diff options
| author |   Tiziano Müller <dev-zero@gentoo.org> | 2008-05-29 06:37:20 +0000 |
|---|---|---|
| committer | Tiziano Müller <dev-zero@gentoo.org> | 2008-05-29 06:37:20 +0000 |
| commit | c3a9a0e995361cb81b7cc97d8f5d46604b5c9d58 (patch) | |
| tree | 3b947b031c26a1755ee2576ab817bb7165f01045 /net-fs | |
| parent | Removing Lars Weiler (Pylon) from metadata.xml (as per #215644). (diff) | |
| download | historical-c3a9a0e995361cb81b7cc97d8f5d46604b5c9d58.tar.gz historical-c3a9a0e995361cb81b7cc97d8f5d46604b5c9d58.tar.bz2 historical-c3a9a0e995361cb81b7cc97d8f5d46604b5c9d58.zip | |
Revision bump for security bug #222299
Package-Manager: portage-2.1.5_rc7
RepoMan-Options: --force
Diffstat (limited to 'net-fs')
| -rw-r--r-- | net-fs/samba/ChangeLog | 8 | ||||
| -rw-r--r-- | net-fs/samba/Manifest | 4 | ||||
| -rw-r--r-- | net-fs/samba/files/3.0.28a-CVE-2008-1105.patch | 168 | ||||
| -rw-r--r-- | net-fs/samba/samba-3.0.28a-r1.ebuild | 322 |
4 files changed, 500 insertions, 2 deletions
diff --git a/net-fs/samba/ChangeLog b/net-fs/samba/ChangeLog index b597b3039a7d..c4a9c09939d6 100644 --- a/net-fs/samba/ChangeLog +++ b/net-fs/samba/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-fs/samba # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/ChangeLog,v 1.333 2008/05/17 12:33:00 dev-zero Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/ChangeLog,v 1.334 2008/05/29 06:37:19 dev-zero Exp $ + +*samba-3.0.28a-r1 (29 May 2008) + + 29 May 2008; Tiziano Müller <dev-zero@gentoo.org> + +files/3.0.28a-CVE-2008-1105.patch, +samba-3.0.28a-r1.ebuild: + Revision bump for security bug #222299 17 May 2008; Tiziano Müller <dev-zero@gentoo.org> +files/3.0.28a-wrong_python_ldflags.patch, samba-3.0.28a.ebuild: diff --git a/net-fs/samba/Manifest b/net-fs/samba/Manifest index 34c6c0c54e01..718fe9f8d9a1 100644 --- a/net-fs/samba/Manifest +++ b/net-fs/samba/Manifest @@ -5,6 +5,7 @@ AUX 3.0.28-autoconf-2.62-fix.patch 524 RMD160 843a8adb134376259485fba22deceeebf4 AUX 3.0.28-fix_broken_readdir_detection.patch 430 RMD160 f881e5a61ee2de714b9409a5a4f4c87d7a9a6dc0 SHA1 092b1ed0abce1eaf90aece7f637e72c3d4a902ff SHA256 7756d512df664d6f55851566d050797a6fc33f13ded4b1df5e2484a578ffd3f4 AUX 3.0.28-inotify_include.patch 1675 RMD160 056cde16ad2b1e2e84a184b8c07002bd25a832b2 SHA1 ab989d0d4f102ed574f34af9292f5109368e749b SHA256 bcc4e5f4853d40ad66246c540ff3a7f2299185e5729aaaffa06230de9fbc3c14 AUX 3.0.28-libcap_detection.patch 1676 RMD160 72cb751432db3911aedb32cf21a822bf9fceb278 SHA1 0348cc988150169b42a420a52fbf418aaf90e9e6 SHA256 73540a245115288f43dfd6abe6983a015886c93a14d906f38d59732e390cd070 +AUX 3.0.28a-CVE-2008-1105.patch 5774 RMD160 09a38e2a0e72e25f575789a3ded62fe00217dbc9 SHA1 9f7491b6ae88941881243445e35087b9bc811b5b SHA256 fba679976538265312d2545944e78b20442774d3ff54509d015a11867c15c0ff AUX 3.0.28a-wrong_python_ldflags.patch 996 RMD160 9514ef1b21129a950388ccabf797243dc92b390c SHA1 432366d841bbd2ec97c7a529c0c48d352aace356 SHA256 6f75e2e797d4a7a9f8758c5b3066cc1af86d392457d6f9ae8804427d74be4696 