Web lists-archives.com

Re: [Samba] compile samba 4.10.2 centos 7.6

On Mon, 2019-04-22 at 08:12 +0100, Rowland Penny via samba wrote:
> On Mon, 22 Apr 2019 01:27:47 -0400
> Nico Kadel-Garcia via samba <samba@xxxxxxxxxxxxxxx> wrote:
> > Sergio's used python36 from iusrelease. I used the one from EPEL. Our
> > builds are very similar, except that I compile all the added libraries
> > such as libtdb, libtevent, etc. as distinct RPM's as they are
> > published by RHEL, just with Pythone 3.6 as well as with Python 2.7
> > and with resent enough versions for Samba 4.10.2. I'm uspicious about
> > your build and whether it effectively provides full domain controller
> > features, which I believe require gnutls 3.4.17.
> You can stop believing ;-)
> You only need gnutls 3.4.17 if you are using MIT and you shouldn't be
> using MIT, it is experimental. 

Thank you very much Rowland, you are correct.

However, thankfully Nico's efforts are not in vain!  There is an
ongoing effort to rely on GnuTLS for more of Samba's cryptography and
so a practical way to build Samba with GnuTLS 3.4 is really worthwhile!

The reason is that having such a mechanism for our most popular host OS
(RHEL7/CentOS7) would make it easier to enforce such a requirement in
the future.  (And allow us to remove the duplicate BackupKey server for

I also want to put in a really big thank-you to everybody working so
hard to package Samba 4.10 properly and with Python3.  Practical
working proof, again on RHEL7/CentOS7, of a pure python3 build is
invaluable!  Without it we may have had to consider a backtrack on
being Py3 only for Samba 4.11, which would have been quite unfortunate.


Andrew Bartlett
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba