}/samba/libgssapi-samba4.so.2
+%{_libdir}/samba/libgssapi-samba4.so.2.0.0
+%{_libdir}/samba/libhcrypto-samba4.so.5
+%{_libdir}/samba/libhcrypto-samba4.so.5.0.1
+%{_libdir}/samba/libhdb-samba4.so.11
+%{_libdir}/samba/libhdb-samba4.so.11.0.2
+%{_libdir}/samba/libheimbase-samba4.so.1
+%{_libdir}/samba/libheimbase-samba4.so.1.0.0
+%{_libdir}/samba/libhx509-samba4.so.5
+%{_libdir}/samba/libhx509-samba4.so.5.0.0
+%{_libdir}/samba/libinterfaces.so
%{_libdir}/samba/libkdc-policy.so
-%{_libdir}/samba/libkdc-samba4.so.*
-%{_libdir}/samba/libkrb5-samba4.so.*
-%{_libdir}/samba/libldb-cmdline.so
+%{_libdir}/samba/libkrb5-samba4.so.26
+%{_libdir}/samba/libkrb5-samba4.so.26.0.0
%{_libdir}/samba/libldbsamba.so
-%{_libdir}/samba/libndr-samba4.so
+%{_libdir}/samba/liblibsmb.so
+%{_libdir}/samba/libmemcache.so
%{_libdir}/samba/libndr-samba.so
+%{_libdir}/samba/libndr-samba4.so
%{_libdir}/samba/libnetif.so
-%{_libdir}/samba/libntvfs.so
-%{_libdir}/samba/libpac.so
-%{_libdir}/samba/libprocess_model.so
+%{_libdir}/samba/libnpa_tstream.so
%{_libdir}/samba/libreplace.so
-%{_libdir}/samba/libroken-samba4.so.*
-%{_libdir}/samba/librpccommon.so
+%{_libdir}/samba/libroken-samba4.so.19
+%{_libdir}/samba/libroken-samba4.so.19.0.1
+%{_libdir}/samba/libsamba-modules.so
%{_libdir}/samba/libsamba-net.so
-%{_libdir}/samba/libsamba_python.so
%{_libdir}/samba/libsamba-sockets.so
+%{_libdir}/samba/libsamba_python.so
%{_libdir}/samba/libsamdb-common.so
+%{_libdir}/samba/libsecrets3.so
%{_libdir}/samba/libsecurity.so
-%{_libdir}/samba/libservice.so
-%{_libdir}/samba/libsmbpasswdparser.so
+%{_libdir}/samba/libserver-role.so
%{_libdir}/samba/libshares.so
-%{_libdir}/samba/libsubunit.so
+%{_libdir}/samba/libsmbd_shim.so
+%{_libdir}/samba/libsmbpasswdparser.so
+%{_libdir}/samba/libsmbregistry.so
+%{_libdir}/samba/libstring_init.so
%{_libdir}/samba/libtdb-wrap.so
-%{_libdir}/samba/libwinbind-client.so
-%{_libdir}/samba/libwind-samba4.so.*
-%{_libdir}/samba/libwrap_xattr.so
-%{_libdir}/samba/process_model/onefork.so
-%{_libdir}/samba/process_model/prefork.so
-%{_libdir}/samba/process_model/standard.so
-%{_libdir}/samba/service/cldap.so
-%{_libdir}/samba/service/dcerpc.so
-%{_libdir}/samba/service/dns.so
-%{_libdir}/samba/service/dns_update.so
-%{_libdir}/samba/service/drepl.so
-%{_libdir}/samba/service/kcc.so
-%{_libdir}/samba/service/kdc.so
-%{_libdir}/samba/service/ldap.so
-%{_libdir}/samba/service/nbtd.so
-%{_libdir}/samba/service/ntp_signd.so
-%{_libdir}/samba/service/samba3_smb.so
-%{_libdir}/samba/service/smb.so
-%{_libdir}/samba/service/web.so
-%{_libdir}/samba/service/winbind.so
-%{_libdir}/samba/service/wrepl.so
-
-%{_libdir}/samba/libLIBCLI_CLDAP.so
-%{_libdir}/samba/libLIBCLI_LSA3.so
-%{_libdir}/samba/libLIBCLI_RAW.so
-%{_libdir}/samba/libLIBCLI_SMB_COMMON.so
-%{_libdir}/samba/libUTIL_TDB.so
-%{_libdir}/samba/libflag_mapping.so
-%{_libdir}/samba/libasn1util.so
-%{_libdir}/samba/libauth_sam_reply.so
-%{_libdir}/samba/libcli-ldap-common.so
-%{_libdir}/samba/libflag_mapping.so
-%{_libdir}/samba/libinterfaces.so
-%{_libdir}/samba/libnpa_tstream.so
%{_libdir}/samba/libtdb_compat.so
+%{_libdir}/samba/libutil_cmdline.so
+%{_libdir}/samba/libutil_malloc.so
%{_libdir}/samba/libutil_reg.so
+%{_libdir}/samba/libutil_sec.so
+%{_libdir}/samba/libutil_str.so
+%{_libdir}/samba/libwind-samba4.so.0
+%{_libdir}/samba/libwind-samba4.so.0.0.0
+%{_libdir}/samba/libwrap_xattr.so
+
+%if %{with_ldb}
+%{_libdir}/samba/libldb.so.1
+%{_libdir}/samba/libldb.so.%{ldb_version}
+%{_libdir}/samba/libpyldb-util.so.1
+%{_libdir}/samba/libpyldb-util.so.%{ldb_version}
+%endif
+%if %{with_talloc}
+%{_libdir}/samba/libtalloc.so.2
+%{_libdir}/samba/libtalloc.so.%{talloc_version}
+%{_libdir}/samba/libpytalloc-util.so.2
+%{_libdir}/samba/libpytalloc-util.so.%{talloc_version}
+%endif
+%if %{with_tevent}
+%{_libdir}/samba/libtevent.so.0
+%{_libdir}/samba/libtevent.so.%{tevent_version}
+%endif
+%if %{with_tdb}
+%{_libdir}/samba/libtdb.so.1
+%{_libdir}/samba/libtdb.so.%{tdb_version}
+%endif
+
+%files common
+%defattr(-,root,root)
+#%{_libdir}/samba/charset ???