AUX README.gentoo 3208 RMD160 858aee78e07bdc0ebee7bc6c2212d4c528325633 SHA1 819ae809566e967cdc03024adae4443c5833dfc5 SHA256 9e87efa3fcea73becdfad4adb0fe677e1969c2951f03c47d1b0f4aeb00999578 AUX config-3.2/lmhosts 134 RMD160 7c99b13a2f273ee190c7df9392b1678b00ec461a SHA1 d63d8d846c3cecfc706d28d916ea323f2eae4ef1 SHA256 b891ca7448db3fadefd9f5ddaeb28ea19bad63c3ee21ea8f74cdc2dfecd6ab6b @@ -34,7 +35,8 @@ DIST samba-3.0.28a.tar.gz 18172643 RMD160 646680c49fd56d98430d325884a5911d406e13 DIST samba-3.2.0pre2.tar.gz 16593448 RMD160 8e233f98623b7a31a7c745d69a108997e803c7f5 SHA1 4b656ae17ebfb5ce1ecdc7124673eb7da19f515c SHA256 bb71293c8587b2def6c35553c8f062252f18f4a5f0e871dcbed8f747c90a4e69 EBUILD samba-3.0.27.ebuild 8773 RMD160 a3a889c643267c254309f36d2bd08447186bb6b5 SHA1 aa91fab445d3e3f94c4cbbd35cddf0df84f0c956 SHA256 e3d330432891f3f3b6ef441587f283e3c72b6364207e7eaea0d1346b1e72fb2b EBUILD samba-3.0.28.ebuild 9283 RMD160 7b7b2c477fb2abcafd32067575c33eb712a92140 SHA1 afb536f0dcafcdd411ed0ac51d7f852c6925ed1b SHA256 857d28fc7d3dfdf424b23ad5d03cd34030051a95932ca6797ed41b504bc358ec +EBUILD samba-3.0.28a-r1.ebuild 9387 RMD160 e74f82ef98524e0fc935e6abbc02b0b4e9304775 SHA1 17b68f30718abceb43a83718a6b426b55c6bf988 SHA256 0097998f73761bc3df0b510419ca39bfdaf12a907595f33492388f0acd904287 EBUILD samba-3.0.28a.ebuild 9347 RMD160 17a39d9fc440f1a3aaca46d8eca6f166a4e71c99 SHA1 83c849b4c33007f6a147dd1919227be7fa8e8f3a SHA256 a9868f2d6fbab25f31460f29e9abe541ff3d5e58e7bc542a9c688c1c170439f5 EBUILD samba-3.2.0_pre2.ebuild 8681 RMD160 146b3c435100eccec6b7bdcef510b0847f7b317f SHA1 af627d61a536c2055fb693b8ae5334f0721172d6 SHA256 d4f80695aaf4b3ba7f5e505f1b422efcb5c6fdc859aa9296c69060aaccc0fc44 -MISC ChangeLog 57142 RMD160 f4481aaabd69db9e799f541b0296e85fd17fb2c4 SHA1 9c4d91ebc46941157b13a474fea360d0f9bbf84b SHA256 47e4df71b97b327f8b31f5959a803b525dc692cec2a6c5da03f33e455f885367 +MISC ChangeLog 57334 RMD160 b435a39bd3c1e4bea8ede60f54b4761eb882957b SHA1 300893bc026371afdda4ee71c4ed36b20a6ac553 SHA256 125d256723ca3f03839227512577deb488e494d5acc0b314d20b88b42ee62e81 MISC metadata.xml 489 RMD160 36eed0edca609c521314ae415efd57ca9acfecb4 SHA1 317e61704a10a3bd888d32c6834721f5d40d00ff SHA256 6f35f13dd39bb51d304fd59b5352c92bc35a957c9c9412c5c1f3f58e98519792 diff --git a/net-fs/samba/files/3.0.28a-CVE-2008-1105.patch b/net-fs/samba/files/3.0.28a-CVE-2008-1105.patch new file mode 100644 index 000000000000..20712d844fa8 --- /dev/null +++ b/net-fs/samba/files/3.0.28a-CVE-2008-1105.patch @@ -0,0 +1,168 @@ +diff --git a/source/client/client.c b/source/client/client.c +index 3f96f63..e87623a 100644 +--- a/source/client/client.c ++++ b/source/client/client.c +@@ -3626,7 +3626,7 @@ static void readline_callback(void) + session keepalives and then drop them here. + */ + if (FD_ISSET(cli->fd,&fds)) { +- if (!receive_smb(cli->fd,cli->inbuf,0)) { ++ if (!receive_smb(cli->fd,cli->inbuf,cli->bufsize,0)) { + DEBUG(0, ("Read from server failed, maybe it closed the " + "connection\n")); + return; +diff --git a/source/client/smbctool.c b/source/client/smbctool.c +index 2063418..a18505b 100644 +--- a/source/client/smbctool.c ++++ b/source/client/smbctool.c +@@ -3304,7 +3304,7 @@ static void readline_callback(void) + session keepalives and then drop them here. + */ + if (FD_ISSET(cli->fd,&fds)) { +- receive_smb(cli->fd,cli->inbuf,0); ++ receive_smb(cli->fd,cli->inbuf,cli->bufsize,0); + goto again; + } + +diff --git a/source/lib/util_sock.c b/source/lib/util_sock.c +index 94c5e82..4715ca7 100644 +--- a/source/lib/util_sock.c ++++ b/source/lib/util_sock.c +@@ -654,14 +654,13 @@ ssize_t read_smb_length(int fd, char *inbuf, unsigned int timeout) + } + + /**************************************************************************** +- Read an smb from a fd. Note that the buffer *MUST* be of size +- BUFFER_SIZE+SAFETY_MARGIN. ++ Read an smb from a fd. + The timeout is in milliseconds. + This function will return on receipt of a session keepalive packet. + Doesn't check the MAC on signed packets. + ****************************************************************************/ + +-BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout) ++BOOL receive_smb_raw(int fd, char *buffer, size_t buflen, unsigned int timeout) + { + ssize_t len,ret; + +@@ -682,25 +681,18 @@ BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout) + return False; + } + +- /* +- * A WRITEX with CAP_LARGE_WRITEX can be 64k worth of data plus 65 bytes +- * of header. Don't print the error if this fits.... JRA. +- */ +- +- if (len > (BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE)) { ++ if (len > buflen) { + DEBUG(0,("Invalid packet length! (%lu bytes).\n",(unsigned long)len)); +- if (len > BUFFER_SIZE + (SAFETY_MARGIN/2)) { + +- /* +- * Correct fix. smb_read_error may have already been +- * set. Only set it here if not already set. Global +- * variables still suck :-). JRA. +- */ ++ /* ++ * smb_read_error may have already been ++ * set. Only set it here if not already set. Global ++ * variables still suck :-). JRA. ++ */ + +- if (smb_read_error == 0) +- smb_read_error = READ_ERROR; +- return False; +- } ++ if (smb_read_error == 0) ++ smb_read_error = READ_ERROR; ++ return False; + } + + if(len > 0) { +@@ -730,9 +722,9 @@ BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout) + Checks the MAC on signed packets. + ****************************************************************************/ + +-BOOL receive_smb(int fd, char *buffer, unsigned int timeout) ++BOOL receive_smb(int fd, char *buffer, size_t buflen, unsigned int timeout) + { +- if (!receive_smb_raw(fd, buffer, timeout)) { ++ if (!receive_smb_raw(fd, buffer, buflen, timeout)) { + return False; + } + +diff --git a/source/libsmb/clientgen.c b/source/libsmb/clientgen.c +index c6cef08..7d7ab9e 100644 +--- a/source/libsmb/clientgen.c ++++ b/source/libsmb/clientgen.c +@@ -44,8 +44,7 @@ int cli_set_port(struct cli_state *cli, int port) + } + + /**************************************************************************** +- Read