getting centos7 into bootstrap and gitlab CI

Rowland Penny rpenny at samba.org
Tue Apr 30 13:58:45 UTC 2019 

On Tue, 30 Apr 2019 15:25:18 +0200
Andreas Schneider via samba-technical <samba-technical at lists.samba.org>
wrote:

> On Tuesday, April 30, 2019 2:12:57 PM CEST Nico Kadel-Garcia via
> samba- technical wrote:
> > On Tue, Apr 30, 2019 at 3:58 AM Andrew Bartlett
> > <abartlet at samba.org> wrote:  
> > > On Tue, 2019-04-30 at 08:38 +0200, Andreas Schneider via samba-
> > > 
> > > technical wrote:  
> > > > On Tuesday, April 30, 2019 6:30:06 AM CEST Andrew Bartlett
> > > > wrote:  
> > > > > On Tue, 2019-04-30 at 06:21 +0200, Ralph Böhme wrote:  
> > > > > > > > Also, could you please look into adding CentOS 7 as a
> > > > > > > > supported
> > > > > > > > platform via our bootstrap system so we don't regress
> > > > > > > > here in the
> > > > > > > > future?  There is partial support already, but it wasn't
> > > > > > > > finished
> > > > > > > > (mostly to avoid chasing two rabbits at once).  
> > > > > > > 
> > > > > > > That is a new area to me. I see that CentOS is listed
> > > > > > > under bootstrap/generated-dists/centos7/. Would the only
> > > > > > > missing piece be the
> > > > > > > centos7 entries in .gitlab-ci.yml, or am i missing
> > > > > > > something? I can give
> > > > > > > that a try tomorrow.  
> > > > > > 
> > > > > > that would be much appreciated and I can help with that,
> > > > > > but it's certainly not a requirement to get your patch for
> > > > > > the missing- field-
> > > > > > initializers in. I'll review later on.  
> > > > > 
> > > > > Thanks Ralph for offering to help.  It has been really cool
> > > > > to see so
> > > > > many folks stepping in to maintain and extend our package
> > > > > list.  It is
> > > > > lovely to have this task, but even more so the knowlege of
> > > > > how to do it
> > > > > practically, distributed around the team!
> > > > > 
> > > > > I totally agree this is not a pre-requisite, thanks for
> > > > > making that clear!  
> > > > 
> > > > Here we go. Should be fine as GnuTLS and KRB5 are not that old
> > > > as on Ubuntu
> > > > 14.04 :-)
> > > > 
> > > > https://gitlab.com/samba-team/samba/merge_requests/399  
> > > 
> > > I've CC'ed Sérgio and Nico who recently had a thread about
> > > building modern Samba on CentOS7.  They may be able to help here.
> > > 
> > > Their work is online at:
> > > https://github.com/sergiomb2/SambaAD
> > > https://github.com/nkadel/samba4repo
> > > 
> > > Thanks to everyone working to show Samba master can be built and
> > > developed on CentOS7, much better to confirm this now than find
> > > out at RC4 ;-)  
> > 
> > I'm concerned that the necessary building tools for
> > "compat-nettle32" and "compat-gnutls" from Sergio are not apparent
> > in that merge request. I found those necessary because I disabled
> > the "experimenta" MIT KRB options, and gnutls is not recent enough
> > on RHEL 7. Sergio For my work, I also have a full build structure
> > and a set of git submodules with all the libtdb, libtalloc,
> > libtevent, and libldb libraries to build up for a full deployment:
> > sergio used the "build the libraries internally in Samba" option.  
> 
> The MIT Kerberos build needs to build backupkey with GnuTLS, the
> relevant symbol has been backported to RHEL7!
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=1378373
> 
> However we don't have a correct configure check for that in Samba.
> This is in a branch waiting to be reviewed:
> 
> https://gitlab.com/samba-team/samba/merge_requests/393/diffs?
> commit_id=5ae3d095a9d2c222a4efe018193a099c756154db
> 
> I've never tested it but with that we could probably lower the
> required GnuTLS version in a Samba AD build with MIT Kerberos to 3.2
> using a patch for the spec file. I wouldn't do that on Samba upstream.
>  
> > I'm not sure how to merge the work into the existing bootstrap
> > procedure, since they'd also expect these other modules to be built
> > and available in the bootstrap and yum deployment. Do these
> > bootstrap environment ssupport the use of "mock" ? I've also just
> > noted that mock, on RHEL 7, does not support "file://$PWD" syntax
> > for finding the local repository that my setup drops generated
> > RPM's in. Works great on Fedora, not on RHEL 7 or CentOS 7. That
> > means the build environment needs a web-based access to the built
> > repository, which I'm doing with "nginx", on RHEL 7. That.... makes
> > it more awkward for an individual software builder to be access
> > their local working repositories. It can be done stably, but it
> > needs to be really locked down for a safe build environment.  
> 
> The issue is that we need at least python34-crypto, python34-dns and
> those are not available in EPEL7!
> 
> I'm sure your packages still use python2 :-)
> 
> 
> 	Andreas
> 
> 

Quite right EPEL doesn't have python34-crypto or python34-dns, but it
does have these:

https://www.mirrorservice.org/sites/dl.fedoraproject.org/pub/epel/7/x86_64/Packages/p/python36-crypto-2.6.1-16.el7.x86_64.rpm
https://www.mirrorservice.org/sites/dl.fedoraproject.org/pub/epel/7/x86_64/Packages/p/python36-dns-1.15.0-8.el7.noarch.rpm

Rowland

More information about the samba-technical mailing list