+%{_libdir}/libnetapi.so.*
+%{_libdir}/samba/libsmbldap.so
+%{_libdir}/samba/libgpo.so
+%{_libdir}/samba/libprinting_migrate.so
+%{_datadir}/samba/codepages
+%attr(700,root,root) %dir /var/lib/samba/private
+%config(noreplace) %{_sysconfdir}/samba/smb.conf
+%config(noreplace) %{_sysconfdir}/samba/lmhosts
+%config(noreplace) %{_sysconfdir}/sysconfig/samba
+
+# common libraries
+%{_libdir}/samba/libads.so
+%{_libdir}/samba/libauth.so
+%{_libdir}/samba/liblibcli_lsa3.so
+%{_libdir}/samba/liblibcli_netlogon3.so
+%{_libdir}/samba/libmsrpc3.so
+%{_libdir}/samba/libnamearray.so
+%{_libdir}/samba/libnet_keytab.so
+%{_libdir}/samba/libpdb.so.*
+%{_libdir}/samba/libpopt_samba3.so
+%{_libdir}/samba/pdb
+
+%if %with_pam_smbpass
+/%{smb_lib}/security/pam_smbpass.so
+%endif
+
+%files dc
+%defattr(-,root,root)
+%{_bindir}/samba-tool
+%{_bindir}/samba_kcc
+%{_sbindir}/provision
+%{_sbindir}/samba
+%{_sbindir}/upgradeprovision
+%{_sbindir}/samba_dnsupdate
+%{_sbindir}/samba_spnupdate
+%{_sbindir}/upgradedns
+%{_libdir}/mit_samba.so
+%{_libdir}/samba/bind9/dlz_bind9.so
+%{_libdir}/samba/libcmdline-credentials.so
+%{_libdir}/samba/libdfs_server_ad.so
+%{_libdir}/samba/libdsdb-module.so
+%{_libdir}/samba/libheimntlm-samba4.so.1
+%{_libdir}/samba/libheimntlm-samba4.so.1.0.1
+%{_libdir}/samba/libkdc-samba4.so.2
+%{_libdir}/samba/libkdc-samba4.so.2.0.0
+%{_libdir}/samba/libpac.so
+%{_libdir}/samba/gensec
+%{_libdir}/samba/ldb
+%{_libdir}/samba/process_model
+%{_libdir}/samba/service
+%dir /var/lib/samba/sysvol
+%{_datadir}/samba/setup
+%{_mandir}/man8/samba.8.gz
+
+%files dc-libs
+%defattr(-,root,root)
+%{_libdir}/libdcerpc-server.so.*
+%{_libdir}/samba/libauth4.so
+%{_libdir}/samba/libntvfs.so
+%{_libdir}/samba/libprocess_model.so
+%{_libdir}/samba/libservice.so
-%if %enable_winbind
%files winbind
-%defattr(-,root,root,-)
-%{_bindir}/ntlm_auth
-%{_bindir}/wbinfo
-#%{_libdir}/libwbclient.so.0
-%{_libdir}/libnss_winbind.so.2
-%{_libdir}/libnss-winbind.inst.so.2
-%{_libdir}/pam_winbind.so
-%dir /var/run/winbindd
-%attr(750,root,wbpriv) %dir /var/lib/%{name}/winbindd_privileged
-%{_mandir}/man1/ntlm_auth.*
+%defattr(-,root,root)
+%{_bindir}/ntlm_auth3
+#%{_bindir}/wbinfo3
+%{_libdir}/samba/idmap
+%{_libdir}/samba/nss_info
+%{_libdir}/samba/libnss_info.so
+%{_libdir}/samba/libidmap.so
+%{_sbindir}/winbindd
+%ghost %dir /var/run/winbindd
+%attr(750,root,wbpriv) %dir /var/lib/samba/winbindd_privileged
+%config(noreplace) %{_sysconfdir}/security/pam_winbind.conf
+%if 0%{?fedora} > 15 || 0%{?rhel} > 6
+%{_unitdir}/winbind.service
+%endif
+#%{_mandir}/man1/ntlm_auth.1*
+#%{_mandir}/man1/wbinfo.1*
+#%{_mandir}/man5/pam_winbind.conf.5*
+#%{_mandir}/man8/pam_winbind.8*
+#%{_mandir}/man8/winbindd.8*
+#%{_mandir}/man8/idmap_*.8*
+#%{_datadir}/locale/*/LC_MESSAGES/pam_winbind.mo
+%if 0%{?rhel} == 6
+%{_initrddir}/winbind
%endif
-%if %enable_python
-%files python
-%defattr(-,root,root,-)
-%{python_sitearch}/*
+%files winbind-krb5-locator
+%defattr(-,root,root)
+#%{_mandir}/man7/winbind_krb5_locator.7*
+%{_libdir}/krb5/plugins/libkrb5/winbind_krb5_locator.so
+
+%files winbind-clients
+%defattr(-,root,root)
+%{_bindir}/wbinfo
+%{_libdir}/libnss_winbind.so
+/%{smb_lib}/libnss_winbind.so.2
+%{_libdir}/libnss_wins.so
+/%{smb_lib}/libnss_wins.so.2
+/%{smb_lib}/security/pam_winbind.so
+
+%files client
+%defattr(-,root,root)
+%{_bindir}/cifsdd
+%{_bindir}/dbwrap_tool
+%{_bindir}/debug2html
+%{_bindir}/eventlogadm
+%{_bindir}/log2pcap
+%{_bindir}/net
+%{_bindir}/nmblookup
+%{_bindir}/nmblookup3
+%{_bindir}/ntlm_auth
+%{_bindir}/ntlm_auth3
+%{_bindir}/oLschema2ldif
