On Thu, 12 May 2005 aspeagle@collectionsetc.com wrote:
>
>
>
>
> Does anyone have any experience installing/configuring the latest Samba on
> AIX 5.2?... If so, would you care to share your notes?
>
I've been compiling some of my notes from the last couple years and
sifting as quickly as possible, but you seem *eager* so you can test them
out for me! :-) You can get some stuff from IBM and the notes will guide
you in the order for compiling your world. The notes are based on how I
would organize my stuff :-), so feel free to do what you like.
I'd like to officially offer these and my homegrown scripts and C code for
migrating /etc/passwd people to LDAP using standard AIX stuff.
I also have some bits to do mass generation of accounts for a Samba DC.
None of the stuff I'll be providing has been tested with ADS membership,
so don't look for it. This is designed solely for AIX to get
username/password cues from LDAP and for Samba to ride "on top". There
is
no intent of winbindd use with this implementation, so if you want that or
to use IBM's pam, you're on your own.
That said, all the stuff that John T. has painstaking documented will work
with respect to this setup. I've inluded sufficient links and instructions
to get the code compiled and installed. Start reading the HOwTo.
John Terpstra, are you interested the scripts and C code I've built so far
for supporting our infrastructure on AIX? I've got much to share with
those who'd like it. We don't subscribe to the "creat the account
as you
go" method, but we're kinda strange like that ;-) We get our cues for
account generation from other systems (since we're a college) and process
them all at once. We still have needs for creating machine accounts and
the like manually, so we have support for that as well. All the scripts
are based on a 900+ line ksh function library and about 25 ksh utility
programs that were designed using here-documents to build the LDAP stanzas
and manage groups.
It's free if you'd like it, I'll just have to come up with some
*easy*
method of making it all available.
Cheers!
Bill
> Thanks all.
>
> Andy Speagle
>
> "Always remember that you are unique. Just like everybody else."
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
-------------- next part --------------
Get gcc, bison and gdb (and whatever else you like!) from IBM:
http://www-1.ibm.com/servers/aix/products/aixos/linux/rpmgroups.html#Development/Tools
Before you get started, I'd create a 4GB /src filesystem.
Also either create a /usr/local filesytem of a few GB or extend /usr
and make a /usr/local dir.
---------------------------------------------------------
Build GNU make 3.8.0
http://ftp.gnu.org/pub/gnu/make/
# mkdir /src/make
# cp /path/to/gnumake /src/make
# cd /src/make
# gunzip make-3.80.tar.gz
# tar -xvf make-3.80.tar
# chown -R root:system make-3.80
# cd make-3.80
# ./configure
# make
# make install
# ln -sf /usr/local/bin/make /usr/bin/make
(the symlink replaces the one that points /usr/ccs/bin/make)
---------------------------------------------------------
Build libiconv:
http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.9.1.tar.gz
# mkdir /src/libiconv
# cp /path/to/libiconvtarball /src/libiconv
# cd /src/libiconv
# gunzip libiconv-1.9.1.tar.gz
# tar -xvf libiconv-1.9.1.tar
# chown -R root:system libiconv-1.9.1
# cd libiconv-1.9.1
# ./configure
# make
# make install
( the IBM libiconv will fail certain tests for Samba 3.0 )
---------------------------------------------------------
Build BerkeleyDB:
http://www.sleepycat.com/download/db/index.shtml
This can work for either 4.2 or 4.3.
