From 690f4a096ff5d21995ae12b711af8dbfa39dc013 Mon Sep 17 00:00:00 2001 From: Silvan Calarco Date: Fri, 5 Jan 2024 17:37:14 +0100 Subject: [PATCH] update to 3.6.23 x86_64: install cups backend under %{_prefix}/lib/cups, not %{_libdir}/cups x86_64: install pam and nss libraries under /lib64 instead of /lib use patch to fix smbd link against libtirpc instead of passing LDFLAGS [release 3.6.23-1mamba;Wed Apr 02 2014] --- README.md | 2 + samba-3.0.23-smbldaptools-rootbinddn.patch | 57 + samba-3.2.4-remove_strlcpy_strlcat.patch | 48 + samba-3.5.8-mount_disable_setuid_check.patch | 22 + samba-3.6.23-link-tirpc.patch | 24 + samba-conf | 86 ++ samba-initscript | 57 + samba-ld.so.conf | 1 + samba-lmhosts | 7 + samba-mkhomedir.sh | 34 + samba-pam | 8 + samba-qilinux_smbldap_conf.sh | 285 +++++ samba-smbldap_conf.pm | 198 ++++ samba-smbusers | 1 + samba-swat_desktopfile | 15 + samba-xinetd-swat | 15 + samba.spec | 1032 ++++++++++++++++++ winbind-initscript | 75 ++ winbind-nm-dispatcher | 12 + 19 files changed, 1979 insertions(+) create mode 100644 samba-3.0.23-smbldaptools-rootbinddn.patch create mode 100644 samba-3.2.4-remove_strlcpy_strlcat.patch create mode 100644 samba-3.5.8-mount_disable_setuid_check.patch create mode 100644 samba-3.6.23-link-tirpc.patch create mode 100644 samba-conf create mode 100644 samba-initscript create mode 100644 samba-ld.so.conf create mode 100644 samba-lmhosts create mode 100644 samba-mkhomedir.sh create mode 100644 samba-pam create mode 100644 samba-qilinux_smbldap_conf.sh create mode 100644 samba-smbldap_conf.pm create mode 100644 samba-smbusers create mode 100644 samba-swat_desktopfile create mode 100644 samba-xinetd-swat create mode 100644 samba.spec create mode 100644 winbind-initscript create mode 100644 winbind-nm-dispatcher diff --git a/README.md b/README.md index be13c8e..c26d0e2 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,4 @@ # samba +Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients. + diff --git a/samba-3.0.23-smbldaptools-rootbinddn.patch b/samba-3.0.23-smbldaptools-rootbinddn.patch new file mode 100644 index 0000000..30f8ccf --- /dev/null +++ b/samba-3.0.23-smbldaptools-rootbinddn.patch @@ -0,0 +1,57 @@ +--- samba-3.0.23/examples/LDAP/smbldap-tools-0.9.2/smbldap_tools.pm 2006-01-03 11:57:41.000000000 +0100 ++++ samba-3.0.23/examples/LDAP/smbldap-tools-0.9.2/smbldap_tools.pm.fix 2006-10-10 10:12:42.000000000 +0200 +@@ -32,15 +32,15 @@ + # ugly funcs using global variables and spawning openldap clients + + my $smbldap_conf; +-if (-e "/etc/smbldap-tools/smbldap.conf") { +- $smbldap_conf="/etc/smbldap-tools/smbldap.conf"; ++if (-e "/etc/samba/smbldap-tools/smbldap.conf") { ++ $smbldap_conf="/etc/samba/smbldap-tools/smbldap.conf"; + } else { + $smbldap_conf="/etc/opt/IDEALX/smbldap-tools/smbldap.conf"; + } + + my $smbldap_bind_conf; +-if (-e "/etc/smbldap-tools/smbldap_bind.conf") { +- $smbldap_bind_conf="/etc/smbldap-tools/smbldap_bind.conf"; ++if (-e "/etc/samba/smbldap-tools/smbldap_bind.conf") { ++ $smbldap_bind_conf="/etc/samba/smbldap-tools/smbldap_bind.conf"; + } else { + $smbldap_bind_conf="/etc/opt/IDEALX/smbldap-tools/smbldap_bind.conf"; + } +@@ -51,6 +51,10 @@ + $samba_conf="/usr/local/samba/lib/smb.conf"; + } + ++# system-wide LDAP configuration files ++my $ldap_conf="/etc/ldap.conf"; ++my $ldap_secret="/etc/ldap.secret"; ++ + use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS); + use Exporter; + $VERSION = 1.00; +@@ -168,7 +172,22 @@ + $conf{$parameter}=$value; + } + close (CONFIGFILE); +- } else { ++ ++ if (open (CONFIGFILE, "$ldap_secret")) { ++ $conf{masterPw} = ; ++ chomp($conf{masterPw}); ++ close (CONFIGFILE); ++ ++ open (CONFIGFILE, "$ldap_conf") || die "Unable to open $ldap_conf for reading !\n"; ++ while () { ++ chomp($_); ++ next if ( ! /^\s*rootbinddn\s*.*/ ); ++ $_ =~ s/^\s*rootbinddn\s*(.*)$/$1/; ++ $conf{masterDN}=$_; ++ } ++ close (CONFIGFILE); ++ } ++ } else { + $conf{slaveDN}=$conf{slavePw}=$conf{masterDN}=$conf{masterPw}=""; + } + # automatically find SID diff --git a/samba-3.2.4-remove_strlcpy_strlcat.patch b/samba-3.2.4-remove_strlcpy_strlcat.patch new file mode 100644 index 0000000..8d3f878 --- /dev/null +++ b/samba-3.2.4-remove_strlcpy_strlcat.patch @@ -0,0 +1,48 @@ +diff -Nru samba-3.2.4.orig/source/client/mount.cifs.c samba-3.2.4/source/client/mount.cifs.c +--- samba-3.2.4.orig/source/client/mount.cifs.c 2008-09-18 08:49:02.000000000 +0200 ++++ samba-3.2.4/source/client/mount.cifs.c 2008-10-02 12:30:24.000000000 +0200 +@@ -89,44 +89,6 @@ + char * domain_name = NULL; + char * prefixpath = NULL; + +-/* glibc doesn't have strlcpy, strlcat. Ensure we do. JRA. We +- * don't link to libreplace so need them here. */ +- +-/* like strncpy but does not 0 fill the buffer and always null +- * terminates. bufsize is the size of the destination buffer */ +-static size_t strlcpy(char *d, const char *s, size_t bufsize) +-{ +- size_t len = strlen(s); +- size_t ret = len; +- if (bufsize <= 0) return 0; +- if (len >= bufsize) len = bufsize-1; +- memcpy(d, s, len); +- d[len] = 0; +- return ret; +-} +- +-/* like strncat but does not 0 fill the buffer and always null +- * terminates. bufsize is the length of the buffer, which should +- * be one more than the maximum resulting string length */ +-static size_t strlcat(char *d, const char *s, size_t bufsize) +-{ +- size_t len1 = strlen(d); +- size_t len2 = strlen(s); +- size_t ret = len1 + len2; +- +- if (len1+len2 >= bufsize) { +- if (bufsize < (len1+1)) { +- return ret; +- } +- len2 = bufsize - (len1+1); +- } +- if (len2 > 0) { +- memcpy(d+len1, s, len2); +- d[len1+len2] = 0; +- } +- return ret; +-} +- + /* BB finish BB + + cifs_umount diff --git a/samba-3.5.8-mount_disable_setuid_check.patch b/samba-3.5.8-mount_disable_setuid_check.patch new file mode 100644 index 0000000..9cc3f11 --- /dev/null +++ b/samba-3.5.8-mount_disable_setuid_check.patch @@ -0,0 +1,22 @@ +Files a/client/.mount.cifs.c.swp and b/client/.mount.cifs.c.swp differ +diff -Nur a/client/mount.cifs.c b/client/mount.cifs.c +--- a/client/mount.cifs.c 2010-04-01 15:26:22.000000000 +0200 ++++ b/client/mount.cifs.c 2010-04-15 13:20:41.997470980 +0200 +@@ -97,7 +97,7 @@ + * error if it is. If you wish to disable this check, then set the following + * #define to 1, but please realize that you do so at your own peril. + */ +-#define CIFS_DISABLE_SETUID_CHECK 0 ++#define CIFS_DISABLE_SETUID_CHECK 1 + + /* + * By default, mount.cifs follows the conventions set forth by /bin/mount +@@ -112,7 +112,7 @@ + * The legacy behavior is now disabled by default. To reenable it, set the + * following #define to true. + */ +-#define CIFS_LEGACY_SETUID_CHECK 0 ++#define CIFS_LEGACY_SETUID_CHECK 1 + + /* + * When an unprivileged user runs a setuid mount.cifs, we set certain mount diff --git a/samba-3.6.23-link-tirpc.patch b/samba-3.6.23-link-tirpc.patch new file mode 100644 index 0000000..5786155 --- /dev/null +++ b/samba-3.6.23-link-tirpc.patch @@ -0,0 +1,24 @@ +diff -Nru samba-3.6.23/source3.orig/Makefile.in samba-3.6.23/source3/Makefile.in +--- samba-3.6.23/source3.orig/Makefile.in 2014-03-11 10:17:34.000000000 +0000 ++++ samba-3.6.23/source3/Makefile.in 2014-04-02 13:19:38.225103348 +0000 +@@ -1783,7 +1783,7 @@ + $(KRB5LIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) \ + $(ACL_LIBS) $(PASSDB_LIBS) $(LIBS) $(DNSSD_LIBS) $(AVAHI_LIBS) \ + $(POPT_LIBS) @SMBD_LIBS@ $(LIBTALLOC_LIBS) $(LIBTEVENT_LIBS) $(LIBTDB_LIBS) \ +- $(LIBWBCLIENT_LIBS) $(ZLIB_LIBS) ++ $(LIBWBCLIENT_LIBS) $(ZLIB_LIBS) -ltirpc + + bin/nmbd@EXEEXT@: $(BINARY_PREREQS) $(NMBD_OBJ) @BUILD_POPT@ $(LIBTALLOC) $(LIBTEVENT) $(LIBTDB) $(LIBWBCLIENT) + @echo Linking $@ +diff -Nru samba-3.6.23/source3.orig/wscript_build samba-3.6.23/source3/wscript_build +--- samba-3.6.23/source3.orig/wscript_build 2014-03-11 10:17:34.000000000 +0000 ++++ samba-3.6.23/source3/wscript_build 2014-04-02 13:20:04.037796492 +0000 +@@ -850,7 +850,7 @@ + + bld.SAMBA3_LIBRARY('smbd_base', + source=SMBD_SRC_BASE, +- deps='''tdb tevent dl krb5 ldap gssapi gssapi_krb5 ++ deps='''tirpc tdb tevent dl krb5 ldap gssapi gssapi_krb5 + DYNCONFIG wbclient crypt nsl cups cap resolv z passdb + PARAM_WITHOUT_REG samba3core LIBSMB POPT_SAMBA3 KRBCLIENT AVAHI + LIBMSRPC_GEN msrpc3 ads LIBADS_SERVER LIBADS_PRINTER diff --git a/samba-conf b/samba-conf new file mode 100644 index 0000000..ecbf10e --- /dev/null +++ b/samba-conf @@ -0,0 +1,86 @@ +[global] + unix charset = UTF-8 + netbios name = %HOSTNAME + server string = + workgroup = %DOMAIN + os level = 64 + preferred master = no + domain master = no + local master = no + security = user + guest account = guest + passdb backend = smbpasswd + encrypt passwords = yes + domain logons = no + log file = /var/log/samba/log.