diff --git a/meta-networking/recipes-connectivity/samba/samba/0001-Add-options-to-configure-the-use-of-libbsd.patch b/meta-networking/recipes-connectivity/samba/samba/0001-Add-options-to-configure-the-use-of-libbsd.patch new file mode 100644 index 00000000000..80cdd3955f5 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/0001-Add-options-to-configure-the-use-of-libbsd.patch @@ -0,0 +1,103 @@ +From 1e8d31c138395122df4cc2a3e0edd6cd3fad736c Mon Sep 17 00:00:00 2001 +From: Peter Kjellerstedt +Date: Tue, 28 Apr 2020 02:05:33 +0200 +Subject: [PATCH] Add options to configure the use of libbsd + +Upstream-Status: Inappropriate [oe deterministic build specific] +Signed-off-by: Peter Kjellerstedt +--- + buildtools/wafsamba/wscript | 7 +++++++ + lib/crypto/wscript_configure | 2 +- + lib/replace/wscript | 29 +++++++++++++++-------------- + lib/texpect/wscript | 7 ++++++- + 4 files changed, 29 insertions(+), 16 deletions(-) + +diff --git a/buildtools/wafsamba/wscript b/buildtools/wafsamba/wscript +index 7b8fb01..a8e4b0a 100644 +--- a/buildtools/wafsamba/wscript ++++ b/buildtools/wafsamba/wscript +@@ -88,6 +88,13 @@ def options(opt): + help=("Disable use of gettext"), + action="store_true", dest='disable_gettext', default=False) + ++ opt.add_option('--with-libbsd', ++ help=("Enable use of libbsd"), ++ action="store_true", dest='enable_libbsd') ++ opt.add_option('--without-libbsd', ++ help=("Disable use of libbsd"), ++ action="store_false", dest='enable_libbsd', default=False) ++ + gr = opt.option_group('developer options') + + gr.add_option('-C', +diff --git a/lib/crypto/wscript_configure b/lib/crypto/wscript_configure +index 09dfe04..e871718 100644 +--- a/lib/crypto/wscript_configure ++++ b/lib/crypto/wscript_configure +@@ -2,7 +2,7 @@ + from waflib import Options + from waflib import Errors, Logs + +-if not conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h', ++if not Options.options.enable_libbsd or not conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h', + checklibc=True): + conf.CHECK_FUNCS_IN('MD5Init', 'md5', headers='sys/md5.h', + checklibc=True) +diff --git a/lib/replace/wscript b/lib/replace/wscript +index 0020d2a..cd9228f 100644 +--- a/lib/replace/wscript ++++ b/lib/replace/wscript +@@ -407,20 +407,21 @@ def configure(conf): + + strlcpy_in_bsd = False + +- # libbsd on some platforms provides strlcpy and strlcat +- if not conf.CHECK_FUNCS('strlcpy strlcat'): +- if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h', +- checklibc=True): +- strlcpy_in_bsd = True +- if not conf.CHECK_FUNCS('getpeereid'): +- conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h') +- if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'): +- conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h') +- if not conf.CHECK_FUNCS('setproctitle_init'): +- conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h') +- +- if not conf.CHECK_FUNCS('closefrom'): +- conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h') ++ if Options.options.enable_libbsd: ++ # libbsd on some platforms provides strlcpy and strlcat ++ if not conf.CHECK_FUNCS('strlcpy strlcat'): ++ if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h', ++ checklibc=True): ++ strlcpy_in_bsd = True ++ if not conf.CHECK_FUNCS('getpeereid'): ++ conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h') ++ if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'): ++ conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h') ++ if not conf.CHECK_FUNCS('setproctitle_init'): ++ conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h') ++ ++ if not conf.CHECK_FUNCS('closefrom'): ++ conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h') + + conf.CHECK_CODE(''' + struct ucred cred; +diff --git a/lib/texpect/wscript b/lib/texpect/wscript +index e14c048..a91de59 100644 +--- a/lib/texpect/wscript ++++ b/lib/texpect/wscript +@@ -1,7 +1,12 @@ + #!/usr/bin/env python ++from waflib import Options + + def configure(conf): +- conf.CHECK_FUNCS_IN('openpty', 'util', checklibc=True, headers='pty.h util.h bsd/libutil.h libutil.h') ++ hdrs = 'pty.h util.h' ++ if Options.options.enable_libbsd: ++ hdrs += ' bsd/libutil.h' ++ hdrs += ' libutil.h' ++ conf.CHECK_FUNCS_IN('openpty', 'util', checklibc=True, headers=hdrs) + + def build(bld): + bld.SAMBA_BINARY('texpect', 'texpect.c', deps='popt util replace', install=False) diff --git a/meta-networking/recipes-connectivity/samba/samba/0001-nsswitch-nsstest.c-Avoid-nss-function-conflicts-with.patch b/meta-networking/recipes-connectivity/samba/samba/0001-nsswitch-nsstest.c-Avoid-nss-function-conflicts-with.patch new file mode 100644 index 00000000000..2dbabdaa473 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/0001-nsswitch-nsstest.c-Avoid-nss-function-conflicts-with.patch @@ -0,0 +1,96 @@ +From 9aba5ac17bb822f91f6b214f5b82dd1eb8c47616 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Wed, 22 Jul 2020 22:42:09 -0700 +Subject: [PATCH] nsswitch/nsstest.c: Avoid nss function conflicts with glibc nss.h + +glibc 2.32 will define these varibles [1] which results in conflicts +with these static function names, therefore prefix these function names +with samba_ to avoid it + +[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=499a92df8b9fc64a054cf3b7f728f8967fc1da7d + +Upstream-Status: Submitted [https://gitlab.com/samba-team/samba/-/merge_requests/1477] + +Signed-off-by: Khem Raj +--- + nsswitch/nsstest.c | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +diff --git a/nsswitch/nsstest.c b/nsswitch/nsstest.c +index 6d92806..46f9679 100644 +--- a/nsswitch/nsstest.c ++++ b/nsswitch/nsstest.c +@@ -137,7 +137,7 @@ static struct passwd *nss_getpwuid(uid_t uid) + return &pwd; + } + +-static void nss_setpwent(void) ++static void samba_nss_setpwent(void) + { + NSS_STATUS (*_nss_setpwent)(void) = + (NSS_STATUS(*)(void))find_fn("setpwent"); +@@ -152,7 +152,7 @@ static void nss_setpwent(void) + } + } + +-static void nss_endpwent(void) ++static void samba_nss_endpwent(void) + { + NSS_STATUS (*_nss_endpwent)(void) = + (NSS_STATUS (*)(void))find_fn("endpwent"); +@@ -284,7 +284,7 @@ again: + return &grp; + } + +-static void nss_setgrent(void) ++static void samba_nss_setgrent(void) + { + NSS_STATUS (*_nss_setgrent)(void) = + (NSS_STATUS (*)(void))find_fn("setgrent"); +@@ -299,7 +299,7 @@ static void nss_setgrent(void) + } + } + +-static void nss_endgrent(void) ++static void samba_nss_endgrent(void) + { + NSS_STATUS (*_nss_endgrent)(void) = + (NSS_STATUS (*)(void))find_fn("endgrent"); +@@ -396,7 +396,7 @@ static void nss_test_users(void) + { + struct passwd *pwd; + +- nss_setpwent(); ++ samba_nss_setpwent(); + /* loop