Samba3 ebuilds used to set up things like: "${CONFDIR}/samba.pam" to /etc/pam.d/samba "${CONFDIR}/system-auth-winbind.pam" to /etc/pam.d/system-auth-winbind examples/pam_winbind/pam_winbind.conf to /etc/security/ The Samba4 ebuilds do not install these files. ${CONFDIR} in the portage tree does not contain the *.pam files in the samba4 subdirectories. Upstream Samba4 source code still contains examples/pam_winbind/pam_winbind.conf but the Gentoo ebuild doesn't use it. Is there a reason for this?
The Samba4 Gentoo ebuild also fails to install the krb5 plugin (app-crypt/mit-krb5) in /usr/$(get_libdir)/krb5/plugins/libkrb5 and libwbclient (nsswitch extensions).
Regarding the krb5 plugin and the nsswitch extensions it seems that the Samba4 scripts automatically install them in /usr/lib64/... So, sorry for comment 2. Comment 1 still concerns me though.
(In reply to Vieri from comment #2) > Regarding the krb5 plugin and the nsswitch extensions it seems that the > Samba4 scripts automatically install them in /usr/lib64/... > So, sorry for comment 2. Comment 1 still concerns me though. just for the record: net-fs/samba-4.2.11 (/usr/lib64/libnss_wins.so -> libnss_wins.so.2) net-fs/samba-4.2.11 (/usr/lib64/libwbclient.so -> libwbclient.so.0.12) net-fs/samba-4.2.11 (/usr/lib64/winbind_krb5_locator.so)
Created attachment 442392 [details, diff] patch for the latest stable ebuild script I applied the patch to the ebuild and copied some files from samba3 to samba4: cp files/3.6/*.pam files/4.2/ then emerged and my configuration migration for Samba + PAM + krb5 from version 3 to version 4 was simple. Please include the patch and use the *.pam files for Samba4.
Could you please apply the changes proposed here to the current testing ebuild found at https://gitweb.gentoo.org/repo/gentoo.git/tree/net-fs/samba/samba-4.5.0_rc2.ebuild (08-10-2016 > 08-03-2016)? In any case, I think it's important to also apply them to the "stable" samba4 ebuild as it can avoid several woes while migrating form samb3 w/ pam to samba4.
Lars, I hope you don't mind me adding your email to the CC list because I saw it in the Samba CHANGELOG. I'd like to help out and make this patch go into the ebuilds. If the pam stuff was taken out for some reason then please explain. Thanks
Any update on this bug report?
Successfully tested the ebuild patch for samba-4.2.14.
Created attachment 496430 [details, diff] patch for the latest stable ebuild
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c41228519a3902dd0453d3c80af0d172c86267b1 commit c41228519a3902dd0453d3c80af0d172c86267b1 Author: Vieri <rentorbuy@yahoo.com> AuthorDate: 2019-01-23 12:30:18 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2019-01-23 13:11:02 +0000 net-fs/samba: pam+winbind authentication PAM winbind authentication configuration. Closes: https://bugs.gentoo.org/590374 Tested-by: Vieri <rentorbuy@yahoo.com> Signed-off-by: Vieri <rentorbuy@yahoo.com> Fixes: 0eef165 (net-fs/samba: pam+winbind authentication) Package-Manager: Portage-2.3.51, Repoman-2.3.11 Closes: https://github.com/gentoo/gentoo/pull/10578 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> net-fs/samba/files/4.4/system-auth-winbind.pam | 18 ++ ....10.0_rc1.ebuild => samba-4.10.0_rc1-r1.ebuild} | 16 +- ...{samba-4.7.12.ebuild => samba-4.7.12-r1.ebuild} | 18 +- net-fs/samba/samba-4.8.6-r3.ebuild | 301 +++++++++++++++++++++ .../{samba-4.8.8.ebuild => samba-4.8.8-r1.ebuild} | 18 +- .../{samba-4.9.4.ebuild => samba-4.9.4-r1.ebuild} | 18 +- 6 files changed, 382 insertions(+), 7 deletions(-)
I'm very sorry it took so long for this fix to land in Gentoo. Feel free to "nag" me in the future in case you have further fixes for samba.
No problem. I'm glad it's updated. Thanks.
Created attachment 562680 [details, diff] patch over #590374 Are "use pam and use winbind" really good idea? May be "use pam && use winbind" or this is additional format of "use"? Also keepdir */ctdb is optional (use cluster && keepdir .../ctdb). Or look attach for agnostic way. PS Must I reopen bug or this way enought?
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e20faa410c8d61ac937a8b346dc75e9685e53b2b commit e20faa410c8d61ac937a8b346dc75e9685e53b2b Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2019-01-24 08:41:22 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2019-01-24 08:41:22 +0000 net-fs/samba: Fixed syntax error. Bug: https://bugs.gentoo.org/590374 Package-Manager: Portage-2.3.58, Repoman-2.3.12 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> net-fs/samba/samba-4.10.0_rc1-r1.ebuild | 2 +- net-fs/samba/samba-4.7.12-r1.ebuild | 2 +- net-fs/samba/samba-4.8.6-r3.ebuild | 2 +- net-fs/samba/samba-4.8.8-r1.ebuild | 2 +- net-fs/samba/samba-4.9.4-r1.ebuild | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-)
