Labels

new blog 2.0

2008/05/25

0x01. [LPIC-302] Samba configuration and compilation from source

Installation
As we know from the previous exams, LPI tries to be vendor independent that's we had to learn about both RPM and DEB packages. The knowledge about Gentoo e-builds is not required, but it's worth a recommendation, as it illustrates very clearly the need for dependencies and configure-time options.

While installing a package from DEB or RPM, the package management system creates directories, copies the pre-compiled binaries where appropriate as well as the necessary config files. The obvious advantage here is the speed of installation. The disadvantage: if you want to customize your installation, you need to uninstall the DEB/RPM packet, look for the source, download it, resolve dependencies by hand and compile it. This takes much more time, but lets you have a secure and customized installation of Samba. You are required to know both how to install Samba from source and packages.

Install Samba from packages
Packaged binaries for a number of different Linux distributions can be found on the following URL:
If there is no package for your distribution, double check if your distribution maintainers didn't packaged it for you. LPIC foresees installing things with help of rpm and dpkg.

Install Samba from source
You can always get the latest source from http://samba.org/samba/ftp/samba-latest.tar.gz. Download the package and its signature and check it with gpg:
$ wget http://samba.org/samba/ftp/samba-pubkey.asc
$ wget http://samba.org/samba/ftp/samba-latest.tar.asc
$ wget http://samba.org/samba/ftp/samba-latest.tar.gz $ gpg --import samba-pubkey.asc
$ gpg --import samba-pubkey.asc
$ gunzip samba-latest.tar.gz
$ gpg --verify samba-latest.tar.asc
[...]
Once you make sure that the packages have not been tempered with, you can proceed with pre-compile configuration.

$ tar xf samba-latest.tar
$ cd samba-*/source
$ ./configure --help
[... read ...]
$ ./configure [--lists --of --args]*
$ make && make install installbin installman
[...]
Makefile for samba is inteligent enough to look for existing installation of Samba first. If it finds the binaries, it changes their name to .old. This way, if something goes wrong you can easily revert all changes with "make revert". A very nice feature.

Notable options to ./configure script include:
To find out about all options that are available at compilation time refer to the "./configure --help" command. Below I list the options that are not enabled by default and may be of interest for you:

#./configure --help|grep default=no
--enable-static=PKGS build static libraries default=no
--enable-debug Turn on compiler debugging information (default=no)
--enable-socket-wrapper Turn on socket wrapper library (default=no)
--enable-developer Turn on developer warnings and debugging (default=no)
--enable-krb5developer Turn on developer warnings and debugging,
except -Wstrict-prototypes (default=no)
--enable-dmalloc Enable heap debugging default=no
--with-fhs Use FHS-compliant paths (default=no)
--with-profiling-data Include gathering source code profile information (default=no)
--with-afs Include AFS clear-text auth support (default=no)
--with-fake-kaserver Include AFS fake-kaserver support (default=no)
--with-vfs-afsacl Include AFS to NT ACL mapping module (default=no)
--with-dce-dfs Include DCE/DFS clear-text auth support (default=no)
--with-automount Include automount support (default=no)
--with-smbmount Include smbmount (Linux only) support (default=no)
--with-pam Include PAM support (default=no)
--with-pam_smbpass Build PAM module for authenticating against
passdb backends (default=no)
--with-nisplus-home Include NISPLUS_HOME support (default=no)
--with-syslog Include experimental SYSLOG support (default=no)
--with-quotas Include disk-quota support (default=no)
--with-cluster-support Enable cluster extensions (default=no)
--with-acl-support Include ACL support (default=no)
--with-aio-support Include asynchronous io support (default=no)
#

Identify and resolve dependencies
Dependencies on samba are mostly optional.
It requires the following packages for additional functionality:
  • MIT or Heimdal Kerberos for AD support
  • OpenLDAP for LDAP integration
  • CUPS
  • Linux-PAM
Upgrade Samba
  • dpkg
  • $ wget http://samba.org/samba/ftp/samba-pubkey.asc
    # apt-key add samba-pubkey.asc
    # dpkg --install samba-NewerVersion.deb

  • rpm
    $ wget http://samba.org/samba/ftp/samba-pubkey.asc
    # rpm --import samba-pubkey.asc
    # rpm -Uhv samba-NewerVersion.rpm

  • Source:
    http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/install.html
    http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/compiling.html

    No comments: