Samba Team
&author.jelmer;
(22 May 2001)
18 March 2003
How to compile SAMBA
You can obtain the samba source from the samba website. To obtain a development version,
you can download samba from CVS or using rsync.
Access Samba source code via CVS
Introduction
Samba is developed in an open environment. Developers use CVS
(Concurrent Versioning System) to "checkin" (also known as
"commit") new source code. Samba's various CVS branches can
be accessed via anonymous CVS using the instructions
detailed in this chapter.
This chapter is a modified version of the instructions found at
http://samba.org/samba/cvs.html
CVS Access to samba.org
The machine samba.org runs a publicly accessible CVS
repository for access to the source code of several packages,
including samba, rsync and jitterbug. There are two main ways of
accessing the CVS server on this host.
Access via CVSweb
You can access the source code via your
favourite WWW browser. This allows you to access the contents of
individual files in the repository and also to look at the revision
history and commit logs of individual files. You can also ask for a diff
listing between any two versions on the repository.
Use the URL : http://samba.org/cgi-bin/cvsweb
Access via cvs
You can also access the source code via a
normal cvs client. This gives you much more control over you can
do with the repository and allows you to checkout whole source trees
and keep them up to date via normal cvs commands. This is the
preferred method of access if you are a developer and not
just a casual browser.
To download the latest cvs source code, point your
browser at the URL : http://www.cyclic.com/.
and click on the 'How to get cvs' link. CVS is free software under
the GNU GPL (as is Samba). Note that there are several graphical CVS clients
which provide a graphical interface to the sometimes mundane CVS commands.
Links to theses clients are also available from http://www.cyclic.com.
To gain access via anonymous cvs use the following steps.
For this example it is assumed that you want a copy of the
samba source code. For the other source code repositories
on this system just substitute the correct package name
Install a recent copy of cvs. All you really need is a
copy of the cvs client binary.
Run the command
cvs -d :pserver:cvs@samba.org:/cvsroot login
When it asks you for a password type cvs.
Run the command
cvs -d :pserver:cvs@samba.org:/cvsroot co samba
This will create a directory called samba containing the
latest samba source code (i.e. the HEAD tagged cvs branch). This
currently corresponds to the 3.0 development tree.
CVS branches other HEAD can be obtained by using the -r
and defining a tag name. A list of branch tag names can be found on the
"Development" page of the samba web site. A common request is to obtain the
latest 2.2 release code. This could be done by using the following userinput.
cvs -d :pserver:cvs@samba.org:/cvsroot co -r SAMBA_2_2 samba
Whenever you want to merge in the latest code changes use
the following command from within the samba directory:
cvs update -d -P
Accessing the samba sources via rsync and ftp
pserver.samba.org also exports unpacked copies of most parts of the CVS tree at ftp://pserver.samba.org/pub/unpacked and also via anonymous rsync at rsync://pserver.samba.org/ftp/unpacked/. I recommend using rsync rather than ftp.
See the rsync homepage for more info on rsync.
The disadvantage of the unpacked trees
is that they do not support automatic
merging of local changes like CVS does.
rsync access is most convenient for an
initial install.
Verifying Samba's PGP signature
In these days of insecurity, it's strongly recommended that you verify the PGP signature for any
source file before installing it. According to Jerry Carter of the Samba Team, only about 22% of
all Samba downloads have had a corresponding PGP signature download (a very low percentage, which
should be considered a bad thing). Even if you're not downloading from a mirror site, verifying PGP
signatures should be a standard reflex.
With that said, go ahead and download the following files:
$ wget http://us1.samba.org/samba/ftp/samba-2.2.8a.tar.asc
$ wget http://us1.samba.org/samba/ftp/samba-pubkey.asc
The first file is the PGP signature for the Samba source file; the other is the Samba public
PGP key itself. Import the public PGP key with:
$ gpg --import samba-pubkey.asc
And verify the Samba source code integrity with:
$ gzip -d samba-2.2.8a.tar.gz
$ gpg --verify samba-2.2.8a.tar.asc
If you receive a message like, "Good signature from Samba Distribution Verification Key..."
then all is well. The warnings about trust relationships can be ignored. An example of what
you would not want to see would be:
gpg: BAD signature from "Samba Distribution Verification Key"
Building the Binaries
To do this, first run the program ./configure
in the source directory. This should automatically
configure Samba for your operating system. If you have unusual
needs then you may wish to run
root# ./configure --help
first to see what special options you can enable.
