summaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-connectivity/samba
Commit message (Collapse)AuthorAgeFilesLines
* samba: update to 4.8.11Johannes Pointner2019-05-232-90/+3
| | | | | | | | | | | | | | | | | | | | | * This includes security fixes that adresses the following defects: CVE-2018-14629 (Unprivileged adding of CNAME record causing loop in AD Internal DNS server) CVE-2018-16841 (Double-free in Samba AD DC KDC with PKINIT) CVE-2018-16851 (NULL pointer de-reference in Samba AD DC LDAP server) CVE-2018-16853 (Samba AD DC S4U2Self crash in experimental MIT Kerberos configuration (unsupported)) CVE-2019-3880 (Save registry file outside share as unprivileged user) * Upstreamed patch removed: 0001-ldb-Refuse-to-build-Samba-against-a-newer-minor-vers.patch * Extended PACKAGECONFIG ad-dc to be able to build MIT Kerberos see https://bugzilla.samba.org/show_bug.cgi?id=13678 Signed-off-by: Johannes Pointner <johannes.pointner@br-automation.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* samba: rework localstatedir package splitAndreas Müller2019-04-271-4/+4
| | | | | | | | | | | | Now that we can install smbclient without samba package e.g for gvfs there are complains: | gvsd: mkdir failed on directory /var/lib/samba: Permission denied and browsing Windows network does not work anymore Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: install bundled libs into seperate packagesAndreas Müller2019-04-271-0/+10
| | | | | | | | | | | | Otherwise bundled libraries find their way into samba -> that causes several packages to rdepend on samba package -> samba package rdepends on samba-base (and others) installing daemons smbd & nmbd autostarted by default. This is unwanted / not necessary: * NetBIOS (nmbd) can cause a security problems * slow boot: times reported by systemd-analyse reduced from ~16s -> ~8s Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* meta-networking: remove True option to getVar calls (again)André Draszik2019-01-131-3/+3
| | | | | | | | | | | | | | A couple have still been missed in the past despite multiple attempts at doing so (or simply have re-appeared?). Search & replace made using the following command: sed -e 's|\(d\.getVar \?\)( \?\([^,()]*\), \?True)|\1(\2)|g' \ -i $(git grep -E 'getVar ?\( ?([^,()]*), ?True\)' \ | cut -d':' -f1 \ | sort -u) Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: fix build on qemumips64 with muslAndrea Adami2018-12-122-0/+52
| | | | | | | | | | | | | There is the same issue as for libldb, the header has conflicting defs for unitptr_t. Fix it as done for the other recipe. Fix /cmocka/cmocka.h:126:28: error: conflicting types for 'uintptr_t' typedef unsigned int uintptr_t; ^~~~~~~~~ Signed-off-by: Andrea Adami <andrea.adami@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: upgrade 4.8.3 -> 4.8.4Yi Zhao2018-08-211-2/+2
| | | | | | | | | | | | | Security fixes: CVE-2018-1139 (Weak authentication protocol allowed.) CVE-2018-1140 (Denial of Service Attack on DNS and LDAP server.) CVE-2018-10858 (Insufficient input validation on client directory listing in libsmbclient.) CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.) CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP server.) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: Update to 4.8.3Khem Raj2018-07-308-99/+400
| | | | | | LDB 1.4.0 breaks Samba < 4.9 therefore use internal version Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: Delete remain of LSB.leimaohui2018-07-211-4/+0
| | | | | Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: upgrade 4.7.6 -> 4.7.8Yi Zhao2018-07-031-2/+4
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: add dynamic packages regexp for auth and pdb modulesRémi Rérolle2018-06-141-0/+1
| | | | | | | | | | Since those modules are dynamically split into sub-packages, they need a regexp added to PACKAGES_DYNAMIC in order for the samba recipe to RPROVIDE those packages. Without that, those packages are only known as RRECOMMENDS for samba-base, which can be an issue when building an image with NO_RECOMMENDATIONS = "1". Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Fixed an install error in Samba with LSB distrosPablo Saavedra2018-05-311-13/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | An error in the Samba installation occurs with distros LSB: install: cannot stat 'packaging/LSB/samba.sh': No such file or directory exit 1 from 'install -m 0755 packaging/LSB/samba.sh LSB packaging directory was removed in Samba 4.7: commit 0a23cde8efea06f81c6d34227b71dab627cc87b9 Author: Andreas Schneider <asn@samba.org> Date: Tue May 9 15:48:09 2017 +0200 packaging: Remove LSB packaging This hasn't been touched since 2001. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: David Disseldorp <ddiss@samba.org> This patch removes the conditional 'if' and uses always compatible sysv script. Signed-off-by: Pablo Saavedra <psaavedra@igalia.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: refresh patchesAndreas Müller2018-04-133-32/+48
