Add a patch taken from upstream to allow smbd to work when winbindd has been started but not configured.diff -r1.59 -r1.60 pkgsrc/net/samba4/Makefile
(roy)
@@ -1,17 +1,17 @@ | @@ -1,17 +1,17 @@ | |||
1 | # $NetBSD: Makefile,v 1.59 2019/02/23 21:29:29 jperkin Exp $ | 1 | # $NetBSD: Makefile,v 1.60 2019/03/01 20:03:24 roy Exp $ | |
2 | 2 | |||
3 | DISTNAME= samba-4.9.4 | 3 | DISTNAME= samba-4.9.4 | |
4 | PKGREVISION= 2 | 4 | PKGREVISION= 3 | |
5 | CATEGORIES= net | 5 | CATEGORIES= net | |
6 | MASTER_SITES= http://download.samba.org/pub/samba/stable/ | 6 | MASTER_SITES= http://download.samba.org/pub/samba/stable/ | |
7 | 7 | |||
8 | MAINTAINER= pkgsrc-users@NetBSD.org | 8 | MAINTAINER= pkgsrc-users@NetBSD.org | |
9 | HOMEPAGE= http://www.samba.org/ | 9 | HOMEPAGE= http://www.samba.org/ | |
10 | COMMENT= SMB/CIFS protocol server suite | 10 | COMMENT= SMB/CIFS protocol server suite | |
11 | LICENSE= gnu-gpl-v3 | 11 | LICENSE= gnu-gpl-v3 | |
12 | 12 | |||
13 | CONFLICTS+= ja-samba-[0-9]* winbind-[0-9]* | 13 | CONFLICTS+= ja-samba-[0-9]* winbind-[0-9]* | |
14 | 14 | |||
15 | GCC_REQD+= 4.4 | 15 | GCC_REQD+= 4.4 | |
16 | BUILD_DEPENDS+= libxslt-[0-9]*:../../textproc/libxslt | 16 | BUILD_DEPENDS+= libxslt-[0-9]*:../../textproc/libxslt | |
17 | BUILD_DEPENDS+= docbook-xml-[0-9]*:../../textproc/docbook-xml | 17 | BUILD_DEPENDS+= docbook-xml-[0-9]*:../../textproc/docbook-xml |
@@ -1,19 +1,20 @@ | @@ -1,19 +1,20 @@ | |||
1 | $NetBSD: distinfo,v 1.22 2018/12/22 01:13:52 adam Exp $ | 1 | $NetBSD: distinfo,v 1.23 2019/03/01 20:03:24 roy Exp $ | |
2 | 2 | |||
3 | SHA1 (samba-4.9.4.tar.gz) = 7f8e15709e03e52d14bd9c85dd717366c106993f | 3 | SHA1 (samba-4.9.4.tar.gz) = 7f8e15709e03e52d14bd9c85dd717366c106993f | |
4 | RMD160 (samba-4.9.4.tar.gz) = d0a43b85b85906f860de12b0b0abb1fcc5643b7a | 4 | RMD160 (samba-4.9.4.tar.gz) = d0a43b85b85906f860de12b0b0abb1fcc5643b7a | |
5 | SHA512 (samba-4.9.4.tar.gz) = ecd9937caa12d409b9b4cf34982b1670346fa64c7ecd111b390e296771476e13eb7b868997bfe489f36b7bdc5c9fc3af42cd5ad276e9d85aaedfa8ac4cfc0617 | 5 | SHA512 (samba-4.9.4.tar.gz) = ecd9937caa12d409b9b4cf34982b1670346fa64c7ecd111b390e296771476e13eb7b868997bfe489f36b7bdc5c9fc3af42cd5ad276e9d85aaedfa8ac4cfc0617 | |
6 | Size (samba-4.9.4.tar.gz) = 18053738 bytes | 6 | Size (samba-4.9.4.tar.gz) = 18053738 bytes | |
7 | SHA1 (patch-buildtools_wafsamba_samba__install.py) = 82e91af3125931767df06821983d40e6f94140c3 | 7 | SHA1 (patch-buildtools_wafsamba_samba__install.py) = 82e91af3125931767df06821983d40e6f94140c3 | |
8 | SHA1 (patch-buildtools_wafsamba_samba__pidl.py) = 1469d23fd2094ce0ecf979df6ff8cfd69fae53a6 | 8 | SHA1 (patch-buildtools_wafsamba_samba__pidl.py) = 1469d23fd2094ce0ecf979df6ff8cfd69fae53a6 | |
9 | SHA1 (patch-buildtools_wafsamba_wscript) = 5604936a825675647157331df2333f4237c611f5 | 9 | SHA1 (patch-buildtools_wafsamba_wscript) = 5604936a825675647157331df2333f4237c611f5 | |
10 | SHA1 (patch-docs-xml_wscript__build) = 5aa5cbf61882604b7ec9d19f0cd1537a23705ad0 | 10 | SHA1 (patch-docs-xml_wscript__build) = 5aa5cbf61882604b7ec9d19f0cd1537a23705ad0 | |
11 | SHA1 (patch-dynconfig_wscript) = b77bc4aabaab2943962112c51dc539a65d015400 | 11 | SHA1 (patch-dynconfig_wscript) = b77bc4aabaab2943962112c51dc539a65d015400 | |
