/[smeserver]/rpms/samba/sme10/samba.spec

Diff of /rpms/samba/sme10/samba.spec

Parent Directory | Revision Log | View Revision Graph Revision Graph | View Patch Patch

-Revision 1.1 by vip-ire,
Thu Sep 29 08:22:00 2016 UTC
+Revision 1.2 by vip-ire,
Wed Oct  5 16:45:27 2016 UTC
 Line 6
  # ctdb is enabled by default, you can disable it with: --without clustering
  %bcond_without clustering
- %define main_release 10.2
+ %define main_release 7.1
- %define samba_version 4.2.3
+ %define samba_version 4.2.10
  %define talloc_version 2.1.2
  %define ntdb_version 1.0
  %define tdb_version 1.3.4
 Line 109 
 Source6: samba.pamd
  Source200: README.dc
  Source201: README.downgrade
- Patch0:         samba-4.2-auth-credentials-if-credentials-have-principal-set-t.patch
+ Patch1:     samba-4.2.10-ldap-sasl-win2003.patch
- Patch1:         samba-4.2.3-fix_smbX_segfault.patch
+ Patch3:     samba-4.2.3-document_netbios_length.patch
- Patch2:         samba-4.2.3-fix_dfree_command.patch
+ Patch4:     samba-4.2.3-fix_net_ads_keytab_segfault.patch
- Patch3:         samba-4.2.3-document_netbios_length.patch
+ Patch5:     samba-4.2.10-s3-parm-clean-up-defaults-when-removing-global-param.patch
- Patch4:         samba-4.2.3-fix_net_ads_keytab_segfault.patch
+ Patch6:     samba-4.2.10-s3-winbind-make-sure-domain-member-can-talk-to-trust.patch
- Patch5:         samba-4.2.3-fix_force_group.patch
+ Patch7:     samba-4.2.10-badlock-bugfixes.patch
- Patch6:         samba-4.2.3-fix_map_to_guest_bad_uid.patch
+ Patch8:     samba-4.2.10-fix_rpcclient_ipc_signing.patch
- Patch7:         samba-4.2.3-fix_nss_wins.patch
+ Patch9:     samba-4.2.10-fix_ntlm_auth_issues.patch
+ Patch10:    samba-4.2.10-fix_msrpc_parse.patch
+ Patch11:    samba-4.2.10-fix_anon_with_singing_mandatory.patch
+ Patch12:    samba-4.2.99-fix_idmap_hash_with_other_modules.path
+ Patch13:    samba-4.2.99-net_ads_join_fix_keytab_generation.patch
+ Patch14:    CVE-2016-2119-v4-2.patch
  BuildRoot:      %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
-Line 394 
 Samba VFS module for GlusterFS integrati
+Line 399 
 Samba VFS module for GlusterFS integrati
  Summary: Samba libraries
  Group: Applications/System
  Requires: krb5-libs >= 1.10
- Requires: libldb = %{ldb_version}
+ Requires: libldb
  Requires: %{name}-client-libs = %{samba_depver}
  %if %with_libwbclient
  Requires: libwbclient = %{samba_depver}
-Line 690 
 and use CTDB instead.
+Line 695 
 and use CTDB instead.
  %prep
  %setup -q -n samba-%{version}%{pre_release}
- %patch0 -p1 -b .samba-4.2-auth-credentials-if-credentials-have-principal-set-t.patch
+ %patch1 -p1 -b .samba-4.2.10-ldap-sasl-win2003.patch
- %patch1 -p1 -b .samba-4.2.3-fix_smbX_segfault.patch
- %patch2 -p1 -b .samba-4.2.3-fix_dfree_command.patch
  %patch3 -p1 -b .samba-4.2.3-document_netbios_length.patch
  %patch4 -p1 -b .samba-4.2.3-fix_net_ads_keytab_segfault.patch
- %patch5 -p1 -b .samba-4.2.3-fix_force_group.patch
+ %patch5 -p1 -b .samba-4.2.10-s3-parm-clean-up-defaults-when-removing-global-param.patch
- %patch6 -p1 -b .samba-4.2.3-fix_map_to_guest_bad_uid.patch
+ %patch6 -p1 -b .samba-4.2.10-s3-winbind-make-sure-domain-member-can-talk-to-trust.patch
- %patch7 -p1 -b .samba-4.2.3-fix_nss_wins.patch
+ %patch7 -p1 -b .samba-4.2.10-badlock-bugfixes.patch
+ %patch8 -p1 -b .samba-4.2.10-fix_rpcclient_ipc_signing.patch
+ %patch9 -p1 -b .samba-4.2.10-fix_ntlm_auth_issues.patch
+ %patch10 -p1 -b .samba-4.2.10-fix_msrpc_parse.patch
+ %patch11 -p1 -b .samba-4.2.10-fix_anon_with_singing_mandatory.patch
+ %patch12 -p1 -b .samba-4.2.99-fix_idmap_hash_with_other_modules.path
+ %patch13 -p1 -b .samba-4.2.99-net_ads_join_fix_keytab_generation.patch
+ %patch14 -p1 -b .CVE-2016-2119-v4-2.patch
  %build
  %global _talloc_lib ,talloc,pytalloc,pytalloc-util
-Line 855 
 install -m 0644 %{SOURCE200} packaging/R
+Line 865 
 install -m 0644 %{SOURCE200} packaging/R
  %endif
  install -d -m 0755 %{buildroot}%{_unitdir}
- for i in nmb smb winbind samba; do
+ for i in nmb smb winbind samba ; do
      cat packaging/systemd/$i.service | sed -e 's@\[Service\]@[Service]\nEnvironment=KRB5CCNAME=/run/samba/krb5cc_samba@g' >tmp$i.service
      install -m 0644 tmp$i.service %{buildroot}%{_unitdir}/$i.service
  done
-Line 872 
 install -m 0755 packaging/NetworkManager
+Line 882 
 install -m 0755 packaging/NetworkManager
  install -d -m 0755 %{buildroot}%{_libdir}/krb5/plugins/libkrb5
  touch %{buildroot}%{_libdir}/krb5/plugins/libkrb5/winbind_krb5_locator.so
+ %if ! %with_dc
+ for i in %{_libdir}/samba/libdfs-server-ad-samba4.so \
+          %{_libdir}/samba/libdnsserver-common-samba4.so \
+          %{_mandir}/man8/samba.8 \
+          %{_mandir}/man8/samba-tool.8 \
+          %{_libdir}/samba/ldb/ildap.so \
+          %{_libdir}/samba/ldb/ldbsamba_extensions.so ; do
+         rm -f %{buildroot}$i
+ done
+ %endif
  # This makes the right links, as rpmlint requires that
  # the ldconfig-created links be recorded in the RPM.
  /sbin/ldconfig -N -n %{buildroot}%{_libdir}
-Line 1348 
 rm -rf %{buildroot}
+Line 1369 
 rm -rf %{buildroot}
  %config(noreplace) %{_sysconfdir}/logrotate.d/samba
  %attr(0700,root,root) %dir /var/log/samba
  %attr(0700,root,root) %dir /var/log/samba/old
+ %attr(0755,root,root) %dir /var/lib/samba
  %ghost %dir /var/run/samba
  %ghost %dir /var/run/winbindd
  %attr(700,root,root) %dir /var/lib/samba/private
-Line 1461 
 rm -rf %{buildroot}
+Line 1483 
 rm -rf %{buildroot}
  %{_unitdir}/samba.service
  %else # with_dc
  %doc packaging/README.dc
- %exclude %{_mandir}/man8/samba.8*
- %exclude %{_mandir}/man8/samba-tool.8*
- %exclude %{_libdir}/samba/ldb/ildap.so
- %exclude %{_libdir}/samba/ldb/ldbsamba_extensions.so
  %endif # with_dc
  ### DC-LIBS
-Line 1504 
 rm -rf %{buildroot}
+Line 1521 
 rm -rf %{buildroot}
  %{_libdir}/samba/bind9/dlz_bind9_9.so
  %else
  %doc packaging/README.dc-libs
- %exclude %{_libdir}/samba/libdfs-server-ad-samba4.so
- %exclude %{_libdir}/samba/libdnsserver-common-samba4.so
  %endif # with_dc
  ### DEVEL
-Line 1725 
 rm -rf %{buildroot}
+Line 1740 
 rm -rf %{buildroot}
  %{_libdir}/samba/libHDB-SAMBA4-samba4.so
  %{_libdir}/samba/libasn1-samba4.so.8
  %{_libdir}/samba/libasn1-samba4.so.8.0.0
- #%{_libdir}/samba/libdfs_server_ad.so
  %{_libdir}/samba/libgssapi-samba4.so.2
  %{_libdir}/samba/libgssapi-samba4.so.2.0.0
  %{_libdir}/samba/libhcrypto-samba4.so.5
-Line 1996 
 rm -rf %{buildroot}
+Line 2010 
 rm -rf %{buildroot}
  %endif # with_clustering_support
