* [meta-networking][PATCH 0/2] samba: fixes for AD DC service @ 2017-10-24 8:22 jackie.huang 2017-10-24 8:22 ` [meta-networking][PATCH 1/2] samba: add missing RDEPENDS jackie.huang 2017-10-24 8:22 ` [meta-networking][PATCH 2/2] samba: fix for AD DC service jackie.huang 0 siblings, 2 replies; 4+ messages in thread From: jackie.huang @ 2017-10-24 8:22 UTC (permalink / raw) To: openembedded-devel From: Jackie Huang <jackie.huang@windriver.com> -- The following changes since commit 0d220e002e4f525469f0c24e0585318d2178e7a1: tslib: update project homepage (2017-10-20 16:14:56 +0000) are available in the git repository at: git://git.pokylinux.org/poky-contrib.git jhuang0/d_samba-ad-dc_171024_0 http://git.pokylinux.org/cgit.cgi//log/?h=jhuang0/d_samba-ad-dc_171024_0 Jackie Huang (2): samba: add missing RDEPENDS samba: fix for AD DC service .../recipes-connectivity/samba/samba_4.6.7.bb | 38 +++++++++++++++++----- 1 file changed, 29 insertions(+), 9 deletions(-) -- 2.11.0 ^ permalink raw reply [flat|nested] 4+ messages in thread
* [meta-networking][PATCH 1/2] samba: add missing RDEPENDS 2017-10-24 8:22 [meta-networking][PATCH 0/2] samba: fixes for AD DC service jackie.huang @ 2017-10-24 8:22 ` jackie.huang 2017-10-24 8:22 ` [meta-networking][PATCH 2/2] samba: fix for AD DC service jackie.huang 1 sibling, 0 replies; 4+ messages in thread From: jackie.huang @ 2017-10-24 8:22 UTC (permalink / raw) To: openembedded-devel From: Jackie Huang <jackie.huang@windriver.com> * samba-tool requires the python modules from samba-python or it fails with: Traceback (most recent call last): File "/usr/bin/samba-tool", line 33, in <module> from samba.netcmd.main import cmd_sambatool ImportError: No module named samba.netcmd.main * Provisioning with samba-tool requires samba-dsdb-modules or it fails with: Setting up secrets.ldb ldb: unable to stat module /usr/lib64/samba/ldb : No such file or directory WARNING: Module [samba_secrets] not found - do you need to set LDB_MODULES_PATH? Unable to load modules for /var/lib/samba/private/secrets.ldb: (null) ERROR(ldb): uncaught exception - None * samba-python requires pytalloc and python-tdb or it fails with: TypeError: pytalloc: unable to get talloc.BaseObject type ERROR(<type 'exceptions.ImportError'>): uncaught exception - No module named tdb Signed-off-by: Jackie Huang <jackie.huang@windriver.com> --- meta-networking/recipes-connectivity/samba/samba_4.6.7.bb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta-networking/recipes-connectivity/samba/samba_4.6.7.bb b/meta-networking/recipes-connectivity/samba/samba_4.6.7.bb index 59d7425c8..2b227c95d 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.6.7.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.6.7.bb @@ -186,7 +186,8 @@ python samba_populate_packages() { PACKAGESPLITFUNCS_prepend = "samba_populate_packages " -RDEPENDS_${PN} += "${PN}-base" +RDEPENDS_${PN} += "${PN}-base ${PN}-python ${PN}-dsdb-modules" +RDEPENDS_${PN}-python += "pytalloc python-tdb" FILES_${PN}-base = "${sbindir}/nmbd \ ${sbindir}/smbd \ -- 2.11.0 ^ permalink raw reply related [flat|nested] 4+ messages in thread
