Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 1 | HOMEPAGE = "https://www.samba.org/" |
| 2 | SECTION = "console/network" |
| 3 | |
| 4 | LICENSE = "GPL-3.0+ & LGPL-3.0+ & GPL-2.0+" |
| 5 | LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ |
Andrew Geissler | 97771a3 | 2021-03-05 15:23:11 -0600 | [diff] [blame] | 6 | file://${COREBASE}/meta/files/common-licenses/LGPL-3.0-or-later;md5=c51d3eef3be114124d11349ca0d7e117 \ |
| 7 | file://${COREBASE}/meta/files/common-licenses/GPL-2.0-or-later;md5=fed54355545ffd980b814dab4a3b312c" |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 8 | |
| 9 | SAMBA_MIRROR = "http://samba.org/samba/ftp" |
| 10 | MIRRORS += "\ |
| 11 | ${SAMBA_MIRROR} http://mirror.internode.on.net/pub/samba \n \ |
| 12 | ${SAMBA_MIRROR} http://www.mirrorservice.org/sites/ftp.samba.org \n \ |
| 13 | " |
| 14 | |
| 15 | SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ |
| 16 | file://smb.conf \ |
| 17 | file://16-do-not-check-xsltproc-manpages.patch \ |
| 18 | file://20-do-not-import-target-module-while-cross-compile.patch \ |
| 19 | file://21-add-config-option-without-valgrind.patch \ |
| 20 | file://netdb_defines.patch \ |
| 21 | file://glibc_only.patch \ |
| 22 | file://iconv-4.7.0.patch \ |
| 23 | file://dnsserver-4.7.0.patch \ |
| 24 | file://smb_conf-4.7.0.patch \ |
| 25 | file://volatiles.03_samba \ |
| 26 | file://0001-waf-add-support-of-cross_compile.patch \ |
| 27 | file://0001-lib-replace-wscript-Avoid-generating-nested-main-fun.patch \ |
| 28 | file://0002-util_sec.c-Move-__thread-variable-to-global-scope.patch \ |
Andrew Geissler | e231d58 | 2020-05-05 08:53:09 -0500 | [diff] [blame] | 29 | file://0001-Add-options-to-configure-the-use-of-libbsd.patch \ |
Andrew Geissler | 748a483 | 2020-07-24 16:24:21 -0500 | [diff] [blame] | 30 | file://0001-nsswitch-nsstest.c-Avoid-nss-function-conflicts-with.patch \ |
Andrew Geissler | 72956ed | 2021-01-08 16:11:14 -0600 | [diff] [blame] | 31 | file://CVE-2020-14318.patch \ |
| 32 | file://CVE-2020-14383.patch \ |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 33 | " |
| 34 | SRC_URI_append_libc-musl = " \ |
| 35 | file://samba-pam.patch \ |
| 36 | file://samba-4.3.9-remove-getpwent_r.patch \ |
| 37 | file://cmocka-uintptr_t.patch \ |
| 38 | file://0001-samba-fix-musl-lib-without-innetgr.patch \ |
| 39 | " |
| 40 | |
Andrew Geissler | bbbd5f4 | 2020-10-30 15:42:48 -0500 | [diff] [blame] | 41 | SRC_URI[md5sum] = "f006a3d1876113e4a049015969d20fe6" |
| 42 | SRC_URI[sha256sum] = "7dcfc2aaaac565b959068788e6a43fc79ce2a03e7d523f5843f7a9fddffc7c2c" |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 43 | |
| 44 | UPSTREAM_CHECK_REGEX = "samba\-(?P<pver>4\.10(\.\d+)+).tar.gz" |
| 45 | |