%m + log level = 1 + logon path = \\%L\profiles\%U + logon drive = H: + logon home = \\%N\home\%u + logon script = logon.cmd +# ldap machine suffix = ou=Machines +# ldap user suffix = ou=People +# ldap group suffix = ou=Groups +# ldap idmap suffix = ou=Idmap + load printers = yes + printing = cups + printcap name = cups +# add user script= /usr/lib/samba/sbin/smbldap-useradd -a -m '%u' +# delete user script = /usr/lib/samba/sbin/smbldap-userdel %u +# add group script = /usr/lib/samba/sbin/smbldap-groupadd -p '%g' +# delete group script = /usr/lib/samba/sbin/smbldap-groupdel '%g' +# add user to group script = /usr/lib/samba/sbin/smbldap-groupmod -m '%u' '%g' +# delete user from group script = /usr/lib/samba/sbin/smbldap-groupmod -x '%u' '%g' +# set primary group script = /usr/lib/samba/sbin/smbldap-usermod -g '%g' '%u' +# add machine script = /usr/lib/samba/sbin/smbldap-useradd -w '%u' + map acl inherit = Yes + winbind separator = / + +[netlogon] + comment = Network Logon Service + path = /var/lib/samba/netlogon + guest ok = Yes + locking = no + +[profiles] + comment = Profile Share + path = /var/lib/samba/profiles + read only = no + profile acls = Yes + create mask = 0600 + directory mask = 0700 + +[profdata] + comment = Profile Data Share + path = /var/lib/samba/profdata + read only = No + profile acls = Yes + +[homes] + comment = Home Directory for : %u + path = /home/%u + read only = No + browseable = No + root preexec = /usr/lib/samba/sbin/mkhomedir.sh %u + +[shared] + comment = Shared files for user %u + path = /home/%u/shared + +[print$] + comment = Printer Drivers + path = /var/lib/samba/drivers + browseable = yes + guest ok = no + read only = yes + write list = Administrator + +[printers] + comment = SMB Print spool + path = /var/spool/samba + browseable = no + public = yes + guest ok = yes + writable = no + printable = yes + printer admin = Administrator, @ntadmins diff --git a/samba-initscript b/samba-initscript new file mode 100644 index 0000000..df84f84 --- /dev/null +++ b/samba-initscript @@ -0,0 +1,57 @@ +#!/bin/sh +# Copyright (c) 2003-2007 Silvan Calarco +# Copyright (c) 2007 Davide Madrisan +# +# chkconfig: 2345 55 15 +# description: start Samba daemons (nmbd and smbd) + +. /etc/sysconfig/rc +. $rc_functions + +NAME=samba +NMBD=/usr/sbin/nmbd +SMBD=/usr/sbin/smbd +NMBDPID=/run/nmbd.pid +SMBDPID=/run/smbd.pid + +[ -x $SMBD -a -x $NMBD ] || exit 0 + +[ -r /etc/sysconfig/$NAME ] && . /etc/sysconfig/$NAME + +case "$1" in + start) + echo -n "Starting nmbd: " + daemon --pidfile=$NMBDPID $NMBD -D + evaluate_retval; echo + echo -n "Starting smbd: " + daemon --pidfile=$SMBDPID $SMBD -D + evaluate_retval; echo + ;; + stop) + echo -n "Stopping nmbd: " + killproc -p $NMBDPID $NMBD -TERM + echo + sleep 1 + echo -n "Stopping smbd: " + killproc -p $SMBDPID $SMBD -TERM + echo + ;; + reload) + echo -n "Reloading smbd: " + reloadproc $SMBD + echo + ;; + restart|force-reload) + $0 stop + sleep 1 + $0 start + ;; + status) + statusproc $NMBD + statusproc $SMBD + ;; + *) + echo "Usage: /etc/init.d/$NAME {start|stop|reload|restart|force-reload|status}" + exit 1 + ;; +esac diff --git a/samba-ld.so.conf b/samba-ld.so.conf new file mode 100644 index 0000000..c221cdb --- /dev/null +++ b/samba-ld.so.conf @@ -0,0 +1 @@ +/usr/lib/samba diff --git a/samba-lmhosts b/samba-lmhosts new file mode 100644 index 0000000..edf6a49 --- /dev/null +++ b/samba-lmhosts @@ -0,0 +1,7 @@ +# This file provides the same function that the lmhosts file does for +# Windows. It's another way to map netbios names to ip addresses. +# +# Cf. section 'name resolve order' in the manual page of smb.conf for +# more information. + +127.0.0.1 localhost diff --git a/samba-mkhomedir.sh b/samba-mkhomedir.sh new file mode 100644 index 0000000..65955d7 --- /dev/null +++ b/samba-mkhomedir.sh @@ -0,0 +1,34 @@ +#!/bin/sh +# mkhomedir.sh -- automatically create user homedirs for Samba DC users +# Copyright (C) 2005 Silvan Calarco +# +# This program is free software; you can redistribute it and/or modify it under +# the terms of the GNU General Public License version 2 as published by the +# Free Software Foundation. There is NO warranty; not even for MERCHANTABILITY +# or FITNESS FOR A PARTICULAR PURPOSE. +# +# me=${0##*/} + +[ "$1" ] || { +echo "Usage: $0 " +exit 1; +} +getent passwd $1 >/dev/null || { +echo "Error: user $1 does not exits. Exiting." +exit 1; +} + +[ -e "/home" ] || { +echo "Error: directory /home does not exits. Exiting." +exit 1; +} + +HOMEUSER=$1 +HOMEDIR=/home/$1 + +[ -e "$HOMEDIR" ] && exit 0; + +cp -a /etc/skel $HOMEDIR +chown -R "$HOMEUSER":"Domain Users" $HOMEDIR + + diff --git a/samba-pam b/samba-pam new file mode 100644 index 0000000..2a5c808 --- /dev/null +++ b/samba-pam @@ -0,0 +1,8 @@ +#%PAM-1.0 +auth sufficient pam_unix.so +auth include system-auth +account include system-auth +password include system-auth +session include system-auth +session required pam_limits.so +#session optional pam_console.so diff --git a/samba-qilinux_smbldap_conf.sh b/samba-qilinux_smbldap_conf.sh new file mode 100644 index 0000000..276fbff --- /dev/null +++ b/samba-qilinux_smbldap_conf.sh @@ -0,0 +1,285 @@ +#!/bin/bash +# +# qilinux_samba_ldap.sh : +# Configures LDAP directory for use with SAMBA as a PDC +# as well as Idealx SMB-LDAP scripts +# +# Copyright (c) 2004 by Silvan Calarco +# +source /etc/rc.d/init.d/ldap-functions +source /etc/sysconfig/defaults + +test $UID = 0 || + { echo "error: $0: must be superuser" >&2 + { (exit 1); exit 1; }; } + +set_ldap_environment +case $? in + 0) ;; + 1) echo "error: $0: cannot read base dn from /etc/ldap.conf; aborting."; + exit 1 ;; + *) echo "error: $0: cannot find host DN. Check HOSTDC in /etc/sysconfig/ +ldap." ;; +esac + +argc=$# +for ((i=1; i<=argc; i++)); do + case ${!i} in + *) if test -z "$LDAPPASSWORD"; then LDAPPASSWORD=${!i} + fi + esac +done + +tempfile=`tempfile 2>/dev/null` || tempfile=/tmp/qilinux_samba_ldap.ldif +trap "rm -f $tempfile" 0 1 2 5 15 + +echo "Configuring Samba" +# this must be done before any other thing or net getlocalsid won't work +grep "ldap suffix" /etc/samba/smb.conf > /dev/null +if [ $? -eq 1 ]; then + sed -i "/.*logon script.*/a\\ + ldap admin dn = $LDAPBINDDN\\ + ldap server = 127.0.0.1\\ + ldap port = 636\\ + ldap ssl = start tls\\ + ldap suffix = $LDAPHOSTDN" /etc/samba/smb.conf +fi + +grep "ldap machine suffix" /etc/samba/smb.conf > /dev/null +if [ $? -eq 1 ]; then + sed -i "/.*ldap suffix.*/a\\ + ldap user suffix = ou=People\\ + ldap group suffix = ou=Groups\\ + ldap machine suffix = ou=Domain Computers\\ + ldap idmap suffix = ou=Idmap" /etc/samba/smb.conf +fi + +sed -i "s|passdb backend =.*)|passdb backend = ldapsam|" /etc/samba/smb.conf + +echo "Setting samba password for LDAP" +smbpasswd -w "`cat /etc/ldap.secret`" + +echo "Adding LDAP entries" +DESTHOME="/home" +DN=$LDAPHOSTDN +STSID="`net getlocalsid 2>/dev/null`" || { echo "Error getting localsid. Aborting."; exit 1; } +SID=${STSID#*: } +sed -i "s|\$SID=.