From caca509548dd2f2778a547655ed928de6144601f Mon Sep 17 00:00:00 2001 From: Silvan Calarco Date: Sat, 27 Jan 2024 09:56:59 +0100 Subject: [PATCH] enable support for user shares by default and add sambashares group as expected by kde plasma use systemd sysusers file to create groups and users [release 4.19.4-2mamba;Fri Jan 26 2024] --- samba-3.0.23-smbldaptools-rootbinddn.patch | 57 ------ samba-3.2.4-remove_strlcpy_strlcat.patch | 48 ----- samba-3.5.8-mount_disable_setuid_check.patch | 22 --- samba-4.0.6-libtirpc.patch | 10 - samba-4.1.14-no-as-needed.patch | 13 -- samba-4.11.4-glibc-2.30.patch | 13 -- samba-4.19.4-conf-enable-usershares.patch | 15 ++ samba-conf | 86 -------- samba-mkhomedir.sh | 34 ---- samba-server.sysusers | 2 + samba-smbldap_conf.pm | 198 ------------------- samba-swat_desktopfile | 15 -- samba.spec | 156 +++------------ samba.sysusers | 1 + 14 files changed, 41 insertions(+), 629 deletions(-) delete mode 100644 samba-3.0.23-smbldaptools-rootbinddn.patch delete mode 100644 samba-3.2.4-remove_strlcpy_strlcat.patch delete mode 100644 samba-3.5.8-mount_disable_setuid_check.patch delete mode 100644 samba-4.0.6-libtirpc.patch delete mode 100644 samba-4.1.14-no-as-needed.patch delete mode 100644 samba-4.11.4-glibc-2.30.patch create mode 100644 samba-4.19.4-conf-enable-usershares.patch delete mode 100644 samba-conf delete mode 100644 samba-mkhomedir.sh create mode 100644 samba-server.sysusers delete mode 100644 samba-smbldap_conf.pm delete mode 100644 samba-swat_desktopfile create mode 100644 samba.sysusers diff --git a/samba-3.0.23-smbldaptools-rootbinddn.patch b/samba-3.0.23-smbldaptools-rootbinddn.patch deleted file mode 100644 index 30f8ccf..0000000 --- a/samba-3.0.23-smbldaptools-rootbinddn.patch +++ /dev/null @@ -1,57 +0,0 @@ ---- samba-3.0.23/examples/LDAP/smbldap-tools-0.9.2/smbldap_tools.pm 2006-01-03 11:57:41.000000000 +0100 -+++ samba-3.0.23/examples/LDAP/smbldap-tools-0.9.2/smbldap_tools.pm.fix 2006-10-10 10:12:42.000000000 +0200 -@@ -32,15 +32,15 @@ - # ugly funcs using global variables and spawning openldap clients - - my $smbldap_conf; --if (-e "/etc/smbldap-tools/smbldap.conf") { -- $smbldap_conf="/etc/smbldap-tools/smbldap.conf"; -+if (-e "/etc/samba/smbldap-tools/smbldap.conf") { -+ $smbldap_conf="/etc/samba/smbldap-tools/smbldap.conf"; - } else { - $smbldap_conf="/etc/opt/IDEALX/smbldap-tools/smbldap.conf"; - } - - my $smbldap_bind_conf; --if (-e "/etc/smbldap-tools/smbldap_bind.conf") { -- $smbldap_bind_conf="/etc/smbldap-tools/smbldap_bind.conf"; -+if (-e "/etc/samba/smbldap-tools/smbldap_bind.conf") { -+ $smbldap_bind_conf="/etc/samba/smbldap-tools/smbldap_bind.conf"; - } else { - $smbldap_bind_conf="/etc/opt/IDEALX/smbldap-tools/smbldap_bind.conf"; - } -@@ -51,6 +51,10 @@ - $samba_conf="/usr/local/samba/lib/smb.conf"; - } - -+# system-wide LDAP configuration files -+my $ldap_conf="/etc/ldap.conf"; -+my $ldap_secret="/etc/ldap.secret"; -+ - use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS); - use Exporter; - $VERSION = 1.00; -@@ -168,7 +172,22 @@ - $conf{$parameter}=$value; - } - close (CONFIGFILE); -- } else { -+ -+ if (open (CONFIGFILE, "$ldap_secret")) { -+ $conf{masterPw} = ; -+ chomp($conf{masterPw}); -+ close (CONFIGFILE); -+ -+ open (CONFIGFILE, "$ldap_conf") || die "Unable to open $ldap_conf for reading !\n"; -+ while () { -+ chomp($_); -+ next if ( ! /^\s*rootbinddn\s*.*/ ); -+ $_ =~ s/^\s*rootbinddn\s*(.