Debian Patches
Status for samba/2:4.24.0~rc1+dfsg-3
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| fix-non-64bit-time_t-usage.diff | diff --git a/source3/printing/printing.c b/source3/printing/printing.c index a9e8422efab..afabf82c9bc 100644 |
no | ||||
| libsmbclient-ensure-lfs-221618.patch | ensure libsmbclient.h is being used with LFS enabled We build samba with LFS (Large File Support) even on 32bits. This means some types like off_t are 64-bit wide, again, even on a 32bit host. libsmbclient.h uses off_t in function prototypes, and thes prototypes muct match those which were used at samba compile time - if some other source includes libsmbclient.h without LFS, it'll get wrong prototypes and the resulting binary will most likely crash when using libsmbclient functions. Detect and error-out this at compile time. We can not do anything with this in the public header since it is alredy too late to redefine things, since we can't guarantee we're the first header a program #includes, and at the time this libsmbclient.h is included, off_t can already be defined so our (re)define of _FILE_OFFSET_BITS does nothing already. Patching libsmbclient.h to use off64_t means client program should change their off_t to off64_t too when storing file offsets returning from libsmbclient, so this is not an option too. With this change, we will error out even if the user source does not use any off_t-related functions. Namely, it was ok to #include <libsmbclient.h> and use smbc_open/smbc_read/ smbc_write/smbc_close without _F_O_B=64, - neither of these functions uses off_t. smbc_lseek and others doesn't work, but if a program does not use them anyway, whole thing will just work even without enabling LFS. Ideally we can probably check each individual function which is being affected, by replacing it with #error if sizeof(off_t) < 8. But this requires quite some hackery... diff --git a/source3/include/libsmbclient.h b/source3/include/libsmbclient.h index 84c98089251..1a6ea599cfa 100644 |
Michael Tokarev <mjt@tls.msk.ru> | not-needed | debian | 2022-04-02 | |
| talloc-standalone.diff | force talloc to be standalone Upstream ships contents of lib/talloc/ as a separate source of talloc. Since we build samba anyway, there's no need to have separate talloc source package, it's enough to build it during samba build. Always build talloc as stand-alone library (instead of being samba-private if in a subdir). When building as a sub-library within samba, where libreplace is a private library, libtalloc.so will have rpath pointing to the private samba dir. Since talloc actually does not use anything from libreplace, just remove the dependency. diff --git a/lib/talloc/wscript b/lib/talloc/wscript index 8b5e02d36c5..503b4fbf29e 100644 |
Michael Tokarev <mjt@tls.msk.ru> | not-needed | 2024-11-26 | ||
| tevent-standalone.diff | force tevent to be standalone Upstream ships contents of lib/tevent/ as a separate source of tevent. Since we build samba anyway, there's no need to have separate tevent source package, it's enough to build it during samba build. Always build tevent as stand-alone library (instead of being samba-private if in a subdir). When building as a sub-library within samba, where libreplace is a private library, libtevent.so will have rpath pointing to the private samba dir. Since tevent actually does not use anything from libreplace, just remove the dependency. diff --git a/lib/tevent/wscript b/lib/tevent/wscript index 8df1b40febf..99e64421da4 100644 |
Michael Tokarev <mjt@tls.msk.ru> | not-needed | 2024-11-26 | ||