*|\$SID=\'$SID\';| + s|\$suffix = .*|\$suffix = \"$DN\";| + s|\$binddn = .*|\$binddn = \"$LDAPBINDDN\";| + s|\$UID_START = .*|\$UID_START = $MINUID;| + s|\$GID_START = .*|\$GID_START = $MINUID;|" \ + /etc/samba/smbldap-tools/smbldap.conf + +cat > $tempfile << _EOF +# +# $DN: LDAP base DN +# $DESTHOME: /home +# $_userSmbHome (optional) +# $_userHomeDrive (optional) +# $_userProfile (optional) +# $SID: machine SID + +dn: ou=Groups,$LDAPHOSTDN +objectClass: organizationalUnit +ou: Groups + +dn: ou=Machines,$LDAPHOSTDN +objectClass: organizationalUnit +ou: Machines + +dn: uid=Administrator,ou=People,$LDAPHOSTDN +cn: Administrator +sn: Administrator +objectClass: inetOrgPerson +objectClass: sambaSamAccount +objectClass: posixAccount +gidNumber: 65400 +uid: Administrator +uidNumber: 65400 +homeDirectory: $DESTHOME/Administrator +sambaPwdLastSet: 0 +sambaLogonTime: 0 +sambaLogoffTime: 2147483647 +sambaKickoffTime: 2147483647 +sambaPwdCanChange: 0 +sambaPwdMustChange: 2147483647 +sambaPrimaryGroupSID: $SID-65400 +sambaLMPassword: XXX +sambaNTPassword: XXX +sambaAcctFlags: [U ] +sambaSID: $SID-2996 +loginShell: /bin/false +gecos: Netbios Domain Administrator + +dn: uid=guest,ou=People,$LDAPHOSTDN +cn: guest +sn: guest +objectClass: inetOrgPerson +objectClass: sambaSamAccount +objectClass: posixAccount +gidNumber: 65401 +uid: guest +uidNumber: 65401 +homeDirectory: /dev/null +sambaPwdLastSet: 0 +sambaLogonTime: 0 +sambaLogoffTime: 2147483647 +sambaKickoffTime: 2147483647 +sambaPwdCanChange: 0 +sambaPwdMustChange: 2147483647 +sambaPrimaryGroupSID: $SID-514 +sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX +sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX +sambaAcctFlags: [NU ] +sambaSID: $SID-2998 +loginShell: /bin/false + +dn: cn=Domain Admins,ou=Groups,$LDAPHOSTDN +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 65400 +cn: Domain Admins +memberUid: Administrator +description: Netbios Domain Administrators +sambaSID: $SID-65400 +sambaGroupType: 2 +displayName: Domain Admins + +dn: cn=Domain Users,ou=Groups,$LDAPHOSTDN +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 65401 +cn: Domain Users +description: Netbios Domain Users +sambaSID: $SID-65401 +sambaGroupType: 2 +displayName: Domain Users + +dn: cn=Domain Guests,ou=Groups,$LDAPHOSTDN +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 65402 +cn: Domain Guests +description: Netbios Domain Guests Users +sambaSID: $SID-65402 +sambaGroupType: 2 +displayName: Domain Guests + +dn: cn=Administrators,ou=Groups,$LDAPHOSTDN +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 65403 +cn: Administrators +description: Netbios Domain Members can fully administer the computer/sambaDomainName +sambaSID: $SID-65403 +sambaGroupType: 2 +displayName: Administrators + +dn: cn=Users,ou=Groups,$LDAPHOSTDN +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 65404 +cn: Users +description: Netbios Domain Ordinary users +sambaSID: $SID-65404 +sambaGroupType: 2 +displayName: users + +dn: cn=Guests,ou=Groups,$LDAPHOSTDN +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 65405 +cn: Guests +memberUid: guest +description: Netbios Domain Users granted guest access to the computer/sambaDomainName +sambaSID: $SID-65405 +sambaGroupType: 2 +displayName: Guests + +dn: cn=Power Users,ou=Groups,$LDAPHOSTDN +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 65406 +cn: Power Users +description: Netbios Domain Members can share directories and printers +sambaSID: $SID-65406 +sambaGroupType: 2 +displayName: Power Users + +dn: cn=Account Operators,ou=Groups,$LDAPHOSTDN +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 65407 +cn: Account Operators +description: Netbios Domain Users to manipulate users accounts +sambaSID: $SID-65407 +sambaGroupType: 2 +displayName: Account Operators + +dn: cn=Server Operators,ou=Groups,$LDAPHOSTDN +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 65408 +cn: Server Operators +description: Netbios Domain Server Operators +sambaSID: $SID-65408 +sambaGroupType: 2 +displayName: Server Operators + +dn: cn=Print Operators,ou=Groups,$LDAPHOSTDN +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 65409 +cn: Print Operators +description: Netbios Domain Print Operators +sambaSID: $SID-65409 +sambaGroupType: 2 +displayName: Print Operators + +dn: cn=Backup Operators,ou=Groups,$LDAPHOSTDN +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 65410 +cn: Backup Operators +description: Netbios Domain Members can bypass file security to back up files +sambaSID: $SID-65410 +sambaGroupType: 2 +displayName: Backup Operators + +dn: cn=Replicator,ou=Groups,$LDAPHOSTDN +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 65411 +cn: Replicator +description: Netbios Domain Supports file replication in a sambaDomainName +sambaSID: $SID-65411 +sambaGroupType: 2 +displayName: Replicator + +dn: cn=Domain Computers,ou=Groups,$LDAPHOSTDN +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 65412 +cn: Domain Computers +description: Netbios Domain Computers accounts +sambaSID: $SID-65412 +sambaGroupType: 2 +displayName: Domain Computers + +dn: ou=Idmap,$LDAPHOSTDN +objectClass: organizationalUnit +ou: idmap +#structuralObjectClass: organizationalUnit +_EOF + +echo $LDAPBINDDN $LDAPPASSWORD +if test -z "$LDAPPASSWORD"; then + ldapadd -x -c -D $LDAPBINDDN -W -h localhost -f $tempfile +else + ldapadd -x -c -D $LDAPBINDDN -w $LDAPPASSWORD -h localhost -f $tempfile +fi + +rm -f $tempfile + +exit 0 diff --git a/samba-smbldap_conf.pm b/samba-smbldap_conf.pm new file mode 100644 index 0000000..8436a42 --- /dev/null +++ b/samba-smbldap_conf.pm @@ -0,0 +1,198 @@ +# $Source: /opt/cvs/samba/smbldap-tools/smbldap.conf,v $ +# $Id: smbldap.conf,v 1.17 2005/01/29 15:00:54 jtournier Exp $ +# +# smbldap-tools.conf : Q & D configuration file for smbldap-tools + +# This code was developped by IDEALX (http://IDEALX.org/) and +# contributors (their names can be found in the CONTRIBUTORS file). +# +# Copyright (C) 2001-2002 IDEALX +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, +# USA. + +# Purpose : +# . be the configuration file for all smbldap-tools scripts + +############################################################################## +# +# General Configuration +# +############################################################################## + +# Put your own SID +# to obtain this number do: net getlocalsid +SID="S-1-5-21-4054337095-2523087664-1495155603" + +############################################################################## +# +# LDAP Configuration +# +############################################################################## + +# Notes: to use to dual ldap servers backend for Samba, you must patch +# Samba with the dual-head patch from IDEALX. If not using this patch +# just use the same server for slaveLDAP and masterLDAP. +# Those two servers declarations can also be used when you have +# . one master LDAP server where all writing operations must be done +# . one slave LDAP server where all reading operations must be done +# (typically a replication directory) + +# Ex: slaveLDAP=127.0.0.1 +slaveLDAP="127.0.0.1" +slavePort="389" + +# Master LDAP : needed for write operations +# Ex: masterLDAP=127.0.0.1 +masterLDAP="127.0.0.1" +masterPort="389" + +# Use TLS for LDAP +# If set to 1, this option will use start_tls for connection +# (you should also used the port 389) +ldapTLS="0" + +# How to verify the server's certificate (none, optional or require) +# see "man Net::LDAP" in start_tls section for more details +verify="require" + +# CA certificate +# see "man Net::LDAP" in start_tls section for more details +cafile="/etc/samba/smbldap-tools/ca.pem" + +# certificate to use to connect to the ldap server +# see "man Net::LDAP" in start_tls section for more details +clientcert="/etc/samba/smbldap-tools/smbldap-tools.pem" + +# key