+%{_bindir}/pdbedit
+%{_bindir}/profiles
+%{_bindir}/regdiff
+%{_bindir}/regpatch
+%{_bindir}/regshell
+%{_bindir}/regtree
+%{_bindir}/rpcclient
+%{_bindir}/sharesec
+%{_bindir}/smbcacls
+%{_bindir}/smbclient
+%{_bindir}/smbclient3
+%{_bindir}/smbcontrol
+%{_bindir}/smbcquotas
+%{_bindir}/smbfilter
+%{_bindir}/smbget
+#%{_bindir}/smbiconv
+%{_bindir}/smbpasswd
+%{_bindir}/smbspool
+%{_bindir}/smbstatus
+%{_bindir}/smbta-util
+%{_bindir}/smbtree
+%{_bindir}/split_tokens
+%{_bindir}/testparm
+%{_libdir}/samba/libaddns.so
+%{_libdir}/samba/libcli_spoolss.so
+%{_libdir}/samba/libldb-cmdline.so
+%{_libdir}/samba/libtrusts_util.so
+%{_mandir}/man1/nmblookup.1.gz
+%{_mandir}/man1/ntlm_auth.1.gz
+%{_mandir}/man1/oLschema2ldif.1.gz
+%{_mandir}/man1/regdiff.1.gz
+%{_mandir}/man1/regpatch.1.gz
+%{_mandir}/man1/regshell.1.gz
+%{_mandir}/man1/regtree.1.gz
+
+%if %{with_tdb}
+%{_bindir}/tdbbackup
+%{_bindir}/tdbdump
+%{_bindir}/tdbrestore
+%{_bindir}/tdbtool
+%{_mandir}/man8/tdbbackup.8.gz
+%{_mandir}/man8/tdbdump.8.gz
+%{_mandir}/man8/tdbrestore.8.gz
+%{_mandir}/man8/tdbtool.8.gz
%endif
-%files devel
-%defattr(-,root,root,-)
-%{_libdir}/libdcerpc.so
-%{_libdir}/libdcerpc-samr.so
-%{_libdir}/libndr.so
-%{_libdir}/libndr-standard.so
-%{_libdir}/libsamba-hostconfig.so
-%{_libdir}/libsamba-util.so
-%{_libdir}/libdcerpc-atsvc.so
-%{_libdir}/libdcerpc-server.so
-%{_libdir}/libgensec.so
-%{_libdir}/libndr-krb5pac.so
-%{_libdir}/libpolicy.so
-%{_libdir}/libregistry.so
-%{_libdir}/libsamdb.so
-%{_libdir}/libtorture.so
+%if %with_ldb
+%{_bindir}/ldbadd
+%{_bindir}/ldbdel
+%{_bindir}/ldbedit
+%{_bindir}/ldbmodify
+%{_bindir}/ldbrename
+%{_bindir}/ldbsearch
+%{_mandir}/man1/ldbadd.1.gz
+%{_mandir}/man1/ldbdel.1.gz
+%{_mandir}/man1/ldbedit.1.gz
+%{_mandir}/man1/ldbmodify.1.gz
+%{_mandir}/man1/ldbrename.1.gz
+%{_mandir}/man1/ldbsearch.1.gz
+%endif
-%{_libdir}/pkgconfig/dcerpc.pc
-%{_libdir}/pkgconfig/dcerpc_samr.pc
-%{_libdir}/pkgconfig/ndr.pc
-%{_libdir}/pkgconfig/ndr_standard.pc
-%{_libdir}/pkgconfig/samba-hostconfig.pc
-%{_libdir}/pkgconfig/samba-util.pc
-%{_libdir}/pkgconfig/dcerpc_atsvc.pc
-%{_libdir}/pkgconfig/dcerpc_server.pc
-%{_libdir}/pkgconfig/gensec.pc
-%{_libdir}/pkgconfig/ndr_krb5pac.pc
-%{_libdir}/pkgconfig/policy.pc
-%{_libdir}/pkgconfig/registry.pc
-%{_libdir}/pkgconfig/samdb.pc
-%{_libdir}/pkgconfig/torture.pc
+%files test
+%defattr(-,root,root)
+%{_bindir}/dbwrap_torture
+%{_bindir}/gentest
+%{_bindir}/locktest
+%{_bindir}/locktest2
+%{_bindir}/locktest3
+%{_bindir}/masktest
+%{_bindir}/masktest3
+%{_bindir}/msgtest
+%{_bindir}/ndrdump
+%{_bindir}/nsstest
+%{_bindir}/pdbtest
+%{_bindir}/pthreadpooltest
+%{_bindir}/rpc_open_tcp
+%{_bindir}/smbconftort
+%{_bindir}/smbtorture
+%{_bindir}/smbtorture3
+%{_bindir}/test_lp_load
+%{_bindir}/timelimit
+%{_bindir}/versiontest
+%{_bindir}/vfstest
+%{_bindir}/vlp
+%{_libdir}/libtorture.so.*
+%{_libdir}/samba/libsubunit.so
+%{_mandir}/man1/gentest.1.gz
+%{_mandir}/man1/locktest.1.gz
+%{_mandir}/man1/masktest.1.gz
+%{_mandir}/man1/ndrdump.1.gz
+%{_mandir}/man1/smbtorture.1.gz
+%files devel
+%defattr(-,root,root)
%{_includedir}/samba-4.0/charset.h
%{_includedir}/samba-4.0/core/doserr.h
%{_includedir}/samba-4.0/core/error.h
%{_includedir}/samba-4.0/core/ntstatus.h
%{_includedir}/samba-4.0/core/werror.h
%{_includedir}/samba-4.0/credentials.h
-%{_includedir}/samba-4.0/dcerpc_server.h
%{_includedir}/samba-4.0/dcerpc.h
+%{_includedir}/samba-4.0/dcerpc_server.h
%{_includedir}/samba-4.0/dlinklist.h
%{_includedir}/samba-4.0/domain_credentials.h
%{_includedir}/samba-4.0/gen_ndr/atsvc.h
