[Samba] GnuTLS, modern Samba and RHEL Re: Samba rpms now available from CentOS Storage SIG
Anoop C S
anoopcs at samba.org
Mon Aug 24 11:44:07 UTC 2020
On Thu, 2020-08-20 at 20:04 +1200, Andrew Bartlett via samba wrote:
> On Mon, 2020-08-17 at 12:05 +0530, Anoop C S via samba wrote:
> > Hi all,
> > This is to announce the availability of Samba(and CTDB) rpms from
> > Storage SIG on CentOS 7 and 8. Visit Samba's CentOS wiki page
> > for
> > more details on installation steps.
> >  https://wiki.centos.org/SpecialInterestGroup/Storage
> >  https://wiki.centos.org/SpecialInterestGroup/Storage/Samba
> G'Day Anoop,
> I'm wondering how you plan to handle the need for a modern GnuTLS for
> these builds?
> I take it that you plan to just avoid Samba 4.12 and later on RHEL 8
> CentOS 8?
Yes and I hope you meant RHEL 7/CentOS 7 as they do not have minimum
required GnuTLS version for building Samba 4.12 or later.
> Initially this sounds like a reasonable option but there is a further
> wrinkle: Samba 4.12 exposes a GnuTLS bug:
> Is there some way this is dodged or are you in a position to ensure
> CentOS gets this fixed in that package (I can't see a patch in the
> CentOS repo).
Build process for those Samba packages are currently dependant on the
GnuTLS version with default RHEL 8/CentOS 8 repositories. I am hopeful
that with the following bug, we will have the fix available eventually
with CentOS 8 too.
> If you plan to write a compat-gnutls package do let me know as I
> like to exchange notes...
> On the Samba side of things, how should we handle this? Can we even
> detect this somehow and refuse to use the leaky routines?
I haven't thought about it. I will communicate when I have something to
More information about the samba