certificate to use to connect to the ldap server +# see "man Net::LDAP" in start_tls section for more details +clientkey="/etc/samba/smbldap-tools/smbldap-tools.key" + +# LDAP Suffix +# Ex: suffix=dc=IDEALX,dc=ORG +suffix="dc=idealx,dc=org" + +# Where are stored Users +# Ex: usersdn="ou=Users,dc=IDEALX,dc=ORG" +usersdn="ou=People,${suffix}" + +# Where are stored Computers +# Ex: computersdn="ou=Computers,dc=IDEALX,dc=ORG" +computersdn="ou=Machines,${suffix}" + +# Where are stored Groups +# Ex groupsdn="ou=Groups,dc=IDEALX,dc=ORG" +groupsdn="ou=Groups,${suffix}" + +# Where are stored Idmap entries (used if samba is a domain member server) +# Ex groupsdn="ou=Idmap,dc=IDEALX,dc=ORG" +idmapdn="ou=Idmap,${suffix}" + +# Where to store next uidNumber and gidNumber available +sambaUnixIdPooldn="ou=Idmap,${suffix}" + +# Default scope Used +scope="sub" + +# Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA, CLEARTEXT) +hash_encrypt="SSHA" + +# if hash_encrypt is set to CRYPT, you may set a salt format. +# default is "%s", but many systems will generate MD5 hashed +# passwords if you use "$1$%.8s". This parameter is optional! +crypt_salt_format="%s" + +############################################################################## +# +# Unix Accounts Configuration +# +############################################################################## + +# Login defs +# Default Login Shell +# Ex: userLoginShell="/bin/bash" +userLoginShell="/bin/false" + +# Home directory +# Ex: userHome="/home/%U" +userHome="/dev/null" + +# Gecos +userGecos="System User" + +# Default User (POSIX and Samba) GID +defaultUserGid="65401" + +# Default Computer (Samba) GID +defaultComputerGid="65412" + +# Skel dir +skeletonDir="/etc/skel" + +# Default password validation time (time in days) Comment the next line if +# you don't want password to be enable for defaultMaxPasswordAge days (be +# careful to the sambaPwdMustChange attribute's value) +defaultMaxPasswordAge="99" + +############################################################################## +# +# SAMBA Configuration +# +############################################################################## + +# The UNC path to home drives location (%U username substitution) +# Ex: \\My-PDC-netbios-name\homes\%U +# Just set it to a null string if you want to use the smb.conf 'logon home' +# directive and/or disable roaming profiles +userSmbHome="\\PDC-SMB3\homes\%U" + +# The UNC path to profiles locations (%U username substitution) +# Ex: \\My-PDC-netbios-name\profiles\%U +# Just set it to a null string if you want to use the smb.conf 'logon path' +# directive and/or disable roaming profiles +userProfile="\\PDC-SMB3\profiles\%U" + +# The default Home Drive Letter mapping +# (will be automatically mapped at logon time if home directory exist) +# Ex: H: for H: +userHomeDrive="H:" + +# The default user netlogon script name (%U username substitution) +# if not used, will be automatically username.cmd +# make sure script file is edited under dos +# Ex: %U.cmd +# userScript="startup.cmd" # make sure script file is edited under dos +userScript="%U.cmd" + +# Domain appended to the users "mail"-attribute +# when smbldap-useradd -M is used +mailDomain="idealx.com" + +############################################################################## +# +# SMBLDAP-TOOLS Configuration (default are ok for a RedHat) +# +############################################################################## + +# Allows not to use smbpasswd (if with_smbpasswd == 0 in smbldap_conf.pm) but +# prefer Crypt::SmbHash library +with_smbpasswd="0" +smbpasswd="/usr/bin/smbpasswd" + +# Allows not to use slappasswd (if with_slappasswd == 0 in smbldap_conf.pm) +# but prefer Crypt:: libraries +with_slappasswd="0" +slappasswd="/usr/sbin/slappasswd" + diff --git a/samba-smbusers b/samba-smbusers new file mode 100644 index 0000000..6f2443b --- /dev/null +++ b/samba-smbusers @@ -0,0 +1 @@ +root = Administrator diff --git a/samba-swat_desktopfile b/samba-swat_desktopfile new file mode 100644 index 0000000..191ad8d --- /dev/null +++ b/samba-swat_desktopfile @@ -0,0 +1,15 @@ +[Desktop Entry] +Version=1.0 +Encoding=UTF-8 +Name=SWAT +GenericName=Samba Web Administration tool +GenericName[fr]=Interface de configuration Web de samba +GenericName[it]=Interfaccia di amministrazione di Samba +Comment=Configure Samba via Swat Web interface +Comment[fr]=Configure Samba depuis l'interface Web Swat +Comment[it]=Configura Samba con l'interfaccia Web Swat +Exec=konqueror http://localhost:901 +Type=Application +Icon=samba +Terminal=false +Categories=Application;System; diff --git a/samba-xinetd-swat b/samba-xinetd-swat new file mode 100644 index 0000000..c7285d2 --- /dev/null +++ b/samba-xinetd-swat @@ -0,0 +1,15 @@ +# default: off +# description: SWAT is the Samba Web Admin Tool. Use swat \ +# to configure your Samba server. To use SWAT, \ +# connect to port 901 with your favorite web browser. +service swat +{ + port = 901 + socket_type = stream + wait = no + only_from = 127.0.0.1 + user = root + server = /usr/sbin/swat + log_on_failure += USERID + disable = no +} diff --git a/samba.spec b/samba.spec new file mode 100644 index 0000000..746f6c3 --- /dev/null +++ b/samba.spec @@ -0,0 +1,1032 @@ +%define guest_uid 65401 +%define guest_gid 65413 +#%define squid_groupid 65010 + +%define filesharing_gid 14 +%define smbldap_tools_ver 0.9.2 + +Name: samba +Version: 3.6.23 +Release: 1mamba +Summary: Samba provides seamless file and print services to SMB/CIFS clients +Group: System/Servers +Vendor: openmamba +Distribution: openmamba +Packager: Silvan Calarco +URL: http://www.samba.org +Source0: http://us1.samba.org/samba/ftp/stable/samba-%{version}.tar.gz +Source1: samba-conf +Source2: samba-initscript +Source3: samba-xinetd-swat +Source4: samba-pam +Source5: samba-lmhosts +Source6: samba-qilinux_smbldap_conf.sh +Source7: winbind-initscript +Source8: samba-smbusers +Source9: samba-smbldap_conf.pm +Source10: samba-mkhomedir.sh +Source11: samba-swat_desktopfile +Source12: samba-ld.so.conf +Source13: winbind-nm-dispatcher +# official patches (http://us1.samba.org/samba/ftp/patches/): +# +# openmamba patches: +Patch10: %{name}-3.0.23-smbldaptools-rootbinddn.patch +Patch11: %{name}-3.2.4-remove_strlcpy_strlcat.patch +Patch12: %{name}-3.5.8-mount_disable_setuid_check.patch +Patch13: samba-3.6.23-link-tirpc.patch +License: GPL +## AUTOBUILDREQ-BEGIN +BuildRequires: glibc-devel +BuildRequires: libacl-devel +BuildRequires: libattr-devel +BuildRequires: libavahi-devel +BuildRequires: libcap-devel +BuildRequires: libcups-devel +BuildRequires: libe2fs-devel +BuildRequires: libgamin-devel +BuildRequires: libkeyutils-devel +BuildRequires: libkrb5-devel +BuildRequires: libncurses-devel +BuildRequires: libopenldap-devel +BuildRequires: libpopt-devel +BuildRequires: libreadline-devel +BuildRequires: libtalloc-devel +BuildRequires: libtdb-devel +BuildRequires: libtirpc-devel +BuildRequires: libunwind-devel +BuildRequires: libuuid-devel +BuildRequires: libz-devel +BuildRequires: pam-devel +## AUTOBUILDREQ-END +BuildRequires: libopenssl-devel +BuildRequires: valgrind +BuildRequires: libtirpc-devel +Requires: perl +Requires: pam >= 0.78-10 +Requires: perl-Unicode-MapUTF8 +Requires(pre): setup +Requires(post):libwbclient = %{?epoch:%epoch:}%{version}-%{release} +Requires: cifs-utils +Obsoletes: samba-common +BuildRoot: %{_tmppath}/%{name}-%{version}-root + +%description +Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients. + +%package server +Group: System/Servers +Summary: Samba server files +Requires: samba = %{?epoch:%epoch:}%{version}-%{release} + +%description server +Samba provides seamless file and print services to SMB/CIFS clients. +This package contains the server files. + +%package -n libsmbclient +Group: System/Libraries +Summary: Client library for accessing to SMB/CIFS shares + +%description -n libsmbclient +Client library for accessing to SMB/CIFS shares. + +%package -n libsmbclient-devel +Group: Development/Libraries +Summary: Devel files for libsmbclient +Requires: libsmbclient = %{?epoch:%epoch:}%{version}-%{release} + +%description -n libsmbclient-devel +Client library for accessing to SMB/CIFS shares. +This package contains the development files. + +%package -n libsmbsharemodes +Group: System/Libraries +Summary: Samba smbsharemodes Library + +%description -n libsmbsharemodes +This package includes the smbsharemodes library. + +%package -n libsmbsharemodes-devel +Group: Development/Libraries +Summary: Devel files for smbsharemodes +Requires: libsmbsharemodes = %{?epoch:%epoch:}%{version}-%{release} + +%description -n libsmbsharemodes-devel +The smbsharemodes library. +This package contains the development files. + +%package -n libnetapi +Group: System/Libraries +Summary: Client library for accessing to SAMBA network API + +%description -n libnetapi +Client library for accessing to SAMBA network API. + +%package -n libnetapi-devel +Group: System/Libraries +Summary: A library for accessing SAMBA network API +Requires: libnetapi = %{?epoch:%epoch:}%{version}-%{release} + +%description -n libnetapi-devel +A library for accessing SAMBA network API. +This package contains the development files. + +%package -n libtdb +Group: System/Libraries +Summary: Samba tdb library + +%description -n libtdb +Samba tdb library. + +%package -n libtdb-devel +Group: System/Libraries +Summary: Development files for Samba tdb library +Requires: libtdb = %{?epoch:%epoch:}%{version}-%{release} + +%description -n libtdb-devel +Samba tdb library. +This package contains the development files. + +%package -n libtevent +Group: System/Libraries +Summary: Samba tevent library + +%description -n libtevent +Samba tevent library. + +%package -n libtevent-devel +Group: System/Libraries +Summary: Development files for Samba tevent library +Requires: libtevent = %{?epoch:%epoch:}%{version}-%{release} + +%description -n libtevent-devel +Samba tevent library. +This package contains the development files. + +%package -n libwbclient +Group: System/Libraries +Summary: Samba wbclient library + +%description -n libwbclient +Samba wbclient library. + +%package -n libwbclient-devel +Group: System/Libraries +Summary: Development files for Samba tdb library +Requires: libwbclient = %{?epoch:%epoch:}%{version}-%{release} + +%description -n libwbclient-devel +Samba wbclient library. +This package contains the development files. + +%package swat +Group: Development/Libraries +Summary: The samba web interface administration tool +Requires: samba-server = %{?epoch:%epoch:}%{version}-%{release} + +%description swat +Samba provides seamless file and print services to SMB/CIFS clients. +This is the samba web interface administration tool. + +%package winbind +Group: System/Servers +Summary: Winbind Daemon and Tool +Requires: samba = %{?epoch:%epoch:}%{version}-%{release} +Requires: samba-server = %{?epoch:%epoch:}%{version}-%{release} + +%description winbind +This package contains the winbind daemon and the wbinfo tool. + +%debug_package + +%prep +%setup -q +#-D -T +#:<< _EOF +#%patch10 -p1 -b .smbldaptools-rootbinddn +#%patch11 -p1 +#%patch12 -p1 +%patch13 -p1 + +%build +#:<< _EOF +cd source3 +%configure \ + --with-fhs \ + --with-logfilebase=/var/log/samba \ + --with-pammodulesdir=/%{_lib}/security \ + --with-piddir=/run \ + --with-rootsbindir=/sbin \ + --with-ads \ + --with-automount \ + --without-cifsmount \ + --without-cisupcall \ + --with-ldap \ + --with-libsmbclient \ + --with-libsmbsharemodes \ + --with-winbind \ + --with-pam \ + --with-pam_smbpass \ + --with-utmp \ + --enable-cups \ + --enable-shared \ + --enable-static + +# --with-ldapsam \ +# --with-swat-dir=%{_datadir}/samba/swat \ +# --with-python + +# DATADIR is not defined but used in Makefile +%make proto +%make GUEST_ACCOUNT=guest + +#make python_ext + +%install +[ "%{buildroot}" != / ] && rm -rf %{buildroot} + +for f in netlogon profiles profdata drivers; do + install -d %{buildroot}/var/lib/samba/$f +done + +install -d %{buildroot}/var/log/samba +#install -d %{buildroot}/var/run/samba +install -d %{buildroot}/var/spool/samba + +install -d %{buildroot}%{_sysconfdir}/samba/private + +%makeinstall -C %{_builddir}/%{name}-%{version}/source3 + +rm -rf %{buildroot}/usr/private + +install -D -m 0664 %{S:1} %{buildroot}%{_sysconfdir}/samba/smb.conf + +install -D -m 0755 %{S:2} %{buildroot}%{_initrddir}/samba +install -D -m 0755 %{S:7} %{buildroot}%{_initrddir}/winbind + +install -D -m 0644 %{S:3} %{buildroot}%{_sysconfdir}/xinetd.d/swat +install -D -m 0644 %{S:4} %{buildroot}%{_sysconfdir}/pam.d/samba +install -D -m 0644 %{S:5} %{buildroot}%{_sysconfdir}/samba/lmhosts +install -D -m 0644 %{S:8} %{buildroot}%{_sysconfdir}/samba/smbusers +#install -D -m 0644 %{S:12} %{buildroot}%{_sysconfdir}/ld.so.conf.d/samba.conf + +#systemd +for f in nmb smb winbind; do + install -D -m0644 packaging/systemd/$f.service %{buildroot}/lib/systemd/system/$f.service +done +install -D -m0644 packaging/systemd/samba.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/samba + +install -D -m 0644 examples/LDAP/samba.schema \ + %{buildroot}/etc/openldap/schema/samba.schema + +install -d %{buildroot}%{_prefix}/lib/cups/backend +ln -s %{_bindir}/smbspool %{buildroot}%{_prefix}/lib/cups/backend/smb + +#ln -sf mount.cifs %{buildroot}/sbin/mount.smbfs +#ln -sf umount.cifs %{buildroot}/sbin/mount.smb + +## install smb-ldap scripts +#pushd examples/LDAP/smbldap-tools-%{smbldap_tools_ver} +##sed -i "s|/etc/opt/IDEALX/|/etc/samba/|" smbldap_tools.pm +# +#make install \ +# sbindir=%{buildroot}/usr/lib/samba/sbin \ +# sysconfdir=%{buildroot}%{_sysconfdir}/samba +# +#install -m 0755 configure.pl \ +# %{buildroot}/usr/lib/samba/sbin/configure.pl +#install -m 0755 %{S:6} \ +# %{buildroot}/usr/lib/samba/sbin/qilinux_smbldap_conf.sh +#install -m 0640 %{S:9} \ +# %{buildroot}%{_sysconfdir}/samba/smbldap-tools/smbldap.conf +#install -m 0755 %{S:10} \ +# %{buildroot}%{_libdir}/samba/sbin/mkhomedir.sh +# +##install -m 0640 %{S:9} %{buildroot}/usr/lib/samba/sbin/smbldap_conf.pm +#popd + +## manually install libsmbclient +#mv %{buildroot}%{_libdir}/samba/libsmbclient.so \ +# %{buildroot}%{_libdir}/libsmbclient.so.1.0.0 + +#ln -s libsmbclient.so.1.0.0 %{buildroot}%{_libdir}/libsmbclient.so +#ln -s libsmbclient.so.1.0.0 %{buildroot}%{_libdir}/libsmbclient.so.1 + +#mv %{buildroot}%{_libdir}/samba/libsmbclient.a \ +# %{buildroot}%{_libdir}/libsmbclient.a + +## manually install smbsharemodes library +#install -D -m 644 source/include/smb_share_modes.h \ +# %{buildroot}%{_includedir}/smb_share_modes.h + +#install -m 0755 source/bin/libsmbsharemodes.so \ +# %{buildroot}%{_libdir}/libsmbsharemodes.so.0 +#ln -s libsmbsharemodes.so.0 %{buildroot}%{_libdir}/libsmbsharemodes.so + +#mv %{buildroot}%{_libdir}/samba/libsmbsharemodes.a \ +# %{buildroot}%{_libdir}/libsmbsharemodes.a + +#rm -f %{buildroot}%{_libdir}/samba/libsmbsharemodes.so + +## fix a problem with language files +#ln -s it.msg %{buildroot}%{_libdir}/samba/it_IT.msg + +# manually install libnss_windbind and pam_winbind +install -D -m 0755 nsswitch/libnss_win*.so %{buildroot}/%{_lib}/ +ln -s libnss_winbind.so %{buildroot}/%{_lib}/libnss_winbind.so.2 +ln -s libnss_wins.so %{buildroot}/%{_lib}/libnss_wins.so.2 + +# create swat KDE menu entry +install -D -m 0644 %{S:11} \ + %{buildroot}%{_datadir}/applications/samba-swat.desktop + +install -D -m0755 %{S:13} %{buildroot}%{_sysconfdir}/NetworkManager/dispatcher.d/10_winbind + +# cifs.upcall is installed in arm build; --without-cisupcall seems uneffective +rm -f %{buildroot}%{_sbindir}/cifs.upcall + +#install -d %{buildroot}/var/lib/samba/winbindd_privileged +%find_lang pam_winbind +%find_lang net + +%clean +[ "%{buildroot}" != / ] && rm -rf %{buildroot} + +%pre +if [ $1 -ge 1 ]; then +# new install or update + getent group filesharing >/dev/null || \ + groupadd filesharing -g %{filesharing_gid} +fi +if [ $1 -gt 1 ]; then +# update + # since samba 3.0.11 smbldap tools have changed, + # and configuration must be fixed accordingly + sed -i "s|\(smbldap[^ ]*\).pl|\1|" /etc/samba/smb.conf +fi +exit 0 + +%pre server +if [ $1 -ge 1 ]; then +# new install or update + getent group guest > /dev/null || groupadd guest -g %{guest_gid} + getent passwd guest >/dev/null || + useradd guest -c "Samba guest user" -d /dev/null \ + -s /bin/false -u %{guest_uid} -g %{guest_gid} > /dev/null +fi +exit 0 + +%post server +if [ $1 -gt 1 ]; then + sed -i "s|unix charset = LOCALE|unix charset = UTF-8|" %{_sysconfdir}/samba/smb.conf +fi +if [ $1 -eq 1 ]; then +# new install +# Note: hostname does not work in chrooted environment + CONF_DOMAIN=`hostname -d 2>/dev/null || echo "WORKGROUP"` + [ -e /etc/sysconfig/network ] && { + . /etc/sysconfig/network + CONF_HOSTNAME=$HOSTNAME + } || CONF_HOSTNAME=`hostname || echo "localhost"` + sed -i "s/%HOSTNAME/$CONF_HOSTNAME/" %{_sysconfdir}/samba/smb.conf + sed -i "s/%DOMAIN/$CONF_DOMAIN/" %{_sysconfdir}/samba/smb.conf + chkconfig --add samba + service samba start +fi + +#[ -r /etc/init.d/ldap-functions ] && { +# . /etc/init.d/ldap-functions +# set_ldap_environment +# sed -i "s|suffix=\"dc=idealx,dc=org\"|suffix=\"$LDAPHOSTDN\"|" \ +# %{_sysconfdir}/samba/smbldap-tools/smbldap.conf +# LOCALSID=`net getlocalsid` && \ +# sed -i "s|SID=.*|SID=${LOCALSID#*: }|" \ +# %{_sysconfdir}/samba/smbldap-tools/smbldap.conf +#} +exit 0 + +%preun server +#erase +if [ $1 -eq 0 ]; then + if [ -f /etc/openldap/slapd.conf ]; then + sed -i '/include.*samba.schema/d' /etc/openldap/slapd.conf + chgrp ldap /etc/openldap/slapd.conf + service openldap condrestart + fi + service samba stop + chkconfig --del samba +fi +exit 0 + +%postun server +# upgrade +if [ $1 -eq 1 ]; then + /sbin/chkconfig samba + [ $? -eq 0 ] && /sbin/service samba restart +fi +exit 0 + +%post swat +# new install +if [ $1 -eq 1 ]; then + grep -q swat /etc/services || cat >> /etc/services << _EOF +sw +at 901/tcp # samba web interface admin tool +_EOF + service xinetd reload + exit 0 +fi +exit 0 + +%preun swat +# erase +if [ $1 -eq 0 ]; then + /sbin/service xinetd reload || exit 0 +fi +exit 0 + +%postun winbind +if [ $1 -ge 1 ]; then +# new install or update + grep "^auth.*pam_winbind.so" %{_sysconfdir}/pam.d/system-auth >/dev/null || sed -i -e '/^auth.*pam_unix.so/a\ +auth sufficient pam_winbind.so use_first_pass' %{_sysconfdir}/pam.d/system-auth + grep "^account.*pam_winbind.so" %{_sysconfdir}/pam.d/system-auth >/dev/null || sed -i -e '/^account.*pam_unix/i\ +account sufficient pam_winbind.so' %{_sysconfdir}/pam.d/system-auth +# service start/stop now managed by NetworkManager dispatcher + /sbin/chkconfig --del winbind + [ -f /run/winbindd.pid ] && /sbin/service winbind restart +fi +exit 0 + +%preun winbind +if [ $1 -eq 0 ]; then +# remove package + /sbin/service winbind stop + /sbin/chkconfig --del winbind + sed -i "/*pam_winbind.so/d" %{_sysconfdir}/pam.d/system-auth +fi +exit 0 + +%post -n libsmbclient -p /sbin/ldconfig +%postun -n libsmbclient -p /sbin/ldconfig + +%post -n libsmbsharemodes -p /sbin/ldconfig +%postun -n libsmbsharemodes -p /sbin/ldconfig + +%post -n libnetapi -p /sbin/ldconfig +%postun -n libnetapi -p /sbin/ldconfig + +%post -n libtevent -p /sbin/ldconfig +%postun -n libtevent -p /sbin/ldconfig + +%post -n libwbclient -p /sbin/ldconfig +%postun -n libwbclient -p /sbin/ldconfig + +%files +%defattr(-,root,root) +#%attr(4750,root,sysadmin) /sbin/mount.cifs +#/sbin/mount.smb +#/sbin/mount.smbfs +#%attr(4750,root,sysadmin) /sbin/umount.cifs +%{_bindir}/eventlogadm +%{_bindir}/smbta-util +#%{_bindir}/ldbadd +#%{_bindir}/ldbdel +#%{_bindir}/ldbedit +#%{_bindir}/ldbmodify +#%{_bindir}/ldbrename +#%{_bindir}/ldbsearch +%{_bindir}/findsmb +%{_bindir}/net +%{_bindir}/nmblookup +%{_bindir}/pdbedit +%{_bindir}/profiles +%{_bindir}/rpcclient +%{_bindir}/sharesec +%{_bindir}/smbcacls +%{_bindir}/smbclient +%{_bindir}/smbcontrol +%{_bindir}/smbcquotas +%{_bindir}/smbget +#%attr(4755,root,root) %{_bindir}/smbmnt +#%{_bindir}/smbmount +%{_bindir}/smbpasswd +%{_bindir}/smbspool +%{_bindir}/smbstatus +%{_bindir}/smbtar +%{_bindir}/smbtree +#%attr(4755,root,root) %{_bindir}/smbumount +%{_bindir}/testparm +%{_libdir}/samba/auth/script.so +%{_libdir}/samba/*.dat +%{_libdir}/samba/*.msg +%{_libdir}/samba/charset/* +%{_libdir}/samba/idmap/autorid.so +%{_libdir}/samba/vfs/* +#%{_libdir}/samba/libmsrpc.* +#%attr(755,root,root) %{_libdir}/samba/sbin/qilinux_smbldap_conf.sh +#%attr(755,root,root) %{_libdir}/samba/sbin/smbldap* +#%attr(755,root,root) %{_libdir}/samba/sbin/mkhomedir.sh +#%attr(755,root,root) %{_libdir}/samba/sbin/configure.pl +#%attr(600,root,root) %config(noreplace) %{_sysconfdir}/samba/smbldap-tools/smbldap_bind.conf +#%config %{_sysconfdir}/samba/smbldap-tools/smbldap.conf +%config %dir %{_sysconfdir}/samba +%config %dir %{_sysconfdir}/samba/private +%config(noreplace) %{_sysconfdir}/samba/lmhosts +%config(noreplace) %{_sysconfdir}/samba/smbusers +%attr(664,root,filesharing) %config(noreplace) %{_sysconfdir}/samba/smb.conf +%attr(644,root,root) %{_sysconfdir}/openldap/schema/samba.schema +#%{_includedir}/libmsrpc.h +%dir /var/log/samba +%{_mandir}/man1/* +%exclude %{_mandir}/man1/wbinfo.* +%exclude %{_mandir}/man1/ntlm_auth.* + +%files server +%defattr(-,root,root) +%config(noreplace) %{_sysconfdir}/sysconfig/samba +/etc/pam.d/samba +%{_sbindir}/nmbd +%{_sbindir}/smbd +%{_prefix}/lib/cups/backend/smb +%dir %attr(755,root,root) /var/lib/samba/netlogon +%dir %attr(2775,root,users) /var/lib/samba/profiles +%dir %attr(755,root,root) /var/lib/samba/profdata +%dir %attr(755,root,root) /var/lib/samba/drivers +#%dir %attr(755,root,root) /usr/lib/samba/sbin +%dir %attr(1777,root,root) /var/spool/samba +%attr(755,root,root) %{_initrddir}/samba +/%{_lib}/security/pam_smbpass.so +/lib/systemd/system/nmb.service +/lib/systemd/system/smb.service +/%{_lib}/libnss_wins.so +/%{_lib}/libnss_wins.so.2 +%{_mandir}/man5/* +%{_mandir}/man7/* +%{_mandir}/man8/* +%exclude %{_mandir}/man8/winbindd.* + +%files -n libsmbclient +%defattr(-,root,root) +%{_libdir}/libsmbclient.so.* + +%files -n libsmbclient-devel +%defattr(-,root,root) +%{_includedir}/libsmbclient.h +%{_libdir}/libsmbclient.so +%{_libdir}/libsmbclient.a + +%files -n libsmbsharemodes +%defattr(-,root,root) +%{_libdir}/libsmbsharemodes.so.* + +%files -n libsmbsharemodes-devel +%defattr(-,root,root) +%{_includedir}/smb_share_modes.h +%{_libdir}/libsmbsharemodes.a +%{_libdir}/libsmbsharemodes.so + +%files -n libnetapi -f net.lang +%defattr(-,root,root) +%{_libdir}/libnetapi.so.* + +%files -n libnetapi-devel +%defattr(-,root,root) +%{_includedir}/netapi.h +%{_libdir}/libnetapi.a +%{_libdir}/libnetapi.so + +%files -n libwbclient +%defattr(-,root,root) +%{_libdir}/libwbclient.so.* + +%files -n libwbclient-devel +%defattr(-,root,root) +%{_includedir}/wbclient.h +#%{_includedir}/wbc_async.h +%{_libdir}/libwbclient.so + +%files -n libtevent +%defattr(-,root,root) +%{_libdir}/libtevent.so.* + +%files -n libtevent-devel +%defattr(-,root,root) +%{_includedir}/tevent.h +%{_includedir}/tevent_internal.h +%{_libdir}/libtevent.a +%{_libdir}/libtevent.so + +%files swat +%defattr(-,root,root) +%{_sbindir}/swat +%config(noreplace) /etc/xinetd.d/swat +%dir %{_datadir}/samba/swat +%{_datadir}/samba/swat/* +%{_datadir}/applications/samba-swat.desktop + +%files winbind -f pam_winbind.lang +%defattr(-,root,root) +%{_sysconfdir}/NetworkManager/dispatcher.d/10_winbind +%{_bindir}/ntlm_auth +%{_bindir}/wbinfo +%{_sbindir}/winbindd +%{_initrddir}/winbind +/%{_lib}/libnss_winbind.so +/%{_lib}/libnss_winbind.so.2 +/%{_lib}/security/pam_winbind.so +/lib/systemd/system/winbind.service +#%dir %attr(750,root,%{squid_groupid}) /var/lib/samba/winbindd_privileged +%{_mandir}/man1/ntlm_auth.