| tdb-standalone.diff | force tdb to be standalone Upstream ships contents of lib/tdb/ as a separate source of tdb. Since we build samba anyway, there's no need to have separate tdb source package, it's enough to build it during samba build. Always build tdb as stand-alone library (instead of being samba-private if in a subdir). When building as a sub-library within samba, where libreplace is a private library, libtdb.so will have rpath pointing to the private samba dir. Since tdb actually does not use anything from libreplace, just remove the dependency. diff --git a/lib/tdb/wscript b/lib/tdb/wscript index 812e5987daf..23d90ebcc47 100644 |
Michael Tokarev <mjt@tls.msk.ru> | not-needed | 2024-11-26 | ||
| tdb_logging_func.diff | Provide public symbol tdb_logging_function removed upstream without major version change. (bug #511011) diff -ur tdb-1.2.9/lib/tdb/ABI/tdb-1.2.1.sigs tdb-1.2.9+git20120207.new/lib/tdb/ABI/tdb-1.2.1.sigs |
Jelmer Vernooij <jelmer@samba.org> | no | |||
| heimdal-kdc-fix-memset_s-calls-1296.patch | kdc: Fix memset_s() calls (fix #1296) | Nicolas Williams <nico@twosigma.com> | not-needed | upstream, https://github.com/heimdal/heimdal/commit/112a82dd2596e228388c50b4c71b3aa816b86add | 2026-01-20 | |
| hurd-compat.patch | hurd compatibility changes Hurd does not define PIPE_BUF, so lib/tevent/testsuite.c fails to compile (yes, this file is used as part of *samba* testsuite, not tevent testsuite). Define it to a safe minimal value like 512 bytes. Hurd does not provide SA_NOCLDWAIT define, so lib/util/tests/tfork.c does not compile. This is only needed during testing to omit zombie process generation, which has only cosmetic effect. Define it to be 0. Based on prior work and ideas by Samuel Thibault. diff --git a/lib/tevent/testsuite.c b/lib/tevent/testsuite.c index 492b8807996..0bbfc2ed280 100644 |
Michael Tokarev <mjt@tls.msk.ru> | no | 2022-11-03 | ||
| README_nosmbldap-tools.patch | Mention smbldap-tools package in examples/LDAP/README | Christian Perrier <bubulle@debian.org> | not-needed | debian | ||
| smbclient-pager.patch | Use the pager alternative as pager is PAGER is undefined | Steve Langasek <vorlon@debian.org> | not-needed | debian | ||
| heimdal-rfc3454.txt | Patch in symbol table from rfc3454, for Heimdal scripts | Brian May <bam@debian.org> | not-needed | |||
| add-so-version-to-private-libraries | Add so version number to private libraries for dpkg-shlibdeps We also want dpkg-shlibdeps to generate correct dependency information for the private libraries in our binary packages, but dpkg-shlibdeps only works when the library has a version number. |
Jeroen Dekkers <jeroen@dekkers.ch> | not-needed | vendor | ||
| ldb-no-replace.diff | drop "replace" dependency from libldb When building as a sub-library within samba, where libreplace is a private library, libldb.so will have rpath pointing to the private samba dir. Since ldb actually does not use anything from libreplace, just remove the dependency. diff --git a/lib/ldb/wscript b/lib/ldb/wscript index ab33f7784a6..41675c7ebe9 100644 |
Michael Tokarev <mjt@tls.msk.ru> | not-needed | 2024-11-27 | ||
| fix-nfs-service-name-to-nfs-kernel-server.patch | fix nfs related service names Upstream defines nfs related service names based on the Linux distribution. This patch fixes the names for Debian and derivatives. Update by Andreas Hasenack <andreas@canonical.com> (LP: #1961840): Use nfsconf(8) if it's available, instead of parsing the old config files in /etc/default/nfs-* diff --git a/ctdb/config/events/legacy/60.nfs.script b/ctdb/config/events/legacy/60.nfs.script index 246a856bca8..e9bf697a43a 100755 |
Rafael David Tinoco <rafaeldtinoco@gmail.com> | no | debian | 2024-07-30 | |