Extract the tarball to a suitable location:
# mkdir /src/bdb
# cp /path/to/berkeleydbtarball /src/bdb
# cd /src/bdb
# gunzip db-4.2.52.NC.tar.gz
# tar -xvf db-4.2.52.NC.tar
# chown -R root:system db-4.2.52.NC
# cd db-4.2.52.NC/build_unix
# ../dist/configure --enable-posixmutexes
# make
# make install
----------------------------------------------------------
Build OpenSSL 0.9.7?:
http://www.openssl.org/
# mkdir /src/openssl
# cp /path/to/openssltarball /src/openssl
# cd /src/openssl
# gunzip openssl-0.9.7e.tar.gz
# tar -xvf openssl-0.9.7e.tar
# chown -R root:system openssl-0.9.7e
# cd openssl-0.9.7e
# ./config threads
# make
# make install
------------------------------------------------------------
Build Kerberos (MIT 1.4 - requires bison):
http://web.mit.edu/kerberos/www/dist/#krb5-1.4.1
# mkdir /src/krb
# cp /path/to/krbtarball /src/krb
# cd /src/krb
# gunzip krb5-1.4.1-signed.tar.gz
# tar -xvf krb5-1.4.1-signed.tar
# gunzip krb5-1.4.1.tar.gz
# tar -xvf krb5-1.4.1.tar
# chown -R root:system krb5-1.4.1
# cd krb5-1.4.1/src
# ./configure
# make
# make install
------------------------------------------------------------
Build Cyrus SASL:
http://asg.web.cmu.edu/cyrus/download/
# mkdir /src/sasl
# cp /path/to/sasltarball /src/sasl
# cd /src/sasl
# gunzip cyrus-sasl-2.1.20.tar.gz
# tar -xvf cyrus-sasl-2.1.20.tar
# chown -R root:system cyrus-sasl-2.1.20
# cd cyrus-sasl-2.1.20
# env CC=gcc CFLAGS="-L/usr/local/BerkeleyDB.4.2/lib -L/usr/local/lib
-I/usr/local/include -lpthread" \
./configure \
--with-bdb-libdir=/usr/local/BerkeleyDB.4.2/lib \
--with-bdb-incdir=/usr/local/BerkeleyDB.4.2/include \
--with-openssl=/usr/local/ssl --disable-gssapi
# make
# make install
-------------------------------------------------------------
Build OpenLDAP 2.2.26:
http://www.openldap.org/software/download/
# mkdir /src/openldap
# cp /path/to/openldaptarball /src/openldap
# cd /src/openldap
# gunzip openldap-2.2.26.tar.gz
# tar -xvf openldap-2.2.26.tar
# chown -R root:system openldap-2.2.26
# cd openldap-2.2.26
# export CFLAGS="-I/usr/local/ssl/include
-I/usr/local/BerkeleyDB.4.2/include -I/usr/local/include/sasl"
# export CPPFLAGS="-I/usr/local/ssl/include
-I/usr/local/BerkeleyDB.4.2/include -I/usr/local/include/sasl"
# export LDFLAGS="-L/usr/local/ssl/lib -L/usr/local/BerkeleyDB.4.2/lib
-L/usr/local/lib -ldb -lpthread -lcrypto -lssl"
# env CC="gcc" \
./configure \
--enable-bdb --enable-spasswd --enable-crypt --enable-slapd --enable-dynamic \
--with-cyrus-sasl --with-tls=openssl --enable-rlookups
# make
# make install
--------------------------------------------------------------
Build Samba 3.0.x
(Make a filesystem called /samba [512MB] and /netlogon [64MB] )
http://us1.samba.org/samba/
# mkdir /src/samba
# cp /path/to/sambatarball /src/samba
# cd /src/samba
# gunzip samba-3.0.14a.tar.gz
# tar -xvf samba-3.0.14a.tar
# chown -R root:system samba-3.0.14a
# cd samba-3.0.14a/source
# env CC=gcc CFLAGS="-O -D_ALL_SOURCE" LDFLAGS="-lpthread -lssl
-lcrypto -lsasl2 -ldb -L/usr/local/lib -L/usr/local/ssl/lib
-L/usr/local/BerkeleyDB.4.2/lib" \
CPPFLAGS="-I/usr/local/include -I/usr/local/include/ssl" \
./configure --with-ldap=/usr/local --prefix=/samba/3.0.14 --with-sendfile
--with-ads=no --with-acl-support=yes -with-libiconv=/usr/local
# make
# make install
--------------------------------------------------------------
Samba is now installed in /samba/3.0.14a (or whatever version you want)
We do it this way only to allow rapid movement between versions when testing
certain bugs we encounter. Do it however you like - if you like
/usr/local/samba,
then use that.
At this point you'll need to set up a basic /samba/3.0.14a/lib/smb.conf and
begin considerations for login script(s) in /netlogon.
This part of the show is going to be very specific to your needs.
Start reading:
http://us1.samba.org/samba/docs/