summaryrefslogtreecommitdiff
path: root/patches/source/samba
diff options
context:
space:
mode:
authorPatrick J Volkerding <volkerdi@slackware.com>2018-05-25 23:29:36 +0000
committerEric Hameleers <alien@slackware.com>2018-05-31 15:10:50 -0700
commit329684b59b8d55dd403c2c59f76d37210ba2f517 (patch)
tree10421c6ee3bf179d50915cc00d4c15c1b83cb77a /patches/source/samba
parentb76270bf9e6dd375e495fec92140a79a79415d27 (diff)
downloadcurrent-329684b59b8d55dd403c2c59f76d37210ba2f517.tar.gz
Fri May 25 23:29:36 UTC 201813.1
patches/packages/glibc-zoneinfo-2018e-noarch-2_slack13.1.txz: Rebuilt. Handle removal of US/Pacific-New timezone. If we see that the machine is using this, it will be automatically switched to US/Pacific.
Diffstat (limited to 'patches/source/samba')
-rw-r--r--patches/source/samba/doinst.sh16
-rwxr-xr-xpatches/source/samba/prune-samba.sh33
-rw-r--r--patches/source/samba/rc.samba45
-rw-r--r--patches/source/samba/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch34
-rwxr-xr-xpatches/source/samba/samba.SlackBuild233
-rw-r--r--patches/source/samba/slack-desc19
-rw-r--r--patches/source/samba/smb.conf.default271
-rw-r--r--patches/source/samba/smb.conf.default.orig271
-rw-r--r--patches/source/samba/smb.conf.diff29
-rw-r--r--patches/source/samba/talloc.pc11
10 files changed, 962 insertions, 0 deletions
diff --git a/patches/source/samba/doinst.sh b/patches/source/samba/doinst.sh
new file mode 100644
index 00000000..c7b358ed
--- /dev/null
+++ b/patches/source/samba/doinst.sh
@@ -0,0 +1,16 @@
+#!/bin/sh
+config() {
+ NEW="$1"
+ OLD="`dirname $NEW`/`basename $NEW .new`"
+ # If there's no config file by that name, mv it over:
+ if [ ! -r $OLD ]; then
+ mv $NEW $OLD
+ elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy
+ rm $NEW
+ fi
+ # Otherwise, we leave the .new copy for the admin to consider...
+}
+config etc/rc.d/rc.samba.new
+# This won't be needed. The point here is to preserve the permissions of the existing
+# file, if there is one. I don't see major new development happening in rc.samba... ;-)
+rm -f etc/rc.d/rc.samba.new
diff --git a/patches/source/samba/prune-samba.sh b/patches/source/samba/prune-samba.sh
new file mode 100755
index 00000000..a6106df3
--- /dev/null
+++ b/patches/source/samba/prune-samba.sh
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+# Copyright 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+# Pare down the Samba sources to just Samba3 for now, and drop redundant docs.
+# This script expects the samba sources to be unpacked in the current
+# directory. It will then "pare" them. You'll be expected to repack them
+# afterwards.
+
+cd samba-?.?.? || cd samba-?.?.?? || exit 1
+
+rm --verbose WHATSNEW4.txt howto-ol-backend-s4.txt howto4.txt prog_guide4.txt
+rm -r --verbose docs-xml packaging4 source4 swat2*
+rm --verbose docs/*.pdf
+
diff --git a/patches/source/samba/rc.samba b/patches/source/samba/rc.samba
new file mode 100644
index 00000000..2a28f3e5
--- /dev/null
+++ b/patches/source/samba/rc.samba
@@ -0,0 +1,45 @@
+#!/bin/sh
+#
+# /etc/rc.d/rc.samba
+#
+# Start/stop/restart the Samba SMB file/print server.
+#
+# To make Samba start automatically at boot, make this
+# file executable: chmod 755 /etc/rc.d/rc.samba
+#
+
+samba_start() {
+ if [ -x /usr/sbin/smbd -a -x /usr/sbin/nmbd -a -r /etc/samba/smb.conf ]; then
+ echo "Starting Samba: /usr/sbin/smbd -D"
+ /usr/sbin/smbd -D
+ echo " /usr/sbin/nmbd -D"
+ /usr/sbin/nmbd -D
+ fi
+}
+
+samba_stop() {
+ killall smbd nmbd
+}
+
+samba_restart() {
+ samba_stop
+ sleep 2
+ samba_start
+}
+
+case "$1" in
+'start')
+ samba_start
+ ;;
+'stop')
+ samba_stop
+ ;;
+'restart')
+ samba_restart
+ ;;
+*)
+ # Default is "start", for backwards compatibility with previous
+ # Slackware versions. This may change to a 'usage' error someday.
+ samba_start
+esac
+
diff --git a/patches/source/samba/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch b/patches/source/samba/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch
new file mode 100644
index 00000000..34b44373
--- /dev/null
+++ b/patches/source/samba/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch
@@ -0,0 +1,34 @@
+From d2bc9f3afe23ee04d237ae9f4511fbe59a27ff54 Mon Sep 17 00:00:00 2001
+From: Volker Lendecke <vl@samba.org>
+Date: Mon, 8 May 2017 21:40:40 +0200
+Subject: [PATCH] CVE-2017-7494: rpc_server3: Refuse to open pipe names with /
+ inside
+
+Bug: https://bugzilla.samba.org/show_bug.cgi?id=12780
+
+Signed-off-by: Volker Lendecke <vl@samba.org>
+Reviewed-by: Jeremy Allison <jra@samba.org>
+Reviewed-by: Stefan Metzmacher <metze@samba.org>
+---
+ source3/rpc_server/srv_pipe.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
+index 0633b5f..c3f0cd8 100644
+--- a/source3/rpc_server/srv_pipe.c
++++ b/source3/rpc_server/srv_pipe.c
+@@ -475,6 +475,11 @@ bool is_known_pipename(const char *pipename, struct ndr_syntax_id *syntax)
+ {
+ NTSTATUS status;
+
++ if (strchr(pipename, '/')) {
++ DEBUG(1, ("Refusing open on pipe %s\n", pipename));
++ return false;
++ }
++
+ if (lp_disable_spoolss() && strequal(pipename, "spoolss")) {
+ DEBUG(10, ("refusing spoolss access\n"));
+ return false;
+--
+1.9.1
+
diff --git a/patches/source/samba/samba.SlackBuild b/patches/source/samba/samba.SlackBuild
new file mode 100755
index 00000000..8963db9a
--- /dev/null
+++ b/patches/source/samba/samba.SlackBuild
@@ -0,0 +1,233 @@
+#!/bin/sh
+
+# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+VERSION=${VERSION:-$(echo samba-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-2_slack13.1}
+
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+ case "$( uname -m )" in
+ i?86) export ARCH=i486 ;;
+ arm*) export ARCH=arm ;;
+ # Unless $ARCH is already set, use uname -m for all other archs:
+ *) export ARCH=$( uname -m ) ;;
+ esac
+fi
+
+CWD=$(pwd)
+TMP=${TMP:-/tmp}
+PKG=$TMP/package-samba
+rm -rf $PKG
+mkdir -p $TMP $PKG
+
+cd $TMP
+rm -rf samba-$VERSION
+tar xvf $CWD/samba-$VERSION.tar.xz || exit 1
+cd samba-$VERSION || exit 1
+
+if [ ! -d source3/lib/cmdline ]; then
+ ( cd source3/lib
+ mkdir cmdline
+ cd cmdline
+ ln -sf ../../../source3/include/popt_common.h . )
+fi
+
+chown -R root:root .
+find . \
+ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
+ -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
+ -exec chmod 644 {} \;
+
+# Patch CVE-2017-7494:
+cat $CWD/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch | patch -p1 --verbose || exit 1
+
+cd source3
+if [ "$ARCH" = "i486" ]; then
+ SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "s390" ]; then
+ SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+ SLKCFLAGS="-O2 -fPIC"
+ LIBDIRSUFFIX="64"
+else
+ SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+fi
+
+# Some of these options could be auto-detected, but declaring them
+# here doesn't hurt and helps document what features we're trying to
+# build in.
+#
+# LDFLAGS are needed to avoid problems with missing symbols.
