[samba4] Build with MIT Kerberos 5, which disables DC for now.
asn
asn at fedoraproject.org
Fri Jun 1 09:58:47 UTC 2012
commit 38bff8360b631d57e3463e55f7195d3d36e6bfca
Author: Andreas Schneider <asn at cryptomilk.org>
Date: Thu May 31 11:26:13 2012 +0200
Build with MIT Kerberos 5, which disables DC for now.
README.dc | 20 +++
samba4-alpha21-enable-dcerpc-server.patch | 240 +++++++++++++++++++++++++++++
samba4.spec | 83 +++++++----
3 files changed, 315 insertions(+), 28 deletions(-)
---
diff --git a/README.dc b/README.dc
new file mode 100644
index 0000000..b690f28
--- /dev/null
+++ b/README.dc
@@ -0,0 +1,20 @@
+MIT Kerberos 5 Support
+=======================
+
+Fedora is using MIT Kerberos implementation as its Kerberos infrastructure of
+choice. Samba 4 build in Fedora is using MIT Kerberos implementation in order
+to allow system-wide interoperability between both desktop and server
+applications running on the same machine.
+
+At the moment Samba 4 Active Directory Domain Controller implementation is not
+available with MIT Kereberos. FreeIPA and Samba Team members are currently
+working on Samba 4 MIT Kerberos support as this is a requirement for a
+GNU/Linux distribution integration of Samba 4 AD DC features.
+
+We have just finished migrating the file server and all client utilities to MIT
+Kerberos. The result of this work is available in samba4-* packages in Fedora.
+We'll provide Samba 4 AD DC functionality as soon as its support of MIT
+Kerberos KDC will be ready.
+
+In case of further questions do not hesitate to send your inquiries to
+samba4-owner at fedoraproject.org
diff --git a/samba4-alpha21-enable-dcerpc-server.patch b/samba4-alpha21-enable-dcerpc-server.patch
new file mode 100644
index 0000000..ecff859
--- /dev/null
+++ b/samba4-alpha21-enable-dcerpc-server.patch
@@ -0,0 +1,240 @@
+From 583971d74bb028214c93d375cfbbb010d8cc8d21 Mon Sep 17 00:00:00 2001
+From: Alexander Bokovoy <ab at samba.org>
+Date: Thu, 31 May 2012 10:32:01 +0300
+Subject: [PATCH] waf-mitkrb5: enable dcerpc_server library to support OpenChange client code
+
+---
+ source4/rpc_server/wscript_build | 57 +++++++++++++++++++++++------------
+ source4/smbd/wscript_build | 4 +-
+ source4/wrepl_server/wscript_build | 3 +-
+ 3 files changed, 41 insertions(+), 23 deletions(-)
+
+diff --git a/source4/rpc_server/wscript_build b/source4/rpc_server/wscript_build
+index e3a863a..84df78b 100755
+--- a/source4/rpc_server/wscript_build
++++ b/source4/rpc_server/wscript_build
+@@ -11,25 +11,26 @@ bld.SAMBA_SUBSYSTEM('DCERPC_COMMON',
+ source='common/forward.c common/reply.c dcesrv_auth.c common/loadparm.c',
+ autoproto='common/proto.h',
+ deps='ldb DCERPC_SHARE samba_server_gensec',
+- enabled=bld.AD_DC_BUILD_IS_ENABLED()
++ enabled=True
+ )
+
+ bld.SAMBA_LIBRARY('dcerpc_server',
+ source='dcerpc_server.c dcesrv_mgmt.c handles.c',
+ pc_files='dcerpc_server.pc',
+- deps='LIBCLI_AUTH ndr samba_server_gensec dcerpc_remote service',
++ deps='LIBCLI_AUTH DCERPC_COMMON ndr samba_server_gensec dcerpc_remote service',
+ public_deps='dcerpc',
+ autoproto='dcerpc_server_proto.h',
+ public_headers='dcerpc_server.h',
+ vnum='0.0.1',
+- enabled=bld.AD_DC_BUILD_IS_ENABLED()
++ enabled=True
+ )
+
+ bld.SAMBA_MODULE('dcerpc_rpcecho',
+ source='echo/rpc_echo.c',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_rpcecho_init',
+- deps='ndr-standard events'
++ deps='ndr-standard events',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+@@ -37,7 +38,8 @@ bld.SAMBA_MODULE('dcerpc_epmapper',