Then executing
root# make
will create the binaries. Once it's successfully
compiled you can use
root# make install
to install the binaries and manual pages. You can
separately install the binaries and/or man pages using
root# make installbin
and
root# make installman
Note that if you are upgrading for a previous version
of Samba you might like to know that the old versions of
the binaries will be renamed with a ".old" extension. You
can go back to the previous version with
root# make revert
if you find this version a disaster!
Compiling samba with Active Directory support
In order to compile samba with ADS support, you need to have installed
on your system:
the MIT kerberos development libraries (either install from the sources or use a package). The heimdal libraries will not work.
the OpenLDAP development libraries.
If your kerberos libraries are in a non-standard location then
remember to add the configure option --with-krb5=DIR.
After you run configure make sure that include/config.h it generates contains lines like this:
#define HAVE_KRB5 1
#define HAVE_LDAP 1
If it doesn't then configure did not find your krb5 libraries or
your ldap libraries. Look in config.log to figure out why and fix
it.
Installing the required packages for Debian
On Debian you need to install the following packages:
libkrb5-dev
krb5-user
Installing the required packages for RedHat
On RedHat this means you should have at least:
krb5-workstation (for kinit)
krb5-libs (for linking with)
krb5-devel (because you are compiling from source)
in addition to the standard development environment.
Note that these are not standard on a RedHat install, and you may need
to get them off CD2.
Starting the smbd and nmbd
You must choose to start smbd and nmbd either
as daemons or from inetdDon't try
to do both! Either you can put them in
inetd.conf and have them started on demand
by inetd, or you can start them as
daemons either from the command line or in
/etc/rc.local. See the man pages for details
on the command line options. Take particular care to read
the bit about what user you need to be in order to start
Samba. In many cases you must be root.
The main advantage of starting smbd
and nmbd using the recommended daemon method
is that they will respond slightly more quickly to an initial connection
request.
Starting from inetd.conf
NOTE; The following will be different if
you use NIS, NIS+ or LDAP to distribute services maps.
Look at your /etc/services.
What is defined at port 139/tcp. If nothing is defined
then add a line like this:
netbios-ssn 139/tcp
similarly for 137/udp you should have an entry like:
netbios-ns 137/udp
Next edit your /etc/inetd.conf
and add two lines something like this:
netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd smbd
netbios-ns dgram udp wait root /usr/local/samba/bin/nmbd nmbd
The exact syntax of /etc/inetd.conf
varies between unixes. Look at the other entries in inetd.conf
for a guide.
Some unixes already have entries like netbios_ns
(note the underscore) in /etc/services.
You must either edit /etc/services or
/etc/inetd.conf to make them consistent.
On many systems you may need to use the
interfaces option in &smb.conf; to specify the IP address
and netmask of your interfaces. Run ifconfig
as root if you don't know what the broadcast is for your
net. &nmbd; tries to determine it at run
time, but fails on some unixes.
Many unixes only accept around 5
parameters on the command line in inetd.conf.
This means you shouldn't use spaces between the options and
arguments, or you should use a script, and start the script
from inetd.
Restart inetd, perhaps just send
it a HUP. If you have installed an earlier version of
nmbd then you may need to kill nmbd as well.
Alternative: starting it as a daemon
To start the server as a daemon you should create
a script something like this one, perhaps calling
it startsmb.
#!/bin/sh
/usr/local/samba/bin/smbd -D
/usr/local/samba/bin/nmbd -D
then make it executable with chmod
+x startsmb
You can then run startsmb by
hand or execute it from /etc/rc.local
To kill it send a kill signal to the processes
nmbd and smbd.
If you use the SVR4 style init system then
you may like to look at the examples/svr4-startup
script to make Samba fit into that system.