* [meta-networking][PATCH 2/2] samba: fix for AD DC service 2017-10-24 8:22 [meta-networking][PATCH 0/2] samba: fixes for AD DC service jackie.huang 2017-10-24 8:22 ` [meta-networking][PATCH 1/2] samba: add missing RDEPENDS jackie.huang @ 2017-10-24 8:22 ` jackie.huang 2017-11-02 7:19 ` Huang, Jie (Jackie) 1 sibling, 1 reply; 4+ messages in thread From: jackie.huang @ 2017-10-24 8:22 UTC (permalink / raw) To: openembedded-devel From: Jackie Huang <jackie.huang@windriver.com> The AD DC service is installed by default since the commit: """ commit 28b8edc760d5e0664ad4861464f5de06f5fc305a samba: install all systemd unit files This includes samba.service, which other major distributions install, too. """ But lack of required executable since ad-dc feature is disabled by default. To fix the issue: - Add PACKAGECONFIG for ad-dc and enable by default. - Add PACKAGECONFIG for gnutls which is required by ad-dc and enable by default. - Add PACKAGECONFIG for mitkrb5 but disable by default because of an known issue: http://samba.2283325.n4.nabble.com/samba-4-6-6-Unknown-dependency-kdc-in-service-kdc-objlist-td4722096.html - Don't install samba.service if ad-dc is disabled. - Re-package ad-dc service and executable into a new package samba-ad-dc Signed-off-by: Jackie Huang <jackie.huang@windriver.com> --- .../recipes-connectivity/samba/samba_4.6.7.bb | 35 +++++++++++++++++----- 1 file changed, 27 insertions(+), 8 deletions(-) diff --git a/meta-networking/recipes-connectivity/samba/samba_4.6.7.bb b/meta-networking/recipes-connectivity/samba/samba_4.6.7.bb index 2b227c95d..9372ea34a 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.6.7.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.6.7.bb @@ -34,7 +34,7 @@ inherit systemd waf-samba cpan-base perlnative update-rc.d # remove default added RDEPENDS on perl RDEPENDS_${PN}_remove = "perl" -DEPENDS += "readline virtual/libiconv zlib popt libtalloc libtdb libtevent libldb krb5 libbsd libaio libpam" +DEPENDS += "readline virtual/libiconv zlib popt libtalloc libtdb libtevent libldb libbsd libaio libpam" DEPENDS_append_libc-musl = " libtirpc" CFLAGS_append_libc-musl = " -I${STAGING_INCDIR}/tirpc" LDFLAGS_append_libc-musl = " -ltirpc" @@ -45,12 +45,18 @@ LSB_linuxstdbase = "lsb" INITSCRIPT_NAME = "samba" INITSCRIPT_PARAMS = "start 20 3 5 . stop 20 0 1 6 ." -SYSTEMD_PACKAGES = "${PN}-base winbind" +SYSTEMD_PACKAGES = "${PN}-base ${PN}-ad-dc winbind" SYSTEMD_SERVICE_${PN}-base = "nmb.service smb.service" +SYSTEMD_SERVICE_${PN}-ad-dc = "samba.service" SYSTEMD_SERVICE_winbind = "winbind.service" +# There are prerequisite settings to enable ad-dc, so disable the service by default. +# Reference: +# https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller +SYSTEMD_AUTO_ENABLE_${PN}-ad-dc = "disable" + PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd zeroconf', d)} \ - acl cups ldap \ + acl ad-dc cups gnutls ldap \ " RDEPENDS_${PN}-base += "${LSB}" @@ -68,6 +74,15 @@ PACKAGECONFIG[valgrind] = ",--without-valgrind,valgrind," PACKAGECONFIG[lttng] = "--with-lttng, --without-lttng,lttng-ust" PACKAGECONFIG[archive] = "--with-libarchive, --without-libarchive, libarchive" +# Building the AD (Active Directory) DC (Domain Controller) requires GnuTLS, +# And ad-dc doesn't work with mitkrb5 for versions prior to 4.7.0 according to: +# http://samba.2283325.n4.nabble.com/samba-4-6-6-Unknown-dependency-kdc-in-service-kdc-objlist-td4722096.html +# So the working combination is: +# 1) ad-dc: enable, gnutls: enable, mitkrb5: disable +# 