1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
|
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE chapter PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
<chapter id="compiling">
<chapterinfo>
&author.jelmer;
&author.jht;
&author.tridge;
<pubdate> 22 May 2001 </pubdate>
<pubdate> 18 March 2003 </pubdate>
</chapterinfo>
<title>How to Compile Samba</title>
<para>
You can obtain the Samba source file from the
<ulink url="http://samba.org/">Samba Website.</ulink> To obtain a development version,
you can download Samba from Subversion or using <command>rsync</command>.
</para>
<sect1>
<title>Access Samba Source Code via Subversion</title>
<sect2>
<title>Introduction</title>
<para>
<indexterm><primary>Subversion</primary></indexterm>
Samba is developed in an open environment. Developers use a
Subversion to <quote>checkin</quote> (also known as
<quote>commit</quote>) new source code. Samba's various Subversion branches can
be accessed via anonymous Subversion using the instructions
detailed in this chapter.
</para>
<para>
This chapter is a modified version of the instructions found at the
<ulink noescape="1" url="http://samba.org/samba/subversion.html">Samba</ulink> web site.
</para>
</sect2>
<sect2>
<title>Subversion Access to samba.org</title>
<para>
The machine samba.org runs a publicly accessible Subversion
repository for access to the source code of several packages,
including Samba, rsync, distcc, ccache, and jitterbug. There are two main ways
of accessing the Subversion server on this host:
</para>
<sect3>
<title>Access via SVNweb</title>
<para>
<indexterm><primary>SVN</primary><secondary>web</secondary></indexterm>
You can access the source code via your favorite WWW browser. This allows you to access
the contents of individual files in the repository and also to look at the revision
history and commit logs of individual files. You can also ask for a diff
listing between any two versions on the repository.
</para>
<para>
Use the URL:
<ulink noescape="1" url="http://svnweb.samba.org/">http://svnweb.samba.org/</ulink>
</para>
</sect3>
<sect3>
<title>Access via Subversion</title>
<para>
You can also access the source code via a
normal Subversion client. This gives you much more control over what you can
do with the repository and allows you to checkout whole source trees
and keep them up-to-date via normal Subversion commands. This is the
preferred method of access if you are a developer and not
just a casual browser.
</para>
<para>In order to be able to download the Samba sources off Subversion, you need
a Subversion client. Your distribution might include one, or you can download the
sources from <ulink noescape="1" url="http://subversion.tigris.org/">http://subversion.tigris.org/</ulink>.
</para>
<para>
To gain access via anonymous Subversion, use the following steps.
</para>
<procedure>
<title>Retrieving Samba using Subversion</title>
<step>
<para>
Install a recent copy of Subversion. All you really need is a
copy of the Subversion client binary.
</para>
</step>
<step>
<para>
Run the command
</para>
<para>
<userinput>svn co svn://svnanon.samba.org/samba/trunk samba</userinput>.
</para>
<para>
This will create a directory called <filename>samba</filename> containing the
latest Samba source code (usually the branch that is going to be the next major release). This
currently corresponds to the 3.1 development tree.
</para>
<para>
Subversion branches other then trunk can be obtained by adding branches/BRANCH_NAME
to the URL you check out. A list of branch names
can be found on the <quote>Development</quote> page of the Samba Web site. A common
request is to obtain the latest 3.0 release code. This could be done by
using the following command:
</para>
<para>
<userinput>svn co svn://svnanon.samba.org/samba/branches/SAMBA_3_0 samba_3</userinput>.
</para>
</step>
<step>
<para>
Whenever you want to merge in the latest code changes, use
the following command from within the Samba directory:
</para>
<para>
<userinput>svn update</userinput>
</para>
</step>
</procedure>
</sect3>
</sect2>
</sect1>
<sect1>
<title>Accessing the Samba Sources via rsync and ftp</title>
<para>
<indexterm><primary>rsync</primary></indexterm>
<indexterm><primary>ftp</primary></indexterm>
<parameter>pserver.samba.org</parameter> also exports unpacked copies of most parts of the Subversion
tree at the Samba <ulink noescape="1" url="ftp://pserver.samba.org/pub/unpacked">pserver</ulink>
location and also via anonymous rsync at the Samba
<ulink noescape="1" url="rsync://pserver.samba.org/ftp/unpacked/">rsync</ulink> server location.
I recommend using rsync rather than ftp.
See <ulink noescape="1" url="http://rsync.samba.org/">the rsync home-page</ulink> for more info on rsync.
</para>
<para>
The disadvantage of the unpacked trees is that they do not support automatic
merging of local changes like Subversion does. <command>rsync</command> access is most convenient
for an initial install.
</para>
</sect1>
<sect1>
<title>Verifying Samba's PGP Signature</title>
<para>
<indexterm><primary>GPG</primary></indexterm>
It is strongly recommended that you verify the PGP signature for any source file before
installing it. Even if you're not downloading from a mirror site, verifying PGP signatures
should be a standard reflex. Many people today use the GNU GPG tool-set in place of PGP.
GPG can substitute for PGP.
</para>
<para>
With that said, go ahead and download the following files:
</para>
<para><screen>
&prompt;<userinput>wget http://us1.samba.org/samba/ftp/samba-3.0.20.tar.asc</userinput>
&prompt;<userinput>wget http://us1.samba.org/samba/ftp/samba-pubkey.asc</userinput>
</screen></para>
<para>
<indexterm><primary>PGP</primary></indexterm>
The first file is the PGP signature for the Samba source file; the other is the Samba public
PGP key itself. Import the public PGP key with:
</para>
<screen>
&prompt;<userinput>gpg --import samba-pubkey.asc</userinput>
</screen>
<para>
and verify the Samba source code integrity with:
</para>
<screen>
&prompt;<userinput>gzip -d samba-3.0.20.tar.gz</userinput>
&prompt;<userinput>gpg --verify samba-3.0.20.tar.asc</userinput>
</screen>
<para>
If you receive a message like, <quote>Good signature from Samba Distribution Verification Key...</quote>
then all is well. The warnings about trust relationships can be ignored. An
example of what you would not want to see would be:
</para>
<para><screen>
gpg: BAD signature from <quote>Samba Distribution Verification Key</quote>
</screen></para>
</sect1>
<sect1>
<title>Building the Binaries</title>
<para>
<indexterm><primary>autogen.sh</primary></indexterm>
After the source tarball has been unpacked, the next step involves
configuration to match Samba to your operating system platform.
If your source directory does not contain the <command>configure</command> script
it is necessary to build it before you can continue. Building of
the configure script requires the correct version of the autoconf
tool kit. Where the necessary version of autoconf is present,
the configure script can be generated by executing the following:
<screen>
&rootprompt; cd samba-3.0.20
&rootprompt; ./autogen.sh
</screen>
</para>
<para>
<indexterm><primary>configure</primary></indexterm>
To build the binaries, run the program <userinput>./configure
</userinput> in the source directory. This should automatically
configure Samba for your operating system. If you have unusual
needs, then you may wish to run:
<screen>
&rootprompt;<userinput>./configure --help</userinput>
</screen>
</para>
<para>
This will help you to see what special options can be enabled. Now execute
<userinput>./configure</userinput> with any arguments it might need:
<screen>
&rootprompt;<userinput>./configure <replaceable>[... arguments ...]</replaceable></userinput>
</screen>
</para>
<para>
<indexterm><primary>make</primary></indexterm>
Execute the following create the binaries:
<screen>
&rootprompt; <userinput>make</userinput>
</screen>
Once it is successfully compiled you can execute the command shown here to
install the binaries and manual pages:
<screen>
&rootprompt; <userinput>make install</userinput>
</screen>
</para>
<para>
Some people prefer to install binary files and man pages separately. If this is
your wish, the binary files can be installed by executing:
<screen>
&rootprompt; <userinput>make installbin</userinput>
</screen>
The man pages can be installed using this command:
<screen>
&rootprompt; <userinput>make installman</userinput>
</screen>
</para>
<para>
Note that if you are upgrading from a previous version of Samba the old
versions of the binaries will be renamed with an <quote>.old</quote> extension.
You can go back to the previous version by executing:
<screen>
&rootprompt; <userinput>make revert</userinput>
</screen>
As you can see from this, building and installing Samba does not need to
result in disaster!
</para>
<sect2>
<title>Compiling Samba with Active Directory Support</title>
<para>
In order to compile Samba with ADS support, you need to have installed
on your system:
</para>
<itemizedlist>
<listitem><para>
The MIT or Heimdal Kerberos development libraries
(either install from the sources or use a package).
</para></listitem>
<listitem><para>
The OpenLDAP development libraries.
</para></listitem>
</itemizedlist>
<para>
If your Kerberos libraries are in a non-standard location, then
remember to add the configure option
<option>--with-krb5=<replaceable>DIR</replaceable></option>.
</para>
<para>
After you run configure, make sure that
<filename>include/config.h</filename> it generates contain lines like this:
<programlisting>
#define HAVE_KRB5 1
#define HAVE_LDAP 1
</programlisting>
</para>
<para>
If it does not, configure did not find your KRB5 libraries or
your LDAP libraries. Look in <filename>config.log</filename> to figure
out why and fix it.