| | | | | | For 16-do-not-check-xsltproc-manpages.patch devtool created a heavy monster Signed-off-by: Armin Kuster <akuster808@gmail.com>
* samba: update to 4.7.6Johannes Pointner2018-04-091-2/+2
| | | | | | | | | | | | This includes security fixes that adresses the following defects: CVE-2018-1050 (Denial of Service Attack on external print server.) CVE-2018-1057 (Authenticated users can change other users' password.) * Detail release note: - https://www.samba.org/samba/history/samba-4.7.6.html Signed-off-by: Johannes Pointner <johannes.pointner@br-automation.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: update to 4.7.5Johannes Pointner2018-04-061-5/+2
| | | | | | | | | | | | | | This includes security fixes that adresses the following defects: CVE-2017-14746: s3: smbd: Fix SMB1 use-after-free crash bug. CVE-2017-15275: s3: smbd: Chain code can return uninitialized memory when talloc buffer is grown. * Detail release note: - https://www.samba.org/samba/history/samba-4.7.5.html Signed-off-by: Johannes Pointner <johannes.pointner@br-automation.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: Refresh musl pam patchKhem Raj2018-04-042-11/+12
| | | | | | | | | last update left the musl builds broken since the patch was not forward ported Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: Add packagegroupZheng Ruoqin2018-03-051-1/+25
| | | | | | | | Add packagegroup for samba, for there are too many rpms in samba and it's hard to manage. Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba, openwsman, pam-ssh-agent-auth, sblim-sfcb, passwdqc, python-pam, ↵Martin Jansa2018-03-051-3/+4
| | | | | | | | | | | smbnetfs: require pam in DISTRO_FEATURES * there is explicit dependency on libpam without respecting pam in DISTRO_FEATURES so add the check to prevent people building it against broken libpam Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* recipes: use oe.utils.conditional instead of deprecated base_conditionalMartin Jansa2018-02-011-1/+1
| | | | Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* samba: move to version 4.7.0Joe Slater2018-01-084-13/+117
| | | | | | | | | ad-dc code is built and krb5 is used. If booting using systemd, 'nmb' and 'smb' are started. 'samba' is not. Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* Revert "samba: add missing RDEPENDS"Armin Kuster2018-01-081-2/+1
| | | | | | | | this slipped in. it should not have been merged to master This reverts commit 9245c2a7ec30ba5df6826acd91d7a76d7f51d017. Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: add missing RDEPENDSJackie Huang2017-11-151-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | * samba-tool requires the python modules from samba-python or it fails with: Traceback (most recent call last): File "/usr/bin/samba-tool", line 33, in <module> from samba.netcmd.main import cmd_sambatool ImportError: No module named samba.netcmd.main * Provisioning with samba-tool requires samba-dsdb-modules or it fails with: Setting up secrets.ldb ldb: unable to stat module /usr/lib64/samba/ldb : No such file or directory WARNING: Module [samba_secrets] not found - do you need to set LDB_MODULES_PATH? Unable to load modules for /var/lib/samba/private/secrets.ldb: (null) ERROR(ldb): uncaught exception - None * samba-python requires pytalloc and python-tdb or it fails with: TypeError: pytalloc: unable to get talloc.BaseObject type ERROR(<type 'exceptions.ImportError'>): uncaught exception - No module named tdb Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* samba: Add HOMEPAGE info into recipe file.Huang Qiyu2017-09-221-0/+1
| | | | | Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: 4.6.5 -> 4.6.7Kai Kang2017-09-121-2/+3
| | | | | | | | Upgrade samba from 4.6.5 to 4.6.7 to fix CVE-2017-11103. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: upgrade to 4.6.5Johannes Pointner2017-06-282-111/+2
| | | | | | | | | | | | | | | This includes a security fix that adresses the following defect: CVE-2017-7494 (Remote code execution from a writable share) * Detail release note: - https://www.samba.org/samba/history/samba-4.6.5.html * Remove 00-fix-typos-in-man-pages.patch which has been fixed upstream a long time ago Signed-off-by: Johannes Pointner <johannes.pointner@br-automation.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: Fix build with muslKhem Raj2017-06-283-0/+36
| | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: Upgrade to 4.6.2Khem Raj2017-04-2512-129/+3
| | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: fix conflict between samba and sudo packagesSzombathelyi György2017-04-251-0/+1
| | | | | | | | Use the same permissions for sudoers.d as in the sudo package. Signed-off-by: Gyorgy Szombathelyi <gyurco@freemail.hu> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: update tevent_internal.hSzombathelyi György2017-03-242-0/+93