2) ad-dc: disable, gnutls: enable/disable, mitkrb5: enable +PACKAGECONFIG[ad-dc] = ",--without-ad-dc,," +PACKAGECONFIG[gnutls] = "--enable-gnutls,--disable-gnutls,gnutls," +PACKAGECONFIG[mitkrb5] = "--with-system-mitkrb5,,krb5," SAMBA4_IDMAP_MODULES="idmap_ad,idmap_rid,idmap_adex,idmap_hash,idmap_tdb2" SAMBA4_PDB_MODULES="pdb_tdbsam,${@bb.utils.contains('PACKAGECONFIG', 'ldap', 'pdb_ldap,', '', d)}pdb_ads,pdb_smbpasswd,pdb_wbc_sam,pdb_samba4" @@ -82,12 +97,9 @@ EXTRA_OECONF += "--enable-fhs \ --with-modulesdir=${libdir}/samba \ --with-lockdir=${localstatedir}/lib/samba \ --with-cachedir=${localstatedir}/lib/samba \ - --disable-gnutls \ --disable-rpath-install \ --with-shared-modules=${SAMBA4_MODULES} \ --bundled-libraries=${SAMBA4_LIBS} \ - --with-system-mitkrb5 \ - --without-ad-dc \ ${@base_conditional('TARGET_ARCH', 'x86_64', '', '--disable-glusterfs', d)} \ --with-cluster-support \ --with-profiling-data \ @@ -113,6 +125,10 @@ do_install_append() { -e 's,/etc/sysconfig/samba,${sysconfdir}/default/samba,' \ -i ${D}${systemd_system_unitdir}/*.service + if [ "${@bb.utils.contains('PACKAGECONFIG', 'ad-dc', 'yes', 'no', d)}" = "no" ]; then + rm -f ${D}${systemd_system_unitdir}/samba.service + fi + install -d ${D}${sysconfdir}/tmpfiles.d install -m644 packaging/systemd/samba.conf.tmp ${D}${sysconfdir}/tmpfiles.d/samba.conf echo "d ${localstatedir}/log/samba 0755 root root -" \ @@ -161,7 +177,7 @@ do_install_append() { PACKAGES =+ "${PN}-python ${PN}-pidl \ ${PN}-dsdb-modules ${PN}-testsuite registry-tools \ winbind \ - ${PN}-common ${PN}-base ${PN}-ctdb-tests \ + ${PN}-common ${PN}-base ${PN}-ad-dc ${PN}-ctdb-tests \ smbclient" python samba_populate_packages() { @@ -196,9 +212,12 @@ FILES_${PN}-base = "${sbindir}/nmbd \ ${localstatedir}/nmbd \ ${localstatedir}/spool/samba \ ${systemd_system_unitdir}/nmb.service \ - ${systemd_system_unitdir}/samba.service \ ${systemd_system_unitdir}/smb.service" +FILES_${PN}-ad-dc = "${sbindir}/samba \ + ${systemd_system_unitdir}/samba.service \ + " + FILES_${PN}-ctdb-tests = "${bindir}/ctdb_run_tests \ ${bindir}/ctdb_run_cluster_tests \ ${sysconfdir}/ctdb/nodes \ -- 2.11.0 ^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [meta-networking][PATCH 2/2] samba: fix for AD DC service 2017-10-24 8:22 ` [meta-networking][PATCH 2/2] samba: fix for AD DC service jackie.huang @ 2017-11-02 7:19 ` Huang, Jie (Jackie) 0 siblings, 0 replies; 4+ messages in thread From: Huang, Jie (Jackie) @ 2017-11-02 7:19 UTC (permalink / raw) To: openembedded-devel@lists.openembedded.org Please ignore this since we found an issue after disabling mitkrb5: Samba can be built with either: - system_mitkrb5 (--with-system-mitkrb5) - embedded_heimdal - system_heimdal If we don't set --with-system-mitkrb5, it will find if there is system_heimdal , if not, It will built with embedded_heimdal which seems only builds for x86 and x86-64, and it needs libbsd on the host, it will fail when build for x86 and there is no 32bit libbsd on the host: tmp-glibc/work/core2-32-wrsmllib32-linux/lib32-samba/4.6.7-r0/samba-4.6.7/bin/asn1_compile: error while loading shared libraries: libbsd.so.0: cannot open shared object file: No such file or directory So I will re-work the patch to turn back to mitkrb5, but ad-dc will need to be disabled by default since another know issue I mentioned