+LDFLAGS="-Wl,--no-as-needed" \
+CFLAGS="$SLKCFLAGS" \
+./configure \
+ --prefix=/usr \
+ --libdir=/usr/lib${LIBDIRSUFFIX} \
+ --bindir=/usr/bin \
+ --sbindir=/usr/sbin \
+ --mandir=/usr/man \
+ --sysconfdir=/etc \
+ --with-configdir=/etc/samba \
+ --with-piddir=/var/run \
+ --with-privatedir=/etc/samba/private \
+ --localstatedir=/var \
+ --with-lockdir=/var/cache/samba \
+ --with-swatdir=/usr/share/swat \
+ --with-logfilebase=/var/log/samba \
+ --enable-cups \
+ --enable-external-libtalloc=no \
+ --enable-static=no \
+ --enable-shared=yes \
+ --with-acl-support=yes \
+ --with-automount \
+ --with-cifsmount \
+ --with-cifsumount \
+ --with-quotas \
+ --with-syslog \
+ --with-utmp \
+ --with-libsmbclient \
+ --with-winbind \
+ --with-ldap \
+ --build=$ARCH-slackware-linux
+ # Using with-fhs overrides our libdir, and besides we are already hard-coding
+ # directories. So, now we define them all explicitly...
+ #--with-fhs \
+
+# -j options don't seem to work...
+make || exit 1
+
+mkdir -p \
+ $PKG/usr/doc/samba-$VERSION \
+ $PKG/var/spool/samba \
+ $PKG/var/log/samba \
+ $PKG/etc/samba/private \
+ $PKG/var/cache/samba
+chmod 700 $PKG/etc/samba/private
+chmod 1777 $PKG/var/spool/samba
+
+make install-everything DESTDIR=$PKG || exit 1
+
+# Install libnss_win* libraries:
+mkdir -p $PKG/lib${LIBDIRSUFFIX}
+cp -a ../nsswitch/libnss_winbind.so $PKG/lib${LIBDIRSUFFIX}/libnss_winbind.so.2
+cp -a ../nsswitch/libnss_wins.so $PKG/lib${LIBDIRSUFFIX}/libnss_wins.so.2
+( cd $PKG/lib${LIBDIRSUFFIX}
+ ln -sf libnss_winbind.so.2 libnss_winbind.so
+ ln -sf libnss_wins.so.2 libnss_wins.so
+)
+
+# Install a pkgconfig file for libtalloc:
+mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig
+if [ ! -r $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/talloc.pc ]; then
+ cat $CWD/talloc.pc | sed -e "s/\/lib/\/lib${LIBDIRSUFFIX}/" > $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/talloc.pc
+fi
+
+## Make sure that other programs can link against libsmbclient:
+#( cd $PKG/usr/lib${LIBDIRSUFFIX}
+# for FILE in samba/libsmbclient.so* ; do
+# ln -sf $FILE
+# done
+#)
+
+# Add some (u)mount links:
+mkdir -p $PKG/sbin
+( cd $PKG/sbin
+ # SMBFS is obsolete in the kernel now -- use mount.cifs
+ #rm -f mount.smbfs ; ln -sf /usr/bin/smbmount mount.smbfs
+ # Add a wrapper script from Debian that's included in the upstream Samba
+ # sources to help out people (like me ;-) who don't read every speck of
+ # documentation:
+ cat $TMP/samba-$VERSION/examples/scripts/mount/mount.smbfs > mount.smbfs
+ chmod 755 $PKG/sbin/mount.smbfs
+ # I suppose this wouldn't be the worst idea in the world, either:
+ ( cd $PKG/usr/bin ; ln -sf /sbin/mount.smbfs smbmount )
+ rm -f mount.cifs ; ln -sf /usr/sbin/mount.cifs mount.cifs
+ # smbumount was giving me problems so it seems wise to play it safe
+ #rm -f umount.smbfs ; ln -sf /usr/bin/smbumount umount.smbfs
+ #rm -f umount.cifs ; ln -sf /usr/sbin/umount.cifs umount.cifs
+)
+
+# Add a sample config file:
+cat $CWD/smb.conf.default > $PKG/etc/samba/smb.conf-sample
+
+if [ ! -r $PKG/usr/bin/smbget ]; then
+ rm -f $PKG/usr/share/man/man1/smbget.1
+ rm -f $PKG/usr/share/swat/help/smbget.1.html
+fi
+
+# We'll add rc.samba to the init directory, but chmod 644 so that it doesn't
+# start by default:
+mkdir -p $PKG/etc/rc.d
+cat $CWD/rc.samba > $PKG/etc/rc.d/rc.samba.new
+chmod 644 $PKG/etc/rc.d/rc.samba.new
+
+mv $PKG/usr/share/man $PKG/usr
+gzip -9 $PKG/usr/man/man?/*.?
+
+find $PKG | xargs file | grep -e "executable" -e "shared object" \
+ | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+
+# PAM related stuff we don't use:
+rm -r $PKG/usr/share/locale
+rm -f $PKG/usr/man/man8/pam*
+
+cd ..
