samba: 4.12.6 -> 4.13.0 #99059
samba: 4.12.6 -> 4.13.0 #99059
Conversation
Previously, `vfs_snapper` was only built if `dbus` was found. Now, `vfs_snapper` is enabled by default (on Linux) and it requires dbus to be available: ``` Checking for dbus: not found vfs_snapper is enabled but prerequisite dbus-1 package not found. Use --with-shared-modules=!vfs_snapper to disable vfs_snapper support. ``` We could pass `--with-shared-modules=!vfs_snapper` to disable it, but currently pass `--with-shared-modules=ALL`, so add dbus as a dependency instead.
|
I was able to successfully |
|
Change looks good, I can however not really test it or my customers get sad ;) Is this relevant for backporting due to security stuff? |
|
Nothing in https://www.samba.org/samba/history/samba-4.13.0.html looked super relevant security-wise, there appear to be a few fixes around CVE-2020-1472 but mostly in tests or for the code path where folks explicitly disable the mitigation in their config (?), so don't think it needs a backport specifically. I generally find samba to be something you always want to be running the latest version of given the many CVEs it has had, as compared to something like openssh which is much more reasonable to run a staler version of, so like to stay on top of patches. |
I don't use any of the AD bits myself FWIW, so if that's something you're interested in ensuring stays working it would definitely be nice to get added to the nixos test! |
|
My idea for the backport (cc @ajs124) was to have the most recent samba version available when 20.09 releases. Especially with ADs (in my case at least), I find it unwise to do Samba updates mid-release so it's probably a good idea to bump the package as far as possible before the release is done. |
|
The build and test in nixpkgs still pass, although that doesn't do any AD stuff, right? |
|
Yeah, I got the hint… Imma try to build it |
|
Result of 17 packages marked as broken and skipped:- almanah - atom - atom-beta - gnome-recipes - gnome3.nautilus-python - kodiPlugins.inputstream-adaptive - kodiPlugins.joystick - kodiPlugins.pvr-hdhomerun - kodiPlugins.pvr-hts - kodiPlugins.pvr-iptvsimple - kodiPlugins.steam-controller - kodiPlugins.vfs-libarchive - kodiPlugins.vfs-sftp - pympress - python27Packages.python-vlc - python37Packages.python-vlc - python38Packages.python-vlc 6 packages failed to build:- enum4linux - python27Packages.pysmbc - python37Packages.pysmbc - python38Packages.pysmbc - samba (samba4) - sambaFull (samba4Full) |
|
|
Thanks! Sucks that it doesn't build though, because the current release seems to build on hydra. |
|
Lemme check ;) |
|
Doesn't build on master either, maybe my mac is broken? :D |
|
Weird. These are the hydra links I looked at:
cc @NixOS/darwin-maintainers |
There was a problem hiding this comment.
Version 4.13.2 is out with several bugfixes: https://www.samba.org/samba/history/samba-4.13.2.html
| @@ -42,11 +43,11 @@ with stdenv.lib; | |||
|
|
|||
| stdenv.mkDerivation rec { | |||
| pname = "samba"; | |||
| version = "4.12.6"; | |||
| version = "4.13.0"; | |||
There was a problem hiding this comment.
| version = "4.13.0"; | |
| version = "4.13.2"; |
|
|
||
| src = fetchurl { | ||
| url = "mirror://samba/pub/samba/stable/${pname}-${version}.tar.gz"; | ||
| sha256 = "1v3cmw40csmi3jd8mhlx4bm7bk4m0426zkyin7kq11skwnsrna02"; | ||
| sha256 = "1xp7mmy5a892g5c56n7zz3l2kbgyrqn3y50lqq5aa2nvx2p547gi"; |
There was a problem hiding this comment.
| sha256 = "1xp7mmy5a892g5c56n7zz3l2kbgyrqn3y50lqq5aa2nvx2p547gi"; | |
| sha256 = "1d7j79c8aggwiv90y2q1yz63d9p5n4paq0fsbdvqpn05d8wn8r17"; |
|
@aneeshusa ping |
Previously,
vfs_snapperwas only built ifdbuswas found.Now,
vfs_snapperis enabled by default (on Linux)and it requires dbus to be available:
We could pass
--with-shared-modules=!vfs_snapperto disable it,but currently pass
--with-shared-modules=ALL,so add dbus as a dependency instead.
Motivation for this change
https://www.samba.org/samba/history/samba-4.13.0.html
Things done
sandboxinnix.confon non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"./result/bin/)nix path-info -Sbefore and after)