in the comments. And someone from WR might work on the above issue. Thanks, Jackie > -----Original Message----- > From: openembedded-devel-bounces@lists.openembedded.org > [mailto:openembedded-devel-bounces@lists.openembedded.org] On Behalf Of > jackie.huang@windriver.com > Sent: Tuesday, October 24, 2017 16:23 > To: openembedded-devel@lists.openembedded.org > Subject: [oe] [meta-networking][PATCH 2/2] samba: fix for AD DC service > > From: Jackie Huang <jackie.huang@windriver.com> > > The AD DC service is installed by default since the commit: > """ > commit 28b8edc760d5e0664ad4861464f5de06f5fc305a > samba: install all systemd unit files > This includes samba.service, which other major distributions install, too. > """ > > But lack of required executable since ad-dc feature is disabled by default. > > To fix the issue: > - Add PACKAGECONFIG for ad-dc and enable by default. > - Add PACKAGECONFIG for gnutls which is required by ad-dc and > enable by default. > - Add PACKAGECONFIG for mitkrb5 but disable by default because > of an known issue: > http://samba.2283325.n4.nabble.com/samba-4-6-6-Unknown-dependency- > kdc-in-service-kdc-objlist-td4722096.html > - Don't install samba.service if ad-dc is disabled. > - Re-package ad-dc service and executable into a new package samba-ad-dc > > Signed-off-by: Jackie Huang <jackie.huang@windriver.com> > --- > .../recipes-connectivity/samba/samba_4.6.7.bb | 35 +++++++++++++++++---- > - > 1 file changed, 27 insertions(+), 8 deletions(-) > > diff --git a/meta-networking/recipes-connectivity/samba/samba_4.6.7.bb > b/meta-networking/recipes-connectivity/samba/samba_4.6.7.bb > index 2b227c95d..9372ea34a 100644 > --- a/meta-networking/recipes-connectivity/samba/samba_4.6.7.bb > +++ b/meta-networking/recipes-connectivity/samba/samba_4.6.7.bb > @@ -34,7 +34,7 @@ inherit systemd waf-samba cpan-base perlnative update- > rc.d > # remove default added RDEPENDS on perl > RDEPENDS_${PN}_remove = "perl" > > -DEPENDS += "readline virtual/libiconv zlib popt libtalloc libtdb libtevent libldb > krb5 libbsd libaio libpam" > +DEPENDS += "readline virtual/libiconv zlib popt libtalloc libtdb libtevent libldb > libbsd libaio libpam" > DEPENDS_append_libc-musl = " libtirpc" > CFLAGS_append_libc-musl = " -I${STAGING_INCDIR}/tirpc" > LDFLAGS_append_libc-musl = " -ltirpc" > @@ -45,12 +45,18 @@ LSB_linuxstdbase = "lsb" > INITSCRIPT_NAME = "samba" > INITSCRIPT_PARAMS = "start 20 3 5 . stop 20 0 1 6 ." > > -SYSTEMD_PACKAGES = "${PN}-base winbind" > +SYSTEMD_PACKAGES = "${PN}-base ${PN}-ad-dc winbind" > SYSTEMD_SERVICE_${PN}-base = "nmb.service smb.service" > +SYSTEMD_SERVICE_${PN}-ad-dc = "samba.service" > SYSTEMD_SERVICE_winbind = "winbind.service" > > +# There are prerequisite settings to enable ad-dc, so disable the service by > default. > +# Reference: > +# > https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_ > Domain_Controller > +SYSTEMD_AUTO_ENABLE_${PN}-ad-dc = "disable" > + > PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd > zeroconf', d)} \ > - acl cups ldap \ > + acl ad-dc cups gnutls ldap \ > " > > RDEPENDS_${PN}-base += "${LSB}" > @@ -68,6 +74,15 @@ PACKAGECONFIG[valgrind] = ",--without- > valgrind,valgrind," > PACKAGECONFIG[lttng] = "--with-lttng, --without-lttng,lttng-ust" > PACKAGECONFIG[archive] = "--with-libarchive, --without-libarchive, libarchive" > > +# Building