| 46 | inherit systemd waf-samba cpan-base perlnative update-rc.d |
| 47 | # remove default added RDEPENDS on perl |
| 48 | RDEPENDS_${PN}_remove = "perl" |
| 49 | |
Andrew Geissler | e231d58 | 2020-05-05 08:53:09 -0500 | [diff] [blame] | 50 | DEPENDS += "readline virtual/libiconv zlib popt libtalloc libtdb libtevent libldb libaio libpam libtasn1 jansson" |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 51 | |
| 52 | inherit features_check |
| 53 | REQUIRED_DISTRO_FEATURES = "pam" |
| 54 | |
| 55 | DEPENDS_append_libc-musl = " libtirpc" |
| 56 | CFLAGS_append_libc-musl = " -I${STAGING_INCDIR}/tirpc" |
| 57 | LDFLAGS_append_libc-musl = " -ltirpc" |
| 58 | |
| 59 | INITSCRIPT_NAME = "samba" |
| 60 | INITSCRIPT_PARAMS = "start 20 3 5 . stop 20 0 1 6 ." |
| 61 | |
| 62 | SYSTEMD_PACKAGES = "${PN}-base ${PN}-ad-dc winbind" |
| 63 | SYSTEMD_SERVICE_${PN}-base = "nmb.service smb.service" |
| 64 | SYSTEMD_SERVICE_${PN}-ad-dc = "${@bb.utils.contains('PACKAGECONFIG', 'ad-dc', 'samba.service', '', d)}" |
| 65 | SYSTEMD_SERVICE_winbind = "winbind.service" |
| 66 | |
| 67 | # There are prerequisite settings to enable ad-dc, so disable the service by default. |
| 68 | # Reference: |
| 69 | # https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller |
| 70 | SYSTEMD_AUTO_ENABLE_${PN}-ad-dc = "disable" |
| 71 | |
| 72 | #cross_compile cannot use preforked process, since fork process earlier than point subproces.popen |
| 73 | #to cross Popen |
| 74 | export WAF_NO_PREFORK="yes" |
| 75 | |
| 76 | # Use krb5. Build active domain controller. |
| 77 | # |
| 78 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd zeroconf', d)} \ |
| 79 | acl cups ad-dc gnutls ldap mitkrb5 \ |
| 80 | " |
| 81 | |
| 82 | RDEPENDS_${PN}-ctdb-tests += "bash util-linux-getopt" |
| 83 | |
| 84 | PACKAGECONFIG[acl] = "--with-acl-support,--without-acl-support,acl" |
| 85 | PACKAGECONFIG[fam] = "--with-fam,--without-fam,gamin" |
| 86 | PACKAGECONFIG[cups] = "--enable-cups,--disable-cups,cups" |
| 87 | PACKAGECONFIG[ldap] = "--with-ldap,--without-ldap,openldap" |
| 88 | PACKAGECONFIG[sasl] = ",,cyrus-sasl" |
| 89 | PACKAGECONFIG[systemd] = "--with-systemd,--without-systemd,systemd" |
| 90 | PACKAGECONFIG[dmapi] = "--with-dmapi,--without-dmapi,dmapi" |
| 91 | PACKAGECONFIG[zeroconf] = "--enable-avahi,--disable-avahi,avahi" |
| 92 | PACKAGECONFIG[valgrind] = ",--without-valgrind,valgrind," |
| 93 | PACKAGECONFIG[lttng] = "--with-lttng, --without-lttng,lttng-ust" |
| 94 | PACKAGECONFIG[archive] = "--with-libarchive, --without-libarchive, libarchive" |
| 95 | PACKAGECONFIG[libunwind] = ", , libunwind" |
| 96 | PACKAGECONFIG[gpgme] = ",--without-gpgme,," |
| 97 | PACKAGECONFIG[lmdb] = ",--without-ldb-lmdb,lmdb," |