+cp -a \
+ COPYING* MAINTAINERS Manifest PFIF.txt README* \
+ Read-Manifest-Now Roadmap WHATSNEW.txt docs examples \
+ $PKG/usr/doc/samba-$VERSION
+# These are installed elsewhere:
+rm -rf $PKG/usr/doc/samba-$VERSION/docs/htmldocs \
+ $PKG/usr/doc/samba-$VERSION/docs/manpages
+mkdir -p $PKG/usr/doc/samba-$VERSION/docs
+( cd $PKG/usr/doc/samba-$VERSION/docs
+ ln -sf /usr/share/swat/help htmldocs
+)
+# I'm sorry, but when all this info is included in HTML, adding 7MB worth of
+# PDF files just to have extra artwork is more fluff than I'll agree to.
+rm -f $PKG/usr/doc/samba-$VERSION/docs/*.pdf
+# Also redundant also:
+rm -rf $PKG/usr/doc/samba-$VERSION/docs/docbook
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
+
+cat << EOF
+
+*** Be sure the package contains:
+
+drwx------ 2 root root 1024 Mar 12 13:21 /etc/samba/private
+drwxr-xr-x 2 root root 4096 May 3 15:46 /var/cache/samba/
+drwxr-xr-x 2 root root 48 Aug 29 13:06 /var/log/samba/
+drwxrwxrwt 2 root root 1024 Mar 12 13:21 /var/spool/samba/
+
+EOF
+
+cd $PKG
+/sbin/makepkg -l y -c n $TMP/samba-$VERSION-$ARCH-$BUILD.txz
+
diff --git a/patches/source/samba/slack-desc b/patches/source/samba/slack-desc
new file mode 100644
index 00000000..c06b485d
--- /dev/null
+++ b/patches/source/samba/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':'.
+
+ |-----handy-ruler------------------------------------------------------|
+samba: samba (SMB/CIFS file and print server)
+samba:
+samba: Samba is an SMB/CIFS file and print server for SMB and CIFS clients.
+samba: It allows you to make file space or printers on a Samba host
+samba: available to SMB/CIFS clients (such as PCs running Windows).
+samba:
+samba: If you have any Windows file servers, you may be able to replace them
+samba: or supplement them with Samba. One of Samba's big strengths is
+samba: integration, so you can use it to tie together your Linux hosts and
+samba: Windows PC clients.
+samba:
diff --git a/patches/source/samba/smb.conf.default b/patches/source/samba/smb.conf.default
new file mode 100644
index 00000000..44ba134f
--- /dev/null
+++ b/patches/source/samba/smb.conf.default
@@ -0,0 +1,271 @@
+# This is the main Samba configuration file. You should read the
+# smb.conf(5) manual page in order to understand the options listed
+# here. Samba has a huge number of configurable options (perhaps too
+# many!) most of which are not shown in this example
+#
+# For a step to step guide on installing, configuring and using samba,
+# read the Samba-HOWTO-Collection. This may be obtained from:
+# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
+#
+# Many working examples of smb.conf files can be found in the
+# Samba-Guide which is generated daily and can be downloaded from:
+# http://www.samba.org/samba/docs/Samba-Guide.pdf
+#
+# Any line which starts with a ; (semi-colon) or a # (hash)
+# is a comment and is ignored. In this example we will use a #
+# for commentry and a ; for parts of the config file that you
+# may wish to enable
+#
+# NOTE: Whenever you modify this file you should run the command "testparm"
+# to check that you have not made any basic syntactic errors.
+#
+#======================= Global Settings =====================================
+[global]
+
+# workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2
+ workgroup = MYGROUP
+
+# server string is the equivalent of the NT Description field
+ server string = Samba Server
+
+# Security mode. Defines in which mode Samba will operate. Possible
+# values are share, user, server, domain and ads. Most people will want
+# user level security. See the Samba-HOWTO-Collection for details.
+ security = user
+
+# This option is important for security. It allows you to restrict
+# connections to machines which are on your local network. The
+# following example restricts access to two C class networks and
+# the "loopback" interface. For more examples of the syntax see
+# the smb.conf man page
+; hosts allow = 192.168.1. 192.168.2. 127.