over all users */ + while ((pwd = nss_getpwent())) { + printf("Testing user %s\n", pwd->pw_name); +@@ -418,14 +418,14 @@ static void nss_test_users(void) + printf("initgroups: "); nss_test_initgroups(pwd->pw_name, pwd->pw_gid); + printf("\n"); + } +- nss_endpwent(); ++ samba_nss_endpwent(); + } + + static void nss_test_groups(void) + { + struct group *grp; + +- nss_setgrent(); ++ samba_nss_setgrent(); + /* loop over all groups */ + while ((grp = nss_getgrent())) { + printf("Testing group %s\n", grp->gr_name); +@@ -446,7 +446,7 @@ static void nss_test_groups(void) + printf("getgrgid: "); print_group(grp); + printf("\n"); + } +- nss_endgrent(); ++ samba_nss_endgrent(); + } + + static void nss_test_errors(void) +-- +2.27.0 + diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2020-14318.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2020-14318.patch new file mode 100644 index 00000000000..ff1225db072 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2020-14318.patch @@ -0,0 +1,142 @@ +From ccf53dfdcd39f3526dbc2f20e1245674155380ff Mon Sep 17 00:00:00 2001 +From: Zheng Ruoqin +Date: Fri, 11 Dec 2020 11:32:44 +0900 +Subject: [PATCH] s4: torture: Add smb2.notify.handle-permissions test. + +s3: smbd: Ensure change notifies can't get set unless the + directory handle is open for SEC_DIR_LIST. + +CVE-2020-14318 + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=14434 + +Signed-off-by: Jeremy Allison + +Signed-off-by: Zheng Ruoqin +--- + source3/smbd/notify.c | 8 ++++ + source4/torture/smb2/notify.c | 82 ++++++++++++++++++++++++++++++++++- + 2 files changed, 89 insertions(+), 1 deletion(-) + +diff --git a/source3/smbd/notify.c b/source3/smbd/notify.c +index 44c0b09..d23c03b 100644 +--- a/source3/smbd/notify.c ++++ b/source3/smbd/notify.c +@@ -283,6 +283,14 @@ NTSTATUS change_notify_create(struct files_struct *fsp, uint32_t filter, + char fullpath[len+1]; + NTSTATUS status = NT_STATUS_NOT_IMPLEMENTED; + ++ /* ++ * Setting a changenotify needs READ/LIST access ++ * on the directory handle. ++ */ ++ if (!(fsp->access_mask & SEC_DIR_LIST)) { ++ return NT_STATUS_ACCESS_DENIED; ++ } ++ + if (fsp->notify != NULL) { + DEBUG(1, ("change_notify_create: fsp->notify != NULL, " + "fname = %s\n", fsp->fsp_name->base_name)); +diff --git a/source4/torture/smb2/notify.c b/source4/torture/smb2/notify.c +index ebb4f8a..a5c9b94 100644 +--- a/source4/torture/smb2/notify.c ++++ b/source4/torture/smb2/notify.c +@@ -2569,6 +2569,83 @@ done: + return ok; + } + ++/* ++ Test asking for a change notify on a handle without permissions. ++*/ ++ ++#define BASEDIR_HPERM BASEDIR "_HPERM" ++ ++static bool torture_smb2_notify_handle_permissions( ++ struct torture_context *torture, ++ struct smb2_tree *tree) ++{ ++ bool ret = true; ++ NTSTATUS status; ++ union smb_notify notify; ++ union smb_open io; ++ struct smb2_handle h1 = {{0}}; ++ struct smb2_request *req; ++ ++ smb2_deltree(tree, BASEDIR_HPERM); ++ smb2_util_rmdir(tree, BASEDIR_HPERM); ++ ++ torture_comment(torture, ++ "TESTING CHANGE NOTIFY " ++ "ON A HANDLE WITHOUT PERMISSIONS\n"); ++ ++ /* ++ get a handle on the directory ++ */ ++ ZERO_STRUCT(io.smb2); ++ io.generic.level = RAW_OPEN_SMB2; ++ io.smb2.in.create_flags = 0; ++ io.smb2.in.desired_access = SEC_FILE_READ_ATTRIBUTE; ++ io.smb2.in.create_options = NTCREATEX_OPTIONS_DIRECTORY; ++ io.smb2.in.file_attributes = FILE_ATTRIBUTE_NORMAL; ++ io.smb2.in.share_access = NTCREATEX_SHARE_ACCESS_READ | ++ NTCREATEX_SHARE_ACCESS_WRITE; ++ io.smb2.in.alloc_size = 0; ++ io.smb2.in.create_disposition = NTCREATEX_DISP_CREATE; ++ io.smb2.in.impersonation_level = SMB2_IMPERSONATION_ANONYMOUS; ++ io.smb2.in.security_flags = 0; ++ io.smb2.in.fname = BASEDIR_HPERM; ++ ++ status = smb2_create(tree, torture, &io.smb2); ++ CHECK_STATUS(status, NT_STATUS_OK); ++ h1 = io.smb2.out.file.handle; ++ ++ /* ask for a change notify, ++ on file or directory name changes */ ++ ZERO_STRUCT(notify.smb2); ++ notify.smb2.level = RAW_NOTIFY_SMB2; ++ notify.smb2.in.buffer_size = 1000; ++ notify.smb2.in.completion_filter = FILE_NOTIFY_CHANGE_NAME; ++ notify.smb2.in.file.handle = h1; ++ notify.smb2.in.recursive = true; ++ ++ req = smb2_notify_send(tree, ¬ify.smb2); ++ torture_assert_goto(torture, ++ req != NULL, ++ ret, ++ done, ++ "smb2_notify_send failed\n"); ++ ++ /* ++ * Cancel it, we don't really want to wait. ++ */ ++ smb2_cancel(req); ++ status = smb2_notify_recv(req, torture, ¬ify.smb2); ++ /* Handle h1 doesn't have permissions for ChangeNotify. */ ++ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED); ++ ++done: ++ if (!smb2_util_handle_empty(h1)) { ++ smb2_util_close(tree, h1); ++ } ++ smb2_deltree(tree, BASEDIR_HPERM); ++ return ret; ++} ++ + /* + basic testing of SMB2 change notify + */ +@@ -2602,7 +2679,10 @@ struct torture_suite *torture_smb2_notify_init(TALLOC_CTX *ctx) + torture_smb2_notify_rmdir3); + torture_suite_add_2smb2_test(suite, "rmdir4", + torture_smb2_notify_rmdir4); +- ++ torture_suite_add_1smb2_test(suite, ++ "handle-permissions", ++ torture_smb2_notify_handle_permissions); ++ + suite->description = talloc_strdup(suite, "SMB2-NOTIFY tests"); + + return suite; +-- +2.25.1 + diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2020-14383.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2020-14383.patch new file mode 100644 index 00000000000..3341b80a38e --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2020-14383.patch @@ -0,0 +1,112 @@ +From ff17443fe761eda864d13957bec45f5bac478fe3 Mon Sep 17 00:00:00 2001 +From: Zheng Ruoqin +Date: Fri, 11 Dec 2020 14:34:31 +0900 +Subject: [PATCH] CVE-2020-14383: s4/dns: Ensure variable initialization with + NULL. do not crash when additional data not found +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Found by Francis Brosnan Blázquez . +Based on patches from Francis Brosnan Blázquez +and Jeremy Allison + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=14472 +BUG: https://bugzilla.samba.org/show_bug.cgi?id=12795 + +Signed-off-by: Douglas Bagnall +Reviewed-by: Jeremy Allison + +Autobuild-User(master): Douglas Bagnall +Autobuild-Date(master): Mon Aug 24 00:21:41 UTC 2020 on sn-devel-184 + +(based on commit df98e7db04c901259dd089e20cd557bdbdeaf379) +(based on commit 7afe449e7201be92bed8e53cbb37b74af720ef4e + +Signed-off-by: Zheng Ruoqin +--- + .../rpc_server/dnsserver/dcerpc_dnsserver.c | 31 ++++++++++--------- + 1 file changed, 17 insertions(+), 14 deletions(-) + +diff --git a/source4/rpc_server/dnsserver/dcerpc_dnsserver.c b/source4/rpc_server/dnsserver/dcerpc_dnsserver.c +index 910de9a1..618c7096 100644 +--- a/source4/rpc_server/dnsserver/dcerpc_dnsserver.c ++++ b/source4/rpc_server/dnsserver/dcerpc_dnsserver.c +@@ -1754,15 +1754,17 @@ static WERROR dnsserver_enumerate_records(struct dnsserver_state *dsstate, + TALLOC_CTX *tmp_ctx; + char *name; + const char * const attrs[] = { "name", "dnsRecord", NULL }; +- struct ldb_result *res; +- struct DNS_RPC_RECORDS_ARRAY *recs; ++ struct ldb_result *res = NULL; ++ struct DNS_RPC_RECORDS_ARRAY *recs = NULL; + char **add_names = NULL; +- char *rname; ++ char *rname = NULL; + const char *preference_name = NULL; + int add_count = 0; + int i, ret, len; + WERROR status; +- struct dns_tree *tree, *base, *node; ++ struct dns_tree *tree = NULL; ++ struct dns_tree *base = NULL; ++ struct dns_tree *node = NULL; + + tmp_ctx = talloc_new(mem_ctx); + W_ERROR_HAVE_NO_MEMORY(tmp_ctx); +@@ -1845,15 +1847,15 @@ static WERROR dnsserver_enumerate_records(struct dnsserver_state *dsstate, + } + } + +- talloc_free(res); +- talloc_free(tree); +- talloc_free(name); ++ TALLOC_FREE(res); ++ TALLOC_FREE(tree); ++ TALLOC_FREE(name); + + /* Add any additional records */ + if (select_flag & DNS_RPC_VIEW_ADDITIONAL_DATA) { + for (i=0; izones; z2; z2 = z2->next) { + char *encoded_name; +@@ -1865,14 +1867,15 @@ static WERROR dnsserver_enumerate_records(struct dnsserver_state *dsstate, + LDB_SCOPE_ONELEVEL, attrs, + "(&(objectClass=dnsNode)(name=%s)(!(dNSTombstoned=TRUE)))", + encoded_name); +- talloc_free(name); ++ TALLOC_FREE(name); + if (ret != LDB_SUCCESS) { + continue; + } + if (res->count == 1) { ++ msg = res->msgs[0]; + break; + } else { +- talloc_free(res); ++ TALLOC_FREE(res); + continue; + } + } +@@ -1885,10 +1888,10 @@ static WERROR dnsserver_enumerate_records(struct dnsserver_state *dsstate, + } + status = dns_fill_records_array(tmp_ctx, NULL, DNS_TYPE_A, + select_flag, rname, +- res->msgs[0], 0, recs, ++ msg, 0, recs, + NULL, NULL); +- talloc_free(rname); +- talloc_free(res); ++ TALLOC_FREE(rname); ++ TALLOC_FREE(res); + } + } + +-- +2.25.1 + diff --git a/meta-networking/recipes-connectivity/samba/samba/smb.conf b/meta-networking/recipes-connectivity/samba/samba/smb.conf index a0b87c37353..d6bde417fb4 100644 --- a/meta-networking/recipes-connectivity/samba/samba/smb.conf +++ b/meta-networking/recipes-connectivity/samba/samba/smb.conf @@ -25,6 +25,10 @@ ## Browsing/Identification ### +# Prevent anonymous connections. Overriden if the user sets guest ok = yes +# on any share + restrict anonymous = 1 + # Change this to the workgroup/NT-domain name your Samba server will part of workgroup = WORKGROUP @@ -114,7 +118,7 @@ # This option controls how unsuccessful authentication attempts are mapped # to anonymous connections - map to guest = bad user + map to guest = never ########## Domains ########### diff --git a/meta-networking/recipes-connectivity/samba/samba_4.10.10.bb b/meta-networking/recipes-connectivity/samba/samba_4.10.18.bb similarity index 94% rename from meta-networking/recipes-connectivity/samba/samba_4.10.10.bb rename to meta-networking/recipes-connectivity/samba/samba_4.10.18.bb index e002a9da5af..17ea17baabd 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.10.10.