{ stdenv, fetchurl, readline, pam ? null, openldap ? null , popt, iniparser, libunwind , fam ? null , acl ? null, cups ? null , useKerberos ? false, kerberos ? null, winbind ? true # Eg. smbclient and smbspool require a smb.conf file. # If you set configDir to "" an empty configuration file # $out/lib/smb.conf is is created for you. # # configDir defaults to "/etc/samba" so that smbpassword picks up # the location of its passwd db files from the system configuration file # /etc/samba/smb.conf. That's why nixos touches /etc/samba/smb.conf even if you # don't enable the samba upstart service. , configDir ? "/etc/samba" }: assert useKerberos -> kerberos != null; stdenv.mkDerivation rec { name = "samba-3.6.25"; src = fetchurl { url = "mirror://samba/pub/samba/stable/${name}.tar.gz"; sha256 = "0l9pz2m67vf398q3c2dwn8jwdxsjb20igncf4byhv6yq5dzqlb4g"; }; patches = [(fetchurl { url = "https://download.samba.org/pub/samba/patches/security/" + "samba-3.6.25-security-2015-12-16.patch"; sha256 = "00dcjcn577825mfdwdp76jfy5kcrqw3s4d5c41gqdq5gfcdbmqdb"; })]; buildInputs = [ readline pam openldap popt iniparser libunwind fam acl cups ] ++ stdenv.lib.optional useKerberos kerberos; enableParallelBuilding = true; postPatch = # XXX: Awful hack to allow cross-compilation. '' sed -i source3/configure \ -e 's/^as_fn_error .. \("cannot run test program while cross compiling\)/$as_echo \1/g' ''; # " preConfigure = '' cd source3 export samba_cv_CC_NEGATIVE_ENUM_VALUES=yes export libreplace_cv_HAVE_GETADDRINFO=yes export ac_cv_file__proc_sys_kernel_core_pattern=no # XXX: true on Linux, false elsewhere ''; configureFlags = stdenv.lib.optionals (pam != null) [ "--with-pam" "--with-pam_smbpass" ] ++ [ "--with-aio-support" "--disable-swat" "--with-configdir=${configDir}" "--with-fhs" "--localstatedir=/var" ] ++ (stdenv.lib.optional winbind "--with-winbind") ++ (stdenv.lib.optional (stdenv.cc.libc != null) "--with-libiconv=${stdenv.cc.libc}"); # Need to use a DESTDIR because `make install' tries to write in /var and /etc. installFlags = "DESTDIR=$(TMPDIR)/inst"; stripAllList = [ "bin" "sbin" ]; postInstall = '' mkdir -p $out mv $TMPDIR/inst/$out/* $out/ mkdir -p "$out/lib/pkgconfig" cp pkgconfig/*.pc "$out/lib/pkgconfig" mkdir -pv $out/lib/cups/backend ln -sv ../../../bin/smbspool $out/lib/cups/backend/smb mkdir -pv $out/etc/openldap/schema cp ../examples/LDAP/samba.schema $out/etc/openldap/schema # For nsswitch. Glibc >= 2.1 looks for libnss_<name>.so.2 (see man # nsswitch.conf), so provide that too. cp -v ../nsswitch/libnss_wins.so "$out/lib" cp -v ../nsswitch/libnss_winbind.so "$out/lib" (cd "$out/lib" && ln -s libnss_winbind.so libnss_winbind.so.2) (cd "$out/lib" && ln -s libnss_wins.so libnss_wins.so.2) '' # */ + stdenv.lib.optionalString (configDir == "") "touch $out/lib/smb.conf"; meta = { homepage = http://www.samba.org/; description = "The standard Windows interoperability suite of programs for Linux and Unix"; platforms = stdenv.lib.platforms.linux; knownVulnerabilities = [ "Numerous CVEs and no patches from upstream for 3.x since 2014." ]; }; }