*)$/$1/; -+ $conf{masterDN}=$_; -+ } -+ close (CONFIGFILE); -+ } -+ } else { - $conf{slaveDN}=$conf{slavePw}=$conf{masterDN}=$conf{masterPw}=""; - } - # automatically find SID diff --git a/samba-3.2.4-remove_strlcpy_strlcat.patch b/samba-3.2.4-remove_strlcpy_strlcat.patch deleted file mode 100644 index 8d3f878..0000000 --- a/samba-3.2.4-remove_strlcpy_strlcat.patch +++ /dev/null @@ -1,48 +0,0 @@ -diff -Nru samba-3.2.4.orig/source/client/mount.cifs.c samba-3.2.4/source/client/mount.cifs.c ---- samba-3.2.4.orig/source/client/mount.cifs.c 2008-09-18 08:49:02.000000000 +0200 -+++ samba-3.2.4/source/client/mount.cifs.c 2008-10-02 12:30:24.000000000 +0200 -@@ -89,44 +89,6 @@ - char * domain_name = NULL; - char * prefixpath = NULL; - --/* glibc doesn't have strlcpy, strlcat. Ensure we do. JRA. We -- * don't link to libreplace so need them here. */ -- --/* like strncpy but does not 0 fill the buffer and always null -- * terminates. bufsize is the size of the destination buffer */ --static size_t strlcpy(char *d, const char *s, size_t bufsize) --{ -- size_t len = strlen(s); -- size_t ret = len; -- if (bufsize <= 0) return 0; -- if (len >= bufsize) len = bufsize-1; -- memcpy(d, s, len); -- d[len] = 0; -- return ret; --} -- --/* like strncat but does not 0 fill the buffer and always null -- * terminates. bufsize is the length of the buffer, which should -- * be one more than the maximum resulting string length */ --static size_t strlcat(char *d, const char *s, size_t bufsize) --{ -- size_t len1 = strlen(d); -- size_t len2 = strlen(s); -- size_t ret = len1 + len2; -- -- if (len1+len2 >= bufsize) { -- if (bufsize < (len1+1)) { -- return ret; -- } -- len2 = bufsize - (len1+1); -- } -- if (len2 > 0) { -- memcpy(d+len1, s, len2); -- d[len1+len2] = 0; -- } -- return ret; --} -- - /* BB finish BB - - cifs_umount diff --git a/samba-3.5.8-mount_disable_setuid_check.patch b/samba-3.5.8-mount_disable_setuid_check.patch deleted file mode 100644 index 9cc3f11..0000000 --- a/samba-3.5.8-mount_disable_setuid_check.patch +++ /dev/null @@ -1,22 +0,0 @@ -Files a/client/.mount.cifs.c.swp and b/client/.mount.cifs.c.swp differ -diff -Nur a/client/mount.cifs.c b/client/mount.cifs.c ---- a/client/mount.cifs.c 2010-04-01 15:26:22.000000000 +0200 -+++ b/client/mount.cifs.c 2010-04-15 13:20:41.997470980 +0200 -@@ -97,7 +97,7 @@ - * error if it is. If you wish to disable this check, then set the following - * #define to 1, but please realize that you do so at your own peril. - */ --#define CIFS_DISABLE_SETUID_CHECK 0 -+#define CIFS_DISABLE_SETUID_CHECK 1 - - /* - * By default, mount.cifs follows the conventions set forth by /bin/mount -@@ -112,7 +112,7 @@ - * The legacy behavior is now disabled by default. To reenable it, set the - * following #define to true. - */ --#define CIFS_LEGACY_SETUID_CHECK 0 -+#define CIFS_LEGACY_SETUID_CHECK 1 - - /* - * When an unprivileged user runs a setuid mount.cifs, we set certain mount diff --git a/samba-4.0.6-libtirpc.patch b/samba-4.0.6-libtirpc.patch deleted file mode 100644 index 06570d0..0000000 --- a/samba-4.0.6-libtirpc.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- samba-4.0.0/source3/wscript_build.bero 2012-12-14 16:47:47.124053374 +0100 -+++ samba-4.0.0/source3/wscript_build 2012-12-14 16:49:54.517558570 +0100 -@@ -977,6 +977,7 @@ bld.SAMBA3_LIBRARY('smbd_base', - NDR_SMB_ACL - netapi - ''' + bld.env['dmapi_lib'], -+ ldflags='-ltirpc', - private_library=True, - vars=locals()) - diff --git a/samba-4.1.14-no-as-needed.patch b/samba-4.1.14-no-as-needed.patch deleted file mode 100644 index 23dfb02..0000000 --- a/samba-4.1.14-no-as-needed.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff -Nru samba-4.1.14.orig/wscript samba-4.1.14/wscript ---- samba-4.1.14.orig/wscript 2014-12-01 13:48:32.000000000 +0100 -+++ samba-4.1.14/wscript 2014-12-19 16:39:08.460000000 +0100 -@@ -155,9 +155,6 @@ - # allows us to find problems on our development hosts faster. - # It also results in faster load time. - -- if not sys.platform.startswith("openbsd"): -- conf.env.asneeded_ldflags = conf.ADD_LDFLAGS('-Wl,--as-needed', testflags=True) -- - if not conf.CHECK_NEED_LC("-lc not needed"): - conf.ADD_LDFLAGS('-lc', testflags=False) - diff --git a/samba-4.11.4-glibc-2.30.patch b/samba-4.11.4-glibc-2.30.patch deleted file mode 100644 index 143f0c0..0000000 --- a/samba-4.11.4-glibc-2.30.