an smb from a fd ignoring all keepalive packets. Note that the buffer +- *MUST* be of size BUFFER_SIZE+SAFETY_MARGIN. ++ Read an smb from a fd ignoring all keepalive packets. + The timeout is in milliseconds + + This is exactly the same as receive_smb except that it never returns +@@ -54,12 +53,12 @@ int cli_set_port(struct cli_state *cli, int port) + should never go into a blocking read. + ****************************************************************************/ + +-static BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout) ++static BOOL client_receive_smb(int fd,char *buffer, size_t bufsize, unsigned int timeout) + { + BOOL ret; + + for(;;) { +- ret = receive_smb_raw(fd, buffer, timeout); ++ ret = receive_smb_raw(fd, buffer, bufsize, timeout); + + if (!ret) { + DEBUG(10,("client_receive_smb failed\n")); +@@ -88,7 +87,7 @@ BOOL cli_receive_smb(struct cli_state *cli) + return False; + + again: +- ret = client_receive_smb(cli->fd,cli->inbuf,cli->timeout); ++ ret = client_receive_smb(cli->fd,cli->inbuf, cli->bufsize, cli->timeout); + + if (ret) { + /* it might be an oplock break request */ +diff --git a/source/smbd/process.c b/source/smbd/process.c +index 8dec719..3d31c29 100644 +--- a/source/smbd/process.c ++++ b/source/smbd/process.c +@@ -521,7 +521,8 @@ static BOOL receive_message_or_smb(char *buffer, int buffer_len, int timeout) + goto again; + } + +- return receive_smb(smbd_server_fd(), buffer, 0); ++ return receive_smb(smbd_server_fd(), buffer, ++ BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE, 0); + } + + /* +diff --git a/source/utils/smbfilter.c b/source/utils/smbfilter.c +index 97d2223..2152e53 100644 +--- a/source/utils/smbfilter.c ++++ b/source/utils/smbfilter.c +@@ -140,7 +140,7 @@ static void filter_child(int c, struct in_addr dest_ip) + if (num <= 0) continue; + + if (c != -1 && FD_ISSET(c, &fds)) { +- if (!receive_smb(c, packet, 0)) { ++ if (!receive_smb(c, packet, BUFFER_SIZE, 0)) { + d_printf("client closed connection\n"); + exit(0); + } +@@ -151,7 +151,7 @@ static void filter_child(int c, struct in_addr dest_ip) + } + } + if (s != -1 && FD_ISSET(s, &fds)) { +- if (!receive_smb(s, packet, 0)) { ++ if (!receive_smb(s, packet, BUFFER_SIZE, 0)) { + d_printf("server closed connection\n"); + exit(0); + } diff --git a/net-fs/samba/samba-3.0.28a-r1.ebuild b/net-fs/samba/samba-3.0.28a-r1.ebuild new file mode 100644 index 000000000000..b549eafffd83 --- /dev/null +++ b/net-fs/samba/samba-3.0.28a-r1.ebuild @@ -0,0 +1,322 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/samba-3.0.28a-r1.ebuild,v 1.1 2008/05/29 06:37:19 dev-zero Exp $ + +inherit autotools eutils pam python multilib versionator confutils + +MY_P=${PN}-${PV/_/} + +DESCRIPTION="A suite of SMB and CIFS client/server programs for UNIX" +HOMEPAGE="http://www.samba.org/" +SRC_URI="mirror://samba/${MY_P}.tar.gz + mirror://samba/old-versions/${MY_P}.tar.gz" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 ~arm