+
+# If you want to automatically load your printer list rather
+# than setting them up individually then you'll need this
+ load printers = yes
+
+# you may wish to override the location of the printcap file
+; printcap name = /etc/printcap
+
+# on SystemV system setting printcap name to lpstat should allow
+# you to automatically obtain a printer list from the SystemV spool
+# system
+; printcap name = lpstat
+
+# It should not be necessary to specify the print system type unless
+# it is non-standard. Currently supported print systems include:
+# bsd, cups, sysv, plp, lprng, aix, hpux, qnx
+; printing = cups
+
+# Uncomment this if you want a guest account, you must add this to /etc/passwd
+# otherwise the user "nobody" is used
+; guest account = pcguest
+
+# this tells Samba to use a separate log file for each machine
+# that connects
+ log file = /var/log/samba.%m
+
+# Put a capping on the size of the log files (in Kb).
+ max log size = 50
+
+# Use password server option only with security = server
+# The argument list may include:
+# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
+# or to auto-locate the domain controller/s
+# password server = *
+; password server = <NT-Server-Name>
+
+# Use the realm option only with security = ads
+# Specifies the Active Directory realm the host is part of
+; realm = MY_REALM
+
+# Backend to store user information in. New installations should
+# use either tdbsam or ldapsam. smbpasswd is available for backwards
+# compatibility. tdbsam requires no further configuration.
+; passdb backend = tdbsam
+
+# Using the following line enables you to customise your configuration
+# on a per machine basis. The %m gets replaced with the netbios name
+# of the machine that is connecting.
+# Note: Consider carefully the location in the configuration file of
+# this line. The included file is read at that point.
+; include = /usr/local/samba/lib/smb.conf.%m
+
+# Configure Samba to use multiple interfaces
+# If you have multiple network interfaces then you must list them
+# here. See the man page for details.
+; interfaces = 192.168.12.2/24 192.168.13.2/24
+
+# Browser Control Options:
+# set local master to no if you don't want Samba to become a master
+# browser on your network. Otherwise the normal election rules apply
+; local master = no
+
+# OS Level determines the precedence of this server in master browser
+# elections. The default value should be reasonable
+; os level = 33
+
+# Domain Master specifies Samba to be the Domain Master Browser. This
+# allows Samba to collate browse lists between subnets. Don't use this
+# if you already have a Windows NT domain controller doing this job
+; domain master = yes
+
+# Preferred Master causes Samba to force a local browser election on startup
+# and gives it a slightly higher chance of winning the election
+; preferred master = yes
+
+# Enable this if you want Samba to be a domain logon server for
+# Windows95 workstations.
+; domain logons = yes
+
+# if you enable domain logons then you may want a per-machine or
+# per user logon script
+# run a specific logon batch file per workstation (machine)
+; logon script = %m.bat
+# run a specific logon batch file per username
+; logon script = %U.bat
+
+# Where to store roving profiles (only for Win95 and WinNT)
+# %L substitutes for this servers netbios name, %U is username
+# You must uncomment the [Profiles] share below
+; logon path = \\%L\Profiles\%U
+
+# Windows Internet Name Serving Support Section:
+# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
+; wins support = yes
+
+# WINS Server - Tells the NMBD components of Samba to be a WINS Client
+# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
+; wins server = w.x.y.z
+
+# WINS Proxy - Tells Samba to answer name resolution queries on
+# behalf of a non WINS capable client, for this to work there must be
+# at least one WINS Server on the network. The default is NO.
+; wins proxy = yes
+
+# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
+# via DNS nslookups. The default is NO.
+ dns proxy = no
+
+# These scripts are used on a domain controller or stand-alone
+# machine to add or delete corresponding unix accounts
+; add user script = /usr/sbin/useradd %u
+; add group script = /usr/sbin/groupadd %g
+; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u
+; delete user script = /usr/sbin/userdel %u
+; delete user from group script = /usr/sbin/deluser %u %g
+; delete group script = /usr/sbin/groupdel %g
+
+
+#============================ Share Definitions ==============================
+[homes]
+ comment = Home Directories
+ browseable = no
+ writable = yes
+
+# Un-comment the following and create the netlogon directory for Domain Logons
+; [netlogon]
+; comment = Network Logon Service
+; path = /usr/local/samba/lib/netlogon
+; guest ok = yes
+; writable = no
+; share modes = no
+
+
+# Un-comment the following to provide a specific roving profile share
+# the default is to use the user's home directory
+;[Profiles]
+; path = /usr/local/samba/profiles
+; browseable = no
+; guest ok = yes
+
+
+# NOTE: If you have a BSD-style print system there is no need to
+# specifically define each individual printer
+[printers]
+ comment = All Printers
+ path = /var/spool/samba
+ browseable = no
+# Set public = yes to allow user 'guest account' to print
+ guest ok = no
+ writable = no
+ printable = yes
+
+# This one is useful for people to share files
+;[tmp]
+; comment = Temporary file space
+; path = /tmp
+; read only = no
+; public = yes
+
+# A publicly accessible directory, but read only, except for people in
+# the "staff" group
+;[public]
+; comment = Public Stuff
+; path = /home/samba
+; public = yes
+; writable = no
+; printable = no
+; write list = @staff
+
+# Other examples.