@@ -749,42 +970,78 @@ exit 0
%{_includedir}/samba-4.0/gen_ndr/mgmt.h
%{_includedir}/samba-4.0/gen_ndr/misc.h
%{_includedir}/samba-4.0/gen_ndr/nbt.h
-%{_includedir}/samba-4.0/gen_ndr/ndr_atsvc_c.h
+%{_includedir}/samba-4.0/gen_ndr/drsblobs.h
+%{_includedir}/samba-4.0/gen_ndr/drsuapi.h
+%{_includedir}/samba-4.0/gen_ndr/ndr_drsblobs.h
+%{_includedir}/samba-4.0/gen_ndr/ndr_drsuapi.h
%{_includedir}/samba-4.0/gen_ndr/ndr_atsvc.h
+%{_includedir}/samba-4.0/gen_ndr/ndr_atsvc_c.h
%{_includedir}/samba-4.0/gen_ndr/ndr_dcerpc.h
-%{_includedir}/samba-4.0/gen_ndr/ndr_epmapper_c.h
%{_includedir}/samba-4.0/gen_ndr/ndr_epmapper.h
+%{_includedir}/samba-4.0/gen_ndr/ndr_epmapper_c.h
%{_includedir}/samba-4.0/gen_ndr/ndr_krb5pac.h
-%{_includedir}/samba-4.0/gen_ndr/ndr_mgmt_c.h
%{_includedir}/samba-4.0/gen_ndr/ndr_mgmt.h
+%{_includedir}/samba-4.0/gen_ndr/ndr_mgmt_c.h
%{_includedir}/samba-4.0/gen_ndr/ndr_misc.h
-%{_includedir}/samba-4.0/gen_ndr/ndr_samr_c.h
+%{_includedir}/samba-4.0/gen_ndr/ndr_nbt.h
%{_includedir}/samba-4.0/gen_ndr/ndr_samr.h
-%{_includedir}/samba-4.0/gen_ndr/ndr_svcctl_c.h
+%{_includedir}/samba-4.0/gen_ndr/ndr_samr_c.h
%{_includedir}/samba-4.0/gen_ndr/ndr_svcctl.h
+%{_includedir}/samba-4.0/gen_ndr/ndr_svcctl_c.h
%{_includedir}/samba-4.0/gen_ndr/netlogon.h
%{_includedir}/samba-4.0/gen_ndr/samr.h
%{_includedir}/samba-4.0/gen_ndr/security.h
%{_includedir}/samba-4.0/gen_ndr/server_id.h
%{_includedir}/samba-4.0/gen_ndr/svcctl.h
%{_includedir}/samba-4.0/gensec.h
+%{_includedir}/samba-4.0/ldap-util.h
%{_includedir}/samba-4.0/ldap_errors.h
%{_includedir}/samba-4.0/ldap_message.h
%{_includedir}/samba-4.0/ldap_ndr.h
-%{_includedir}/samba-4.0/ldap-util.h
%{_includedir}/samba-4.0/ldb_wrap.h
+%{_includedir}/samba-4.0/lookup_sid.h
+%{_includedir}/samba-4.0/machine_sid.h
%{_includedir}/samba-4.0/ndr.h
+%{_includedir}/samba-4.0/ndr/ndr_drsblobs.h
+%{_includedir}/samba-4.0/ndr/ndr_drsuapi.h
+%{_includedir}/samba-4.0/ndr/ndr_svcctl.h
+%{_includedir}/samba-4.0/ndr/ndr_nbt.h
+%{_includedir}/samba-4.0/netapi.h
%{_includedir}/samba-4.0/param.h
+%{_includedir}/samba-4.0/passdb.h
+%{_includedir}/samba-4.0/policy.h
+%{_includedir}/samba-4.0/read_smb.h
%{_includedir}/samba-4.0/registry.h
%{_includedir}/samba-4.0/roles.h
+%{_includedir}/samba-4.0/rpc_common.h
%{_includedir}/samba-4.0/samba/popt.h
%{_includedir}/samba-4.0/samba/session.h
%{_includedir}/samba-4.0/samba/version.h
%{_includedir}/samba-4.0/share.h
+%{_includedir}/samba-4.0/smb2_constants.h
+%{_includedir}/samba-4.0/smb2_create_blob.h
+%{_includedir}/samba-4.0/smb2_signing.h
+%{_includedir}/samba-4.0/smb_cli.h
+%{_includedir}/samba-4.0/smb_cliraw.h
+%{_includedir}/samba-4.0/smb_common.h
+%{_includedir}/samba-4.0/smbconf.h
+%{_includedir}/samba-4.0/smb_constants.h
+%{_includedir}/samba-4.0/smb_ldap.h
+%{_includedir}/samba-4.0/smbldap.h
+%{_includedir}/samba-4.0/smb_raw.h
+%{_includedir}/samba-4.0/smb_raw_interfaces.h
+%{_includedir}/samba-4.0/smb_raw_signing.h
+%{_includedir}/samba-4.0/smb_raw_trans2.h
+%{_includedir}/samba-4.0/smb_request.h
+%{_includedir}/samba-4.0/smb_seal.h
+%{_includedir}/samba-4.0/smb_signing.h
+%{_includedir}/samba-4.0/smb_unix_ext.h
+%{_includedir}/samba-4.0/smb_util.h
%{_includedir}/samba-4.0/tdr.h
%{_includedir}/samba-4.0/torture.h
%{_includedir}/samba-4.0/tsocket.h
%{_includedir}/samba-4.0/tsocket_internal.h
+%{_includedir}/samba-4.0/samba_util.h
%{_includedir}/samba-4.0/util/attr.h
%{_includedir}/samba-4.0/util/byteorder.h
%{_includedir}/samba-4.0/util/data_blob.h
@@ -798,52 +1055,101 @@ exit 0
%{_includedir}/samba-4.0/util/tevent_werror.h