+ source='epmapper/rpc_epmapper.c',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_epmapper_init',
+- deps='NDR_EPMAPPER'
++ deps='NDR_EPMAPPER',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+@@ -45,7 +47,8 @@ bld.SAMBA_MODULE('dcerpc_remote',
+ source='remote/dcesrv_remote.c',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_remote_init',
+- deps='LIBCLI_SMB ndr-table'
++ deps='LIBCLI_SMB ndr-table',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+@@ -54,7 +57,8 @@ bld.SAMBA_MODULE('dcerpc_srvsvc',
+ autoproto='srvsvc/proto.h',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_srvsvc_init',
+- deps='DCERPC_COMMON NDR_SRVSVC share ntvfs'
++ deps='DCERPC_COMMON NDR_SRVSVC share ntvfs',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+@@ -62,7 +66,8 @@ bld.SAMBA_MODULE('dcerpc_wkssvc',
+ source='wkssvc/dcesrv_wkssvc.c',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_wkssvc_init',
+- deps='DCERPC_COMMON ndr-standard'
++ deps='DCERPC_COMMON ndr-standard',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+@@ -70,7 +75,8 @@ bld.SAMBA_MODULE('dcerpc_unixinfo',
+ source='unixinfo/dcesrv_unixinfo.c',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_unixinfo_init',
+- deps='DCERPC_COMMON samdb NDR_UNIXINFO LIBWBCLIENT_OLD'
++ deps='DCERPC_COMMON samdb NDR_UNIXINFO LIBWBCLIENT_OLD',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+@@ -79,7 +85,8 @@ bld.SAMBA_MODULE('dcesrv_samr',
+ autoproto='samr/proto.h',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_samr_init',
+- deps='samdb DCERPC_COMMON ndr-standard'
++ deps='samdb DCERPC_COMMON ndr-standard',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+@@ -88,7 +95,8 @@ bld.SAMBA_MODULE('dcerpc_winreg',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_winreg_init',
+ deps='registry ndr-standard',
+- internal_module=True
++ internal_module=True,
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+@@ -96,7 +104,8 @@ bld.SAMBA_MODULE('dcerpc_netlogon',
+ source='netlogon/dcerpc_netlogon.c',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_netlogon_init',
+- deps='DCERPC_COMMON RPC_NDR_IRPC COMMON_SCHANNEL ndr-standard auth4_sam samba-hostconfig CLDAPD'
++ deps='DCERPC_COMMON RPC_NDR_IRPC COMMON_SCHANNEL ndr-standard auth4_sam samba-hostconfig CLDAPD',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+@@ -105,7 +114,8 @@ bld.SAMBA_MODULE('dcerpc_lsarpc',
+ autoproto='lsa/proto.h',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_lsa_init',
+- deps='samdb DCERPC_COMMON ndr-standard LIBCLI_AUTH NDR_DSSETUP com_err security UTIL_LSARPC'
++ deps='samdb DCERPC_COMMON ndr-standard LIBCLI_AUTH NDR_DSSETUP com_err security UTIL_LSARPC',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+@@ -114,7 +124,8 @@ bld.SAMBA_MODULE('dcerpc_backupkey',
+ autoproto='backupkey/proto.h',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_backupkey_init',
+- deps='samdb DCERPC_COMMON NDR_BACKUPKEY RPC_NDR_BACKUPKEY krb5 hx509 hcrypto'
++ deps='samdb DCERPC_COMMON NDR_BACKUPKEY RPC_NDR_BACKUPKEY krb5 hx509 hcrypto',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+@@ -123,7 +134,8 @@ bld.SAMBA_MODULE('dcerpc_spoolss',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_spoolss_init',
+ deps='DCERPC_COMMON NDR_SPOOLSS ntptr RPC_NDR_SPOOLSS',
+- internal_module=True
++ internal_module=True,
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+@@ -131,7 +143,8 @@ bld.SAMBA_MODULE('dcerpc_drsuapi',