* +%{_mandir}/man1/wbinfo.* +%{_mandir}/man8/winbindd.* + +%changelog +* Wed Apr 02 2014 Silvan Calarco 3.6.23-1mamba +- update to 3.6.23 +- x86_64: install cups backend under %{_prefix}/lib/cups, not %{_libdir}/cups +- x86_64: install pam and nss libraries under /lib64 instead of /lib +- use patch to fix smbd link against libtirpc instead of passing LDFLAGS + +* Thu May 30 2013 Silvan Calarco 3.6.15-1mamba +- update to 3.6.15 +- fix pidfile in winbind initscript for systemd +- added systemd service files + +* Mon Oct 29 2012 Automatic Build System 3.6.9-1mamba +- automatic version update by autodist + +* Mon Oct 01 2012 Silvan Calarco 3.6.8-2mamba +- rebuild with pam 1.1.4 to supposingly fix pam_winbind + +* Mon Sep 17 2012 Automatic Build System 3.6.8-1mamba +- automatic version update by autodist + +* Thu Sep 06 2012 Silvan Calarco 3.6.7-2mamba +- replace 'unix charset = LOCALE' with UTF-8 in smb.conf to fix an smbd fatal error on startup + +* Tue Aug 07 2012 Automatic Build System 3.6.7-1mamba +- automatic version update by autodist + +* Tue Jun 26 2012 Automatic Build System 3.6.6-1mamba +- automatic version update by autodist + +* Mon Apr 30 2012 Automatic Build System 3.6.5-1mamba +- automatic version update by autodist + +* Fri Apr 13 2012 Automatic Build System 3.6.4-1mamba +- automatic version update by autodist + +* Fri Oct 28 2011 Silvan Calarco 3.5.11-2mamba +- removed --with-cifsmount and --with-cifsumount; added requirement for cifs-utils + +* Thu Aug 25 2011 Silvan Calarco 3.5.11-1mamba +- update to 3.5.11 + +* Wed Jun 15 2011 Automatic Build System 3.5.9-1mamba +- automatic update by autodist + +* Mon May 30 2011 Silvan Calarco 3.5.8-8mamba +- rebuilt with debug package +- winbind initscript: add missing new line in service reload output + +* Sat Apr 23 2011 Silvan Calarco 3.5.8-7mamba +- replace try_first_pass with use_first_pass in pam authentication module configuration + +* Thu Apr 14 2011 Silvan Calarco 3.5.8-6mamba +- winbind: configure to use NetworkManager to start the service + +* Wed Apr 13 2011 Silvan Calarco 3.5.8-5mamba +- samba-winbind: configure for authentication with pam_winbind.so in pam.d/system-auth + +* Tue Mar 29 2011 Silvan Calarco 3.5.8-4mamba +- set /var/lib/samba/profiles suid for group users + +* Fri Mar 25 2011 Silvan Calarco 3.5.8-3mamba +- resume installation of libnss_winbind.so and libnss_wins.so +- remove installation of ld.so.conf.d as libraries are installed in system path now + +* Tue Mar 22 2011 Silvan Calarco 3.5.8-2mamba +- add a patch to enable mount.cifs and umount.cifs to be run suided +- set mount.cifs and umount.cifs permission for only sysadmin user to be able to run it + +* Mon Mar 07 2011 Automatic Build System 3.5.8-1mamba +- automatic update by autodist + +* Mon Feb 28 2011 Automatic Build System 3.5.7-1mamba +- automatic update by autodist + +* Sat Feb 05 2011 Silvan Calarco 3.5.6-2mamba +- rebuilt with system libtalloc and libtdb + +* Fri Oct 08 2010 Automatic Build System 3.5.6-1mamba +- automatic update to 3.5.6 by autodist + +* Tue Sep 14 2010 Automatic Build System 3.5.5-1mamba +- automatic update to 3.5.5 by autodist + +* Wed Jun 23 2010 Automatic Build System 3.5.4-1mamba +- automatic update to 3.5.4 by autodist + +* Sat May 22 2010 Silvan Calarco 3.5.3-2mamba +- sync with devel-ercolinux: rebuild with umount.cifs option + +* Wed May 19 2010 Automatic Build System 3.5.3-1mamba +- automatic update to 3.5.3 by autodist + +* Wed Apr 07 2010 Automatic Build System 3.5.2-1mamba +- automatic update to 3.5.2 by autodist + +* Mon Mar 29 2010 Automatic Build System 3.5.1-1mamba +- automatic update to 3.5.1 by autodist + +* Fri Mar 12 2010 Automatic Build System 3.5.0-1mamba +- automatic update to 3.5.0 by autodist + +* Wed Feb 24 2010 Automatic Build System 3.4.6-1mamba +- automatic update to 3.4.6 by autodist + +* Tue Jan 19 2010 Automatic Build System 3.4.5-1mamba +- automatic update to 3.4.5 by autodist + +* Thu Jan 07 2010 Automatic Build System 3.4.4-1mamba +- automatic update to 3.4.4 by autodist + +* Thu Oct 29 2009 Automatic Build System 3.4.3-1mamba +- automatic update to 3.4.3 by autodist + +* Mon Oct 26 2009 Silvan Calarco 3.4.2-2mamba +- smb.conf: disable LDAP in favour of local user database scripts in default configuration +- pam.d/samba file updated + +* Thu Oct 01 2009 Automatic Build System 3.4.2-1mamba +- automatic update to 3.4.2 by autodist + +* Wed Sep 09 2009 Automatic Build System 3.4.1-1mamba +- automatic update to 3.4.1 by autodist + +* Mon Jul 06 2009 Automatic Build System 3.4.0-1mamba +- automatic update to 3.4.0 by autodist + +* Wed Jun 24 2009 Automatic Build System 3.3.6-1mamba +- automatic update to 3.3.6 by autodist + +* Thu Jun 18 2009 Automatic Build System 3.3.5-1mamba +- automatic update to 3.3.5 by autodist + +* Wed Apr 29 2009 Automatic Build System 3.3.4-1mamba +- automatic update to 3.3.4 by autodist + +* Thu Apr 02 2009 Silvan Calarco 3.3.3-1mamba +- automatic update to 3.3.3 by autodist + +* Fri Mar 13 2009 Silvan Calarco 3.3.2-1mamba +- automatic update to 3.3.2 by autodist + +* Wed Mar 04 2009 Silvan Calarco 3.3.1-2mamba +- rebuilt against avahi-compat-libdns_sd instead of libzeroconf + +* Sat Feb 28 2009 Silvan Calarco 3.3.1-1mamba +- automatic update to 3.3.1 by autodist + +* Sun Feb 01 2009 Silvan Calarco 3.3.0-1mamba +- automatic update to 3.3.0 by autodist + +* Mon Jan 05 2009 Silvan Calarco 3.2.7-1mamba +- automatic update to 3.2.7 by autodist + +* Fri Dec 12 2008 Silvan Calarco 3.2.6-1mamba +- automatic update to 3.2.6 by autodist + +* Thu Nov 27 2008 Silvan Calarco 3.2.5-1mamba +- automatic update to 3.2.5 by autodist + +* Sat Oct 25 2008 Silvan Calarco 3.2.4-1mamba +- automatic update to 3.2.4 by autodist + +* Wed Jun 04 2008 Silvan Calarco 3.0.30-1mamba +- update to 3.0.30 +- removed support for smb-ldap scripts (changes upstream) + +* Tue Apr 29 2008 Silvan Calarco 3.0.28a-1mamba +- update to 3.0.28a +- mount.cifs, umount.cifs: set suid bit to work as user (smb4k) + +* Thu Nov 22 2007 Aleph0 3.0.27a-1mamba +- update to 3.0.27a: fix for CVE-2007-4572 and CVE-2007-5398 + +* Tue Oct 30 2007 Silvan Calarco 3.0.26a-4mamba +- samba-server: fix post script in chrooted environment (don't use hostname) +- samba-server: move exit 0 to the end of the post script + +* Mon Oct 29 2007 Silvan Calarco 3.0.26a-3mamba +- enable service by default on install +- use 'service' to manage services in scripts +- removed requirement for ldap-tools + +* Tue Sep 25 2007 Silvan Calarco 3.0.26a-2mamba +- samba pam file fix: use include instead of obsolete pam_stack module + +* Tue Sep 11 2007 Aleph0 3.0.26a-1mamba +- update to 3.0.26a (fixes CVE-2007-4138) + +* Tue Jun 05 2007 Aleph0 3.0.25a-1mamba +- update to 3.0.25a + +* Mon May 14 2007 Aleph0 3.0.25-1mamba +- update to 3.0.25 +- update winbind initscript +- fixes CVE-2007-2444, CVE-2007-2446, CVE-2007-2447 +- update ldconfig cache when installing shared libraries +- new packages for libsmbsharemodes +- build python bindings + +* Mon Apr 02 2007 Aleph0 3.0.24-4mamba +- desktop file for swap modified to match freedesktop standard + +* Thu Mar 22 2007 Silvan Calarco 3.0.24-3qilnx +- set ldap-script as a PreReq + +* Wed Mar 14 2007 Aleph0 3.0.24-2qilnx +- added a requirement for ldap-scripts + +* Fri Feb 09 2007 Silvan Calarco 3.0.24-1qilnx +- update to version 3.0.24 by autospec +- samba: remove requirement for cups and libcups +- libsmbclient: remove requirement for samba + +* Tue Oct 10 2006 Davide Madrisan 3.0.23-1qilnx +- update to version 3.0.23 by autospec +- removed patch against CAN-2006-3403 (merged upstream) +- minor