%{_includedir}/samba-4.0/util/time.h
%{_includedir}/samba-4.0/util/xfile.h
-%{_includedir}/samba-4.0/util.h
%{_includedir}/samba-4.0/util_ldb.h
-%{_includedir}/samba-4.0/rpc_common.h
-%{_includedir}/samba-4.0/ndr/ndr_svcctl.h
+%{_libdir}/libdcerpc-atsvc.so
+%{_libdir}/libdcerpc-binding.so
+%{_libdir}/libdcerpc-samr.so
+%{_libdir}/libdcerpc-server.so
+%{_libdir}/libdcerpc.so
+%{_libdir}/libgensec.so
+%{_libdir}/libndr-krb5pac.so
+%{_libdir}/libndr-nbt.so
+%{_libdir}/libndr-standard.so
+%{_libdir}/libndr.so
+%{_libdir}/libnetapi.so
+%{_libdir}/libregistry.so
+%{_libdir}/libsamba-credentials.so
+%{_libdir}/libsamba-hostconfig.so
+%{_libdir}/libsamba-policy.so
+%{_libdir}/libsamba-util.so
+%{_libdir}/libsamdb.so
+%{_libdir}/libsmbclient-raw.so
+%{_libdir}/libsmbconf.so
+%{_libdir}/libtevent-util.so
+%{_libdir}/libtorture.so
+%{_libdir}/pkgconfig/dcerpc.pc
+%{_libdir}/pkgconfig/dcerpc_atsvc.pc
+%{_libdir}/pkgconfig/dcerpc_samr.pc
+%{_libdir}/pkgconfig/dcerpc_server.pc
+%{_libdir}/pkgconfig/gensec.pc
+%{_libdir}/pkgconfig/ndr.pc
+%{_libdir}/pkgconfig/ndr_krb5pac.pc
+%{_libdir}/pkgconfig/ndr_nbt.pc
+%{_libdir}/pkgconfig/ndr_standard.pc
+%{_libdir}/pkgconfig/registry.pc
+%{_libdir}/pkgconfig/samba-credentials.pc
+%{_libdir}/pkgconfig/samba-hostconfig.pc
+%{_libdir}/pkgconfig/samba-policy.pc
+%{_libdir}/pkgconfig/samba-util.pc
+%{_libdir}/pkgconfig/samdb.pc
+%{_libdir}/pkgconfig/smbclient-raw.pc
+%{_libdir}/pkgconfig/torture.pc
+%{_libdir}/samba/libpdb.so
-%if %enable_winbind
-#%{_libdir}/libwbclient.so
-%{_includedir}/samba-4.0/wbclient.h
+%if %with_talloc
+%{_includedir}/samba-4.0/pytalloc.h
%endif
+%files python
+%defattr(-,root,root,-)
+%{python_sitearch}/*
+
%files pidl
%defattr(-,root,root,-)
-%{perl_vendorlib}/*
+%{perl_vendorlib}/Parse/Pidl*
%{_mandir}/man1/pidl*
-%{_mandir}/man3/Parse*
+%{_mandir}/man3/Parse::Pidl*
%attr(755,root,root) %{_bindir}/pidl
-%if %enable_client
-%files client
-%defattr(-,root,root,-)
-%{_bindir}/nmblookup
-%{_bindir}/smbclient
-%{_bindir}/cifsdd
-%{_mandir}/man1/nmblookup.*
-%endif
-
-%if %enable_common
-%files common
-%defattr(-,root,root,-)
-%{_bindir}/testparm
-%{_bindir}/regdiff
-%{_bindir}/regpatch
-%{_bindir}/regshell
-%{_bindir}/regtree
-%{_mandir}/man1/regdiff.*
-%{_mandir}/man1/regpatch.*
-%{_mandir}/man1/regshell.*
-%{_mandir}/man1/regtree.*
+%files swat
+%defattr(-,root,root)
+%config(noreplace) %{_sysconfdir}/xinetd.d/swat
+%{_datadir}/samba/swat
+%{_sbindir}/swat
+#%{_mandir}/man8/swat.8*
+#%attr(755,root,root) %{_libdir}/samba/*.msg
+
+%files -n libsmbclient4
+%defattr(-,root,root)
+%attr(755,root,root) %{_libdir}/libsmbclient.so.*
+%attr(755,root,root) %{_libdir}/libsmbsharemodes.so.*
+
+%files -n libsmbclient4-devel
+%defattr(-,root,root)
+%{_includedir}/samba-4.0/libsmbclient.h
+%{_includedir}/samba-4.0/smb_share_modes.h
+%{_libdir}/libsmbclient.so
+%{_libdir}/libsmbsharemodes.so
+%{_libdir}/pkgconfig/smbclient.pc
+#%{_libdir}/pkgconfig/smbsharemodes.pc
+#%{_mandir}/man7/libsmbclient.7*
+
+%files -n libwbclient
+%defattr(-,root,root)
+%{_libdir}/libwbclient.so.*
+%{_libdir}/samba/libwinbind-client.so
-%dir /var/lib/%{name}
-%attr(700,root,root) %dir /var/lib/%{name}/private
-# We don't want to put a smb.conf in by default, provision should create it
-#%config(noreplace) %{_sysconfdir}/%{name}/smb.conf
-%endif
+%files -n libwbclient-devel
+%defattr(-,root,root)
+%{_includedir}/samba-4.0/wbclient.h
+%{_libdir}/libwbclient.so
+%{_libdir}/pkgconfig/wbclient.pc
%changelog
+* Tue Apr 03 2012 Andreas Schneider <asn at redhat.com> - 4.0.0-39.alpha18
+- Update to Samba4 alpha18.
