]> git.ipfire.org Git - ipfire-2.x.git/blob - lfs/samba
projects / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
samba: import security updates from redhead
[ipfire-2.x.git] / lfs / samba
1 ###############################################################################
2 # #
3 # IPFire.org - A linux based firewall #
4 # Copyright (C) 2007-2016 IPFire Team <info@ipfire.org> #
5 # #
6 # This program is free software: you can redistribute it and/or modify #
7 # it under the terms of the GNU General Public License as published by #
8 # the Free Software Foundation, either version 3 of the License, or #
9 # (at your option) any later version. #
10 # #
11 # This program is distributed in the hope that it will be useful, #
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
14 # GNU General Public License for more details. #
15 # #
16 # You should have received a copy of the GNU General Public License #
17 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
18 # #
19 ###############################################################################
20
21 ###############################################################################
22 # Definitions
23 ###############################################################################
24
25 include Config
26
27 VER = 3.6.25
28
29 THISAPP = samba-$(VER)
30 DL_FILE = $(THISAPP).tar.gz
31 DL_FROM = $(URL_IPFIRE)
32 DIR_APP = $(DIR_SRC)/$(THISAPP)
33 TARGET = $(DIR_INFO)/$(THISAPP)
34 PROG = samba
35 PAK_VER = 68
36
37 DEPS = "cups krb5"
38
39 ###############################################################################
40 # Top-level Rules
41 ###############################################################################
42
43 objects = $(DL_FILE)
44
45 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
46
47 $(DL_FILE)_MD5 = 76da2fa64edd94a0188531e7ecb27c4e
48
49 install : $(TARGET)
50
51 check : $(patsubst %,$(DIR_CHK)/%,$(objects))
52
53 download :$(patsubst %,$(DIR_DL)/%,$(objects))
54
55 md5 : $(subst %,%_MD5,$(objects))
56
57 dist:
58 @$(PAK)
59
60 ###############################################################################
61 # Downloading, checking, md5sum
62 ###############################################################################
63
64 $(patsubst %,$(DIR_CHK)/%,$(objects)) :
65 @$(CHECK)
66
67 $(patsubst %,$(DIR_DL)/%,$(objects)) :
68 @$(LOAD)
69
70 $(subst %,%_MD5,$(objects)) :
71 @$(MD5)
72
73 ###############################################################################
74 # Installation Details
75 ###############################################################################
76
77 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
78 @$(PREBUILD)
79 @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
80
81 # Apply patches from RHEL6
82 # Upstream patches
83 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_nbt_query_with_many_components.patch
84 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_group_expansion_with_nss_templates.patch
85 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_group_expansion_in_service_path.patch
86 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_memleak_in_printer_list.patch
87 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_lookups_with_one_way_trusts.patch
88 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_setup_domain_child_logic.patch
89 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_force_user_with_security_ads.patch
90 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-add_timeout_option_to_smbclient.patch
91 # Additional Red Hat patches
92 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.2.0pre1-pipedir.patch
93 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.2.0pre1-grouppwd.patch
94 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.2.5-inotify.patch
95 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.5.11-idmapdebug.patch
96 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.5.11-docs.patch
97 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.5.11-nss_info_doc.patch
98 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.5.11-wbinfo_manpage.patch
99 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.5.12-dns.patch
100 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.5.12-pam_radio_type.patch
101 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.18-fix_net_ads_join_segfault.patch
102 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.19-valid_users_doc.patch
103 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.23-gecos.patch
104 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.23-glusterfs.patch
105 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.23-libsmbclient.patch
106 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.23-fix_libads_krb5_ipv6.patch
107 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.26-smb2_case_sensitive.patch
108 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_gecos_interactive.patch
109 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_dropbox_share.patch
110 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-add_spoolss_os_version.patch
111 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-nt_printer_publish_guid.patch
112 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_keytab_null_termination.patch
113 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_printcap_cpu_utilization.patch
114 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_smbclient_ntlmv2_auth.patch
115 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_smb_conf_doc.patch
116 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-bug-1117059.patch
117 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-bug-1192211.patch
118 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_usergroup_cache_lookup.patch