the AD (Active Directory) DC (Domain Controller) requires GnuTLS, > +# And ad-dc doesn't work with mitkrb5 for versions prior to 4.7.0 according to: > +# http://samba.2283325.n4.nabble.com/samba-4-6-6-Unknown-dependency- > kdc-in-service-kdc-objlist-td4722096.html > +# So the working combination is: > +# 1) ad-dc: enable, gnutls: enable, mitkrb5: disable > +# 2) ad-dc: disable, gnutls: enable/disable, mitkrb5: enable > +PACKAGECONFIG[ad-dc] = ",--without-ad-dc,," > +PACKAGECONFIG[gnutls] = "--enable-gnutls,--disable-gnutls,gnutls," > +PACKAGECONFIG[mitkrb5] = "--with-system-mitkrb5,,krb5," > > > SAMBA4_IDMAP_MODULES="idmap_ad,idmap_rid,idmap_adex,idmap_hash,id > map_tdb2" > > SAMBA4_PDB_MODULES="pdb_tdbsam,${@bb.utils.contains('PACKAGECONFIG', > 'ldap', 'pdb_ldap,', '', d)}pdb_ads,pdb_smbpasswd,pdb_wbc_sam,pdb_samba4" > @@ -82,12 +97,9 @@ EXTRA_OECONF += "--enable-fhs \ > --with-modulesdir=${libdir}/samba \ > --with-lockdir=${localstatedir}/lib/samba \ > --with-cachedir=${localstatedir}/lib/samba \ > - --disable-gnutls \ > --disable-rpath-install \ > --with-shared-modules=${SAMBA4_MODULES} \ > --bundled-libraries=${SAMBA4_LIBS} \ > - --with-system-mitkrb5 \ > - --without-ad-dc \ > ${@base_conditional('TARGET_ARCH', 'x86_64', '', '--disable-glusterfs', > d)} \ > --with-cluster-support \ > --with-profiling-data \ > @@ -113,6 +125,10 @@ do_install_append() { > -e 's,/etc/sysconfig/samba,${sysconfdir}/default/samba,' \ > -i ${D}${systemd_system_unitdir}/*.service > > + if [ "${@bb.utils.contains('PACKAGECONFIG', 'ad-dc', 'yes', 'no', d)}" = "no" ]; > then > + rm -f ${D}${systemd_system_unitdir}/samba.service > + fi > + > install -d ${D}${sysconfdir}/tmpfiles.d > install -m644 packaging/systemd/samba.conf.tmp > ${D}${sysconfdir}/tmpfiles.d/samba.conf > echo "d ${localstatedir}/log/samba 0755 root root -" \ > @@ -161,7 +177,7 @@ do_install_append() { > PACKAGES =+ "${PN}-python ${PN}-pidl \ > ${PN}-dsdb-modules ${PN}-testsuite registry-tools \ > winbind \ > - ${PN}-common ${PN}-base ${PN}-ctdb-tests \ > + ${PN}-common ${PN}-base ${PN}-ad-dc ${PN}-ctdb-tests \ > smbclient" > > python samba_populate_packages() { > @@ -196,9 +212,12 @@ FILES_${PN}-base = "${sbindir}/nmbd \ > ${localstatedir}/nmbd \ > ${localstatedir}/spool/samba \ > ${systemd_system_unitdir}/nmb.service \ > - ${systemd_system_unitdir}/samba.service \ > ${systemd_system_unitdir}/smb.service" > > +FILES_${PN}-ad-dc = "${sbindir}/samba \ > + ${systemd_system_unitdir}/samba.service \ > + " > + > FILES_${PN}-ctdb-tests = "${bindir}/ctdb_run_tests \ > ${bindir}/ctdb_run_cluster_tests \ > ${sysconfdir}/ctdb/nodes \ > -- > 2.11.0 > > -- > _______________________________________________ > Openembedded-devel mailing list > Openembedded-devel@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-devel ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-11-02 7:19 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2017-10-24 8:22 [meta-networking][PATCH 0/2] samba: fixes for AD DC service jackie.huang 2017-10-24 8:22 ` [meta-networking][PATCH 1/2] samba: add missing RDEPENDS jackie.huang 2017-10-24 8:22 ` [meta-networking][PATCH 2/2] samba: fix for AD DC service jackie.huang 2017-11-02 7:19 ` Huang, Jie (Jackie)
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.