+- Reorganize subpackages.
+
* Wed Jan 25 2012 Matthew Barnes <mbarnes at redhat.com> - 4.0.0-38.alpha16
- Add another "buildfix" patch for --disable-silent-rules.
@@ -1007,7 +1313,7 @@ exit 0
* Fri Jul 25 2008 Andrew Bartlett <abartlet at samba.org> - 0:4.0.0-0.4.alpha5.fc10
- Remove talloc and tdb dependency (per https://bugzilla.redhat.com/show_bug.cgi?id=453083)
-- Fix deps on chkconfig and service to main pkg (not -common)
+- Fix deps on chkconfig and service to main pkg (not -common)
(per https://bugzilla.redhat.com/show_bug.cgi?id=453083)
* Mon Jul 21 2008 Brad Hards <bradh at frogmouth.ent> - 0:4.0.0-0.3.alpha5.fc10
diff --git a/smb.conf.default b/smb.conf.default
new file mode 100644
index 0000000..5c2d217
--- /dev/null
+++ b/smb.conf.default
@@ -0,0 +1,315 @@
+# This is the main Samba configuration file. For detailed information about the
+# options listed here, refer to the smb.conf(5) manual page. Samba has a huge
+# number of configurable options, most of which are not shown in this example.
+#
+# The Official Samba 3.2.x HOWTO and Reference Guide contains step-by-step
+# guides for installing, configuring, and using Samba:
+# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
+#
+# The Samba-3 by Example guide has working examples for smb.conf. This guide is
+# generated daily: http://www.samba.org/samba/docs/Samba-Guide.pdf
+#
+# In this file, lines starting with a semicolon (;) or a hash (#) are
+# comments and are ignored. This file uses hashes to denote commentary and
+# semicolons for parts of the file you may wish to configure.
+#
+# Note: Run the "testparm" command after modifying this file to check for basic
+# syntax errors.
+#
+#---------------
+# Security-Enhanced Linux (SELinux) Notes:
+#
+# Turn the samba_domain_controller Boolean on to allow Samba to use the useradd
+# and groupadd family of binaries. Run the following command as the root user to
+# turn this Boolean on:
+# setsebool -P samba_domain_controller on
+#
+# Turn the samba_enable_home_dirs Boolean on if you want to share home
+# directories via Samba. Run the following command as the root user to turn this
+# Boolean on:
+# setsebool -P samba_enable_home_dirs on
+#
+# If you create a new directory, such as a new top-level directory, label it
+# with samba_share_t so that SELinux allows Samba to read and write to it. Do
+# not label system directories, such as /etc/ and /home/, with samba_share_t, as
+# such directories should already have an SELinux label.
+#
+# Run the "ls -ldZ /path/to/directory" command to view the current SELinux
+# label for a given directory.
+#
+# Set SELinux labels only on files and directories you have created. Use the
+# chcon command to temporarily change a label:
+# chcon -t samba_share_t /path/to/directory
+#
+# Changes made via chcon are lost when the file system is relabeled or commands
+# such as restorecon are run.
+#
+# Use the samba_export_all_ro or samba_export_all_rw Boolean to share system
+# directories. To share such directories and only allow read-only permissions:
+# setsebool -P samba_export_all_ro on
+# To share such directories and allow read and write permissions:
+# setsebool -P samba_export_all_rw on
+#
+# To run scripts (preexec/root prexec/print command/...), copy them to the
+# /var/lib/samba/scripts/ directory so that SELinux will allow smbd to run them.
+# Note that if you move the scripts to /var/lib/samba/scripts/, they retain
+# their existing SELinux labels, which may be labels that SELinux does not allow
+# smbd to run. Copying the scripts will result in the correct SELinux labels.
+# Run the "restorecon -R -v /var/lib/samba/scripts" command as the root user to
+# apply the correct SELinux labels to these files.
+#
+#--------------
+#
+#======================= Global Settings =====================================
+
+[global]
+
+# ----------------------- Network-Related Options -------------------------
+#
+# workgroup = the Windows NT domain name or workgroup name, for example, MYGROUP.
+#
+# server string = the equivalent of the Windows NT Description field.
+#
+# netbios name = used to specify a server name that is not tied to the hostname.
+#
+# interfaces = used to configure Samba to listen on multiple network interfaces.
+# If you have multiple interfaces, you can use the "interfaces =" option to
+# configure which of those interfaces Samba listens on. Never omit the localhost
+# interface (lo).
+#
+# hosts allow = the hosts allowed to connect. This option can also be used on a
+# per-share basis.
+
+# hosts deny = the hosts not allowed to connect. This option can also be used on
+# a per-share basis.
+#
+ workgroup = MYGROUP
+ server string = Samba Server Version %v
+
+; netbios name = MYSERVER
+
+; interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
+; hosts allow = 127. 192.168.12. 192.168.13.
+
+# --------------------------- Logging Options -----------------------------
+#
+# log file = specify where log files are written to and how they are split.
+#
+# max log size = specify the maximum size log files are allowed to reach. Log
+# files are rotated when they reach the size specified with "max log size".
+#
+
+ # log files split per-machine:
+ log file = /var/log/samba/log.%m
+ # maximum size of 50KB per log file, then rotate:
+ max log size = 50
+
+# ----------------------- Standalone Server Options ------------------------
+#
+# security = the mode Samba runs in. This can be set to user, share
+# (deprecated), or server (deprecated).
+#
+# passdb backend = the backend used to store user information in. New
+# installations should use either tdbsam or ldapsam. No additional configuration
+# is required for tdbsam. The "smbpasswd" utility is available for backwards
+# compatibility.
+#
+
+ security = user
+ passdb backend = tdbsam
+
+
+# ----------------------- Domain Members Options ------------------------
+#
+# security = must be set to domain or ads.