hppa ~ia64 ~mips ppc ppc64 ~s390 ~sh sparc ~sparc-fbsd x86 ~x86-fbsd" +IUSE_LINGUAS="linguas_ja linguas_pl" +IUSE="${IUSE_LINGUAS} acl ads async automount caps cups doc examples ipv6 kernel_linux ldap fam + pam python quotas readline selinux swat syslog winbind" + +RDEPEND="dev-libs/popt + virtual/libiconv + acl? ( kernel_linux? ( sys-apps/acl ) ) + cups? ( net-print/cups ) + ipv6? ( sys-apps/xinetd ) + ads? ( virtual/krb5 ) + ldap? ( net-nds/openldap ) + pam? ( virtual/pam ) + python? ( dev-lang/python ) + readline? ( sys-libs/readline ) + selinux? ( sec-policy/selinux-samba ) + swat? ( sys-apps/xinetd ) + syslog? ( virtual/logger ) + fam? ( virtual/fam ) + caps? ( sys-libs/libcap )" +DEPEND="${RDEPEND}" + +# Tests are broken now :-( +RESTRICT="test" + +S=${WORKDIR}/${MY_P} +CONFDIR=${FILESDIR}/config +PRIVATE_DST=/var/lib/samba/private + +pkg_setup() { + confutils_use_depend_all ads ldap +} + +src_unpack() { + unpack ${A} + cd "${S}/source" + + # lazyldflags.patch: adds "-Wl,-z,now" to smb{mnt,umount} + # invalid-free-fix.patch: Bug #196015 (upstream: #5021) + + epatch \ + "${FILESDIR}/3.0.26a-lazyldflags.patch" \ + "${FILESDIR}/3.0.26a-invalid-free-fix.patch" \ + "${FILESDIR}/3.0.28-libcap_detection.patch" \ + "${FILESDIR}/3.0.28-fix_broken_readdir_detection.patch" \ + "${FILESDIR}/3.0.28-autoconf-2.62-fix.patch" \ + "${FILESDIR}/${PV}-wrong_python_ldflags.patch" \ + "${FILESDIR}/${PV}-CVE-2008-1105.patch" + + eautoconf -I. -Ilib/replace + + # Ok, agreed, this is ugly. But it avoids a patch we + # need for every samba version and we don't need autotools + sed -i \ + -e 's|"lib32" ||' \ + -e 's|if test -d "$i/$l" ;|if test -d "$i/$l" -o -L "$i/$l";|' \ + configure || die "sed failed" + + rm "${S}/docs/manpages"/{mount,umount}.cifs.8 + +} + +src_compile() { + cd "${S}/source" + + local myconf + local mylangs + local mymod_shared + + python_version + myconf="--with-python=no" + use python && myconf="--with-python=${python}" + + mylangs="--with-manpages-langs=en" + use linguas_ja && mylangs="${mylangs},ja" + use linguas_pl && mylangs="${mylangs},pl" + + use winbind && mymod_shared="--with-shared-modules=idmap_rid" + if use ldap ; then + myconf="${myconf} $(use_with ads)" + use winbind && mymod_shared="${mymod_shared},idmap_ad" + fi + + [[ ${CHOST} == *-*bsd* ]] && myconf="${myconf} --disable-pie" + use hppa && myconf="${myconf} --disable-pie" + + use caps && export ac_cv_header_sys_capability_h=yes || export ac_cv_header_sys_capability_h=no + + # Otherwise we get the whole swat stuff installed + if ! use swat ; then + sed -i \ + -e 's/^\(install:.*\)installswat \(.