Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 474492 - >=net-fs/samba-4.0 automagically depends on sys-apps/dmapi (libdm.so)
Summary: >=net-fs/samba-4.0 automagically depends on sys-apps/dmapi (libdm.so)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo's SAMBA Team
URL:
Whiteboard:
Keywords: PATCH
Depends on:
Blocks: samba-4
  Show dependency tree
 
Reported: 2013-06-23 14:30 UTC by Andreas Sturmlechner
Modified: 2014-08-19 09:56 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
samba-4.0.6.ebuild.diff (samba-4.0.6.ebuild.diff,943 bytes, patch)
2013-06-23 14:30 UTC, Andreas Sturmlechner
Details | Diff
samba-4.1.0-remove-dmapi-automagic.patch (samba-4.1.0-remove-dmapi-automagic.patch,2.75 KB, patch)
2013-11-01 19:54 UTC, Andreas Sturmlechner
Details | Diff
samba-4.1.0-r1.ebuild.diff (samba-4.1.0-r1.ebuild.diff,1.49 KB, patch)
2013-11-01 19:55 UTC, Andreas Sturmlechner
Details | Diff
samba-4.1.0-remove-dmapi-automagic.patch (samba-4.1.0-remove-dmapi-automagic.patch,2.69 KB, patch)
2013-11-01 20:26 UTC, Andreas Sturmlechner
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Sturmlechner gentoo-dev 2013-06-23 14:30:07 UTC
Created attachment 351746 [details, diff]
samba-4.0.6.ebuild.diff

After a recent --depclean, I noticed this:


!!! existing preserved libs:
>>> package: sys-apps/dmapi-2.2.12
 *  - /lib64/libdm.so.0
 *  - /lib64/libdm.so.0.0.4
 *      used by /usr/lib64/samba/libsmbd_base.so (net-fs/samba-4.0.6)


So samba-4.0.6 silently uses dmapi if available - that should be controlled by a USE flag just as it was in <samba-4.


My attempt to solve this was not successful however. configure is well aware of --without-dmapi but still checks for and builds with it.
Comment 1 Lars Wendler (Polynomial-C) gentoo-dev 2013-10-29 14:04:56 UTC
Comment on attachment 351746 [details, diff]
samba-4.0.6.ebuild.diff

If this dependency is really automagic, your patch unfortunately is not enough to solve the problem.
Comment 2 Andreas Sturmlechner gentoo-dev 2013-11-01 15:42:33 UTC
The following bug contains the commit that seems to have introduced the automagic: https://bugzilla.samba.org/show_bug.cgi?id=9803

As fam seems to be configured likewise, I'm not sure how that USE flag is supposed to work when dmapi doesn't. Not sure if simply reverting that commit would help?
Comment 3 Andreas Sturmlechner gentoo-dev 2013-11-01 19:54:27 UTC
Created attachment 362404 [details, diff]
samba-4.1.0-remove-dmapi-automagic.patch

Had another go at it and changed the relevant wscript. I made a few configure runs, with and without dmapi enabled and/or installed, and it seemed to work for me. I don't really understand why the checks were done that way before though.
Comment 4 Andreas Sturmlechner gentoo-dev 2013-11-01 19:55:22 UTC
Created attachment 362406 [details, diff]
samba-4.1.0-r1.ebuild.diff
Comment 5 Andreas Sturmlechner gentoo-dev 2013-11-01 20:26:53 UTC
Created attachment 362408 [details, diff]
samba-4.1.0-remove-dmapi-automagic.patch

actually, make that compile, not only configure (small fix)
Comment 6 Andreas Sturmlechner gentoo-dev 2013-11-01 21:15:27 UTC
Build with USE="-dmapi" but dmapi package present was successful, without preserved libs after removing dmapi package.
Comment 7 Lars Wendler (Polynomial-C) gentoo-dev 2013-11-12 08:49:13 UTC
Great work Andreas. This is really appreciated! 

Any chance you can present that patch to upstream and convince them to integrate it into their source repos?
Comment 8 Lars Wendler (Polynomial-C) gentoo-dev 2013-11-12 09:10:14 UTC
+*samba-4.1.1 (12 Nov 2013)
+*samba-4.0.11 (12 Nov 2013)
+*samba-3.6.20 (12 Nov 2013)
+
+  12 Nov 2013; Lars Wendler <polynomial-c@gentoo.org> -samba-3.6.16.ebuild,
+  +samba-3.6.20.ebuild, +samba-4.0.11.ebuild, +samba-4.1.1.ebuild,
+  +files/samba-4.1.0-remove-dmapi-automagic.patch:
+  Security bumps for CVE-2013-4475 and CVE-2013-4476. Removed automagic
+  dependency on dmapi. Thanks to Andreas Sturmlechner for providing a patch in
+  bug #474492. Removed old.
+
I keep this patch open as a reminder to push your patch upstream.
Comment 9 Lars Wendler (Polynomial-C) gentoo-dev 2013-11-12 09:13:17 UTC
> I keep this patch open as a reminder to push your patch upstream.

I mean I keep this bug open...  m(
Comment 10 Lars Wendler (Polynomial-C) gentoo-dev 2013-12-13 14:04:43 UTC
As upstream seems to not care about such kind of problems I gonna mark this bug as fixed. Let's hope we don't have to carry this patch around forever :-(
Comment 11 Chan Min Wai 2014-01-10 20:54:53 UTC
Files bugs on upstream with patch.
https://bugzilla.samba.org/show_bug.cgi?id=10369

Hope this time it really got fix.
Comment 12 Chan Min Wai 2014-08-19 09:56:42 UTC
Bugs is fixed on upstream :)

https://bugzilla.samba.org/show_bug.cgi?id=10369

Good for us ;)