[Samba] Offical RHEL AD DC on RHEL

Sketch smblist at rednsx.org
Tue Feb 21 14:43:53 UTC 2017 

On Sun, 19 Feb 2017, Jeff Sadowski via samba wrote:

> I was never able to build it in a way I feel comfortable on Fedora. I would
> want to build it using an RPM build process. I think I want an MIT build
> but I don't know what all I would need to build either way. I thought it

What do you hope to gain from an MIT build?  The MIT kerberos user tools 
(kinit, etc) operate just fine with keytabs generated by the Heimdal Samba 
KDC.  I understand that the distro wants to ship a unified set of 
packages, but for end users doing their own builds, I don't think it 
really matters much.

FWIW, I rebuilt the CentOS 7.2 Samba packages (samba-4.2.10-7) with DC 
support.  It required building without MIT and with DC support, and also 
adding a the samba.service file that RH didn't include.  I also increased 
the epoch so system updates with a newer version would never override my 
local build.

I also had to add

export LDB_MODULES_PATH=/usr/lib64/samba/ldb/

to my bash profile for the ldb tools to work.

However, when I rebuilt the CentOS 7.3 packages (4.4.4-12.el7_3), I am 
unable to replicate with any of my older DCs (4.1 or 4.2 sernet, or my 
rebuilt CentOS 4.2.10 DCs).  This happened even when I built straight from 
source, so I think either 4.4 requires some dependency that 7.3 
doesn't meet, or there may be some issue with some dependency on 7.3 
that wasn't an issue on 7.2.

In case it's useful, this is the extent of my changes to the spec file:

--- samba.spec	2017-01-17 11:21:48.000000000 -0600
+++ samba-dc.spec	2017-01-27 13:58:55.736213036 -0600
@@ -56,8 +56,8 @@
  %global libwbc_alternatives_suffix -64
  %endif

-%global with_mitkrb5 1
-%global with_dc 0
+%global with_mitkrb5 0
+%global with_dc 1

  %if %{with testsuite}
  # The testsuite only works with a full build right now.
@@ -78,9 +78,9 @@
  Release:        %{samba_release}

  %if 0%{?rhel}
-Epoch:          0
+Epoch:          4
  %else
-Epoch:          2
+Epoch:          4
  %endif

  %if 0%{?epoch} > 0
@@ -879,7 +879,7 @@
  %endif

  install -d -m 0755 %{buildroot}%{_unitdir}
-for i in nmb smb winbind ; do
+for i in nmb smb winbind samba ; do
      cat packaging/systemd/$i.service | sed -e 's@\[Service\]@[Service]\nEnvironment=KRB5CCNAME=FILE:/run/samba/krb5cc_samba at g' >tmp$i.service
      install -m 0644 tmp$i.service %{buildroot}%{_unitdir}/$i.service
  done
@@ -1515,6 +1515,7 @@
  %{_datadir}/samba/setup
  %{_mandir}/man8/samba.8*
  %{_mandir}/man8/samba-tool.8*
+%{_unitdir}/samba.service
  %else # with_dc
  %doc packaging/README.dc
  %endif # with_dc

More information about the samba mailing list