*\)/\1\2/' \ + Makefile.in || die "sed failed" + fi + + econf \ + --with-fhs \ + --sysconfdir=/etc/samba \ + --localstatedir=/var \ + --with-configdir=/etc/samba \ + --with-libdir=/usr/$(get_libdir)/samba \ + --with-pammodulesdir=$(getpam_mod_dir) \ + --with-swatdir=/usr/share/doc/${PF}/swat \ + --with-piddir=/var/run/samba \ + --with-lockdir=/var/cache/samba \ + --with-logfilebase=/var/log/samba \ + --with-privatedir=${PRIVATE_DST} \ + --with-libsmbclient \ + --without-spinlocks \ + --enable-socket-wrapper \ + --with-cifsmount=no \ + $(use_with acl acl-support) \ + $(use_with async aio-support) \ + $(use_with automount) \ + $(use_enable cups) \ + $(use_enable fam) \ + $(use_with ads krb5) \ + $(use_with ldap) \ + $(use_with pam) $(use_with pam pam_smbpass) \ + $(use_with quotas) $(use_with quotas sys-quotas) \ + $(use_with readline) \ + $(use_with kernel_linux smbmount) \ + $(use_with syslog) \ + $(use_with winbind) \ + ${myconf} ${mylangs} ${mymod_shared} || die "econf failed" + + emake proto || die "emake proto failed" + emake everything || die "emake everything failed" + + if use python ; then + emake python_ext || die "emake python_ext failed" + fi +} + +src_test() { + cd "${S}/source" + emake test || die "tests failed" +} + +src_install() { + cd "${S}/source" + + emake DESTDIR="${D}" install-everything || die "emake install-everything failed" + + # Extra rpctorture progs + local extra_bins="rpctorture" + for i in ${extra_bins} ; do + [[ -x "${S}/bin/${i}" ]] && dobin "${S}/bin/${i}" + done + + # remove .old stuff from /usr/bin: + rm -f "${D}"/usr/bin/*.old + + # Removing executable bits from header-files + fperms 644 /usr/include/lib{msrpc,smbclient}.h + + # Nsswitch extensions. Make link for wins and winbind resolvers + if use winbind ; then + dolib.so nsswitch/libnss_wins.so + dosym libnss_wins.so /usr/$(get_libdir)/libnss_wins.so.2 + dolib.so nsswitch/libnss_winbind.so + dosym libnss_winbind.so /usr/$(get_libdir)/libnss_winbind.so.2 + fi + + if use kernel_linux ; then + # Warning: this can byte you if /usr is + # on a separate volume and you have to mount + # a smb volume before the local mount + dosym ../usr/bin/smbmount /sbin/mount.smbfs + fperms 4755 /usr/bin/smbmnt + fperms 4755 /usr/bin/smbumount + fi + + # bug #46389: samba doesn't create symlink anymore + # beaviour seems to be changed in 3.0.6, see bug #61046 + dosym samba/libsmbclient.so /usr/$(get_libdir)/libsmbclient.so.0 + dosym samba/libsmbclient.so /usr/$(get_libdir)/libsmbclient.so + + # make the smb backend symlink for cups printing support (bug #133133) + if use cups ; then + dodir $(cups-config --serverbin)/backend + dosym /usr/bin/smbspool $(cups-config --serverbin)/backend/smb + fi + + if use python ; then + emake DESTDIR="${D}" python_install || die "emake installpython failed" + # We're doing that manually + find "${D}/usr/$(get_libdir)/python${PYVER}/site-packages" -iname "*.pyc" -delete + fi + + cd "${S}/source" + + # General config files + insinto /etc/samba + doins "${CONFDIR}"/{smbusers,lmhosts} + newins "${CONFDIR}/smb.conf.example-samba3" smb.conf.example + + newpamd "${CONFDIR}/samba.pam" samba + use winbind && dopamd "${CONFDIR}/system-auth-winbind" + if use swat ; then + insinto /etc/xinetd.d + newins "${CONFDIR}/swat.xinetd" swat + else + rm -f "${D}/usr/sbin/swat" + rm -f "${D}/usr/share/man/man8/swat.8" + fi + + newinitd "${FILESDIR}/samba-init" samba + newconfd "${FILESDIR}/samba-conf" samba + + if use ldap ; then + insinto /etc/openldap/schema + doins "${S}/examples/LDAP/samba.schema" + fi + + if use ipv6 ; then + insinto /etc/xinetd.d + newins "${FILESDIR}/samba-xinetd" smb + fi + + # dirs + diropts -m0700 ; keepdir "${PRIVATE_DST}" + diropts -m1777 ; keepdir /var/spool/samba + + diropts -m0755 + keepdir /var/{log,run,cache}/samba + keepdir /var/lib/samba/{netlogon,profiles} + keepdir /var/lib/samba/printers/{W32X86,WIN40,W32ALPHA,W32MIPS,W32PPC,X64,IA64,COLOR} + keepdir /usr/$(get_libdir)/samba/{rpc,idmap,auth} + + # docs + dodoc "${FILESDIR}/README.gentoo" + dodoc "${S}"/{MAINTAINERS,README,Roadmap,WHATSNEW.txt} + dodoc "${CONFDIR}/nsswitch.conf-wins" + use winbind && dodoc "${CONFDIR}/nsswitch.conf-winbind" + + if use examples ; then + insinto /usr/share/doc/${PF} + doins -r "${S}/examples/" + find "${D}/usr/share/doc/${PF}" -type d -print0 | xargs -0 chmod 755 + find "${D}/usr/share/doc/${PF}/examples" ! -type d -print0 | xargs -0 chmod 644 + if use python ; then + insinto /usr/share/doc/${PF}/python + doins -r "${S}/source/python/examples" + fi + fi + + if ! use doc ; then + if ! use swat ; then + rm -rf "${D}/usr/share/doc/${PF}/swat" + else + rm -rf "${D}/usr/share/doc/${PF}/swat/help"/{guide,howto,devel} + rm -rf "${D}/usr/share/doc/${PF}/swat/using_samba" + fi + fi + +} + +pkg_preinst() { + local PRIVATE_SRC=/etc/samba/private + if [[ ! -r "${ROOT}/${PRIVATE_DST}/secrets.tdb" \ + && -r "${ROOT}/${PRIVATE_SRC}/secrets.tdb" ]] ; then + ebegin "Copying ${ROOT}/${PRIVATE_SRC}/* to ${ROOT}/${PRIVATE_DST}/" + mkdir -p "${D}/${PRIVATE_DST}" + cp -pPRf "${ROOT}/${PRIVATE_SRC}"/* "${D}/${PRIVATE_DST}/" + eend $? + fi + + if [[ ! -f "${ROOT}/etc/samba/smb.conf" ]] ; then + touch "${D}/etc/samba/smb.conf" + fi +} + +pkg_postinst() { + if use python ; then + python_version + python_mod_optimize /usr/$(get_libdir)/python${PYVER}/site-packages/samba + fi + + if use swat ; then + einfo "swat must be enabled by xinetd:" + einfo " change the /etc/xinetd.d/swat configuration" + fi + + if use ipv6 ; then + einfo "ipv6 support must be enabled by xinetd:" + einfo " change the /etc/xinetd.d/smb configuration" + fi + + elog "It is possible to start/stop daemons separately:" + elog " Create a symlink from /etc/init.d/samba.{smbd,nmbd,winbind} to" + elog " /etc/init.d/samba. Calling /etc/init.d/samba directly will start" + elog " the daemons configured in /etc/conf.d/samba" + + elog "The mount/umount.cifs helper applications are not included anymore." + elog "Please install net-fs/mount-cifs instead." + + ewarn "If you're upgrading from 3.0.24 or earlier, please make sure to" + ewarn "restart your clients to clear any cached information about the server." + ewarn "Otherwise they might not be able to connect to the volumes." +} + +pkg_postrm() { + if use python ; then + python_version + python_mod_cleanup /usr/$(get_libdir)/python${PYVER}/site-packages/samba + fi +} |