From cd80df9e8a68baeac061d1e4ca51aa628ca9cc1c Mon Sep 17 00:00:00 2001 From: Wanja Zaeske Date: Mon, 2 Jan 2023 20:07:33 +0100 Subject: [PATCH 1/5] ldb: 2.3.0 -> 2.6.1 --- pkgs/development/libraries/ldb/default.nix | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/ldb/default.nix b/pkgs/development/libraries/ldb/default.nix index d81e3eeabe6..37856f5a013 100644 --- a/pkgs/development/libraries/ldb/default.nix +++ b/pkgs/development/libraries/ldb/default.nix @@ -16,11 +16,11 @@ stdenv.mkDerivation rec { pname = "ldb"; - version = "2.3.0"; + version = "2.6.1"; src = fetchurl { url = "mirror://samba/ldb/${pname}-${version}.tar.gz"; - sha256 = "0bcjj4gv48ddg44wyxpsvrs26xry6yy9x9k16qgz0bljs2rhilx4"; + sha256 = "sha256-RnQD9334Z4LDlluxdUQLqi7XUan+uVYBlL2MBr8XNsk="; }; outputs = [ "out" "dev" ]; @@ -44,6 +44,13 @@ stdenv.mkDerivation rec { cmocka ]; + # otherwise the configure script fails with + # PYTHONHASHSEED=1 missing! Don't use waf directly, use ./configure and make! + preConfigure = '' + export PKGCONFIG="$PKG_CONFIG" + export PYTHONHASHSEED=1 + ''; + wafPath = "buildtools/bin/waf"; wafConfigureFlags = [ From 300f427c59c7699aa6e8ae238cbee93112d2df71 Mon Sep 17 00:00:00 2001 From: Wanja Zaeske Date: Mon, 2 Jan 2023 20:08:04 +0100 Subject: [PATCH 2/5] tdb: 1.4.6 -> 1.4.7 --- pkgs/development/libraries/tdb/default.nix | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/tdb/default.nix b/pkgs/development/libraries/tdb/default.nix index 9a534c4c146..774168847b9 100644 --- a/pkgs/development/libraries/tdb/default.nix +++ b/pkgs/development/libraries/tdb/default.nix @@ -12,11 +12,11 @@ stdenv.mkDerivation rec { pname = "tdb"; - version = "1.4.6"; + version = "1.4.7"; src = fetchurl { url = "mirror://samba/tdb/${pname}-${version}.tar.gz"; - sha256 = "sha256-1okr2L7+BKd2QqHdVuSoeTSb8c9bLAv1+4QQYZON7ws="; + sha256 = "sha256-pPsWje9TPzH/LAf32YRLsxMeZ5nwlOvnfQOArcmHwg4="; }; nativeBuildInputs = [ @@ -34,6 +34,13 @@ stdenv.mkDerivation rec { libxcrypt ]; + # otherwise the configure script fails with + # PYTHONHASHSEED=1 missing! Don't use waf directly, use ./configure and make! + preConfigure = '' + export PKGCONFIG="$PKG_CONFIG" + export PYTHONHASHSEED=1 + ''; + wafPath = "buildtools/bin/waf"; wafConfigureFlags = [ From 0b1723ccbf160f7e4dc0cb54798a599ca160267d Mon Sep 17 00:00:00 2001 From: Wanja Zaeske Date: Mon, 2 Jan 2023 20:08:29 +0100 Subject: [PATCH 3/5] talloc: 2.3.3 -> 2.3.4 --- pkgs/development/libraries/talloc/default.nix | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/talloc/default.nix b/pkgs/development/libraries/talloc/default.nix index fb52f75f8c1..951a3f1d338 100644 --- a/pkgs/development/libraries/talloc/default.nix +++ b/pkgs/development/libraries/talloc/default.nix @@ -13,11 +13,11 @@ stdenv.mkDerivation rec { pname = "talloc"; - version = "2.3.3"; + version = "2.3.4"; src = fetchurl { url = "mirror://samba/talloc/${pname}-${version}.tar.gz"; - sha256 = "sha256-a+lbI2i9CvHEzXqIFG62zuoY5Gw//JMwv2JitA0diqo="; + sha256 = "sha256-F5+eviZeZ+SrLCbK0rfeS2p3xsIS+WaQM4KGnwa+ZQU="; }; nativeBuildInputs = [ @@ -37,6 +37,13 @@ stdenv.mkDerivation rec { libxcrypt ]; + # otherwise the configure script fails with + # PYTHONHASHSEED=1 missing! Don't use waf directly, use ./configure and make! + preConfigure = '' + export PKGCONFIG="$PKG_CONFIG" + export PYTHONHASHSEED=1 + ''; + wafPath = "buildtools/bin/waf"; wafConfigureFlags = [ From a36d319f2d85aa7eec06051e6d5b524ad2e66781 Mon Sep 17 00:00:00 2001 From: Wanja Zaeske Date: Mon, 2 Jan 2023 20:08:51 +0100 Subject: [PATCH 4/5] tevent: 0.10.2 -> 0.13.0 --- pkgs/development/libraries/tevent/default.nix | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/tevent/default.nix b/pkgs/development/libraries/tevent/default.nix index 568751f48aa..f10235650c4 100644 --- a/pkgs/development/libraries/tevent/default.nix +++ b/pkgs/development/libraries/tevent/default.nix @@ -2,6 +2,7 @@ , fetchurl , python3 , pkg-config +, cmocka , readline , talloc , libxslt @@ -13,11 +14,11 @@ stdenv.mkDerivation rec { pname = "tevent"; - version = "0.10.2"; + version = "0.13.0"; src = fetchurl { url = "mirror://samba/tevent/${pname}-${version}.tar.gz"; - sha256 = "15k6i8ad5lpxfjsjyq9h64zlyws8d3cm0vwdnaw8z1xjwli7hhpq"; + sha256 = "sha256-uUN6kX+lU0Q2G+tk7J4AQumcroh5iCpi3Tj2q+I3HQw="; }; nativeBuildInputs = [ @@ -32,10 +33,18 @@ stdenv.mkDerivation rec { buildInputs = [ python3 + cmocka readline # required to build python talloc ]; + # otherwise the configure script fails with + # PYTHONHASHSEED=1 missing! Don't use waf directly, use ./configure and make! + preConfigure = '' + export PKGCONFIG="$PKG_CONFIG" + export PYTHONHASHSEED=1 + ''; + wafPath = "buildtools/bin/waf"; wafConfigureFlags = [ From 9b4cf10855256ba9d78c04c28dc43b27a4b4acf4 Mon Sep 17 00:00:00 2001 From: Wanja Zaeske Date: Mon, 2 Jan 2023 10:41:12 +0100 Subject: [PATCH 5/5] samba: etc Makes samba use the nix vendored `talloc` instead of compiling its own, bundleded version. This fixes an issue where the library may be initialized with different magic numbers, resulting in segfaults. See in https://github.com/NixOS/nixpkgs/issues/205859 for further detail. --- pkgs/servers/samba/4.x.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pkgs/servers/samba/4.x.nix b/pkgs/servers/samba/4.x.nix index df235abe98c..6853c385317 100644 --- a/pkgs/servers/samba/4.x.nix +++ b/pkgs/servers/samba/4.x.nix @@ -20,9 +20,12 @@ , gnutls , systemd , samba +, talloc , jansson +, ldb , libtasn1 , tdb +, tevent , libxcrypt , cmocka , rpcsvc-proto @@ -100,8 +103,11 @@ stdenv.mkDerivation rec { libarchive zlib gnutls + ldb + talloc libtasn1 tdb + tevent libxcrypt ] ++ optionals stdenv.isLinux [ liburing systemd ] ++ optionals stdenv.isDarwin [ libiconv ] @@ -143,6 +149,7 @@ stdenv.mkDerivation rec { ++ optionals (!enableLDAP) [ "--without-ldap" "--without-ads" + "--bundled-libraries=!ldb,!pyldb-util!talloc,!pytalloc-util,!tevent,!tdb,!pytdb" ] ++ optional enableLibunwind "--with-libunwind" ++ optional enableProfiling "--with-profiling-data" ++ optional (!enableAcl) "--without-acl-support"