forked from mirrors/nixpkgs
samba: Switch back to builtin Heimdal Kerberos
When not building with the experimental (!!) system MIT Kerberos, Samba will use the builtin Heimdal Kerberos. For this reason, enableKerberos = true will still include a krb5 implementation, built right into Samba. There is no benefit in using MIT krb5, however it has some downsides like not being able to assign computer GPOs [1]. The ArchWiki [2] also mentions this in their installation section. [1]: https://lists.samba.org/archive/samba/2018-July/216779.html [2]: https://wiki.archlinux.org/index.php/Samba/Active_Directory_domain_controller
This commit is contained in:
parent
342eaba9eb
commit
a3bfbbf8a0
|
@ -30,7 +30,6 @@
|
|||
, enableProfiling ? true
|
||||
, enableMDNS ? false, avahi
|
||||
, enableDomainController ? false, gpgme, lmdb
|
||||
, enableKerberos ? true, krb5Full
|
||||
, enableRegedit ? true, ncurses
|
||||
, enableCephFS ? false, libceph
|
||||
, enableGlusterFS ? false, glusterfs, libuuid
|
||||
|
@ -91,7 +90,6 @@ stdenv.mkDerivation rec {
|
|||
++ optional (enablePrinting && stdenv.isLinux) cups
|
||||
++ optional enableMDNS avahi
|
||||
++ optionals enableDomainController [ gpgme lmdb ]
|
||||
++ optional enableKerberos krb5Full
|
||||
++ optional enableRegedit ncurses
|
||||
++ optional (enableCephFS && stdenv.isLinux) libceph
|
||||
++ optionals (enableGlusterFS && stdenv.isLinux) [ glusterfs libuuid ]
|
||||
|
@ -115,13 +113,9 @@ stdenv.mkDerivation rec {
|
|||
"--sysconfdir=/etc"
|
||||
"--localstatedir=/var"
|
||||
"--disable-rpath"
|
||||
] ++ singleton (if enableDomainController
|
||||
then "--with-experimental-mit-ad-dc"
|
||||
else "--without-ad-dc")
|
||||
++ optionals enableKerberos [
|
||||
"--with-system-mitkrb5"
|
||||
"--with-system-mitkdc=${krb5Full}"
|
||||
] ++ optionals (!enableLDAP) [
|
||||
] ++ optional (!enableDomainController)
|
||||
"--without-ad-dc"
|
||||
++ optionals (!enableLDAP) [
|
||||
"--without-ldap"
|
||||
"--without-ads"
|
||||
] ++ optional enableProfiling "--with-profiling-data"
|
||||
|
|
Loading…
Reference in a new issue