[Samba] Gentoo, Heimdal and Samba 4.2 EOL
abartlet at samba.org
Thu Jan 5 10:04:10 UTC 2017
On Thu, 2017-01-05 at 10:45 +0100, Stefan G. Weichinger via samba
> Am 2017-01-05 um 00:28 schrieb Andrew Bartlett:
> > >
> > > In Debian we re-bundled heimdal. Samba is only known to work and
> > > is
> > > only tested with the bundled copy. The semi-private interfaces
> > > we
> > > use
> > > with the KDC have skewed and we rely on specific patches to be
> > > applied
> > > on the Heimdal side.
> > >
> > > The work to have Heimdal updated in Samba, so we can then port
> > > out
> > > the
> > > last few patches and unbundle it remains uncompleted. The port
> > > to
> > > MIT
> > > kerberos is ongoing, but also not complete.
> > For clarity, I speak here regarding the AD DC mode. The file
> > server
> > has always supported the system MIT Krb5, and continues to do so as
> > a
> > fully supported option.
> Thank you, Andrew, for your replies.
> A gentoo dev pointed me to this bug:
> They seem to have issues with heimdal (Comment 3), I don't know if
> asked for upstream help or could need some.
If they want the AD DC, they just need to stop thinking of Heimdal as
anything other than code we ship, and stop trying to unbundle it. Just
build it like all the rest of Samba.
> For me and the current job it sounds like hopping over to Debian.
> They also are still at 4.2.14, but AD-DC works.
More recent packages are posted here by some contributors, or you can
help Debian on the packaging team and so get us the bandwith to
consider a backport (the backport is 'easy', the support is not and we
are understaffed on the debian Samba Team).
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba