./net/samba4, SMB/CIFS protocol server suite

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 4.6.4nb1, Package name: samba-4.6.4nb1, Maintainer: pkgsrc-users

Samba is the standard Windows interoperability suite of programs
for Linux and Unix.

Samba is Free Software licensed under the GNU General Public License,
the Samba project is a member of the Software Freedom Conservancy.

Since 1992, Samba has provided secure, stable and fast file and
print services for all clients using the SMB/CIFS protocol, such
as all versions of DOS and Windows, OS/2, Linux and many others.

Samba is an important component to seamlessly integrate Linux/Unix
Servers and Desktops into Active Directory environments. It can
function both as a domain controller or as a regular domain member.

This package tracks 4.x branch release.

MESSAGE.rcd [+/-]

Required to run:
[textproc/py-expat] [converters/libiconv] [lang/perl5] [net/py-dns] [security/gnutls] [devel/popt] [devel/gettext-lib] [devel/readline] [lang/python27] [time/py-iso8601]

Required to build:
[textproc/py-expat] [pkgtools/cwrappers]

Package options: ads, ldap, pam, winbind

Master sites:

SHA1: eabfbb4d4ed17e25feb1aec81187011fca0f5f8a
RMD160: 91b77289adb41b1570e82411795fd8e7bb9a7543
Filesize: 20613.325 KB

Version history: (Expand)

CVS history: (Expand)

   2017-06-27 15:37:16 by Filip Hajny | Files touched by this commit (3)
Log message:
Substitute SYSCONFDIR assumed by the embedded Heimdal code properly.
Fixes calls to e.g. krb5.keytab that were hardcoded to /etc. PKGREVISION++
   2017-06-11 07:26:45 by Tom Spindler | Files touched by this commit (1)
Log message:
if winbindd is enabled, install rc.d script.
   2017-06-01 15:30:26 by Johnny C. Lam | Files touched by this commit (21)
Log message:
Use public SHLIB_TYPE instead of private _OPSYS_SHLIB_TYPE.
   2017-05-29 02:24:19 by Sebastian Wiedenroth | Files touched by this commit (1)
Log message:
add workaround for https://bugzilla.samba.org/show_bug.cgi?id=12502
fixes build on sunos
   2017-05-24 17:51:32 by Havard Eidnes | Files touched by this commit (3) | Package updated
Log message:
Update samba4 to version 4.6.4.

Pkgsrc changes:
 * Adapt PLIST, new .so installed.

Upstream changes:

Changes since 4.6.3:
o  Volker Lendecke <vl@samba.org>
   * BUG 12780: CVE-2017-7494: Avoid remote code execution from a writable

Changes since 4.6.2:
o  Michael Adam <obnox@samba.org>
   * BUG 12743: s3:vfs:shadow_copy2: vfs_shadow_copy2 fails to list snapshots
     from shares with GlusterFS backend.

o  Jeremy Allison <jra@samba.org>
   * BUG 12559: Fix for Solaris C compiler.
   * BUG 12628: s3: locking: Update oplock optimization for the leases era.
   * BUG 12693: Make the Solaris C compiler happy.
   * BUG 12695: s3: libgpo: Allow skipping GPO objects that don't have the
     expected LDAP attributes.
   * BUG 12747: Fix buffer overflow caused by wrong use of getgroups.

o  Hanno Boeck <hanno@hboeck.de>
   * BUG 12746: lib: debug: Avoid negative array access.
   * BUG 12748: cleanupdb: Fix a memory read error.

o  Ralph Boehme <slow@samba.org>
   * BUG 7537: streams_xattr and kernel oplocks results in
   * BUG 11961: winbindd: idmap_autorid allocates ids for unknown SIDs from
     other backends.
   * BUG 12565: vfs_fruit: Resource fork open request with
   * BUG 12615: manpages/vfs_fruit: Document global options.
   * BUG 12624: lib/pthreadpool: Fix a memory leak.
   * BUG 12727: Lookup-domain for well-known SIDs on a DC.
   * BUG 12728: winbindd: Fix error handling in rpc_lookup_sids().
   * BUG 12729: winbindd: Trigger possible passdb_dsdb initialisation.

o  Alexander Bokovoy <ab@samba.org>
   * BUG 12611: credentials_krb5: use gss_acquire_cred for client-side GSSAPI
     use case.
   * BUG 12690: lib/crypto: Implement samba.crypto Python module for RC4.

o  Amitay Isaacs <amitay@gmail.com>
   * BUG 12697: ctdb-readonly: Avoid a tight loop waiting for revoke to
   * BUG 12723: ctdb_event monitor command crashes if event is not specified.
   * BUG 12733: ctdb-docs: Fix documentation of "-n" option to 'ctdb tool'.

o  Volker Lendecke <vl@samba.org>
   * BUG 12558: smbd: Fix smb1 findfirst with DFS.
   * BUG 12610: smbd: Do an early exit on negprot failure.
   * BUG 12699: winbindd: Fix substitution for 'template homedir'.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 12554: s4:kdc: Disable principal based autodetected referral detection.
   * BUG 12613: idmap_autorid: Allocate new domain range if the callers knows
     the sid is valid.
   * BUG 12724: LINKFLAGS_PYEMBED should not contain -L/some/path.
   * BUG 12725: PAM auth with WBFLAG_PAM_GET_PWD_POLICY returns wrong policy for
     trusted domain.
   * BUG 12731: rpcclient: Allow -U'OTHERDOMAIN\user' again.

o  Christof Schmitt <cs@samba.org>
   * BUG 12725: winbindd: Fix password policy for pam authentication.

o  Andreas Schneider <asn@samba.org>
   * BUG 12554: s3:gse: Correctly handle external trusts with MIT.
   * BUG 12611: auth/credentials: Always set the realm if we set the principal
     from the ccache.
   * BUG 12686: replace: Include sysmacros.h.
   * BUG 12687: s3:vfs_expand_msdfs: Do not open the remote address as a file.
   * BUG 12704: s3:libsmb: Only print error message if kerberos use is forced.
   * BUG 12708: winbindd: Child process crashes when kerberos-authenticating
     a user with wrong password.

o  Uri Simchoni <uri@samba.org>
   * BUG 12715: vfs_fruit: Office document opens as read-only on macOS due to
     CNID semantics.
   * BUG 12737: vfs_acl_xattr: Fix failure to get ACL on Linux if memory is
   2017-04-10 17:27:22 by John Nemeth | Files touched by this commit (1)
Log message:
Add pkg-config to USE_TOOLS, which is needed to find gnutls.
Problem found in a bulk build.  Not bumping PKGREVISION since it
shouldn't change the binary package when it built.
   2017-04-08 10:56:27 by Ryo ONODERA | Files touched by this commit (6) | Package updated
Log message:
Update to 4.6.2

* Use internal heimdal

Changes since 4.6.1:

o  Jeremy Allison <jra@samba.org>
   * BUG 12721: Fix regression with "follow symlinks = no".

Changes since 4.6.0:

o  Jeremy Allison <jra@samba.org>
   * BUG 12496: CVE-2017-2619: Symlink race permits opening files outside share

o  Ralph Boehme <slow@samba.org>
   * BUG 12496: CVE-2017-2619: Symlink race permits opening files outside share


o  Jeremy Allison <jra@samba.org>
   * BUG 12592: Fix several issues found by covscan.
   * BUG 12608: s3: smbd: Restart reading the incoming SMB2 fd when the send
     queue is drained.

o  Ralph Boehme <slow@samba.org>
   * BUG 12427: vfs_fruit doesn't work with fruit:metadata=stream.
   * BUG 12526: vfs_fruit: Only veto AppleDouble files if \ 
"fruit:resource" is
     set to "file".
   * BUG 12604: vfs_fruit: Enabling AAPL extensions must be a global switch.

o  Volker Lendecke <vl@samba.org>
   * BUG 12612: Re-enable token groups fallback.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 9048: Samba4 ldap error codes.
   * BUG 12557: gensec:spnego: Add debug message for the failed principal.
   * BUG 12605: s3:winbindd: Fix endless forest trust scan.
   * BUG 12612: winbindd: Find the domain based on the sid within

o  Andreas Schneider <asn@samba.org>
   * BUG 12557: s3:librpc: Handle gss_min in gse_get_client_auth_token()
   * BUG 12582: idmap_hash: Add a deprecation message, improve the idmap_hash
   * BUG 12592: Fix several issues found by covscan.

o  Martin Schwenke <martin@meltin.net>
   * BUG 12592: ctdb-logging: CID 1396883 Dereference null return value


o  Jeremy Allison <jra@samba.org>
   * BUG 12545: s3: rpc_server/mdssvc: Add attribute "kMDItemContentType".
   * BUG 12572: s3: smbd: Don't loop infinitely on bad-symlink resolution.

o  Ralph Boehme <slow@samba.org>
   * BUG 12490: vfs_fruit: Correct Netatalk metadata xattr on FreeBSD.
   * BUG 12536: s3/smbd: Check for invalid access_mask
   * BUG 12591: vfs_streams_xattr: use fsp, not base_fsp.

o  Amitay Isaacs <amitay@gmail.com>
   * BUG 12580: ctdb-common: Fix use-after-free error in comm_fd_handler().
   * BUG 12595: build: Fix generation of CTDB manpages while creating tarball.

o  Bryan Mason <bmason@redhat.com>
   * BUG 12575: Modify smbspool_krb5_wrapper to just fall through to smbspool if
     AUTH_INFO_REQUIRED is not set or is not "negotiate".