+ source='drsuapi/dcesrv_drsuapi.c drsuapi/updaterefs.c drsuapi/getncchanges.c drsuapi/addentry.c drsuapi/writespn.c drsuapi/drsutil.c',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_drsuapi_init',
+- deps='samdb DCERPC_COMMON NDR_DRSUAPI security'
++ deps='samdb DCERPC_COMMON NDR_DRSUAPI security',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+@@ -139,21 +152,24 @@ bld.SAMBA_MODULE('dcerpc_browser',
+ source='browser/dcesrv_browser.c',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_browser_init',
+- deps='DCERPC_COMMON NDR_BROWSER'
++ deps='DCERPC_COMMON NDR_BROWSER',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+ bld.SAMBA_MODULE('dcerpc_eventlog',
+ source='eventlog/dcesrv_eventlog6.c',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_eventlog6_init',
+- deps='DCERPC_COMMON'
++ deps='DCERPC_COMMON',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+ bld.SAMBA_MODULE('dcerpc_dnsserver',
+ source='dnsserver/dcerpc_dnsserver.c dnsserver/dnsutils.c dnsserver/dnsdata.c dnsserver/dnsdb.c',
+ subsystem='dcerpc_server',
+ init_function='dcerpc_server_dnsserver_init',
+- deps='DCERPC_COMMON'
++ deps='DCERPC_COMMON',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+
+@@ -163,6 +179,7 @@ bld.SAMBA_MODULE('service_dcerpc',
+ subsystem='service',
+ init_function='server_service_rpc_init',
+ internal_module=False,
+- deps='dcerpc_server'
++ deps='dcerpc_server',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+diff --git a/source4/smbd/wscript_build b/source4/smbd/wscript_build
+index 97877fc..f86cd51 100644
+--- a/source4/smbd/wscript_build
++++ b/source4/smbd/wscript_build
+@@ -5,7 +5,7 @@ bld.SAMBA_LIBRARY('service',
+ autoproto='service_proto.h',
+ deps='tevent MESSAGING samba_socket RPC_NDR_IRPC NDR_NAMED_PIPE_AUTH npa_tstream gssapi samba-credentials LIBTSOCKET LIBSAMBA_TSOCKET process_model',
+ private_library=True,
+- enabled=bld.AD_DC_BUILD_IS_ENABLED()
++ enabled=True
+ )
+
+
+@@ -20,7 +20,7 @@ bld.SAMBA_LIBRARY('process_model',
+ autoproto='process_model_proto.h',
+ deps='samba-util samba-hostconfig samba-modules',
+ private_library=True,
+- enabled=bld.AD_DC_BUILD_IS_ENABLED()
++ enabled=True
+ )
+
+ bld.SAMBA_BINARY('samba',
+diff --git a/source4/wrepl_server/wscript_build b/source4/wrepl_server/wscript_build
+index 79b1a8c..434c8d7 100644
+--- a/source4/wrepl_server/wscript_build
++++ b/source4/wrepl_server/wscript_build
+@@ -6,6 +6,7 @@ bld.SAMBA_MODULE('service_wrepl',
+ subsystem='service',
+ init_function='server_service_wrepl_init',
+ internal_module=False,
+- deps='LIBCLI_WREPL WINSDB process_model RPC_NDR_IRPC'
++ deps='LIBCLI_WREPL WINSDB process_model RPC_NDR_IRPC',
++ enabled=bld.AD_DC_BUILD_IS_ENABLED()
+ )
+
+--
+1.7.0.4
diff --git a/samba4.spec b/samba4.spec
index 52485fd..de55f21 100644
--- a/samba4.spec
+++ b/samba4.spec
@@ -20,6 +20,8 @@
%define with_usrmove 0
+%define with_dc 0
+
%if 0%{?fedora} > 15 || 0%{?rhel} > 6
%define with_talloc 0
%define with_tevent 0
@@ -71,7 +73,10 @@ Source100: nmb.init
Source101: smb.init
Source102: winbind.init
+Source200: README.dc
+
Patch1: samba4-libpdb-soversion.patch
+Patch2: samba4-alpha21-enable-dcerpc-server.patch
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
@@ -346,6 +351,7 @@ link against the SMB, RPC and other protocols.
%setup -q -n samba-%{version}%{pre_release}
%patch1 -p1 -b .waf_tdb
+%patch2 -p1 -b .enable_dcerpc-server
%build
%define _talloc_lib %nil
@@ -417,6 +423,9 @@ link against the SMB, RPC and other protocols.
