[Samba] Samab 4.11.1 for rhel7/centos7 rpms

Nico Kadel-Garcia nkadel at gmail.com
Sat Oct 26 00:07:56 UTC 2019

On Fri, Oct 25, 2019 at 9:58 AM <vincent at cojot.name> wrote:
> On Fri, 25 Oct 2019, Sérgio Basto wrote:
> > Hello, count with me,  "my" project [1] , I have sync my spec from Nico
> > repo, I think the biggest difference is I'm using all internal
> > libraries ...
> Hi Sergio and Nico,
> I revisited nico's SPEC main samba 4.11 SPEC file last night to see if I
> had missed much and found huge similarities (we must have have forked
> Fedora's spec file at some point in the past - Mine was also mostly
> inspired by TranquilIT's SPEC file). The main difference is that the Nico
> rpms don't use the RHEL system libraries (gnutls, nettle..) e.g:
> Our SPEC file:
>         %if 0%{?rhel} == 7
>         BuildRequires: gnutls-devel >= 3.3.26
>         %else
>         BuildRequires: gnutls-devel >= 3.4.7
>         %endif
> Nico's file:
>         %if 0%{?rhel} && 0%{?rhel} < 8
>         BuildRequires: compat-gnutls34-devel >= 3.4.7
>         BuildRequires: compat-nettle32-devel
>         %else
>         BuildRequires: gnutls-devel >= 3.4.7
>         %endif # rhel < 8
> This was something we discussed on the list some time ago and it was
> deemed that the lower gnutls requirement was fine on RHEL7/Centos7 due to
> the backports included therein. We've made different choices and until
> samba's code requires a higher version I see no reason to push a newer
> gnutls requirement onto the users.

As I understand it, gnutls 3.4.7 will be required for all Samba in an
upcoming release. At the moment, there are some combinations fo with
or without the domain controller enabled, and without without the
expermental MIT krb5 setup, that allow the older gnutls-devel. So at
this point, I'm content to simply demand the gnutls 3.4.7. So I'm
reluctant to change this logic.

> I do like Nico's idea of using git sub-modules, his repo is much cleaner
> than what I've been using but I'm mostly focused on providing rpms for
> people to consume without having to rebuild them.

It seemed necessary when I was bundling 4.8, 4.9, 4.10, etc. Different
versions of Samba had different versions of the libraries, and it was
getting complex to maintain them in distinct branches. So I used
distinctly named git repos based on the major releases of the

> We should definitely join forces and see what we can learn from one
> another.

Certainly. I haven't had the secure location to publish and maintain
securie binaries from, and would happily cooperate to help generate
them. And Sernet is certainly welcome to any of the bits I've been
assembling for RHEL 7 and RHEL 8 ports.

> Kind regards,
> Vincent

More information about the samba mailing list