o  Stefan Metzmacher <metze@samba.org>
   * BUG 11830: s3:winbindd: Try a NETLOGON connection with noauth over NCACN_NP
     against trusted domains.
   * BUG 12262: 'net ads testjoin' and smb access fails after winbindd changed the
     trust password.
   * BUG 12585: librpc/rpc: fix regression in
   * BUG 12586: netlogon_creds_cli_LogonSamLogon doesn't work without
   * BUG 12587: winbindd child segfaults on connect to an NT4 domain.
   * BUG 12588: s3:winbindd: Make sure cm_prepare_connection() only returns OK
     with a valid tree connect.
   * BUG 12598: winbindd (as member) requires kerberos against trusted ad domain,
     while it shouldn't.
   * BUG 12601: Backport pytalloc_GenericObject_reference() related changes to

o  Garming Sam <garming@catalyst.net.nz>
   * BUG 12600: dbchecker: Stop ignoring linked cases where both objects are

o  Andreas Schneider <asn@samba.org>
   * BUG 12571: s3-vfs: Only walk the directory once in open_and_sort_dir().

o  Martin Schwenke <martin@meltin.net>
   * BUG 12589: CTDB statd-callout does not cause grace period when
   * BUG 12595: ctdb-build: Fix RPM build.


o  Jeremy Allison <jra@samba.org>
   * BUG 12499: s3: vfs: dirsort doesn't handle opendir of "." correctly.
   * BUG 12546: s3: VFS: vfs_streams_xattr.c: Make streams_xattr_open() store
     the same path as streams_xattr_recheck().
   * BUG 12531: Make vfs_shadow_copy2 cope with server changing directories.

o  Andrew Bartlett <abartlet@samba.org>
   * BUG 12543: samba-tool: Correct handling of default value for use_ntvfs and
   * BUG 12573: Samba < 4.7 does not know about compatibleFeatures and
   * BUG 12577: 'samba-tool dbcheck' gives errors on one-way links after a

o  Ralph Boehme <slow@samba.org>
   * BUG 12184: s3/rpc_server: Shared rpc modules loading.
   * BUG 12520: Ensure global "smb encrypt = off" is effective.
   * BUG 12524: s3/rpc_server: Move rpc_modules.c to its own subsystem.
   * BUG 12541: vfs_fruit: checks wrong AAPL config state and so always uses

o  Volker Lendecke <vl@samba.org>
   * BUG 12551: smbd: Fix "map acl inherit" = yes.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 12398: Replication with DRSUAPI_DRS_CRITICAL_ONLY and
   * BUG 12540: s3:smbd: allow "server min protocol = SMB3_00" to go \ 
via "SMB
     2.???" negprot.

o  John Mulligan <jmulligan@nasuni.com>
   * BUG 12542: docs: Improve description of "unix_primary_group" \ 
parameter in
     idmap_ad manpage.

o  Andreas Schneider <asn@samba.org>
   * BUG 12552: waf: Do not install the unit test binary for krb5samba.

o  Amitay Isaacs <amitay@gmail.com>
   * BUG 12547: ctdb-build: Install CTDB tests correctly from toplevel.
   * BUG 12549: ctdb-common: ioctl(.. FIONREAD ..) returns an int value.

o  Garming Sam <garming@catalyst.net.nz>
   * BUG 12577: 'samba-tool dbcheck' gives errors on one-way links after a

o  Uri Simchoni <uri@samba.org>
   * BUG 12529: waf: Backport finding of pkg-config.


o  Amitay Isaacs <amitay@gmail.com>
   * BUG 12469: CTDB lock helper getting stuck trying to lock a record.
   * BUG 12500: ctdb-common: Fix a bug in packet reading code for generic socket
   * BUG 12510: sock_daemon_test 4 crashes with SEGV.
   * BUG 12513: ctdb-daemon: Remove stale eventd socket.

o  Björn Jacke <bj@sernet.de>
   * BUG 12535: vfs_default: Unlock the right file in copy chunk.

o  Volker Lendecke <vl@samba.org>
   * BUG 12509: messaging: Fix dead but not cleaned-up-yet destination sockets.
   * BUG 12538: Backport winbind fixes.

o  Stefan Metzmacher <metze@samba.org>
   * BUG 12501: s3:winbindd: talloc_steal the extra_data in

o  Martin Schwenke <martin@meltin.net>
   * BUG 12511: ctdb-takeover: Handle case where there are no RELEASE_IPs to
   * BUG 12512: ctdb-scripts: Fix remaining uses of "ctdb gratiousarp".
   * BUG 12516: ctdb-scripts: /etc/iproute2/rt_tables gets populated with multiple
     'default' entries.
   2017-02-12 07:26:18 by Ryo ONODERA | Files touched by this commit (1451)
Log message:
Recursive revbump from fonts/harfbuzz