Andrew Geissler | e231d58 | 2020-05-05 08:53:09 -0500 | [diff] [blame] | 98 | PACKAGECONFIG[libbsd] = "--with-libbsd, --without-libbsd, libbsd" |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 99 | |
| 100 | # Building the AD (Active Directory) DC (Domain Controller) requires GnuTLS, |
| 101 | # And ad-dc doesn't work with mitkrb5 for versions prior to 4.7.0 according to: |
| 102 | # http://samba.2283325.n4.nabble.com/samba-4-6-6-Unknown-dependency-kdc-in-service-kdc-objlist-td4722096.html |
| 103 | # So the working combination is: |
| 104 | # 1) ad-dc: enable, gnutls: enable, mitkrb5: disable |
| 105 | # 2) ad-dc: disable, gnutls: enable/disable, mitkrb5: enable |
| 106 | # |
| 107 | # We are now at 4.7.0, so take the above with a grain of salt. We do not need to know where |
| 108 | # krb5kdc is unless ad-dc is enabled, but we tell configure anyhow. |
| 109 | # |
| 110 | PACKAGECONFIG[ad-dc] = "--with-experimental-mit-ad-dc,--without-ad-dc,," |
| 111 | PACKAGECONFIG[gnutls] = "--enable-gnutls,--disable-gnutls,gnutls," |
| 112 | PACKAGECONFIG[mitkrb5] = "--with-system-mitkrb5 --with-system-mitkdc=/usr/sbin/krb5kdc,,krb5," |
| 113 | |
| 114 | SAMBA4_IDMAP_MODULES="idmap_ad,idmap_rid,idmap_adex,idmap_hash,idmap_tdb2" |
| 115 | SAMBA4_PDB_MODULES="pdb_tdbsam,${@bb.utils.contains('PACKAGECONFIG', 'ldap', 'pdb_ldap,', '', d)}pdb_ads,pdb_smbpasswd,pdb_wbc_sam,pdb_samba4" |
| 116 | SAMBA4_AUTH_MODULES="auth_unix,auth_wbc,auth_server,auth_netlogond,auth_script,auth_samba4" |
| 117 | SAMBA4_MODULES="${SAMBA4_IDMAP_MODULES},${SAMBA4_PDB_MODULES},${SAMBA4_AUTH_MODULES}" |
| 118 | |
| 119 | # These libraries are supposed to replace others supplied by packages, but decorate the names of |
| 120 | # .so files so there will not be a conflict. This is not done consistantly, so be very careful |
| 121 | # when adding to this list. |
| 122 | # |
| 123 | SAMBA4_LIBS="heimdal,cmocka,NONE" |
| 124 | |
| 125 | EXTRA_OECONF += "--enable-fhs \ |
| 126 | --with-piddir=/run \ |
| 127 | --with-sockets-dir=/run/samba \ |
| 128 | --with-modulesdir=${libdir}/samba \ |
| 129 | --with-lockdir=${localstatedir}/lib/samba \ |
| 130 | --with-cachedir=${localstatedir}/lib/samba \ |
| 131 | --disable-rpath-install \ |
| 132 | --with-shared-modules=${SAMBA4_MODULES} \ |
| 133 | --bundled-libraries=${SAMBA4_LIBS} \ |
| 134 | ${@oe.utils.conditional('TARGET_ARCH', 'x86_64', '', '--disable-glusterfs', d)} \ |
| 135 | --with-cluster-support \ |
| 136 | --with-profiling-data \ |
| 137 | --with-libiconv=${STAGING_DIR_HOST}${prefix} \ |
| 138 | --with-pam --with-pammodulesdir=${base_libdir}/security \ |
| 139 | " |
| 140 | |
| 141 | LDFLAGS += "-Wl,-z,relro,-z,now ${@bb.utils.contains('DISTRO_FEATURES', 'ld-is-gold', ' -fuse-ld=bfd ', '', d)}" |