+#
+# A private printer, usable only by fred. Spool data will be placed in fred's
+# home directory. Note that fred must have write access to the spool directory,
+# wherever it is.
+;[fredsprn]
+; comment = Fred's Printer
+; valid users = fred
+; path = /homes/fred
+; printer = freds_printer
+; public = no
+; writable = no
+; printable = yes
+
+# A private directory, usable only by fred. Note that fred requires write
+# access to the directory.
+;[fredsdir]
+; comment = Fred's Service
+; path = /usr/somewhere/private
+; valid users = fred
+; public = no
+; writable = yes
+; printable = no
+
+# a service which has a different directory for each machine that connects
+# this allows you to tailor configurations to incoming machines. You could
+# also use the %U option to tailor it by user name.
+# The %m gets replaced with the machine name that is connecting.
+;[pchome]
+; comment = PC Directories
+; path = /usr/pc/%m
+; public = no
+; writable = yes
+
+# A publicly accessible directory, read/write to all users. Note that all files
+# created in the directory by users will be owned by the default user, so
+# any user with access can delete any other user's files. Obviously this
+# directory must be writable by the default user. Another user could of course
+# be specified, in which case all files would be owned by that user instead.
+;[public]
+; path = /usr/somewhere/else/public
+; public = yes
+; only guest = yes
+; writable = yes
+; printable = no
+
+# The following two entries demonstrate how to share a directory so that two
+# users can place files there that will be owned by the specific users. In this
+# setup, the directory should be writable by both users and should have the
+# sticky bit set on it to prevent abuse. Obviously this could be extended to
+# as many users as required.
+;[myshare]
+; comment = Mary's and Fred's stuff
+; path = /usr/somewhere/shared
+; valid users = mary fred
+; public = no
+; writable = yes
+; printable = no
+; create mask = 0765
+
+
diff --git a/patches/source/samba/smb.conf.default.orig b/patches/source/samba/smb.conf.default.orig
new file mode 100644
index 00000000..b4e3d63e
--- /dev/null
+++ b/patches/source/samba/smb.conf.default.orig
@@ -0,0 +1,271 @@
+# This is the main Samba configuration file. You should read the
+# smb.conf(5) manual page in order to understand the options listed
+# here. Samba has a huge number of configurable options (perhaps too
+# many!) most of which are not shown in this example
+#
+# For a step to step guide on installing, configuring and using samba,
+# read the Samba-HOWTO-Collection. This may be obtained from:
+# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
+#
+# Many working examples of smb.conf files can be found in the
+# Samba-Guide which is generated daily and can be downloaded from:
+# http://www.samba.org/samba/docs/Samba-Guide.pdf
+#
+# Any line which starts with a ; (semi-colon) or a # (hash)
+# is a comment and is ignored. In this example we will use a #
+# for commentry and a ; for parts of the config file that you
+# may wish to enable
+#
+# NOTE: Whenever you modify this file you should run the command "testparm"
+# to check that you have not made any basic syntactic errors.
+#
+#======================= Global Settings =====================================
+[global]
+
+# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
+ workgroup = MYGROUP
+
+# server string is the equivalent of the NT Description field
+ server string = Samba Server
+
+# Security mode. Defines in which mode Samba will operate. Possible
+# values are share, user, server, domain and ads. Most people will want
+# user level security. See the Samba-HOWTO-Collection for details.
+ security = user
+
+# This option is important for security. It allows you to restrict
+# connections to machines which are on your local network. The
+# following example restricts access to two C class networks and
+# the "loopback" interface. For more examples of the syntax see
+# the smb.conf man page
+; hosts allow = 192.168.1. 192.168.2. 127.