119 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_force_user_winbind_default_domain.patch
120 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_rpcclient_timeout_command.patch
121 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_force_group.patch
122 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_pam_winbind_parsing_segfault.patch
123 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_mangling_hash_segfault.patch
124 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-doc_netbios_name_length_limit.patch
125 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_map_to_guest_bad_uid.patch
126 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_security_server_share_access.patch
127 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_stale_printer_entries_on_rename.patch
128 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2015-5299-v3-6-bso11529.patch
129 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2015-5296-v3-6-bso11536.patch
130 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2015-5252-v3-6-bso11395.patch
131 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2015-5330-v3-6-bso11599.patch
132 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-net_ads_join_no_dns_updates.patch
133 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-asserted_identity_sid-S-1-18-1.patch
134 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2015-7560-v3-6.patch
135 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_symlink_verification.patch
136 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-preparation-v3-6.patch
137 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2016-2110-v3-6.patch
138 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2016-2111-v3-6.patch
139 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2016-2112-v3-6.patch
140 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2016-2115-v3-6.patch
141 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2016-2118-v3-6.patch
142 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2015-5370-v3-6.patch
143 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_winbind_cache_memory_leak.patch
144 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_memleak_winbind_cached_creds.patch
145 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-idmap_ad_memleak.patch
146 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-libsmb_fix_dfs_connections.patch
147 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-2110-ntlmssp-session-setup-nas.patch
148 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_rpc_query_user_list.patch
149 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-nt_printer_unpublish_fix.patch
150 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2016-2126-v3.6.patch
151 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2016-2125-v3.6.patch
152 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_member_auth_after_changed_secret.patch
153 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-fix_dirsort_ea-support.patch
154 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2017-7494-v3-6.patch
155 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/samba-3.6.99-winbind_fix_trusted_domain_handling.patch
156 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2017-2619.patch
157 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2017-12150-v3-6.patch
158 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2017-12163.patch
159 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2017-15275.patch
160 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/doc-update.patch
161
162 cd $(DIR_APP)/source3 && ./autogen.sh
163 cd $(DIR_APP)/source3 && ./configure \
164 --prefix=/usr \
165 --libdir=/usr/lib/ \
166 --sysconfdir=/var/ipfire \
167 --localstatedir=/var \
168 --with-cachedir=/var/lib/samba \
169 --with-lockdir=/var/lib/samba \
170 --with-piddir=/var/run \
171 --with-ads \
172 --with-acl-support \
173 --with-libsmbclient \
174 --with-libsmbsharemodes \
175 --with-sendfile-support \
176 --with-fhs \
177 --with-winbind \
178 --disable-swat \
179 --enable-cups \
180 --disable-avahi \
181 --with-syslog
182 cd $(DIR_APP)/source3 && make idl_full
183 cd $(DIR_APP)/source3 && make proto && make all $(MAKETUNING) $(EXTRA_MAKE)
184 cd $(DIR_APP)/source3 && make install
185 cd $(DIR_APP)/source3 && chmod -v 644 /usr/include/libsmbclient.h
186 #cd $(DIR_APP)/source3 && install -v -m755 nsswitch/libnss_wins.so /lib
187 #cd $(DIR_APP)/source3 && install -v -m755 nsswitch/libnss_winbind.so /lib
188 #cd $(DIR_APP)/source3 && ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2
189 #cd $(DIR_APP)/source3 && ln -v -sf libnss_wins.so /lib/libnss_wins.so.2
190 -mkdir -p /var/ipfire/samba
191 cd $(DIR_APP)/source3 && install -v -m644 ../examples/smb.conf.default /var/ipfire/samba
192 cp -vrf $(DIR_SRC)/config/samba/* /var/ipfire/samba/
193 chown nobody:nobody -R /var/ipfire/samba/
194 cp -vfp /var/ipfire/samba/default.global /var/ipfire/samba/global
195 cp -vfp /var/ipfire/samba/default.pdc /var/ipfire/samba/pdc
196 cp -vfp /var/ipfire/samba/default.settings /var/ipfire/samba/settings
197 cp -vfp /var/ipfire/samba/default.shares /var/ipfire/samba/shares
198 cp -vfp /var/ipfire/samba/default.printer /var/ipfire/samba/printer
199 cat /var/ipfire/samba/global /var/ipfire/samba/shares > /var/ipfire/samba/smb.conf
200 -mkdir -p /var/log/samba
201 install -v -m 644 $(DIR_SRC)/config/backup/includes/samba /var/ipfire/backup/addons/includes/samba
202
203 -mkdir -p /var/lib/samba/winbindd_privileged
204 chmod 750 /var/lib/samba/winbindd_privileged
205 chgrp wbpriv /var/lib/samba/winbindd_privileged
206
207 #install initscripts
208 $(call INSTALL_INITSCRIPT,samba)
209
210 @rm -rf $(DIR_APP)
211 @$(POSTBUILD)
IPFire 2.x development tree