diff -Nru samba4-4.0.0~alpha18.dfsg1/debian/changelog samba4-4.0.0~alpha18.dfsg1/debian/changelog --- samba4-4.0.0~alpha18.dfsg1/debian/changelog 2012-04-12 12:16:20.000000000 +0000 +++ samba4-4.0.0~alpha18.dfsg1/debian/changelog 2012-04-13 18:36:45.000000000 +0000 @@ -1,3 +1,11 @@ +samba4 (4.0.0~alpha18.dfsg1-4ubuntu2) precise; urgency=low + + * Correctly import server role and realm from existing smb.conf file. + LP: #936891, LP: #832465 + * Force correct realm during upgradeprovision. LP: #728864 + + -- Jelmer Vernooij Fri, 13 Apr 2012 20:36:12 +0200 + samba4 (4.0.0~alpha18.dfsg1-4ubuntu1) precise; urgency=high * Add patch cve_2012_1182.patch. Fixes CVE-2012-1182: diff -Nru samba4-4.0.0~alpha18.dfsg1/debian/control samba4-4.0.0~alpha18.dfsg1/debian/control --- samba4-4.0.0~alpha18.dfsg1/debian/control 2012-04-12 11:45:32.000000000 +0000 +++ samba4-4.0.0~alpha18.dfsg1/debian/control 2012-04-13 18:34:53.000000000 +0000 @@ -54,8 +54,8 @@ Package: samba4 Architecture: any -Recommends: attr, bind9utils, ldb-tools, samba-dsdb-modules -Suggests: bind9 (>= 1:9.5.1), phpldapadmin, samba-gtk, swat2 +Recommends: attr, bind9utils, ldb-tools, samba-dsdb-modules, bind9 (>= 1:9.5.1) +Suggests: phpldapadmin, samba-gtk, swat2 Conflicts: samba (<< 2:3.3.0~rc2-5), samba-tools Replaces: libsamdb0 (<< 4.0.0~alpha17~) Depends: python, diff -Nru samba4-4.0.0~alpha18.dfsg1/debian/rules samba4-4.0.0~alpha18.dfsg1/debian/rules --- samba4-4.0.0~alpha18.dfsg1/debian/rules 2012-04-12 10:54:34.000000000 +0000 +++ samba4-4.0.0~alpha18.dfsg1/debian/rules 2012-04-13 18:34:53.000000000 +0000 @@ -88,6 +88,7 @@ mkdir -p $(DESTDIR)/usr/lib/$(DEB_HOST_MULTIARCH)/plugin/krb5 mv $(DESTDIR)/usr/lib/$(DEB_HOST_MULTIARCH)/winbind_krb5_locator.so \ $(DESTDIR)/usr/lib/$(DEB_HOST_MULTIARCH)/plugin/krb5 + cp debian/setoption.pl $(DESTDIR)/usr/share/samba # Remove Samba 3 files for now while read line; \ do \ diff -Nru samba4-4.0.0~alpha18.dfsg1/debian/samba4-common-bin.install samba4-4.0.0~alpha18.dfsg1/debian/samba4-common-bin.install --- samba4-4.0.0~alpha18.dfsg1/debian/samba4-common-bin.install 2012-04-12 10:54:34.000000000 +0000 +++ samba4-4.0.0~alpha18.dfsg1/debian/samba4-common-bin.install 2012-04-13 18:34:53.000000000 +0000 @@ -1,2 +1,3 @@ usr/bin/samba-tool usr/bin/samba_kcc +usr/share/samba/setoption.pl diff -Nru samba4-4.0.0~alpha18.dfsg1/debian/samba4.postinst samba4-4.0.0~alpha18.dfsg1/debian/samba4.postinst --- samba4-4.0.0~alpha18.dfsg1/debian/samba4.postinst 2012-04-12 10:54:34.000000000 +0000 +++ samba4-4.0.0~alpha18.dfsg1/debian/samba4.postinst 2012-04-13 18:35:51.000000000 +0000 @@ -3,15 +3,22 @@ . /usr/share/debconf/confmodule if [ "$1" = "configure" ]; then + db_get samba4/server-role || true + SERVER_ROLE="$RET" + db_get samba-common/workgroup || true + DOMAIN="$RET" + db_get samba4/realm || true + REALM="$RET" + # FIXME: Urgh.. ideally samba-tool would be able to update this: + # Update realm setting and server role setting + /usr/share/samba/setoption.pl "realm" "${REALM}" + /usr/share/samba/setoption.pl "server role" "${SERVER_ROLE}" + # See if we're upgrading from Samba 3 if [ ! -z "$2" ]; then if dpkg --compare-versions "$2" lt "3.9.0"; then db_get samba4/upgrade-from-v3 || true if [ "$RET" = "true" ]; then - db_get samba4/realm || true - REALM="$RET" - - mv /etc/samba/smb.conf /etc/samba/smb.conf.samba3 /usr/share/samba/setup/upgrade --realm="$REALM" \ /var/lib/samba /etc/samba/smb.conf.samba3 fi @@ -23,13 +30,8 @@ fi else # Install from scratch - db_get samba4/server-role || true - SERVER_ROLE="$RET" - - db_get samba-common/workgroup || true - DOMAIN="$RET" - db_get samba4/realm || true - REALM="$RET" + # FIXME: if server role == dc, make sure that there are sysvol and + # netlogon shares. /usr/share/samba/setup/provision --realm="$REALM" --domain="$DOMAIN" \ --server-role="$SERVER_ROLE" fi diff -Nru samba4-4.0.0~alpha18.dfsg1/debian/setoption.pl samba4-4.0.0~alpha18.dfsg1/debian/setoption.pl --- samba4-4.0.0~alpha18.dfsg1/debian/setoption.pl 1970-01-01 00:00:00.000000000 +0000 +++ samba4-4.0.0~alpha18.dfsg1/debian/setoption.pl 2012-04-13 18:34:53.000000000 +0000 @@ -0,0 +1,46 @@ +#!/usr/bin/perl +# Helper to set a global option in the samba configuration file +# Eventually this should be replaced by a call to samba-tool, but +# for the moment that doesn't support setting individual configuration options. + +use warnings; +require File::Temp; +use File::Temp (); +use File::Copy qw(move); + +if ($#ARGV < 1) { + print STDERR "Usage: $0 option value\n"; + exit(1); +} + +my $key = $ARGV[0]; +my $value = $ARGV[1]; +my $inglobal = 0; +my $done = 0; +my $dest = "/etc/samba/smb.conf"; + +open(IN, "<$dest") or die("unable to open smb.conf"); +$out = File::Temp->new(UNLINK => 0); + +foreach () { + if (/^\s*\[([^]]+)\]$/) { + if ($inglobal and (not $done)) { + print $out " $key = $value\n"; + $done = 1; + } + $inglobal = ($1 eq "global" or $1 eq "globals"); + } elsif (s/^(\s*)$key(\s*)=.*$/$1$key$2= $value/) { + $done = 1; + } + print $out $_; +} + +unless ($done) { + print $out "$key = $value\n"; +} + +close($out); + +move($out->filename, $dest) or die("Unable to rename $out->filename over $dest: $!"); + +0;