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.10.18.bb @@ -26,6 +26,10 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ file://0001-waf-add-support-of-cross_compile.patch \ file://0001-lib-replace-wscript-Avoid-generating-nested-main-fun.patch \ file://0002-util_sec.c-Move-__thread-variable-to-global-scope.patch \ + file://0001-Add-options-to-configure-the-use-of-libbsd.patch \ + file://0001-nsswitch-nsstest.c-Avoid-nss-function-conflicts-with.patch \ + file://CVE-2020-14318.patch \ + file://CVE-2020-14383.patch \ " SRC_URI_append_libc-musl = " \ file://samba-pam.patch \ @@ -34,16 +38,20 @@ SRC_URI_append_libc-musl = " \ file://0001-samba-fix-musl-lib-without-innetgr.patch \ " -SRC_URI[md5sum] = "dde27447f39d124efe18f719ccf956dd" -SRC_URI[sha256sum] = "700c734b51610e2feaa0d6744f9bec0c0d8917bca8cc78d5b63a4591f32866a5" +SRC_URI[md5sum] = "f006a3d1876113e4a049015969d20fe6" +SRC_URI[sha256sum] = "7dcfc2aaaac565b959068788e6a43fc79ce2a03e7d523f5843f7a9fddffc7c2c" UPSTREAM_CHECK_REGEX = "samba\-(?P4\.10(\.\d+)+).tar.gz" inherit systemd waf-samba cpan-base perlnative update-rc.d + +# CVE-2011-2411 is valnerble only on HP NonStop Servers. +CVE_CHECK_WHITELIST += "CVE-2011-2411" + # remove default added RDEPENDS on perl RDEPENDS_${PN}_remove = "perl" -DEPENDS += "readline virtual/libiconv zlib popt libtalloc libtdb libtevent libldb libbsd libaio libpam libtasn1 jansson" +DEPENDS += "readline virtual/libiconv zlib popt libtalloc libtdb libtevent libldb libaio libpam libtasn1 jansson" inherit distro_features_check REQUIRED_DISTRO_FEATURES = "pam" @@ -91,6 +99,7 @@ PACKAGECONFIG[archive] = "--with-libarchive, --without-libarchive, libarchive" PACKAGECONFIG[libunwind] = ", , libunwind" PACKAGECONFIG[gpgme] = ",--without-gpgme,," PACKAGECONFIG[lmdb] = ",--without-ldb-lmdb,lmdb," +PACKAGECONFIG[libbsd] = "--with-libbsd, --without-libbsd, libbsd" # Building the AD (Active Directory) DC (Domain Controller) requires GnuTLS, # And ad-dc doesn't work with mitkrb5 for versions prior to 4.7.0 according to: @@ -194,11 +203,11 @@ do_install_append() { for f in samba-gpupdate samba_upgradedns samba_spnupdate samba_kcc samba_dnsupdate; do if [ -f "${D}${sbindir}/$f" ]; then - sed -i -e 's,${PYTHON},/usr/bin/env python3/,g' ${D}${sbindir}/$f + sed -i -e 's,${PYTHON},/usr/bin/env python3,g' ${D}${sbindir}/$f fi done if [ -f "${D}${bindir}/samba-tool" ]; then - sed -i -e 's,${PYTHON},/usr/bin/env python3/,g' ${D}${bindir}/samba-tool + sed -i -e 's,${PYTHON},/usr/bin/env python3,g' ${D}${bindir}/samba-tool fi } diff --git a/meta-networking/recipes-support/libldb/libldb_1.5.6.bb b/meta-networking/recipes-support/libldb/libldb_1.5.8.bb similarity index 95% rename from meta-networking/recipes-support/libldb/libldb_1.5.6.bb rename to meta-networking/recipes-support/libldb/libldb_1.5.8.bb index cc24863c60e..199db797a1d 100644 --- a/meta-networking/recipes-support/libldb/libldb_1.5.6.bb +++ b/meta-networking/recipes-support/libldb/libldb_1.5.8.bb @@ -33,8 +33,8 @@ LIC_FILES_CHKSUM = "file://pyldb.h;endline=24;md5=dfbd238cecad76957f7f860fbe9ada file://man/ldb.3.xml;beginline=261;endline=262;md5=137f9fd61040c1505d1aa1019663fd08 \ file://tools/ldbdump.c;endline=19;md5=a7d4fc5d1f75676b49df491575a86a42" -SRC_URI[md5sum] = "fc58ef432c1fcb03fc3bb6cccce08977" -SRC_URI[sha256sum] = "ff82474d0bf109e415a2d50334bde5715f486a53ff4bb8c7f74459dd229e975b" +SRC_URI[md5sum] = "d9b4bea8b48cd4c4d0c492e65881164b" +SRC_URI[sha256sum] = "ddf7f770643e0a0dda60f2818913f883caeed37fa1e8d6eda0dfe9588c1e3a83" inherit waf-samba