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- a/lib/replace/system/network.h 2019-01-15 21:07:00.000000000 +1100 -+++ b/lib/replace/system/network.h.new 2019-08-27 23:28:56.106742843 +1000 -@@ -87,10 +87,6 @@ - #include - #endif - --#ifdef HAVE_STROPTS_H --#include --#endif -- - #ifndef HAVE_SOCKLEN_T - #define HAVE_SOCKLEN_T - typedef int socklen_t; diff --git a/samba-4.19.4-conf-enable-usershares.patch b/samba-4.19.4-conf-enable-usershares.patch new file mode 100644 index 0000000..8b13983 --- /dev/null +++ b/samba-4.19.4-conf-enable-usershares.patch @@ -0,0 +1,15 @@ +--- samba-4.19.4/examples/smb.conf.default.orig 2024-01-26 18:01:53.376647291 +0100 ++++ samba-4.19.4/examples/smb.conf.default 2024-01-26 18:05:15.617045920 +0100 +@@ -112,6 +112,12 @@ + idmap config * : backend = tdb + idmap config * : range = 3000-7999 + ++# Enable support for user configurable shares ++usershare path = /var/lib/samba/usershares ++usershare max shares = 100 ++usershare allow guests = yes ++usershare owner only = yes ++ + #============================ Share Definitions ============================== + [homes] + comment = Home Directories diff --git a/samba-conf b/samba-conf deleted file mode 100644 index ecbf10e..0000000 --- a/samba-conf +++ /dev/null @@ -1,86 +0,0 @@ -[global] - unix charset = UTF-8 - netbios name = %HOSTNAME - server string = - workgroup = %DOMAIN - os level = 64 - preferred master = no - domain master = no - local master = no - security = user - guest account = guest - passdb backend = smbpasswd - encrypt passwords = yes - domain logons = no - log file = /var/log/samba/log.%m - log level = 1 - logon path = \\%L\profiles\%U - logon drive = H: - logon home = \\%N\home\%u - logon script = logon.cmd -# ldap machine suffix = ou=Machines -# ldap user suffix = ou=People -# ldap group suffix = ou=Groups -# ldap idmap suffix = ou=Idmap - load printers = yes - printing = cups - printcap name = cups -# add user script= /usr/lib/samba/sbin/smbldap-useradd -a -m '%u' -# delete user script = /usr/lib/samba/sbin/smbldap-userdel %u -# add group script = /usr/lib/samba/sbin/smbldap-groupadd -p '%g' -# delete group script = /usr/lib/samba/sbin/smbldap-groupdel '%g' -# add user to group script = /usr/lib/samba/sbin/smbldap-groupmod -m '%u' '%g' -# delete user from group script = /usr/lib/samba/sbin/smbldap-groupmod -x '%u' '%g' -# set primary group script = /usr/lib/samba/sbin/smbldap-usermod -g '%g' '%u' -# add machine script = /usr/lib/samba/sbin/smbldap-useradd -w '%u' - map acl inherit = Yes - winbind separator = / - -[netlogon] - comment = Network Logon Service - path = /var/lib/samba/netlogon - guest ok = Yes - locking = no - -[profiles] - comment = Profile Share - path = /var/lib/samba/profiles - read only = no - profile acls = Yes - create mask = 0600 - directory mask = 0700 - -[profdata] - comment = Profile Data Share - path = /var/lib/samba/profdata - read only = No - profile acls = Yes - -[homes] - comment = Home Directory for : %u - path = /home/%u - read only = No - browseable = No - root preexec = /usr/lib/samba/sbin/mkhomedir.sh %u - -[shared] - comment = Shared files for user %u - path = /home/%u/shared - -[print$] - comment = Printer Drivers - path = /var/lib/samba/drivers - browseable = yes - guest ok = no - read only = yes - write list = Administrator - -[printers] - comment = SMB Print spool - path = /var/spool/samba - browseable = no - public = yes - guest ok = yes - writable = no - printable = yes - printer admin = Administrator, @ntadmins diff --git a/samba-mkhomedir.sh b/samba-mkhomedir.sh deleted file mode 100644 index 65955d7..0000000 --- a/samba-mkhomedir.