| 142 | |
| 143 | do_install_append() { |
| 144 | for section in 1 5 7; do |
| 145 | install -d ${D}${mandir}/man$section |
| 146 | install -m 0644 ctdb/doc/*.$section ${D}${mandir}/man$section |
| 147 | done |
| 148 | for section in 1 5 7 8; do |
| 149 | install -d ${D}${mandir}/man$section |
| 150 | install -m 0644 docs/manpages/*.$section ${D}${mandir}/man$section |
| 151 | done |
| 152 | |
| 153 | install -d ${D}${systemd_system_unitdir} |
| 154 | install -m 0644 ${S}/bin/default/packaging/systemd/*.service ${D}${systemd_system_unitdir}/ |
| 155 | sed -e 's,\(ExecReload=\).*\(/kill\),\1${base_bindir}\2,' \ |
| 156 | -e 's,/etc/sysconfig/samba,${sysconfdir}/default/samba,' \ |
| 157 | -i ${D}${systemd_system_unitdir}/*.service |
| 158 | |
| 159 | if [ "${@bb.utils.contains('PACKAGECONFIG', 'ad-dc', 'yes', 'no', d)}" = "no" ]; then |
| 160 | rm -f ${D}${systemd_system_unitdir}/samba.service |
| 161 | fi |
| 162 | |
| 163 | install -d ${D}${sysconfdir}/tmpfiles.d |
| 164 | install -m644 packaging/systemd/samba.conf.tmp ${D}${sysconfdir}/tmpfiles.d/samba.conf |
| 165 | echo "d ${localstatedir}/log/samba 0755 root root -" \ |
| 166 | >> ${D}${sysconfdir}/tmpfiles.d/samba.conf |
| 167 | install -d ${D}${sysconfdir}/init.d |
| 168 | install -m 0755 packaging/sysv/samba.init ${D}${sysconfdir}/init.d/samba |
| 169 | sed -e 's,/opt/samba/bin,${sbindir},g' \ |
| 170 | -e 's,/opt/samba/smb.conf,${sysconfdir}/samba/smb.conf,g' \ |
| 171 | -e 's,/opt/samba/log,${localstatedir}/log/samba,g' \ |
| 172 | -e 's,/etc/init.d/samba.server,${sysconfdir}/init.d/samba,g' \ |
| 173 | -e 's,/usr/bin,${base_bindir},g' \ |
| 174 | -i ${D}${sysconfdir}/init.d/samba |
| 175 | |
| 176 | install -d ${D}${sysconfdir}/samba |
| 177 | echo "127.0.0.1 localhost" > ${D}${sysconfdir}/samba/lmhosts |
| 178 | install -m644 ${WORKDIR}/smb.conf ${D}${sysconfdir}/samba/smb.conf |
| 179 | install -D -m 644 ${WORKDIR}/volatiles.03_samba ${D}${sysconfdir}/default/volatiles/03_samba |
| 180 | |
| 181 | install -d ${D}${sysconfdir}/default |
| 182 | install -m644 packaging/systemd/samba.sysconfig ${D}${sysconfdir}/default/samba |
| 183 | |
| 184 | # the items are from ctdb/tests/run_tests.sh |
| 185 | for d in onnode takeover tool eventscripts cunit simple complex; do |
| 186 | testdir=${D}${datadir}/ctdb-tests/$d |
| 187 | install -d $testdir |
| 188 | cp ${S}/ctdb/tests/$d/*.sh $testdir |
| 189 | cp -r ${S}/ctdb/tests/$d/scripts ${S}/ctdb/tests/$d/stubs $testdir || true |
| 190 | done |
| 191 | |
| 192 | # fix file-rdeps qa warning |
| 193 | if [ -f ${D}${bindir}/onnode ]; then |
| 194 | sed -i 's:\(#!/bin/\)bash:\1sh:' ${D}${bindir}/onnode |
| 195 | fi |