| | | | | | | | | | | | | Update the tevent_internal.h file to the same version as the current OpenEmbedded recipe version, otherwise nmbd will segfault immediately at start, and strange crashes occurs with smbd. Samba uses this internal libtevent header file, and it is crucial to match this file to the external libtevent. Signed-off-by: Gyorgy Szombathelyi <gyurco@freemail.hu> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* Make use of the new bb.utils.filter() functionPeter Kjellerstedt2017-03-071-2/+1
| | | | | Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* Revert "Samba: use built-in libtevent"Joe MacDonald2017-02-241-2/+2
| | | | | | This reverts commit cd366899ed6f0f07d643fd4e54c1ccb91540fc23. Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* Samba: use built-in libteventSzombathelyi György2017-02-221-2/+2
| | | | | | | | | | Since Samba uses libtevent-internal.h in some places, it is incompatible with external libtevent versions if they're not the same as the built-in, and just crashes. Signed-off-by: Gyorgy Szombathelyi <gyurco@freemail.hu> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* waf-samba.bbclass: fix build error with PARALLEL_MAKE="-j X -l Y"Andreas Oberritter2017-01-191-1/+0
| | | | | | | | | Waf doesn't handle -l. Use a function already provided by waf.bbclass in OE-Core. Inheriting waf.bbclass also makes overriding DISABLE_STATIC redundant, so drop it from recipes inheriting waf-samba. Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* samba: conditionalize sed call for onnodeAndreas Oberritter2017-01-191-1/+3
| | | | | | | | sed: can't read .../4.4.5-r0/image/usr/bin/onnode: No such file or directory Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* samba: simplify LSB handlingAndreas Oberritter2016-12-171-8/+5
| | | | | Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: start on boot with systemdAndreas Oberritter2016-12-171-0/+4
| | | | | Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: move /etc/sysconfig to more common /etc/default, package tmpfiles.d ↵Andreas Oberritter2016-12-171-3/+6
| | | | | | | in samba-common Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: add packages samba-dsdb-modules, samba-testsuite and registry-toolsAndreas Oberritter2016-12-171-0/+14
| | | | | | | Inspired by Debian. Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: split libraries into their own packagesAndreas Oberritter2016-12-171-104/+30
| | | | | | | | | | It's quite hard to track library dependencies manually between releases. Splitting libraries into their own packages creates some overhead but effectively uses less storage in minimal installations. Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: simplify files list for samba-pythonAndreas Oberritter2016-12-171-17/+1
| | | | | Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: install manpagesAndreas Oberritter2016-12-171-0/+9
| | | | | Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: add smbclient packageAndreas Oberritter2016-12-171-4/+15
| | | | | Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: install systemd units and initscripts unconditionallyAndreas Oberritter2016-12-161-11/+10
| | | | | | | Fixes hybrid systemd/sysvinit setups. Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: rename initscript from 'samba.sh' to more common 'samba'Andreas Oberritter2016-12-161-5/+5
| | | | | | | This gets masked automatically by samba.service if systemd is running. Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: install all systemd unit filesAndreas Oberritter2016-12-141-3/+2
| | | | | | | | This includes samba.service, which other major distributions install, too. Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: remove superflous listing of pam_smbpass.soAndreas Oberritter2016-12-141-4/+1
| | | | | | | | | EXTRA_OECONF includes --with-pammodulesdir=${base_libdir}/security when pam is enabled. Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: use systemd_system_unitdir variableAndreas Oberritter2016-12-141-8/+7
| | | | | | Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: remove unneeded conditionals for sysvinit and systemdAndreas Oberritter2016-12-141-8/+4
| | | | | | | | systemd.bbclass takes care of deleting unused startup scripts. Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: use default packaging rules for -dbg and -dev packagesAndreas Oberritter2016-12-141-30/+4
| | | | | | | | There's no need to create multiple packages. Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: Avoid timeout for nmbd if started offline with systemdAndreas Oberritter2016-12-142-0/+32
| | | | | | | | | | If no network connection appears within DefaultTimeoutStartSec (~ 90s) after startup, nmbd fails to notify systemd and will therefore get killed. Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* samba: fix the hardcoded path in init scriptJackie Huang2016-12-141-0/+1
| | | | | | | | | | | | Replace the hardcoded path with base_bindir in init script to fix the error: /etc/init.d/samba.sh: line 15: /usr/bin/ps: No such file or directory /etc/init.d/samba.sh: line 17: /usr/bin/sed: No such file or directory /etc/init.d/samba.sh: line 16: /usr/bin/grep: No such file or directory Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-09-24 18:35:25 +0000