[Samba] samba's source code won't compile on ubuntu 14.04 LTS

Sun Nov 15 17:18:00 UTC 2015

This was my first post to the Samba list. It’s my intention to lend a hand to people, using my experiences as a launchpad, but sometimes a best practice is unbeknownst to me. For your suggestions, Rowland, I thank you. Your comments will help me improve my practice.

On 2015.11.15, at 2:06 AM, Rowland Penny <rowlandpenny241155 at gmail.com> wrote:

> On 14/11/15 22:54, Matthew Delfino wrote:
>> This is a little rough, but I recently did this with Ubuntu 14.04.3 LTS and Samba source code 4.3.1:
>> 
>> Installing Ubuntu: All steps default except:
>> - Choose to install "OpenSSH server"
>> 
>> When rebooted:
>> - sudo -s
>> - apt-get update
>> - apt-get upgrade
>> - apt-get install open-vm-tools #if you have this in a VMware VM
>> - shutdown -r now
>> 
>> On reboot, login, then...
>> - vi /etc/network/interfaces
>> Edit the network settings to that DNS points to any other DCs in your domain. Maybe you haven’t got any. If this is the FSMO, then start with any DNS you normally use for your servers, but change it before promoting it so that it points at itself.
>> 
>> Install prerequisites:
>> - sudo apt-get install acl attr autoconf bison build-essential debhelper dnsutils docbook-xml docbook-xsl flex gdb krb5-user libacl1-dev libaio-dev libattr1-dev libblkid-dev libbsd-dev libcap-dev libgnutls28-dev libjson-perl libldap2-dev libncurses5-dev libpam0g-dev libparse-yapp-perl libpopt-dev libreadline-dev perl perl-modules pkg-config python-all-dev python-dev python-dnspython python-crypto xsltproc zlib1g-dev
>> - Answer the Kerberos questions appropriately to your designed setup.
> 
> Just press return when asked the questions, you are going to change what the questions set.

Fair enough.

>> 
>> Edit /etc/hosts
>>  127.0.0.1	localhost
>>  192.168.123.160	(fully-qualified domain name)	(hostname)
>> 
>> GET REPOSITORY: Download latest zip from https://www.samba.org
>> - wget https://download.samba.org/pub/samba/stable/samba-4.3.1.tar.gz
>> - tar -zxf samba-4.3.1.tar.gz
>> 
>> BUILD:
>> - cd samba-4.3.1/
>> - sudo ./configure --enable-debug
>> - sudo make
> 
> Please don't run ./configure and make as root

You’re the second person to suggest this, so I Googled "source code never configure as root". It seems that it’s pretty basic to make sure you download, unzip and compile as a non-root user. I own my mistakes: I apologize for giving bad advice.

I’m sure you already deduced this, but compiling from source is not my normal way of installing software on Ubuntu. Usually Canonical gives me a package that meets my needs. But they stopped at Samba 4.1.6 and a lot of us need those newer features in later releases.

BUILD:
- cd samba-4.3.1/
- ./configure --enable-debug
- make

>> INSTALL:
>> - sudo make install
>> 
>> EDIT Search PATHS:
>> - sudo -s
>> - vi /etc/sudoers
>>  Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/samba/sbin:/usr/local/samba/bin"
>> - vi /etc/environment
>>  PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/samba/sbin:/usr/local/samba/bin"
> 
> Don't edit /etc/sudoers, use visudo, this includes error checking.

D’oh! Thanks for the reminder. I blew off visudo in my haste because 1) it defaulted to nano, 2) my time to this task was limited and 3) it was one line of text that I was confident I wouldn’t screw up. The more elegant approach for a vi guy like me is:

- sudo update-alternatives --config editor
type 3, hit return
- sudo visudo

>> INSTALL NTPD:
>> - apt-get install ntp
>> - service ntp stop
>> - ntpdate -B 0.ubuntu.pool.ntp.org
>> - service ntp start
>> 
>> EDIT FSTAB:
>> - vi /etc/fstab
>> Edit the fstab file to include these three options on line 8: "user_xattr,acl,barrier=1,"
> 
> Don't do this, you are just adding the ext4 defaults.

Just adding the ext4 defaults? So, you’re telling me that "user_xattr," "acl" and "barrier=1" are ext4 defaults? If so, the Internet lied to me. It’s Sunday morning and I’m already feeling betrayed. By the Internet. Again.

>> SETUP KERBEROS:
>> - mv /etc/krb5.conf /etc/krb5.conf.original
>> - vi /etc/krb5.conf
>> 
>>  [libdefaults]
>>          default_realm = (YOUR DOMAIN.LAN OR WHATEVER)
>>          dns_lookup_realm = false
>>          dns_lookup_kdc = true
>> 
>> PREPARE SAMBA:
>> - mv /usr/local/samba/etc/smb.conf /usr/local/samba/etc/smb.conf.orig
> 
> There will not be a smb.conf, so how can you move it?

"So how can you move it?" You have an edge to you Rowland. I like your spunk!

To answer your question, I recall there being one. I was doing a lot of trial and error, so I may have moved it after an attempt to provision a domain… You got me curious, though, so I’ll be looking at this the next time I attempt to build Samba 4.3 from source.

>> - shutdown -r now
> 
> Why?

Why *did* I do that? Maybe I did a halt (shutdown -h now) and took a snapshot of the VM because of the next step.

>> Log back in after reboot, then PROMOTE TO A DC:
>> - sudo samba-tool domain provision —realm=(domain.lan) —domain=(DOMAIN-NAME) --adminpass 'XXXXXXX' --server-role=dc --dns-backend=SAMBA_INTERNAL
> 
> You are assuming the OP already has a DC and that he wants to run Samba in AD mode.

You’re quite right, I am. Perhaps I SU and this is not what he wants...

>> You’ll also need some init shell scripts to put in /etc/init.d, but I couldn’t find any good examples on the web.
> 
> Just download the Ubuntu samba packages (don't install them), extract the scripts from them and alter the paths to suit your new set up.

I had the same thought when I set out to do this. So I tried it, and it didn’t work. Here’s where mine always choked.

		if init_is_upstart; then
			exit 1
		fi

This if/then in the script always tested positive and caused it to exit. Given my limited time, I wasn’t able to explore the intricacies of upstart. I considered simply removing the test, but wasn’t sure if there was a more elegant solution. It didn’t matter anyways because I couldn’t add my DC to my existing domain. More in my first post asking for help, which should arrive in a few days...

>>  I hope this helps!
>> 
>> Thanks,
>> Matthew

©2015 KNOCK, inc.  All rights reserved. KNOCK is a registered trademark of KNOCK, inc. This message and any attachments contain information, which is confidential and/or privileged.  If you are not the intended recipient, please refrain from any disclosure, copying, distribution or use of this information.  Please be aware that such actions are prohibited.  If you have received this transmission in error, kindly notify the sender by e-mail.  Your cooperation is appreciated.