</para>
<sect3>
<title>Installing the Required Packages for Debian</title>
<para>On Debian, you need to install the following packages:</para>
<para>
<itemizedlist>
<listitem><para>libkrb5-dev</para></listitem>
<listitem><para>krb5-user</para></listitem>
</itemizedlist>
</para>
</sect3>
<sect3>
<title>Installing the Required Packages for Red Hat Linux</title>
<para>On Red Hat Linux, this means you should have at least: </para>
<para>
<itemizedlist>
<listitem><para>krb5-workstation (for kinit)</para></listitem>
<listitem><para>krb5-libs (for linking with)</para></listitem>
<listitem><para>krb5-devel (because you are compiling from source)</para></listitem>
</itemizedlist>
</para>
<para>in addition to the standard development environment.</para>
<para>If these files are not installed on your system, you should check the installation
CDs to find which has them and install the files using your tool of choice. If in doubt
about what tool to use, refer to the Red Hat Linux documentation.</para>
</sect3>
<sect3>
<title>SuSE Linux Package Requirements</title>
<para>
SuSE Linux installs Heimdal packages that may be required to allow you to build
binary packages. You should verify that the development libraries have been installed on
your system.
</para>
<para>
SuSE Linux Samba RPMs support Kerberos. Please refer to the documentation for
your SuSE Linux system for information regarding SuSE Linux specific configuration.
Additionally, SuSE are very active in the maintenance of Samba packages that provide
the maximum capabilities that are available. You should consider using SuSE provided
packages where they are available.
</para>
</sect3>
</sect2>
</sect1>
<sect1>
<title>Starting the &smbd; and &nmbd;</title>
<para>
<indexterm><primary>inetd</primary></indexterm>
You must choose to start &smbd; and &nmbd; either as daemons or from
<application>inetd</application>. Don't try to do both! Either you can put
them in <filename> inetd.conf</filename> and have them started on demand by
<application>inetd</application> or <application>xinetd</application>, or you
can start them as daemons either from the command line or in
<filename>/etc/rc.local</filename>. See the man pages for details on the
command line options. Take particular care to read the bit about what user
you need to have to start Samba. In many cases, you must be root.
</para>
<para>
The main advantage of starting &smbd; and &nmbd; using the recommended daemon method
is that they will respond slightly more quickly to an initial connection request.
</para>
<sect2>
<title>Starting from inetd.conf</title>
<indexterm><primary>inetd</primary></indexterm>
<note>
<para>The following will be different if
you use NIS, NIS+ or LDAP to distribute services maps.</para>
</note>
<para>Look at your <filename>/etc/services</filename>.
What is defined at port 139/tcp? If nothing is defined,
then add a line like this:</para>
<para><programlisting>netbios-ssn 139/tcp</programlisting></para>
<para>Similarly for 137/udp, you should have an entry like:</para>
<para><programlisting>netbios-ns 137/udp</programlisting></para>
<para>
Next, edit your <filename>/etc/inetd.conf</filename> and add two lines like this:
<programlisting>
netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd smbd
netbios-ns dgram udp wait root /usr/local/samba/bin/nmbd nmbd
</programlisting>
</para>
<para>
The exact syntax of <filename>/etc/inetd.conf</filename>
varies between UNIXes. Look at the other entries in inetd.conf
for a guide.
</para>
<para>
<indexterm><primary>xinetd</primary></indexterm>
Some distributions use xinetd instead of inetd. Consult the
xinetd manual for configuration information.
</para>
<note><para>Some UNIXes already have entries like netbios_ns
(note the underscore) in <filename>/etc/services</filename>.
You must edit <filename>/etc/services</filename> or
<filename>/etc/inetd.conf</filename> to make them consistent.
</para></note>
<note><para>
<indexterm><primary>ifconfig</primary></indexterm>
On many systems you may need to use the
<smbconfoption name="interfaces"/> option in &smb.conf; to specify
the IP address and netmask of your interfaces. Run
<application>ifconfig</application> as root if you do
not know what the broadcast is for your net. &nmbd; tries
to determine it at run time, but fails on some UNIXes.
</para></note>
<warning><para>
Many UNIXes only accept about five parameters on the command
line in <filename>inetd.conf</filename>. This means you shouldn't
use spaces between the options and arguments, or you should use
a script and start the script from <command>inetd</command>.
</para></warning>
<para>
Restart <application>inetd</application>, perhaps just send it a HUP,
like this:
<screen>
&rootprompt;<userinput>killall -HUP inetd</userinput>
</screen>
</sect2>
<sect2>
<title>Alternative: Starting &smbd; as a Daemon</title>
<para>
<indexterm><primary>daemon</primary></indexterm>
To start the server as a daemon, you should create a script something
like this one, perhaps calling it <filename>startsmb</filename>.
</para>
<smbfile name="startsmb.sh">
<para><programlisting>
#!/bin/sh
/usr/local/samba/bin/smbd -D
/usr/local/samba/bin/nmbd -D
</programlisting></para>
</smbfile>
<para>
Make it executable with <command>chmod +x startsmb</command>
</para>
<para>
You can then run <command>startsmb</command> by hand or execute
it from <filename>/etc/rc.local</filename>.
</para>
<para>
To kill it, send a kill signal to the processes &nmbd; and &smbd;.
</para>
<note><para>
If you use the SVR4 style init system, you may like to look at the
<filename>examples/svr4-startup</filename> script to make Samba fit
into that system.
</para></note>
</sect2>
</sect1>
</chapter>
|