%if (! %with_libsmbclient) || (! %with_libwbclient)
--private-libraries=%{_samba4_private_libraries} \
%endif
+%if ! %with_dc
+ --without-ad-dc \
+%endif
%if ! %with_pam_smbpass
--without-pam_smbpass
%endif
@@ -490,6 +499,11 @@ install -m644 %{SOURCE7} %{buildroot}%{_sysconfdir}/tmpfiles.d/samba.conf
install -d -m 0755 %{buildroot}%{_sysconfdir}/sysconfig
install -m 0644 packaging/systemd/samba.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/samba
+%if ! %with_dc
+install -d -m 0755 %{buildroot}%{_defaultdocdir}/%{name}
+install -m 0644 %{SOURCE200} %{buildroot}%{_defaultdocdir}/%{name}/README.dc
+%endif
+
%if 0%{?fedora} > 15 || 0%{?rhel} > 6
install -d -m 0755 %{buildroot}%{_unitdir}
for i in nmb smb winbind ; do
@@ -583,9 +597,11 @@ fi
%postun libs -p /sbin/ldconfig
+%if %with_dc
%post dc-libs -p /sbin/ldconfig
%postun dc-libs -p /sbin/ldconfig
+%endif # with_dc
%post test -p /sbin/ldconfig
@@ -697,10 +713,7 @@ rm -rf %{buildroot}
# libraries needed by the public libraries
%{_libdir}/samba/libCHARSET3.so
-%{_libdir}/samba/libHDB_SAMBA4.so
%{_libdir}/samba/libLIBWBCLIENT_OLD.so
-%{_libdir}/samba/libasn1-samba4.so.8
-%{_libdir}/samba/libasn1-samba4.so.8.0.0
%{_libdir}/samba/libasn1util.so
%{_libdir}/samba/libauth_sam_reply.so
%{_libdir}/samba/libauth_unix_token.so
@@ -713,7 +726,6 @@ rm -rf %{buildroot}
%{_libdir}/samba/libcliauth.so
%{_libdir}/samba/libclidns.so
%{_libdir}/samba/libcluster.so
-%{_libdir}/samba/libdb-glue.so
%{_libdir}/samba/libdbwrap.so
%{_libdir}/samba/libdcerpc-samba.so
%{_libdir}/samba/libdcerpc-samba4.so
@@ -721,20 +733,8 @@ rm -rf %{buildroot}
%{_libdir}/samba/libevents.so
%{_libdir}/samba/libflag_mapping.so
%{_libdir}/samba/libgse.so
-%{_libdir}/samba/libgssapi-samba4.so.2
-%{_libdir}/samba/libgssapi-samba4.so.2.0.0
-%{_libdir}/samba/libhcrypto-samba4.so.5
-%{_libdir}/samba/libhcrypto-samba4.so.5.0.1
-%{_libdir}/samba/libhdb-samba4.so.11
-%{_libdir}/samba/libhdb-samba4.so.11.0.2
-%{_libdir}/samba/libheimbase-samba4.so.1
-%{_libdir}/samba/libheimbase-samba4.so.1.0.0
-%{_libdir}/samba/libhx509-samba4.so.5
-%{_libdir}/samba/libhx509-samba4.so.5.0.0
%{_libdir}/samba/libinterfaces.so
%{_libdir}/samba/libkrb5samba.so
-%{_libdir}/samba/libkrb5-samba4.so.26
-%{_libdir}/samba/libkrb5-samba4.so.26.0.0
%{_libdir}/samba/libldbsamba.so
%{_libdir}/samba/liblibcli_lsa3.so
%{_libdir}/samba/liblibcli_netlogon3.so
@@ -744,10 +744,7 @@ rm -rf %{buildroot}
%{_libdir}/samba/libndr-samba4.so
%{_libdir}/samba/libnetif.so
%{_libdir}/samba/libnpa_tstream.so
-%{_libdir}/samba/libposix_eadb.so
%{_libdir}/samba/libreplace.so
-%{_libdir}/samba/libroken-samba4.so.19
-%{_libdir}/samba/libroken-samba4.so.19.0.1
%{_libdir}/samba/libsamba-modules.so
%{_libdir}/samba/libsamba-net.so
%{_libdir}/samba/libsamba-sockets.so
@@ -766,11 +763,32 @@ rm -rf %{buildroot}
%{_libdir}/samba/libutil_cmdline.so
%{_libdir}/samba/libutil_reg.so
%{_libdir}/samba/libutil_tdb.so