| ctdb-config-enable-syslog-by-default.patch | ctdb-config: enable syslog by default CTDB uses /var/log/ctdb/ directory for the default log files. With syslog disabled, systemd journal is not able to correctly inform errors happening during service initialization. Upstream community creates generic config files to be used by different distributions, so this change makes no big difference to be accepted by upstream. With this patch the end user will be able to identify initialization errors by executing: systemctl status ctdb.service or to follow ctdb logs by executing: journalctl -f -u ctdb |
Rafael David Tinoco <rafaeldtinoco@ubuntu.com> | not-needed | debian | 2022-03-24 | |
| use-explicit_bzero-to-zero-memory.diff | use explicit_bzero() instead of memset_explicit() lib/replace/replace.h header defines ZERO_STRUCT macro which uses memset_explicit() function (which is similar to memset() but can not be optimized out by the compiler). Glibc has explicit_bzero() with similar property, while memset_explicit() is implemented in lib/replace/replace.c, - this way, some binaries needlessly link to libreplace just to get rep_memset_explicit() symbol. By using explicit_bzero() instead, this endless linkage is eliminated, so we can package, for example, libldb (which uses ZERO_STRUCT) without it linking to libreplace-samba4. Unfortunately there are just insane amount of similar but non-standard functions, and upstream don't want to stay on something simple and robust in this context. diff --git a/lib/replace/replace.h b/lib/replace/replace.h index 49757e0f60d..4d8a2871f4e 100644 |
no | ||||
| use-explicit_bzero-to-zero-memory-in-heimdal.diff | use explicit_bzero to zero memory in heimdal too Samba switched to memset_explicit(), heimdal is still using memset_s() - redirect it to explicit_bzero() too, instead of providing local redefinition. diff --git a/third_party/heimdal/lib/roken/roken.h.in b/third_party/heimdal/lib/roken/roken.h.in |
Michael Tokarev <mjt@tls.msk.ru> | no | |||
| use-explicit_bzero-in-ngtcp2.diff | use explicit_bzero() to zero memory in ngtcp2 third_party/ngtcp2 embedded copy does not call any function to clear sensitive piece of memory since there's not enough HAVE_* symbols defined by samba-provided wscript_build. Use explicit_bzero() there, since it is always provided by glibc. This embedded copy is not used in debian directly, only when building with pkg.samba.builtin-ngtcp2 build profile. diff --git a/third_party/ngtcp2/lib/ngtcp2_crypto.c b/third_party/ngtcp2/lib/ngtcp2_crypto.c |
Michael Tokarev <mjt@tls.msk.ru> | no | |||
| ctdb_etcd_lock-path.patch | fix pathname for ctdb_etcd_lock Specify the actual installation path for this helper script. This is a quick hack, this issue should be addressed upstream in a more generic way. diff --git a/ctdb/doc/ctdb-etcd.7.xml b/ctdb/doc/ctdb-etcd.7.xml index f84989f854f..fcb3d0c3b5f 100644 |
Michael Tokarev <mjt@tls.msk.ru> | not-needed | 2022-04-02 | ||
| ctdb-create-piddir.patch | create ctdb pid directory (which is /run/ctdb/). Create it in the systemd service file (using RuntimeDirectory directive) and in the sysv-init script. diff --git a/ctdb/config/ctdb.init b/ctdb/config/ctdb.init index 7fe8f0085ae..57fd0dda63d 100755 |
Michael Tokarev <mjt@tls.msk.ru> | no | 2022-09-09 | ||
| silence-waf-uselib_local.diff | silence uselib_local warning produced by waf During config/build process in verbose mode, waf produces about 2k repetitions of this warning: compat: "uselib_local" is deprecated, replace by "use" which clutters the build log. Comment this warning out for now until it will be fixed properly. diff --git a/buildtools/wafsamba/samba_waf18.py b/buildtools/wafsamba/samba_waf18.py index e2a078bd3a0..dfd53a012d1 100644 |
Michael Tokarev <mjt@tls.msk.ru> | no | 2022-04-03 | ||
| inline-openat2.diff | inline openat2 syscall openat2() is not provided by glibc, so is implemented in samba's libreplace. By inlining the implementation, we avoid additional linkage to libreplace. Not forwarding since proper fix needs proper clean-up of the #ifdef'fery. diff --git a/lib/replace/system/filesys.h b/lib/replace/system/filesys.h |