| 196 | |
| 197 | chmod 0750 ${D}${sysconfdir}/sudoers.d || true |
| 198 | rm -rf ${D}/run ${D}${localstatedir}/run ${D}${localstatedir}/log |
| 199 | |
| 200 | for f in samba-gpupdate samba_upgradedns samba_spnupdate samba_kcc samba_dnsupdate; do |
| 201 | if [ -f "${D}${sbindir}/$f" ]; then |
| 202 | sed -i -e 's,${PYTHON},/usr/bin/env python3,g' ${D}${sbindir}/$f |
| 203 | fi |
| 204 | done |
| 205 | if [ -f "${D}${bindir}/samba-tool" ]; then |
| 206 | sed -i -e 's,${PYTHON},/usr/bin/env python3,g' ${D}${bindir}/samba-tool |
| 207 | fi |
| 208 | |
| 209 | } |
| 210 | |
| 211 | PACKAGES =+ "${PN}-python3 ${PN}-pidl \ |
| 212 | ${PN}-dsdb-modules ${PN}-testsuite registry-tools \ |
| 213 | winbind \ |
| 214 | ${PN}-common ${PN}-base ${PN}-ad-dc ${PN}-ctdb-tests \ |
| 215 | smbclient ${PN}-client ${PN}-server ${PN}-test" |
| 216 | |
| 217 | python samba_populate_packages() { |
| 218 | def module_hook(file, pkg, pattern, format, basename): |
| 219 | pn = d.getVar('PN') |
| 220 | d.appendVar('RRECOMMENDS_%s-base' % pn, ' %s' % pkg) |
| 221 | |
| 222 | mlprefix = d.getVar('MLPREFIX') or '' |
| 223 | pam_libdir = d.expand('${base_libdir}/security') |
| 224 | pam_pkgname = mlprefix + 'pam-plugin%s' |
| 225 | do_split_packages(d, pam_libdir, '^pam_(.*)\.so$', pam_pkgname, 'PAM plugin for %s', extra_depends='', prepend=True) |
| 226 | |
| 227 | libdir = d.getVar('libdir') |
| 228 | do_split_packages(d, libdir, '^lib(.*)\.so\..*$', 'lib%s', 'Samba %s library', extra_depends='${PN}-common', prepend=True, allow_links=True) |
| 229 | pkglibdir = '%s/samba' % libdir |
| 230 | do_split_packages(d, pkglibdir, '^lib(.*)\.so$', 'lib%s', 'Samba %s library', extra_depends='${PN}-common', prepend=True) |
| 231 | moduledir = '%s/samba/auth' % libdir |
| 232 | do_split_packages(d, moduledir, '^(.*)\.so$', 'samba-auth-%s', 'Samba %s authentication backend', hook=module_hook, extra_depends='', prepend=True) |
| 233 | moduledir = '%s/samba/pdb' % libdir |
| 234 | do_split_packages(d, moduledir, '^(.*)\.so$', 'samba-pdb-%s', 'Samba %s password backend', hook=module_hook, extra_depends='', prepend=True) |
| 235 | } |
| 236 | |
| 237 | PACKAGESPLITFUNCS_prepend = "samba_populate_packages " |
| 238 | PACKAGES_DYNAMIC = "samba-auth-.* samba-pdb-.*" |
| 239 | |
| 240 | RDEPENDS_${PN} += "${PN}-base ${PN}-python3 ${PN}-dsdb-modules python3" |
| 241 | RDEPENDS_${PN}-python3 += "pytalloc python3-tdb" |
| 242 | |
| 243 | FILES_${PN}-base = "${sbindir}/nmbd \ |
| 244 | ${sbindir}/smbd \ |
| 245 | ${sysconfdir}/init.d \ |
| 246 | ${systemd_system_unitdir}/nmb.service \ |
| 247 | ${systemd_system_unitdir}/smb.service" |
| 248 | |
| 249 | FILES_${PN}-ad-dc = "${sbindir}/samba \ |