+
+# If you want to automatically load your printer list rather
+# than setting them up individually then you'll need this
+ load printers = yes
+
+# you may wish to override the location of the printcap file
+; printcap name = /etc/printcap
+
+# on SystemV system setting printcap name to lpstat should allow
+# you to automatically obtain a printer list from the SystemV spool
+# system
+; printcap name = lpstat
+
+# It should not be necessary to specify the print system type unless
+# it is non-standard. Currently supported print systems include:
+# bsd, cups, sysv, plp, lprng, aix, hpux, qnx
+; printing = cups
+
+# Uncomment this if you want a guest account, you must add this to /etc/passwd
+# otherwise the user "nobody" is used
+; guest account = pcguest
+
+# this tells Samba to use a separate log file for each machine
+# that connects
+ log file = /usr/local/samba/var/log.%m
+
+# Put a capping on the size of the log files (in Kb).
+ max log size = 50
+
+# Use password server option only with security = server
+# The argument list may include:
+# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
+# or to auto-locate the domain controller/s
+# password server = *
+; password server = <NT-Server-Name>
+
+# Use the realm option only with security = ads
+# Specifies the Active Directory realm the host is part of
+; realm = MY_REALM
+
+# Backend to store user information in. New installations should
+# use either tdbsam or ldapsam. smbpasswd is available for backwards
+# compatibility. tdbsam requires no further configuration.
+; passdb backend = tdbsam
+
+# Using the following line enables you to customise your configuration
+# on a per machine basis. The %m gets replaced with the netbios name
+# of the machine that is connecting.
+# Note: Consider carefully the location in the configuration file of
+# this line. The included file is read at that point.
+; include = /usr/local/samba/lib/smb.conf.%m
+
+# Configure Samba to use multiple interfaces
+# If you have multiple network interfaces then you must list them
+# here. See the man page for details.
+; interfaces = 192.168.12.2/24 192.168.13.2/24
+
+# Browser Control Options:
+# set local master to no if you don't want Samba to become a master
+# browser on your network. Otherwise the normal election rules apply
+; local master = no
+
+# OS Level determines the precedence of this server in master browser
+# elections. The default value should be reasonable
+; os level = 33
+
+# Domain Master specifies Samba to be the Domain Master Browser. This
+# allows Samba to collate browse lists between subnets. Don't use this
+# if you already have a Windows NT domain controller doing this job
+; domain master = yes
+
+# Preferred Master causes Samba to force a local browser election on startup
+# and gives it a slightly higher chance of winning the election
+; preferred master = yes
+
+# Enable this if you want Samba to be a domain logon server for
+# Windows95 workstations.
+; domain logons = yes
+
+# if you enable domain logons then you may want a per-machine or
+# per user logon script
+# run a specific logon batch file per workstation (machine)
+; logon script = %m.bat
+# run a specific logon batch file per username
+; logon script = %U.bat
+
+# Where to store roving profiles (only for Win95 and WinNT)
+# %L substitutes for this servers netbios name, %U is username
+# You must uncomment the [Profiles] share below
+; logon path = \\%L\Profiles\%U
+
+# Windows Internet Name Serving Support Section:
+# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server
+; wins support = yes
+
+# WINS Server - Tells the NMBD components of Samba to be a WINS Client
+# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
+; wins server = w.x.y.z
+
+# WINS Proxy - Tells Samba to answer name resolution queries on
+# behalf of a non WINS capable client, for this to work there must be
+# at least one WINS Server on the network. The default is NO.
+; wins proxy = yes
+
+# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
+# via DNS nslookups. The default is NO.
+ dns proxy = no
+
+# These scripts are used on a domain controller or stand-alone
+# machine to add or delete corresponding unix accounts
+; add user script = /usr/sbin/useradd %u
+; add group script = /usr/sbin/groupadd %g
+; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u
+; delete user script = /usr/sbin/userdel %u
+; delete user from group script = /usr/sbin/deluser %u %g
+; delete group script = /usr/sbin/groupdel %g
+
+
+#============================ Share Definitions ==============================
+[homes]
+ comment = Home Directories
+ browseable = no
+ writable = yes
+
+# Un-comment the following and create the netlogon directory for Domain Logons
+; [netlogon]
+; comment = Network Logon Service
+; path = /usr/local/samba/lib/netlogon
+; guest ok = yes
+; writable = no
+; share modes = no
+
+
+# Un-comment the following to provide a specific roving profile share
+# the default is to use the user's home directory
+;[Profiles]
+; path = /usr/local/samba/profiles
+; browseable = no
+; guest ok = yes
+
+
+# NOTE: If you have a BSD-style print system there is no need to
+# specifically define each individual printer
+[printers]
+ comment = All Printers
+ path = /usr/spool/samba
+ browseable = no
+# Set public = yes to allow user 'guest account' to print
+ guest ok = no
+ writable = no
+ printable = yes
+
+# This one is useful for people to share files
+;[tmp]
+; comment = Temporary file space
+; path = /tmp
+; read only = no
+; public = yes
+
+# A publicly accessible directory, but read only, except for people in
+# the "staff" group
+;[public]
+; comment = Public Stuff
+; path = /home/samba
+; public = yes
+; writable = no
+; printable = no
+; write list = @staff
+
+# Other examples.