Michael Tokarev <mjt@tls.msk.ru> | not-needed | 2026-01-21 | ||
| disable-setuid-confchecks.patch | disable setuid configure checks For some strange reason, when running reprotest test on salsa-ci, which apparently is running as root, - on the *second* build only the configure fails (after successfully built package the first time). The configure test tries to change gid and verifies it actually changed (not that the syscall exist), - and that fails. Since it is extremely uncommon to configure the build process as root, salsa-ci test environment details are quite deep down the line, and we know the syscall actually works, just disable the probe, pretending we are not root. For upstream, this probably should be done by removing a *lot* of configure-time checks which are useless these days. diff --git a/source3/lib/util_sec.c b/source3/lib/util_sec.c index 30a29f535b1..451ad396965 100644 |
Michael Tokarev <mjt@tls.msk.ru> | not-needed | 2022-04-08 | ||
| move-msg.sock-from-var-lib-samba-to-run-samba.patch | move msg.sock from /var/lib/samba to /run/samba Move socket directory from /var/lib/samba to /run/samba, exactly like msg.lock. This directory is only used by various samba components to communicate with each other (smbcontrol), there's no place for it in /var/lib. Also remove msg.sock subdir in various tests. It'd be nice to also move ntp socket and similar somewhere to /run/samba too, but this is a bit more difficult since it is used in other software. https://lists.samba.org/archive/samba-technical/2022-April/137322.html |
Michael Tokarev <mjt@tls.msk.ru> | no | 2022-04-26 | ||
| meaningful-error-if-no-samba-ad-provision.patch | print meaningful error message if samba-ad-provision is not installed | Michael Tokarev <mjt@tls.msk.ru> | not-needed | 2022-12-02 | ||
| meaningful-error-if-no-python3-markdown.patch | print meaningful error message if python3-markdown is not installed diff --git a/python/samba/netcmd/domain/schemaupgrade.py b/python/samba/netcmd/domain/schemaupgrade.py index 1d67ab58c15..858802635a2 100644 |
Michael Tokarev <mjt@tls.msk.ru> | not-needed | 2022-12-02 | ||
| ctdb-use-run-instead-of-var-run.patch | ctdb: use /run/ctdb instead of /var/run/ctdb Whole upstream path assignment needs a review. |
Michael Tokarev <mjt@tls.msk.ru> | not-needed | 2022-12-02 | ||
| replace-xpg-strerror.patch | replace: use __xpg_strerror_r if available In order to avoid linking libreplace, use __xpg_strerror_r instead of rep_strerror_r diff --git a/lib/replace/replace.c b/lib/replace/replace.c index f7f26712614..d6b1383c2ea 100644 |
Michael Tokarev <mjt@tls.msk.ru> | no | 2025-02-07 | ||
| libmscat-deps.patch | provide dependencies for libmscat-private-samba.so diff --git a/lib/mscat/wscript b/lib/mscat/wscript |
Michael Tokarev <mjt@tls.msk.ru> | invalid | upstream | 2025-09-14 | |
| inline-getprogname.diff | inline getprogname replacement Inline getprogname() by using program_invocation_short_name when available (like with glibc). This makes a lot of binaries to avoid linkage to libreplace. This is a short and dirty version, proper change for upstream should clean up #ifdef'fery in replace.c. diff --git a/lib/replace/replace.c b/lib/replace/replace.c |
Michael Tokarev <mjt@tls.msk.ru> | not-needed | 2026-01-20 |
All known versions for source package 'samba'
- 2:4.24.0~rc1+dfsg-3 (experimental)
- 2:4.23.5+dfsg-1 (forky, sid)
- 2:4.23.5+dfsg-1~bpo13+1 (trixie-backports)
- 2:4.22.6+dfsg-0+deb13u1 (trixie)
- 2:4.22.6+dfsg-0+deb13u1~bpo12+1 (bookworm-backports)
- 2:4.17.12+dfsg-0+deb12u3 (bookworm)
- 2:4.17.12+dfsg-0+deb12u2 (bookworm-updates)
- 2:4.17.12+dfsg-0+deb12u1 (bookworm-security)