+#
+# passdb backend = the backend used to store user information in. New
+# installations should use either tdbsam or ldapsam. No additional configuration
+# is required for tdbsam. The "smbpasswd" utility is available for backwards
+# compatibility.
+#
+# realm = only use the realm option when the "security = ads" option is set.
+# The realm option specifies the Active Directory realm the host is a part of.
+#
+# password server = only use this option when the "security = server"
+# option is set, or if you cannot use DNS to locate a Domain Controller. The
+# argument list can include My_PDC_Name, [My_BDC_Name], and [My_Next_BDC_Name]:
+#
+# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
+#
+# Use "password server = *" to automatically locate Domain Controllers.
+
+; security = domain
+; passdb backend = tdbsam
+; realm = MY_REALM
+
+; password server = <NT-Server-Name>
+
+# ----------------------- Domain Controller Options ------------------------
+#
+# security = must be set to user for domain controllers.
+#
+# passdb backend = the backend used to store user information in. New
+# installations should use either tdbsam or ldapsam. No additional configuration
+# is required for tdbsam. The "smbpasswd" utility is available for backwards
+# compatibility.
+#
+# domain master = specifies Samba to be the Domain Master Browser, allowing
+# Samba to collate browse lists between subnets. Do not use the "domain master"
+# option if you already have a Windows NT domain controller performing this task.
+#
+# domain logons = allows Samba to provide a network logon service for Windows
+# workstations.
+#
+# logon script = specifies a script to run at login time on the client. These
+# scripts must be provided in a share named NETLOGON.
+#
+# logon path = specifies (with a UNC path) where user profiles are stored.
+#
+#
+; security = user
+; passdb backend = tdbsam
+
+; domain master = yes
+; domain logons = yes
+
+ # the following login script name is determined by the machine name
+ # (%m):
+; logon script = %m.bat
+ # the following login script name is determined by the UNIX user used:
+; logon script = %u.bat
+; logon path = \\%L\Profiles\%u
+ # use an empty path to disable profile support:
+; logon path =
+
+ # various scripts can be used on a domain controller or a stand-alone
+ # machine to add or delete corresponding UNIX accounts:
+
+; add user script = /usr/sbin/useradd "%u" -n -g users
+; add group script = /usr/sbin/groupadd "%g"
+; add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M -d /nohome -s /bin/false "%u"
+; delete user script = /usr/sbin/userdel "%u"
+; delete user from group script = /usr/sbin/userdel "%u" "%g"
+; delete group script = /usr/sbin/groupdel "%g"
+
+
+# ----------------------- Browser Control Options ----------------------------
+#
+# local master = when set to no, Samba does not become the master browser on
+# your network. When set to yes, normal election rules apply.
+#
+# os level = determines the precedence the server has in master browser
+# elections. The default value should be reasonable.
+#
+# preferred master = when set to yes, Samba forces a local browser election at
+# start up (and gives itself a slightly higher chance of winning the election).
+#
+; local master = no
+; os level = 33
+; preferred master = yes
+
+#----------------------------- Name Resolution -------------------------------
+#
+# This section details the support for the Windows Internet Name Service (WINS).
+#
+# Note: Samba can be either a WINS server or a WINS client, but not both.
+#
+# wins support = when set to yes, the NMBD component of Samba enables its WINS
+# server.
+#
+# wins server = tells the NMBD component of Samba to be a WINS client.
+#
+# wins proxy = when set to yes, Samba answers name resolution queries on behalf
+# of a non WINS capable client. For this to work, there must be at least one
+# WINS server on the network. The default is no.
+#
+# dns proxy = when set to yes, Samba attempts to resolve NetBIOS names via DNS
+# nslookups.
+
+; wins support = yes
+; wins server = w.x.y.z
+; wins proxy = yes
+
+; dns proxy = yes
+
+# --------------------------- Printing Options -----------------------------
+#
+# The options in this section allow you to configure a non-default printing
+# system.
+#
+# load printers = when set you yes, the list of printers is automatically
+# loaded, rather than setting them up individually.
+#
+# cups options = allows you to pass options to the CUPS library. Setting this
+# option to raw, for example, allows you to use drivers on your Windows clients.
+#
+# printcap name = used to specify an alternative printcap file.
+#
+
+ load printers = yes
+ cups options = raw
+
+; printcap name = /etc/printcap
+ # obtain a list of printers automatically on UNIX System V systems:
+; printcap name = lpstat
+; printing = cups
+
+# --------------------------- File System Options ---------------------------
+#
+# The options in this section can be un-commented if the file system supports
+# extended attributes, and those attributes are enabled (usually via the
+# "user_xattr" mount option). These options allow the administrator to specify
+# that DOS attributes are stored in extended attributes and also make sure that
+# Samba does not change the permission bits.
+#
+# Note: These options can be used on a per-share basis. Setting them globally
+# (in the [global] section) makes them the default for all shares.
+
+; map archive = no
+; map hidden = no
+; map read only = no
+; map system = no
+; store dos attributes = yes
+
+
+#============================ Share Definitions ==============================
+
+[homes]
+ comment = Home Directories
+ browseable = no
+ writable = yes
+; valid users = %S
+; valid users = MYDOMAIN\%S
+
+[printers]
+ comment = All Printers
+ path = /var/spool/samba
+ browseable = no
+ guest ok = no
+ writable = no
+ printable = yes
+
+# Un-comment the following and create the netlogon directory for Domain Logons:
+; [netlogon]
+; comment = Network Logon Service
+; path = /var/lib/samba/netlogon
+; guest ok = yes
+; writable = no
+; share modes = no
+
+# Un-comment the following to provide a specific roving profile share.