12 | SHA1 (patch-lib_ldb_ldb__mdb_ldb__mdb.c) = e6d10c0eb44bbad4fbdd52a9e66116ead8e1818d | 12 | SHA1 (patch-lib_ldb_ldb__mdb_ldb__mdb.c) = e6d10c0eb44bbad4fbdd52a9e66116ead8e1818d | |
13 | SHA1 (patch-lib_param_loadparm.h) = 0216b69d33d1e17260a446e11bee764116c52b18 | 13 | SHA1 (patch-lib_param_loadparm.h) = 0216b69d33d1e17260a446e11bee764116c52b18 | |
14 | SHA1 (patch-lib_replace_wscript) = b6a042c2c13c0be78d7b64c0ce2efdaf4bbb1f3b | 14 | SHA1 (patch-lib_replace_wscript) = b6a042c2c13c0be78d7b64c0ce2efdaf4bbb1f3b | |
15 | SHA1 (patch-lib_tevent_wscript) = fbbe2024096b57d651d90064f53489a974db9d7a | 15 | SHA1 (patch-lib_tevent_wscript) = fbbe2024096b57d651d90064f53489a974db9d7a | |
16 | SHA1 (patch-nsswitch_wscript__build) = e8a6251e031ffa13d6347fade8891f7afd65d3eb | 16 | SHA1 (patch-nsswitch_wscript__build) = e8a6251e031ffa13d6347fade8891f7afd65d3eb | |
17 | SHA1 (patch-source3_auth_token_util.c) = fbe67b501fa4325c9fb3e37c51bc424847f5e908 | |||
17 | SHA1 (patch-source4_heimdal__build_roken.h) = ee535f8e7cc46a3487d95bc859438c476a88fe60 | 18 | SHA1 (patch-source4_heimdal__build_roken.h) = ee535f8e7cc46a3487d95bc859438c476a88fe60 | |
18 | SHA1 (patch-source4_scripting_wsript_build) = bd4feddcaadf1c3d2d25eb7914e7b5843e4e9511 | 19 | SHA1 (patch-source4_scripting_wsript_build) = bd4feddcaadf1c3d2d25eb7914e7b5843e4e9511 | |
19 | SHA1 (patch-source4_torture_local_nss__tests.c) = 8c878a8ed771ba996a7a325a1ad41bd13016c70c | 20 | SHA1 (patch-source4_torture_local_nss__tests.c) = 8c878a8ed771ba996a7a325a1ad41bd13016c70c |
$NetBSD: patch-source3_auth_token_util.c,v 1.1 2019/03/01 20:03:24 roy Exp $
Taken from https://bugzilla.samba.org/show_bug.cgi?id=13697
From 1e8931dfc24a2576a3b1fe9115c4ccbfefbbd298 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 19 Dec 2018 09:38:33 +0100
Subject: [PATCH] s3:auth: ignore create_builtin_guests() failing without a
valid idmap configuration
This happens on standalone servers, where winbindd is automatically
started by init scripts if it's installed. But it's not really
used and may not have a valid idmap configuration (
"idmap config * : range" has no default!)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13697
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
(cherry picked from commit 865538fabaea33741f5fa542dbc3f2e08308c2c1)
---
source3/auth/token_util.c | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index f5b0e6944335..ee38d6c9645b 100644
--- source3/auth/token_util.c
+++ source3/auth/token_util.c
@@ -745,7 +745,23 @@ NTSTATUS finalize_local_nt_token(struct security_token *result,
status = create_builtin_guests(domain_sid);
unbecome_root();
- if (NT_STATUS_EQUAL(status, NT_STATUS_PROTOCOL_UNREACHABLE)) {
+ /*
+ * NT_STATUS_PROTOCOL_UNREACHABLE:
+ * => winbindd is not running.
+ *
+ * NT_STATUS_ACCESS_DENIED:
+ * => no idmap config at all
+ * and wbint_AllocateGid()/winbind_allocate_gid()
+ * failed.
+ *
+ * NT_STATUS_NO_SUCH_GROUP:
+ * => no idmap config at all and
+ * "tdbsam:map builtin = no" means
+ * wbint_Sids2UnixIDs() fails.
+ */
+ if (NT_STATUS_EQUAL(status, NT_STATUS_PROTOCOL_UNREACHABLE) ||
+ NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) ||
+ NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_GROUP)) {
/*
* Add BUILTIN\Guests directly to token.
* But only if the token already indicates