+#
+# A private printer, usable only by fred. Spool data will be placed in fred's
+# home directory. Note that fred must have write access to the spool directory,
+# wherever it is.
+;[fredsprn]
+; comment = Fred's Printer
+; valid users = fred
+; path = /homes/fred
+; printer = freds_printer
+; public = no
+; writable = no
+; printable = yes
+
+# A private directory, usable only by fred. Note that fred requires write
+# access to the directory.
+;[fredsdir]
+; comment = Fred's Service
+; path = /usr/somewhere/private
+; valid users = fred
+; public = no
+; writable = yes
+; printable = no
+
+# a service which has a different directory for each machine that connects
+# this allows you to tailor configurations to incoming machines. You could
+# also use the %U option to tailor it by user name.
+# The %m gets replaced with the machine name that is connecting.
+;[pchome]
+; comment = PC Directories
+; path = /usr/pc/%m
+; public = no
+; writable = yes
+
+# A publicly accessible directory, read/write to all users. Note that all files
+# created in the directory by users will be owned by the default user, so
+# any user with access can delete any other user's files. Obviously this
+# directory must be writable by the default user. Another user could of course
+# be specified, in which case all files would be owned by that user instead.
+;[public]
+; path = /usr/somewhere/else/public
+; public = yes
+; only guest = yes
+; writable = yes
+; printable = no
+
+# The following two entries demonstrate how to share a directory so that two
+# users can place files there that will be owned by the specific users. In this
+# setup, the directory should be writable by both users and should have the
+# sticky bit set on it to prevent abuse. Obviously this could be extended to
+# as many users as required.
+;[myshare]
+; comment = Mary's and Fred's stuff
+; path = /usr/somewhere/shared
+; valid users = mary fred
+; public = no
+; writable = yes
+; printable = no
+; create mask = 0765
+
+
diff --git a/patches/source/samba/smb.conf.diff b/patches/source/samba/smb.conf.diff
new file mode 100644
index 00000000..3573a8f0
--- /dev/null
+++ b/patches/source/samba/smb.conf.diff
@@ -0,0 +1,29 @@
+--- smb.conf.default.orig 2009-09-30 07:17:40.000000000 -0500
++++ smb.conf.default 2009-10-03 15:59:26.000000000 -0500
+@@ -22,7 +22,7 @@
+ #======================= Global Settings =====================================
+ [global]
+
+-# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
++# workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2
+ workgroup = MYGROUP
+
+ # server string is the equivalent of the NT Description field
+@@ -63,7 +63,7 @@
+
+ # this tells Samba to use a separate log file for each machine
+ # that connects
+- log file = /usr/local/samba/var/log.%m
++ log file = /var/log/samba.%m
+
+ # Put a capping on the size of the log files (in Kb).
+ max log size = 50
+@@ -184,7 +184,7 @@
+ # specifically define each individual printer
+ [printers]
+ comment = All Printers
+- path = /usr/spool/samba
++ path = /var/spool/samba
+ browseable = no
+ # Set public = yes to allow user 'guest account' to print
+ guest ok = no
diff --git a/patches/source/samba/talloc.pc b/patches/source/samba/talloc.pc
new file mode 100644
index 00000000..7a23835c
--- /dev/null
+++ b/patches/source/samba/talloc.pc
@@ -0,0 +1,11 @@
+prefix=/usr
+exec_prefix=${prefix}
+libdir=${exec_prefix}/lib
+includedir=${prefix}/include
+
+Name: talloc
+Description: A hierarchical pool based memory system with destructors
+Version: 2.0.1
+Libs: -L${libdir} -ltalloc
+Cflags: -I${includedir}
+URL: http://talloc.samba.org/