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh -# mkhomedir.sh -- automatically create user homedirs for Samba DC users -# Copyright (C) 2005 Silvan Calarco -# -# This program is free software; you can redistribute it and/or modify it under -# the terms of the GNU General Public License version 2 as published by the -# Free Software Foundation. There is NO warranty; not even for MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. -# -# me=${0##*/} - -[ "$1" ] || { -echo "Usage: $0 " -exit 1; -} -getent passwd $1 >/dev/null || { -echo "Error: user $1 does not exits. Exiting." -exit 1; -} - -[ -e "/home" ] || { -echo "Error: directory /home does not exits. Exiting." -exit 1; -} - -HOMEUSER=$1 -HOMEDIR=/home/$1 - -[ -e "$HOMEDIR" ] && exit 0; - -cp -a /etc/skel $HOMEDIR -chown -R "$HOMEUSER":"Domain Users" $HOMEDIR - - diff --git a/samba-server.sysusers b/samba-server.sysusers new file mode 100644 index 0000000..c39ef18 --- /dev/null +++ b/samba-server.sysusers @@ -0,0 +1,2 @@ +g sambashares - +u guest 65401:65413 "Samba guest user" /dev/null /bin/false diff --git a/samba-smbldap_conf.pm b/samba-smbldap_conf.pm deleted file mode 100644 index 8436a42..0000000 --- a/samba-smbldap_conf.pm +++ /dev/null @@ -1,198 +0,0 @@ -# $Source: /opt/cvs/samba/smbldap-tools/smbldap.conf,v $ -# $Id: smbldap.conf,v 1.17 2005/01/29 15:00:54 jtournier Exp $ -# -# smbldap-tools.conf : Q & D configuration file for smbldap-tools - -# This code was developped by IDEALX (http://IDEALX.org/) and -# contributors (their names can be found in the CONTRIBUTORS file). -# -# Copyright (C) 2001-2002 IDEALX -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License -# as published by the Free Software Foundation; either version 2 -# of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, -# USA. - -# Purpose : -# . be the configuration file for all smbldap-tools scripts - -############################################################################## -# -# General Configuration -# -############################################################################## - -# Put your own SID -# to obtain this number do: net getlocalsid -SID="S-1-5-21-4054337095-2523087664-1495155603" - -############################################################################## -# -# LDAP Configuration -# -############################################################################## - -# Notes: to use to dual ldap servers backend for Samba, you must patch -# Samba with the dual-head patch from IDEALX. If not using this patch -# just use the same server for slaveLDAP and masterLDAP. -# Those two servers declarations can also be used when you have -# . one master LDAP server where all writing operations must be done -# . one slave LDAP server where all reading operations must be done -# (typically a replication directory) - -# Ex: slaveLDAP=127.0.0.1 -slaveLDAP="127.0.0.1" -slavePort="389" - -# Master LDAP : needed for write operations -# Ex: masterLDAP=127.0.0.1 -masterLDAP="127.0.0.1" -masterPort="389" - -# Use TLS for LDAP -# If set to 1, this option will use start_tls for connection -# (you should also used the port 389) -ldapTLS="0" - -# How to verify the server's certificate (none, optional or require) -# see "man Net::LDAP" in start_tls section for more details -verify="require" - -# CA certificate -# see "man Net::LDAP" in start_tls section for more details -cafile="/etc/samba/smbldap-tools/ca.pem" - -# certificate to use to connect to the ldap server -# see "man Net::LDAP" in start_tls section for more details -clientcert="/etc/samba/smbldap-tools/smbldap-tools.pem" - -# key certificate to use to connect to the ldap server -# see "man Net::LDAP" in start_tls section for more details -clientkey="/etc/samba/smbldap-tools/smbldap-tools.key" - -# LDAP Suffix -# Ex: suffix=dc=IDEALX,dc=ORG -suffix="dc=idealx,dc=org" - -# Where are stored Users -# Ex: usersdn="ou=Users,dc=IDEALX,dc=ORG" -usersdn="ou=People,${suffix}" - -# Where are stored Computers -# Ex: computersdn="ou=Computers,dc=IDEALX,dc=ORG" -computersdn="ou=Machines,${suffix}" - -# Where are stored Groups -# Ex groupsdn="ou=Groups,dc=IDEALX,dc=ORG" -groupsdn="ou=Groups,${suffix}" - -# Where are stored Idmap entries (used if samba is a domain member server) -# Ex groupsdn="ou=Idmap,dc=IDEALX,dc=ORG" -idmapdn="ou=Idmap,${suffix}" - -# Where to store next uidNumber and gidNumber available -sambaUnixIdPooldn="ou=Idmap,${suffix}" - -# Default scope Used -scope="sub" - -# Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA, CLEARTEXT) -hash_encrypt="SSHA" - -# if hash_encrypt is set to CRYPT, you may set a salt format. -# default is "%s", but many systems will generate MD5 hashed -# passwords if you use "$1$%.8s". This parameter is optional! -crypt_salt_format="%s" - -############################################################################## -# -# Unix Accounts Configuration -# -############################################################################## - -# Login defs -# Default Login Shell -# Ex: userLoginShell="/bin/bash" -userLoginShell="/bin/false" - -# Home directory -# Ex: userHome="/home/%U" -userHome="/dev/null" - -# Gecos -userGecos="System User" - -# Default User (POSIX and Samba) GID -defaultUserGid="65401" - -# Default Computer (Samba) GID -defaultComputerGid="65412" - -# Skel dir -skeletonDir="/etc/skel" - -# Default password validation time (time in days) Comment the next line if -# you don't want password to be enable for defaultMaxPasswordAge days (be -# careful to the sambaPwdMustChange attribute's value) -defaultMaxPasswordAge="99" - -############################################################################## -# -# SAMBA Configuration -# -############################################################################## - -# The UNC path to home drives location (%U username substitution) -# Ex: \\My-PDC-netbios-name\homes\%U -# Just set it to a null string if you want to use the smb.conf 'logon home' -# directive and/or disable roaming profiles -userSmbHome="\\PDC-SMB3\homes\%U" - -# The UNC path to profiles locations (%U username substitution) -# Ex: \\My-PDC-netbios-name\profiles\%U -# Just set it to a null string if you want to use the smb.conf 'logon path' -# directive and/or disable roaming profiles -userProfile="\\PDC-SMB3\profiles\%U" - -# The default Home Drive Letter mapping -# (will be automatically mapped at logon time if home directory exist) -# Ex: H: for H: -userHomeDrive="H:" - -# The default user netlogon script name (%U username substitution) -# if not used, will be automatically username.cmd -# make sure script file is edited under dos -# Ex: %U.cmd -# userScript="startup.cmd" # make sure script file is edited under dos -userScript="%U.cmd" - -# Domain appended to the users "mail"-attribute -# when smbldap-useradd -M is used -mailDomain="idealx.com" - -############################################################################## -# -# SMBLDAP-TOOLS Configuration (default are ok for a RedHat) -# -############################################################################## - -# Allows not to use smbpasswd (if with_smbpasswd == 0 in smbldap_conf.pm) but -# prefer Crypt::SmbHash library -with_smbpasswd="0" -smbpasswd="/usr/bin/smbpasswd" - -# Allows not to use slappasswd (if with_slappasswd == 0 in smbldap_conf.pm) -# but prefer Crypt:: libraries -with_slappasswd="0" -slappasswd="/usr/sbin/slappasswd" - diff --git a/samba-swat_desktopfile b/samba-swat_desktopfile deleted file mode 100644 index 191ad8d..0000000 --- a/samba-swat_desktopfile +++ /dev/null @@ -1,15 +0,0 @@ -[Desktop Entry] -Version=1.0 -Encoding=UTF-8 -Name=SWAT -GenericName=Samba Web Administration tool -GenericName[fr]=Interface de configuration Web de samba -GenericName[it]=Interfaccia di amministrazione di Samba -Comment=Configure Samba via Swat Web interface -Comment[fr]=Configure Samba depuis l'interface Web Swat -Comment[it]=Configura Samba con l'interfaccia Web Swat -Exec=konqueror http://localhost:901 -Type=Application -Icon=samba -Terminal=false -Categories=Application;System; diff --git a/samba.spec b/samba.spec index 09c037c..e6ea686 100644 --- a/samba.spec +++ b/samba.spec @@ -1,13 +1,6 @@ -%define guest_uid 65401 -%define guest_gid 65413 -#%define squid_groupid 65010 - -%define filesharing_gid 14 -%define smbldap_tools_ver 0.9.2 - Name: samba Version: 4.19.4 -Release: 1mamba +Release: 2mamba Summary: Samba provides seamless file and print services to SMB/CIFS clients Group: System/Servers Vendor: openmamba @@ -15,19 +8,11 @@ Distribution: openmamba Packager: Silvan Calarco URL: https://www.samba.org Source0: http://us1.samba.org/samba/ftp/stable/samba-%{version}.tar.gz -Source1: samba-conf -Source9: samba-smbldap_conf.pm -Source10: samba-mkhomedir.sh -Source11: samba-swat_desktopfile +Source1: samba.sysusers +Source2: samba-server.sysusers Source13: winbind-nm-dispatcher -Patch0: samba-4.0.6-libtirpc.patch -Patch1: samba-4.1.14-no-as-needed.patch -# openmamba patches: -Patch2: samba-4.9.4-conf-idmap.patch -Patch10: %{name}-3.0.23-smbldaptools-rootbinddn.patch -Patch11: %{name}-3.2.4-remove_strlcpy_strlcat.patch -Patch12: %{name}-3.5.8-mount_disable_setuid_check.patch -Patch13: samba-4.11.4-glibc-2.30.patch +Patch0: samba-4.9.4-conf-idmap.patch +Patch1: samba-4.19.4-conf-enable-usershares.patch License: GPL ## AUTOBUILDREQ-BEGIN BuildRequires: glibc-devel @@ -232,10 +217,8 @@ This package contains the winbind daemon and the wbinfo tool. %setup -q #-D -T #:<< _EOF -#%patch0 -p1 -#%patch1 -p1 -%patch 2 -p1 -#%patch13 -p1 +%patch 0 -p1 +%patch 1 -p1 %build #:<< _EOF @@ -274,25 +257,6 @@ PATH=/usr/bin:$PATH \ --python=%{__python3} \ PYTHON=%{__python3} -# ARM: building with-systme-mitkrb5 to bypass atomic link problem with embedded build - -# --bundled-libraries=wind,roken,hx509,asn1,heimbase,hcrypto,krb5,gssapi,heimntlm,hdb,\ -#kdc,ntdb,subunit - -# --with-pam_smbpass \ -# --with-rootsbindir=/sbin \ -# --enable-shared \ -# --enable-static -# --with-libsmbclient \ -# --with-libsmbsharemodes \ -# --without-cisupcall \ -# --with-ldapsam \ -# --with-swat-dir=%{_datadir}/samba/swat \ -# --with-python - -#waf %{?_smp_mflags} build -#export LIBS="-ltirpc -ltermcap" - %make %install @@ -306,22 +270,12 @@ install -d %{buildroot}/var/spool/samba install -d %{buildroot}%{_sysconfdir}/samba/private -##% makeinstall -C %{_builddir}/%{name}-%{version}/source3 -#waf --destdir=%{buildroot} install -# -#rm -rf %{buildroot}/usr/private -# install -D -m 0664 examples/smb.conf.default %{buildroot}%{_sysconfdir}/samba/smb.conf sed -i "s|/usr/local/samba/var/log|/var/log/samba/log|;\ s|/usr/local/samba/lib/|/var/lib/samba/|;\ s|/usr/spool/samba|/var/spool/samba|;" \ %{buildroot}%{_sysconfdir}/samba/smb.conf -# -#systemd -#for f in samba nmb smb winbind; do -# install -D -m0644 packaging/systemd/$f.service %{buildroot}%{_unitdir}/$f.service -#done -#sed -i "s|/var/run/|/run/|" packaging/systemd/samba.conf.tmp + install -D -m0644 packaging/systemd/samba.conf.tmp %{buildroot}%{_tmpfilesdir}/samba.conf sed -i "s|/var/run/samba|/run/samba|" %{buildroot}%{_tmpfilesdir}/samba.conf @@ -331,6 +285,9 @@ install -D -m 0644 examples/LDAP/samba.schema \ install -d %{buildroot}%{_prefix}/lib/cups/backend ln -s %{_bindir}/smbspool %{buildroot}%{_prefix}/lib/cups/backend/smb +install -D -m0644 %{SOURCE1} %{buildroot}%{_sysusersdir}/samba.conf +install -D -m0644 %{SOURCE2} %{buildroot}%{_sysusersdir}/samba-server.conf + install -D -m0755 %{S:13} %{buildroot}%{_sysconfdir}/NetworkManager/dispatcher.d/10_winbind # cifs.upcall is installed in arm build; --without-cisupcall seems uneffective @@ -345,27 +302,18 @@ enable smb disable winbind _EOF +# Usershares folder +mkdir %{buildroot}%{_localstatedir}/lib/samba/usershares + %clean [ "%{buildroot}" != / ] && rm -rf %{buildroot} %pre -if [ $1 -ge 1 ]; then -# new install or update - getent group filesharing >/dev/null || \ - groupadd filesharing -g %{filesharing_gid} -fi +%sysusers_create_package samba %{SOURCE1} : %pre server -if [ $1 -ge 1 ]; then -# new install or update - getent group guest > /dev/null || groupadd guest -g %{guest_gid} - getent passwd guest >/dev/null || - useradd guest -c "Samba guest user" -d /dev/null \ - -s /bin/false -u %{guest_uid} -g %{guest_gid} > /dev/null -fi -%systemd_pre nmb -%systemd_pre smb +%sysusers_create_package samba-server %{SOURCE2} : %post server @@ -470,15 +418,9 @@ fi %defattr(-,root,root) %config %dir %{_sysconfdir}/samba %config %dir %{_sysconfdir}/samba/private -#%config(noreplace) %{_sysconfdir}/samba/lmhosts -#%config(noreplace) %{_sysconfdir}/samba/smbusers %attr(664,root,filesharing) %config(noreplace) %{_sysconfdir}/samba/smb.conf %attr(644,root,root) %{_sysconfdir}/openldap/schema/samba.schema -#%{_bindir}/async_connect_send_test -#%{_bindir}/smbta-util %{_bindir}/dumpmscat -#%{_bindir}/findsmb -#%{_bindir}/mdfind %{_bindir}/mdsearch %{_bindir}/mvxattr %{_bindir}/net @@ -496,15 +438,13 @@ fi %{_bindir}/smbget %{_bindir}/smbpasswd %{_bindir}/smbspool -#%{_bindir}/smbspool_krb5_wrapper %{_bindir}/smbstatus %{_bindir}/smbtar %{_bindir}/smbtree %{_bindir}/testparm %{_sbindir}/eventlogadm +%{_sysusersdir}/samba.conf %dir %{_libdir}/samba -#%dir %{_libdir}/samba/auth -#%{_libdir}/samba/auth/*.so %dir %{_libdir}/samba/krb5 %{_libdir}/samba/krb5/*.so %dir %{_libdir}/samba/idmap @@ -532,32 +472,25 @@ fi %files -n lib%{name} %defattr(-,root,root) -#%{_libdir}/libdcerpc-atsvc.so.* %{_libdir}/libdcerpc-binding.so.* %{_libdir}/libdcerpc-server.so.* %{_libdir}/libdcerpc-server-core.so.* %{_libdir}/libdcerpc.so.* %{_libdir}/libdcerpc-samr.so.* %{_libdir}/libndr-krb5pac.so.* -#%{_libdir}/libgensec.so.* %{_libdir}/libndr-nbt.so.* %{_libdir}/libndr-standard.so.* %{_libdir}/libndr.so.* %{_libdir}/libsamba-credentials.so.* %{_libdir}/libsamba-errors.so.* %{_libdir}/libsamba-hostconfig.so.* -#%{_libdir}/libpdb.so.* -#%{_libdir}/libregistry.so.* %{_libdir}/libsamba-passdb.so.* %{_libdir}/libsamba-policy.cpython-*.so.* %{_libdir}/libsamba-util.so.* %{_libdir}/libsamdb.so.* %{_libdir}/libsmbconf.so.* %{_libdir}/libsmbldap.so.* -#%{_libdir}/libtevent-unix-util.so.* %{_libdir}/libtevent-util.so.* -#%{_libdir}/libtorture.so.* -#%{_libdir}/samba/lib*-samba4.so.* %{_libdir}/samba/lib*-samba4.so %ifarch arm %{_libdir}/krb5/plugins/kdb/samba.so @@ -573,19 +506,15 @@ fi %exclude %{_includedir}/samba-4.0/libsmbclient.h %exclude %{_includedir}/samba-4.0/netapi.h %exclude %{_includedir}/samba-4.0/wbclient.h -#%{_libdir}/libdcerpc-atsvc.so %{_libdir}/libdcerpc-binding.so %{_libdir}/libdcerpc-samr.so %{_libdir}/libdcerpc-server.so %{_libdir}/libdcerpc-server-core.so %{_libdir}/libdcerpc.so -#%{_libdir}/libgensec.so %{_libdir}/libndr-krb5pac.so %{_libdir}/libndr-nbt.so %{_libdir}/libndr-standard.so %{_libdir}/libndr.so -#%{_libdir}/libpdb.so -#%{_libdir}/libregistry.so %{_libdir}/libsamba-credentials.so %{_libdir}/libsamba-errors.so %{_libdir}/libsamba-hostconfig.so @@ -595,33 +524,24 @@ fi %{_libdir}/libsamdb.so %{_libdir}/libsmbconf.so %{_libdir}/libsmbldap.so -#%{_libdir}/libtevent-unix-util.so %{_libdir}/libtevent-util.so -#%{_libdir}/libtorture.so -#%{_libdir}/mit_samba.so %{_libdir}/pkgconfig/dcerpc.pc -#%{_libdir}/pkgconfig/dcerpc_atsvc.pc %{_libdir}/pkgconfig/dcerpc_samr.pc %{_libdir}/pkgconfig/dcerpc_server.pc -#%{_libdir}/pkgconfig/gensec.pc %{_libdir}/pkgconfig/ndr.pc %{_libdir}/pkgconfig/ndr_krb5pac.pc %{_libdir}/pkgconfig/ndr_nbt.pc %{_libdir}/pkgconfig/ndr_standard.pc -#%{_libdir}/pkgconfig/registry.pc %{_libdir}/pkgconfig/samba-credentials.pc %{_libdir}/pkgconfig/samba-hostconfig.pc %{_libdir}/pkgconfig/samba-policy.cpython-*.pc %{_libdir}/pkgconfig/samba-util.pc %{_libdir}/pkgconfig/samdb.pc -#%{_libdir}/pkgconfig/torture.pc -#%{_libdir}/winbind_krb5_locator.so %{_libexecdir}/samba/smbspool_krb5_wrapper %files server %defattr(-,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/samba -#/etc/pam.d/samba %{_sbindir}/nmbd %{_sbindir}/smbd %{_prefix}/lib/cups/backend/smb @@ -633,11 +553,11 @@ fi %dir %attr(1777,root,root) /var/spool/samba %dir %attr(755,root,root) /var/lock/samba %dir %attr(755,root,root) /var/lock/samba/msg.lock -#/%{_lib}/security/pam_smbpass.so +%dir %attr(1770,root,sambashares) %{_localstatedir}/lib/samba/usershares +%{_sysusersdir}/samba-server.conf %{_tmpfilesdir}/samba.conf %{_unitdir}/nmb.service %{_unitdir}/smb.service -#%{_libdir}/libnss_wins.so %{_libdir}/libnss_wins.so.2 %{_mandir}/man5/* %{_mandir}/man7/* @@ -652,12 +572,7 @@ fi %{_bindir}/locktest %{_bindir}/masktest %{_bindir}/ndrdump -#%{_bindir}/ntdbbackup -#%{_bindir}/ntdbdump -#%{_bindir}/ntdbrestore -#%{_bindir}/ntdbtool %{_bindir}/oLschema2ldif -#%{_bindir}/pidl %{_bindir}/regdiff %{_bindir}/regpatch %{_bindir}/regshell @@ -685,36 +600,18 @@ fi %dir %{_libdir}/samba/service %{_libdir}/samba/service/*.so %dir /var/cache/samba -#%dir %{perl_vendorlib}/Parse -#%{perl_vendorlib}/Parse/* -#%{_mandir}/man3/Parse::Pidl::*.3pm* -#%{_mandir}/man3/ntdb.3* %files -n libsmbclient %defattr(-,root,root) %{_libdir}/libsmbclient.so.* -#%{_libdir}/libsmbclient-raw.so.* %files -n libsmbclient-devel %defattr(-,root,root) %{_includedir}/samba-*/libsmbclient.h %{_libdir}/libsmbclient.so -#%{_libdir}/libsmbclient-raw.so -#%{_libdir}/pkgconfig/smbclient-raw.pc %{_libdir}/pkgconfig/smbclient.pc -#%files -n libsmbsharemodes -#%defattr(-,root,root) -#%{_libdir}/libsmbsharemodes.so.* - -#%files -n libsmbsharemodes-devel -#%defattr(-,root,root) -#%{_includedir}/samba-*/smb_share_modes.h -#%{_libdir}/libsmbsharemodes.so -#%{_libdir}/pkgconfig/smbsharemodes.pc - %files -n libnetapi -#-f net.lang %defattr(-,root,root) %{_libdir}/libnetapi.so.* @@ -734,32 +631,25 @@ fi %{_libdir}/libwbclient.so %{_libdir}/pkgconfig/wbclient.pc -#%files swat -#%defattr(-,root,root) -#%{_sbindir}/swat -#%config(noreplace) /etc/xinetd.d/swat -#%dir %{_datadir}/samba/swat -#%{_datadir}/samba/swat/* -#%{_datadir}/applications/samba-swat.desktop - %files winbind -#-f pam_winbind.lang %defattr(-,root,root) %{_sysconfdir}/NetworkManager/dispatcher.d/10_winbind %config(noreplace) %{_sysconfdir}/security/pam_winbind.conf %{_bindir}/ntlm_auth %{_bindir}/wbinfo %{_sbindir}/winbindd -#%{_libdir}/libnss_winbind.so %{_libdir}/libnss_winbind.so.* %{_libdir}/security/pam_winbind.so %{_unitdir}/winbind.service -#%dir %attr(750,root,%{squid_groupid}) /var/lib/samba/winbindd_privileged %{_mandir}/man1/ntlm_auth.* %{_mandir}/man1/wbinfo.* %{_mandir}/man8/winbindd.* %changelog +* Fri Jan 26 2024 Silvan Calarco 4.19.4-2mamba +- enable support for user shares by default and add sambashares group as expected by kde plasma +- use systemd sysusers file to create groups and users + * Tue Jan 09 2024 Automatic Build System 4.19.4-1mamba - automatic version update by autodist diff --git a/samba.sysusers b/samba.sysusers new file mode 100644 index 0000000..bdd2d75 --- /dev/null +++ b/samba.sysusers @@ -0,0 +1 @@ +g filesharing 14