fix in the winbind initscript +- new package %{name}-winbind + +* Tue Jul 11 2006 Davide Madrisan 3.0.22-3qilnx +- security update: CAN-2006-1059 (qibug 198) + +* Mon Jun 12 2006 Davide Madrisan 3.0.22-2qilnx +- specfile fixed +- samba-server requires qilinux-utils-common +- added french localization in the desktop file for swat + +* Fri Mar 31 2006 Davide Madrisan 3.0.22-1qilnx +- update to version 3.0.22 by autospec + +* Sun Mar 19 2006 Silvan Calarco 3.0.21c-1qilnx +- update to version 3.0.21c by autospec +- remove guest permissions in /var/lib +- set 1777 permission to /var/spool/samba + +* Mon Jun 27 2005 Silvan Calarco 3.0.14a-4qilnx +- added mkhomedir.sh for automatic home dirs creation support + +* Wed Jun 08 2005 Silvan Calarco 3.0.14a-3qilnx +- fixed idealx scripts + +* Thu May 19 2005 Silvan Calarco 3.0.14a-2qilnx +- moved pam plugin to /lib/security dir + +* Tue Apr 19 2005 Silvan Calarco 3.0.14a-1qilnx +- update to version 3.0.14a by autospec + +* Tue Feb 15 2005 Silvan Calarco 3.0.11-2qilnx +- fixed a %%pre script error in case of new install +- removed %%post script ldap configuration (will be done in QiLinux server install2 phase) + +* Tue Feb 15 2005 Silvan Calarco 3.0.11-1qilnx +- update to version 3.0.11 by autospec +- make scripts conditional checks for openldap presence + +* Fri Dec 24 2004 Davide Madrisan 3.0.10-3qilnx +- rebuild with new libe2fs-devel, libkrb5-devel packages + +* Sat Dec 18 2004 Silvan Calarco 3.0.10-2qilnx +- fixed samba.schema permissions +- moved some configuration files to main package from samba-server + +* Thu Dec 09 2004 Silvan Calarco 3.0.10-1qilnx +- new version build +- added a check for use of `net getlocalsid` in script qilinux_smbldap_conf.sh +- use useradd and groupadd instead of useradd-ldap and groupadd-ldap to add initial user guest + +* Thu Dec 09 2004 Silvan Calarco 3.0.9-2qilnx +- perform condrestart instead of rester of openldap servers on new install + +* Wed Dec 01 2004 Silvan Calarco 3.0.9-1qilnx +- update to version 3.0.9 by autospec +- removed package samba-common (obsoleted by samba) + +* Tue Nov 16 2004 Davide Madrisan 3.0.7-6qilnx +- security fix QSA-2004-056 (CAN-2004-0882, CAN-2004-0930) + +* Thu Oct 28 2004 Silvan Calarco 3.0.7-5qilnx +- removed libdb.so dependency + +* Mon Oct 25 2004 Silvan Calarco 3.0.7-4qilnx +- added default separator "/" for winbind DOMAIN/USER +- disabled domain logons/domain master/local master options by default + +* Mon Oct 25 2004 Silvan Calarco 3.0.7-3qilnx +- fixes for winbind: add libnss_winbind, libnss_wins and pam_winbind + +* Tue Sep 28 2004 Silvan Calarco 3.0.7-2qilnx +- fixes to qilinux_smbldap_conf.sh +- execution of qilinux_smbldap_conf.sh on upgrade should fix QiLinux 1.1 installation + +* Wed Sep 15 2004 Silvan Calarco 3.0.7-1qilnx +- new version build +- security fixes: CAN-2004-0807, CAN-2004-0808 + +* Fri Sep 03 2004 Davide Madrisan 3.0.5-1qilnx +- update to version 3.0.5 to fix security problems (CAN-2004-0600, + CAN-2004-0686) + +* Wed Jul 14 2004 Silvan Calarco 3.0.4-7qilnx +- default configuration changed with PDC settings +- added default /etc/samba/smbusers for Administrator account + +* Mon Jul 12 2004 Silvan Calarco 3.0.4-6qilnx +- fixed a couple of default smb.conf typos + +* Mon Jul 12 2004 Silvan Calarco 3.0.4-5qilnx +- fixed guest user and group creation (use appropriate uid and gid) + +* Fri Jul 09 2004 Silvan Calarco 3.0.4-4qilnx +- create guest user in ldap database + +* Thu Jul 08 2004 Silvan Calarco 3.0.4-3qilnx +- added QiLinux LDAP populating script +- changed guest account from 'nobody' to 'guest' +- winbind initscript added + +* Mon Jul 05 2004 Silvan Calarco 3.0.4-2qilnx +- added LDAP scripts install and related smb.conf configuration + +* Sun May 09 2004 Silvan Calarco 3.0.4-1qilnx +- new version build + +* Wed May 07 2004 Silvan Calarco 3.0.3-4qilnx +- smbumount installed setuid root + +* Wed May 05 2004 Silvan Calarco 3.0.3-3qilnx +- smbmnt installed setuid root + +* Wed May 05 2004 Silvan Calarco 3.0.3-2qilnx +- added smbmount, now mount.smbfs is a symlink to smbmount + +* Wed May 05 2004 Silvan Calarco 3.0.3-1qilnx +- new version build + +* Wed Mar 17 2004 Silvan Calarco 3.0.2a-3qilnx +- added KDE menu entry for swat + +* Thu Feb 26 2004 Silvan Calarco 3.0.2a-2qilnx +- removed obsolete /var/cache/samba directory (replaced by /var/lib/samba) +- changed /var/lib/samba permissions from 1777 to 0755 + +* Wed Feb 25 2004 Silvan Calarco 3.0.2a-1qilnx +- new version build + +* Mon Feb 09 2004 Silvan Calarco 3.0.2-1qilnx +- new version build + +* Mon Dec 22 2003 Silvan Calarco 3.0.1-2qilnx +- changed owner of /var/spool/samba and /var/lib/samba/* to nodoby.nobody + +* Tue Dec 16 2003 Silvan Calarco 3.0.1-1qilnx +- new version rebuild + +* Fri Dec 12 2003 Silvan Calarco 3.0.1rc2-1qilnx +- new version rebuild +- fixed %%post/%%pre scripts + +* Fri Dec 05 2003 Silvan Calarco 3.0.1rc1-1qilnx +- new version rebuild + +* Mon Dec 01 2003 Silvan Calarco 3.0.1pre3-1qilnx +- new major version rebuild + +* Fri Nov 28 2003 Silvan Calarco 2.2.8a-7qilnx +- rebuilt with libsmbclient support +- added default lmhosts file + +* Wed Oct 08 2003 Davide Madrisan 2.2.8a-6qilnx +- new policies for chkconfig and automatic start/restart of the samba service +- added the `--with-libsmbclient', and `--with-acl-support' configure options +- added `exit 0' after `xinetd reload' + +* Tue Sep 02 2003 Davide Madrisan 2.2.8a-5qilnx +- default smb.conf file modified: [homes] added, [home] removed + +* Mon Jul 28 2003 Silvan Calarco 2.2.8a-4qilnx +- rebuilt with pam and ldap support +- added samba ldap schema configuration + +* Mon Jun 23 2003 Silvan Calarco 2.2.8a-3qilnx +- added new-style %%post and other scripts + +* Tue May 27 2003 Silvan Calarco 2.2.8a-2qilnx +- added server configuration files and dirs + +* Wed May 21 2003 Silvan Calarco 2.2.8a-1qilnx +- first build diff --git a/winbind-initscript b/winbind-initscript new file mode 100644 index 0000000..4657131 --- /dev/null +++ b/winbind-initscript @@ -0,0 +1,75 @@ +#!/bin/sh +# +# chkconfig: 345 91 35 +# description: Starts and stops the Samba winbind daemon +# +# pidfile: /run/winbindd.pid +# config: /etc/samba/smb.conf + +# source function library +. /etc/sysconfig/rc +. $rc_functions + +NAME=winbindd +DAEMON=/usr/sbin/$NAME +DAEMONPID=/run/$NAME.pid +DAEMONCONF=/etc/samba/smb.conf +OPTIONS="" + +[ -x $DAEMON ] || exit 0 + +# source networking configuration +. /etc/sysconfig/network + +# check that networking is up +[ ${NETWORKING} = "no" ] && exit 0 + +# avoid using root's TMPDIR +unset TMPDIR + +[ -r /etc/sysconfig/$NAME ] && . /etc/sysconfig/$NAME + +# check that smb.conf exists +[ -r $DAEMONCONF ] || exit 0 + +RETVAL=0 + +case "$1" in + start) + echo -n $"Starting $NAME: " + daemon --pidfile=$DAEMONPID $DAEMON $OPTIONS + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$NAME + ;; + stop) + echo -n $"Stopping $NAME: " + killproc -p $DAEMONPID $DAEMON + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$NAME $DAEMONPID + ;; + restart|force-reload) + $0 stop + sleep 1 + $0 start + ;; + reload) + echo -n "Reloading $NAME: " + reloadproc $DAEMON + echo + ;; + condrestart) + [ -e /var/lock/subsys/$NAME ] && $0 restart || : + ;; + status) + statusproc $DAEMON + RETVAL=$? + ;; + *) + echo $"Usage: ""/etc/init.d/$NAME {start|stop|status|reload|restart|condrestart}" + exit 1 + ;; +esac + +exit $? diff --git a/winbind-nm-dispatcher b/winbind-nm-dispatcher new file mode 100644 index 0000000..a57c5c2 --- /dev/null +++ b/winbind-nm-dispatcher @@ -0,0 +1,12 @@ +#!/bin/sh + +INTERFACE=$1 # The interface which is brought up or down +STATUS=$2 # The new state of the interface + +case "$STATUS" in + 'up') # $INTERFACE is up + [ -f /var/run/samba/winbindd.pid ] || /sbin/service winbind start + ;; + 'down') # $INTERFACE is down + ;; +esac