+# The default is to use the user's home directory:
+; [Profiles]
+; path = /var/lib/samba/profiles
+; browseable = no
+; guest ok = yes
+
+# A publicly accessible directory that is read only, except for users in the
+# "staff" group (which have write permissions):
+; [public]
+; comment = Public Stuff
+; path = /home/samba
+; public = yes
+; writable = yes
+; printable = no
+; write list = +staff
diff --git a/smb.init b/smb.init
new file mode 100644
index 0000000..f9fec26
--- /dev/null
+++ b/smb.init
@@ -0,0 +1,114 @@
+#!/bin/sh
+#
+# chkconfig: - 91 35
+# description: Starts and stops the Samba smbd daemon \
+# used to provide SMB network services.
+#
+# pidfile: /var/run/samba/smbd.pid
+# config: /etc/samba/smb.conf
+
+
+# Source function library.
+if [ -f /etc/init.d/functions ] ; then
+ . /etc/init.d/functions
+elif [ -f /etc/rc.d/init.d/functions ] ; then
+ . /etc/rc.d/init.d/functions
+else
+ exit 1
+fi
+
+# Avoid using root's TMPDIR
+unset TMPDIR
+
+# Source networking configuration.
+. /etc/sysconfig/network
+
+if [ -f /etc/sysconfig/samba ]; then
+ . /etc/sysconfig/samba
+fi
+
+# Check that networking is up.
+[ ${NETWORKING} = "no" ] && exit 1
+
+# Check that smb.conf exists.
+[ -f /etc/samba/smb.conf ] || exit 6
+
+RETVAL=0
+
+
+start() {
+ KIND="SMB"
+ echo -n $"Starting $KIND services: "
+ daemon smbd $SMBDOPTIONS
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && touch /var/lock/subsys/smb || \
+ RETVAL=1
+ return $RETVAL
+}
+
+stop() {
+ KIND="SMB"
+ echo -n $"Shutting down $KIND services: "
+ killproc smbd
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/smb
+ return $RETVAL
+}
+
+restart() {
+ stop
+ start
+}
+
+reload() {
+ echo -n $"Reloading smb.conf file: "
+ killproc smbd -HUP
+ RETVAL=$?
+ echo
+ return $RETVAL
+}
+
+rhstatus() {
+ status -l smb smbd
+ return $?
+}
+
+
+# Allow status as non-root.
+if [ "$1" = status ]; then
+ rhstatus
+ exit $?
+fi
+
+# Check that we can write to it... so non-root users stop here
+[ -w /etc/samba/smb.conf ] || exit 4
+
+
+
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ restart)
+ restart
+ ;;
+ reload)
+ reload
+ ;;
+ status)
+ rhstatus
+ ;;
+ condrestart)
+ [ -f /var/lock/subsys/smb ] && restart || :
+ ;;
+ *)
+ echo $"Usage: $0 {start|stop|restart|reload|status|condrestart}"
+ exit 2
+esac
+
+exit $?
diff --git a/sources b/sources
index 3373aa3..503fffd 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-66afcc4484e7e2b1962554aed3b9c2a7 samba-4.0.0alpha16.tar.gz
+8a0ae605b5e7d6963fa65e74eb8640b3 samba-4.0.0alpha18.tar.bz2
diff --git a/swat.desktop b/swat.desktop
new file mode 100644
index 0000000..0d7b4b5
--- /dev/null
+++ b/swat.desktop
@@ -0,0 +1,8 @@
+[Desktop Entry]
+Name=Samba Configuration
+Name[de]=Samba Konfiguration
+Type=Application
+Comment=Configure Samba with a web based interface
+Exec=htmlview http://127.0.0.1:901/
+Terminal=false
+Categories=X-Red-Hat-Extra;Application;System;X-Red-Hat-ServerConfig;
diff --git a/winbind.init b/winbind.init
new file mode 100644
index 0000000..88ce028
--- /dev/null
+++ b/winbind.init
@@ -0,0 +1,102 @@
+#!/bin/sh
+#
+# chkconfig: - 27 73
+# description: Starts and stops the Samba winbind daemon
+# #
+# pidfile: /var/run/winbindd.pid
+# config: /etc/samba/smb.conf
+
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+# Avoid using root's TMPDIR
+unset TMPDIR
+
+# Source networking configuration.
+. /etc/sysconfig/network
+
+# Check that networking is up.
+[ ${NETWORKING} = "no" ] && exit 1
+
+# Check that smb.conf exists.
+[ -f /etc/samba/smb.conf ] || exit 6
+
+[ -f /etc/sysconfig/samba ] && . /etc/sysconfig/samba
+
+RETVAL=0
+
+
+start() {
+ KIND="Winbind"
+ echo -n $"Starting $KIND services: "
+ daemon winbindd "$WINBINDOPTIONS"
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && touch /var/lock/subsys/winbindd || RETVAL=1
+ return $RETVAL
+}
+
+stop() {
+ echo
+ KIND="Winbind"
+ echo -n $"Shutting down $KIND services: "
+ killproc winbindd
+ RETVAL=$?
+ [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/winbindd
+ echo ""
+ return $RETVAL
+}
+
+restart() {
+ stop
+ start
+}
+
+reload() {
+ echo -n $"Reloading smb.conf file: "
+ killproc winbindd -HUP
+ RETVAL=$?
+ echo
+ return $RETVAL
+}
+
+rhstatus() {
+ status winbindd
+ return $?
+}
+
+# Allow status as non-root.
+if [ "$1" = status ]; then
+ rhstatus
+ exit $?
+fi
+
+# Check that we can write to it... so non-root users stop here
+[ -w /etc/samba/smb.conf ] || exit 4
+
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ restart)
+ restart
+ ;;
+ reload)
+ reload
+ ;;
+ status)
+ rhstatus
+ ;;
+ condrestart)
+ [ -f /var/lock/subsys/winbindd ] && restart || :
+ ;;
+ *)
+ echo $"Usage: $0 {start|stop|restart|reload|status|condrestart}"
+ exit 2
+esac
+
+exit $?
More information about the scm-commits
mailing list