-%{_libdir}/samba/libwind-samba4.so.0
-%{_libdir}/samba/libwind-samba4.so.0.0.0
%{_libdir}/samba/libwrap_xattr.so
%{_libdir}/samba/libxattr_tdb.so
+%if %with_dc
+%{_libdir}/samba/libdb-glue.so
+%{_libdir}/samba/libHDB_SAMBA4.so
+%{_libdir}/samba/libasn1-samba4.so.8
+%{_libdir}/samba/libasn1-samba4.so.8.0.0
+%{_libdir}/samba/libgssapi-samba4.so.2
+%{_libdir}/samba/libgssapi-samba4.so.2.0.0
+%{_libdir}/samba/libhcrypto-samba4.so.5
+%{_libdir}/samba/libhcrypto-samba4.so.5.0.1
+%{_libdir}/samba/libhdb-samba4.so.11
+%{_libdir}/samba/libhdb-samba4.so.11.0.2
+%{_libdir}/samba/libheimbase-samba4.so.1
+%{_libdir}/samba/libheimbase-samba4.so.1.0.0
+%{_libdir}/samba/libhx509-samba4.so.5
+%{_libdir}/samba/libhx509-samba4.so.5.0.0
+%{_libdir}/samba/libkrb5-samba4.so.26
+%{_libdir}/samba/libkrb5-samba4.so.26.0.0
+%{_libdir}/samba/libroken-samba4.so.19
+%{_libdir}/samba/libroken-samba4.so.19.0.1
+%{_libdir}/samba/libwind-samba4.so.0
+%{_libdir}/samba/libwind-samba4.so.0.0.0
+%endif
+
%if %{with_ldb}
%{_libdir}/samba/libldb.so.1
%{_libdir}/samba/libldb.so.%{ldb_version}
@@ -832,6 +850,12 @@ rm -rf %{buildroot}
%files dc
%defattr(-,root,root)
%{_bindir}/samba-dig
+%{_libdir}/samba/ldb
+%{_libdir}/samba/libcmdline-credentials.so
+%{_libdir}/samba/libdfs_server_ad.so
+%{_libdir}/samba/libdsdb-module.so
+
+%if %with_dc
%{_bindir}/samba-tool
%{_bindir}/samba_kcc
%{_sbindir}/provision
@@ -842,30 +866,32 @@ rm -rf %{buildroot}
%{_sbindir}/samba_upgradedns
%{_libdir}/mit_samba.so
%{_libdir}/samba/bind9/dlz_bind9.so
-%{_libdir}/samba/libcmdline-credentials.so
-%{_libdir}/samba/libdfs_server_ad.so
-%{_libdir}/samba/libdsdb-module.so
%{_libdir}/samba/libheimntlm-samba4.so.1
%{_libdir}/samba/libheimntlm-samba4.so.1.0.1
%{_libdir}/samba/libkdc-samba4.so.2
%{_libdir}/samba/libkdc-samba4.so.2.0.0
%{_libdir}/samba/libpac.so
%{_libdir}/samba/gensec
-%{_libdir}/samba/ldb
-%{_libdir}/samba/process_model
-%{_libdir}/samba/service
%dir /var/lib/samba/sysvol
%{_datadir}/samba/setup
%{_mandir}/man8/samba.8.gz
+%else # with_dc
+%doc %{_defaultdocdir}/%{name}/README.dc
+%endif # with_dc
%files dc-libs
%defattr(-,root,root)
%{_libdir}/libdcerpc-server.so.*
%{_libdir}/samba/libauth4.so
-%{_libdir}/samba/libntvfs.so
%{_libdir}/samba/libprocess_model.so
%{_libdir}/samba/libservice.so
+%{_libdir}/samba/process_model
+%{_libdir}/samba/service
+%if %with_dc
+%{_libdir}/samba/libntvfs.so
+%{_libdir}/samba/libposix_eadb.so
%{_libdir}/samba/bind9/dlz_bind9_9.so
+%endif # with_dc
%files winbind
%defattr(-,root,root)
@@ -1223,6 +1249,7 @@ rm -rf %{buildroot}
- Update to Samba 4.0.0 alpha 21.
- Add missing iniparser-devel build requirement.
- Add libwbclient.so for internal FreeIPA build.
+- Build with MIT KRB5.
* Mon May 21 2012 Andreas Schneider <asn at redhat.com> - 2:4.0.0-50.alpha18
- Add missing python-tevent to BuildRequires.
More information about the scm-commits
mailing list