[Samba] samba3.0.4 with FreeBSD

Wed May 19 13:37:16 GMT 2004

Hi,

I've the same here: FreeBSD 5.2.1 + samba-devel (3.0.4).

I've made the steps:
1. Install the Heimdal package ( /usr/ports/security/heimdal/)
2. Install the samba-devel package (/usr/ports/net/samba-devel/)

When I tried to install samba-devel first, I have conflit with MIT 
Kerberos. With the steps above, It works fine.

Now, I think I have the problem related in 
https://bugzilla.samba.org/show_bug.cgi?id=1319
[test]
        comment = Test
        path = /home/test
        valid users = @Administrators
        write list = @Administrators
        read only = No

When I change the write list like this:
        valid users = @Administrators
        write list = @Administrators, @users-it

I have access deny from users in "users-it" groups.

I don't know if I need to put some parameters in my smb.conf related 
with ldap, like:
ldap suffix
ldap filter =
ldap filter =

or only with the patch solve my problem.

I will make test only on friday ...

Regards,
Luiz Morte.

tms3 wrote:

> I'm having the exact same problem Skif.  It has to do with a conflict 
> between Heimdal Kerberos (installed by default for ssh etcetera) and 
> MIT Kerberos.  If you don't install krb5, then samba-devel port will 
> install with ads, but it will error out when joining ads.  If you 
> don't need to use ads then get rid of krb5 and remake samba-devel, and 
> it should work.
>
> TMS III
>
>
> Skif wrote:
>
>> Здравствуйте samba,
>>
>>  I compile kerberos5
>> root at romanof2 :  cd /usr/ports/security/krb5/
>> root at romanof2 :  make && make install && make clean && rehash
>> ------------------------------------------------------
>> This port of MIT Kerberos 5 includes remote login
>> daemons (telnetd and klogind).  These daemons default
>> to using the system login program (/usr/bin/login).
>> Please see the file
>> /usr/local/share/doc/krb5/README.FreeBSD
>> for more information.
>> ------------------------------------------------------
>> ===>   Compressing manual pages for krb5-1.3.3
>> /sbin/ldconfig -m /usr/local/lib
>> ===>   Registering installation for krb5-1.3.3
>> ...
>>      This port has installed the following files which may act as 
>> network
>>      servers and may therefore pose a remote security risk to the 
>> system.
>> /usr/local/bin/ftp (USES POSSIBLY INSECURE FUNCTIONS: mktemp)
>> /usr/local/bin/rcp
>> /usr/local/bin/rlogin
>> /usr/local/bin/rsh
>> /usr/local/lib/libgssrpc.so.3
>> /usr/local/lib/libkrb5.so.3 (USES POSSIBLY INSECURE FUNCTIONS: mktemp)
>> /usr/local/sbin/ftpd
>> /usr/local/sbin/gss-server
>> /usr/local/sbin/kadmind
>> /usr/local/sbin/klogind
>> /usr/local/sbin/kpropd
>> /usr/local/sbin/krb5kdc
>> /usr/local/sbin/kshd
>> /usr/local/sbin/sim_server
>> /usr/local/sbin/sserver
>> /usr/local/sbin/telnetd
>> /usr/local/sbin/uuserver
>> /usr/local/sbin/v5passwdd
>>
>>      If there are vulnerabilities in these programs there may be a 
>> security
>>      risk to the system. FreeBSD makes no guarantee about the 
>> security of
>>      ports included in the Ports Collection. Please type 'make 
>> deinstall'
>>      to deinstall the port if this is a concern.
>>
>>      For more information, and contact details about the security
>>      status of this software, see the following webpage:
>> http://web.mit.edu/kerberos/www/
>> root at romanof2 :
>>
>>  My next step
>>  
>> root at romanof2 :cd /usr/ports/net/samba3.0.4/
>> root at romanof2 :make && make install
>> ===>  -------------------------------------------
>> ===>  Run 'make config' to (re)configure the port
>> ===>  -------------------------------------------
>> ===>  Extracting for samba-3.0.4,1
>>  
>>
>>>> Checksum OK for samba-3.0.4.tar.gz.
>>>>     
>>>
>> ===>  Patching for samba-3.0.4,1
>> ===>  Applying FreeBSD patches for samba-3.0.4,1
>> ===>   samba-3.0.4,1 depends on shared library: popt.0 - found
>> ===>   samba-3.0.4,1 depends on shared library: ldap.2 - found
>>
>> ....
>> ...
>> ....
>> checking for AP_OPTS_USE_SUBKEY... yes
>> checking for the krb5_princ_component macro... no
>> checking for key in krb5_keytab_entry... yes
>> checking for keyblock in krb5_keytab_entry... no
>> configure: error: libkrb5 is needed for Active Directory support
>> ===>  Script "configure" failed unexpectedly.
>>      Please report the problem to timur at gnu.org [maintainer] and 
>> attach the
>>      "/usr/ports/net/samba3.0.4/work/samba-3.0.4/source/config.log" 
>> including
>>      the output of the failure of your make command. Also, it might be a
>>      good idea to provide an overview of all packages installed on your
>>      system (e.g. an `ls /var/db/pkg`).
>> *** Error code 1
>>
>> Stop in /usr/ports/net/samba3.0.4.
>> root at romanof2 :
>> root at romanof2 :ls /var/db/pkg | grep krb
>> krb5-1.3.3
>> root at romanof2 :
>> root at romanof2 :uname -a
>> FreeBSD romanof2.owe 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0: Mon Feb 
>> 23 20:45:55 GMT 2004
>> Makefile:
>> CONFIGURE_ARGS+=        --exec-prefix=${PREFIX} \
>>                        --localstatedir=${VARDIR} \
>>                        --with-configdir=${SAMBA_CONFDIR} \
>>                        --with-libdir=${SAMBA_LIBDIR}/samba \
>>                        --with-swatdir=${SAMBA_SWATDIR} \
>>                        --with-piddir=${SAMBA_RUNDIR} \
>>                        --with-lockdir=${SAMBA_LOCKDIR} \
>>                        --with-privatedir=${SAMBA_PRIVATE} \
>>                        --with-logfilebase=${SAMBA_LOGDIR} \
>>                        --with-manpages-langs=en
>>
>> CONFIGURE_ARGS+=        --with-libiconv=${LOCALBASE}
>> CONFIGURE_ARGS+=        --with-pam --with-readline 
>> --with-sendfile-support \
>>                        --with-winbind --without-libsmbclient 
>> --without-python
>>
>> What'm I doing wrong?
>>
>>
>>
>>  
>>