| 250 | ${systemd_system_unitdir}/samba.service \ |
| 251 | ${libdir}/krb5/plugins/kdb/samba.so \ |
| 252 | " |
| 253 | RDEPENDS_${PN}-ad-dc = "krb5-kdc" |
| 254 | |
| 255 | FILES_${PN}-ctdb-tests = "${bindir}/ctdb_run_tests \ |
| 256 | ${bindir}/ctdb_run_cluster_tests \ |
| 257 | ${sysconfdir}/ctdb/nodes \ |
| 258 | ${datadir}/ctdb-tests \ |
| 259 | ${datadir}/ctdb/tests \ |
| 260 | ${localstatedir}/lib/ctdb \ |
| 261 | " |
| 262 | |
| 263 | FILES_${BPN}-common = "${sysconfdir}/default \ |
| 264 | ${sysconfdir}/samba \ |
| 265 | ${sysconfdir}/tmpfiles.d \ |
| 266 | ${localstatedir}/lib/samba \ |
| 267 | ${localstatedir}/spool/samba \ |
| 268 | " |
| 269 | |
| 270 | FILES_${PN} += "${libdir}/vfs/*.so \ |
| 271 | ${libdir}/charset/*.so \ |
| 272 | ${libdir}/*.dat \ |
| 273 | ${libdir}/auth/*.so \ |
| 274 | ${datadir}/ctdb/events/* \ |
| 275 | " |
| 276 | |
| 277 | FILES_${PN}-dsdb-modules = "${libdir}/samba/ldb" |
| 278 | |
| 279 | FILES_${PN}-testsuite = "${bindir}/gentest \ |
| 280 | ${bindir}/locktest \ |
| 281 | ${bindir}/masktest \ |
| 282 | ${bindir}/ndrdump \ |
| 283 | ${bindir}/smbtorture" |
| 284 | |
| 285 | FILES_registry-tools = "${bindir}/regdiff \ |
| 286 | ${bindir}/regpatch \ |
| 287 | ${bindir}/regshell \ |
| 288 | ${bindir}/regtree" |
| 289 | |
| 290 | FILES_winbind = "${sbindir}/winbindd \ |
| 291 | ${bindir}/wbinfo \ |
| 292 | ${bindir}/ntlm_auth \ |
| 293 | ${libdir}/samba/idmap \ |
| 294 | ${libdir}/samba/nss_info \ |
| 295 | ${libdir}/winbind_krb5_locator.so \ |
| 296 | ${libdir}/winbind-krb5-localauth.so \ |
| 297 | ${sysconfdir}/init.d/winbind \ |
| 298 | ${systemd_system_unitdir}/winbind.service" |
| 299 | |
| 300 | FILES_${PN}-python3 = "${PYTHON_SITEPACKAGES_DIR}" |
| 301 | |
| 302 | FILES_smbclient = "${bindir}/cifsdd \ |
| 303 | ${bindir}/rpcclient \ |
| 304 | ${bindir}/smbcacls \ |
| 305 | ${bindir}/smbclient \ |
| 306 | ${bindir}/smbcquotas \ |
| 307 | ${bindir}/smbget \ |
| 308 | ${bindir}/smbspool \ |
| 309 | ${bindir}/smbtar \ |
| 310 | ${bindir}/smbtree \ |
| 311 | ${libdir}/samba/smbspool_krb5_wrapper" |
| 312 | |
| 313 | RDEPENDS_${PN}-pidl_append = " perl" |
| 314 | FILES_${PN}-pidl = "${bindir}/pidl ${datadir}/perl5/Parse" |
| 315 | |
| 316 | RDEPENDS_${PN}-client = "\ |
| 317 | smbclient \ |
| 318 | winbind \ |
| 319 | registry-tools \ |
| 320 | ${PN}-pidl \ |
| 321 | " |
| 322 | |
| 323 | ALLOW_EMPTY_${PN}-client = "1" |
| 324 | |
| 325 | RDEPENDS_${PN}-server = "\ |
| 326 | ${PN} \ |
| 327 | winbind \ |
| 328 | registry-tools \ |
| 329 | " |
| 330 | |
| 331 | ALLOW_EMPTY_${PN}-server = "1" |
| 332 | |
| 333 | RDEPENDS_${PN}-test = "\ |
| 334 | ${PN}-ctdb-tests \ |
| 335 | ${PN}-testsuite \ |
| 336 | " |
| 337 | |
| 338 | ALLOW_EMPTY_${PN}-test = "1" |