  %changelog
- * Wed Sep 28 2016 Greg Zartman <gzartman@koozali.org> - 4.2.3-11.sme
+ * Wed Oct 5 2016 Daniel Berteaud <daniel@firewall-services.com> - 4.2.10-7.1.sme
- - Build for SME 10 [SME: 9751]
+ - Rebuild with DC support (work from Greg Zartman) [SME: 9817]
+ * Mon Jul 04 2016 Andreas Schneider <asn@redhat.com> - 4.2.10-7
+ - resolves: #1351960 - Fix CVE-2016-2119
- * Wed Dec 02 2015 - ClearFoundation <developer@clearfoundation.com> - 4.2.3-10.clear
+ * Tue Jun 28 2016 Andreas Schneider <asn@redhat.com> - 4.2.10-6.3
- - enable DC support for integration work
+ - resolves: #1350759 - Fix idmap_hash when used with other modules
+ - resolves: #1351260 - Fix krb5 encryption type setup during join
+ * Wed Jun 01 2016 Andreas Schneider <asn@redhat.com> - 4.2.10-6.2
+ - related: #1333794 - Fix issues caused by security tightening for Badlock
+   o ntlm_auth issues and segfault
+   o rpcclient doesn't respect "client ipc *" options
+   o fix anonymous authentication if signing is mandatory
+ * Fri May 06 2016 Alexander Bokovoy <abokovoy@redhat.com> - 4.2.10-6.1
+ - Fix issues caused by security tightening for Badlock:
+   - Only validate MIC when "map to guest" is set
+   - NetApp SMB servers don't negotiate NTLMSSP_SIGN
+   - Anonymous connections don't work anymore
+   - wbinfo -u or 'net ads search' don't work anymore
+   - Handle empty session in client code
+ - resolves: #1333794
+ * Tue Apr 12 2016 Alexander Bokovoy <abokovoy@redhat.com> - 4.2.10-6
+ - Fix domain member winbind not being able to talk to trusted domains' DCs
+ - relates: #1322690
+ * Mon Apr 11 2016 Alexander Bokovoy <abokovoy@redhat.com> - 4.2.10-5
+ - Fix crash in smb.conf processing
+ - relates: #1322690
+ * Fri Apr 08 2016 Alexander Bokovoy <abokovoy@redhat.com> - 4.2.10-4
+ - Fix LDAP SASL bind with arcfour-hmac-md5
+ - resolves: #1322690
+ * Thu Apr 07 2016 Alexander Bokovoy <abokovoy@redhat.com> - 4.2.10-3
+ - Make sure the package owns /var/lib/samba and uses it for cache purposes
+ - resolves: #1322690
+ * Wed Apr 06 2016 Alexander Bokovoy <abokovoy@redhat.com> - 4.2.10-2
+ - Remove ldb modules and internal libraries for DC when not packaging DC build
+ - resolves: #1322690
+ * Mon Apr 04 2016 Alexander Bokovoy <abokovoy@redhat.com> - 4.2.10-1
+ - resolves: #1322690
+ * Fri Mar 04 2016 Andreas Schneider <asn@redhat.com> - 4.2.3-12
+ - resolves: #1314672 - Fix CVE-2015-7560
+ * Fri Dec 11 2015 Guenther Deschner <gdeschner@redhat.com> - 4.2.3-11
+ - resolves: #1290710
+ - CVE-2015-3223 Remote DoS in Samba (AD) LDAP server
+ - CVE-2015-5299 Missing access control check in shadow copy code
+ - CVE-2015-5252 Insufficient symlink verification in smbd
+ - CVE-2015-5296 Samba client requesting encryption vulnerable to
+                 downgrade attack
  * Tue Oct 27 2015 Andreas Schneider <asn@redhat.com> - 4.2.3-10
  - related: #1273393 - Fix use after free with nss_wins module loaded

 Legend:



Removed lines/characters
 


Changed lines/characters


 
Added lines/characters
 Legend:



Removed lines/characters
 


Changed lines/characters


 
Added lines/characters
-Removed lines/characters
+Added lines/characters

admin@koozali.org	ViewVC Help
Powered by ViewVC 1.2.1