Re: [gentoo-dev] =net-fs/samba-4* vs. dev-libs/openssl[kerberos]
Lars Wendler schreef op vr 06-12-2013 om 16:24 [+0100]: Hi list, in [1] we got a bug where was pointed out that it is impossible to use =net-fs/samba-4* on a system which has dev-libs/openssl[kerberos] installed. Long story short, samba-4 hard requires app-crypt/heimdal while openssl[kerberos] hard requires app-crypt/mit-krb5. Of course both packages are mutually exclusive as both are their own kerberos implementation. The bug reporter suggests to use bundled heimdal from samba-4 which I would like to avoid if possible. If anyone knows some better solution please speak up. It is highly appreciated. [1] https://bugs.gentoo.org/490872 Kind regards Hi Lars, how about enabling the existing mit-krb5 support in Samba? Patch attached to the bug report. regards, Jorg
[gentoo-dev] =net-fs/samba-4* vs. dev-libs/openssl[kerberos]
Hi list, in [1] we got a bug where was pointed out that it is impossible to use =net-fs/samba-4* on a system which has dev-libs/openssl[kerberos] installed. Long story short, samba-4 hard requires app-crypt/heimdal while openssl[kerberos] hard requires app-crypt/mit-krb5. Of course both packages are mutually exclusive as both are their own kerberos implementation. The bug reporter suggests to use bundled heimdal from samba-4 which I would like to avoid if possible. If anyone knows some better solution please speak up. It is highly appreciated. [1] https://bugs.gentoo.org/490872 Kind regards -- Lars Wendler Gentoo package maintainer signature.asc Description: PGP signature
Re: [gentoo-dev] =net-fs/samba-4* vs. dev-libs/openssl[kerberos]
On 12/6/13, 7:24 AM, Lars Wendler wrote: The bug reporter suggests to use bundled heimdal from samba-4 which I would like to avoid if possible. If anyone knows some better solution please speak up. It is highly appreciated. It sounds ugly, but I generally lean towards pragmatic solutions: +1 to have this controlled by a USE flag. I actually suggest system-heimdal enabled by default (at least it matches a Gentoo convention from several other packages) than a weird bi_heimdal flag (what does bi stand for?). Now for a better solution: make samba also work with MIT Kerberos, and make OpenSSL work with Heimdal. This can be done at ./configure time of affected packages, and will likely require patches (I mean upstream here). One Good first step would be to make sure there are bugs on file (upstream) for both Samba and OpenSSL. Paweł signature.asc Description: OpenPGP digital signature
Re: [gentoo-dev] =net-fs/samba-4* vs. dev-libs/openssl[kerberos]
On Fri, Dec 6, 2013 at 3:24 PM, Lars Wendler polynomia...@gentoo.orgwrote: The bug reporter suggests to use bundled heimdal from samba-4 which I would like to avoid if possible. If the libraries were to expose the symbols of the embedded heimdal, it would solve the obvious build problem and create a bigger one at runtime. Diego Elio Pettenò — Flameeyes flamee...@flameeyes.eu — http://blog.flameeyes.eu/
Re: [gentoo-dev] =net-fs/samba-4* vs. dev-libs/openssl[kerberos]
On 06/12/13 19:14, Paweł Hajdan, Jr. wrote: Now for a better solution: make samba also work with MIT Kerberos, and make OpenSSL work with Heimdal. That's a big effort. If we decide not to serve the bundled heimdal libraries, we can declare samba4 server components and openssl[kerberos] unsupported. -- Eray Aslan e...@gentoo.org
Re: [gentoo-dev] =net-fs/samba-4* vs. dev-libs/openssl[kerberos]
There's also another package which suffers the same problem, sys-auth/sssd hard-requires mit-krb5 so it can't be used together with samba4 as well. -- Timo Gurr