17413858 Update Samba to 3.6.18 release. s11u1-sru 0.175.1.12.0.3.0 S11.1SRU12.3
authorJiri Sasek <Jiri.Sasek@Oracle.COM>
Thu, 19 Sep 2013 10:07:24 -0700
branchs11u1-sru
changeset 2769 c8ae542d2c6c
parent 2768 805b60916541
child 2770 501c20396676
17413858 Update Samba to 3.6.18 release. 17311103 problem in UTILITY/SAMBA 15694966 SUNBT7016715 6641606 is not solved with 146363-01/146364-01
components/samba/samba/Makefile
components/samba/samba/Solaris/samba.sh
components/samba/samba/patches/mozldap.patch
components/samba/samba/samba-license
components/samba/samba/samba.p5m
--- a/components/samba/samba/Makefile	Wed Sep 18 22:41:28 2013 -0700
+++ b/components/samba/samba/Makefile	Thu Sep 19 10:07:24 2013 -0700
@@ -30,11 +30,11 @@
 include ../../../make-rules/shared-macros.mk
 
 COMPONENT_NAME=		samba
-COMPONENT_VERSION=	3.6.15
+COMPONENT_VERSION=	3.6.18
 COMPONENT_SRC=		$(COMPONENT_NAME)-$(COMPONENT_VERSION)
 COMPONENT_PROJECT_URL=	http://www.samba.org/
 COMPONENT_ARCHIVE=	$(COMPONENT_SRC).tar.gz
-COMPONENT_ARCHIVE_HASH=	sha256:42b9acb13f8760a1767829ebaa4c371e462aad5287caf92887e64930cf27da60
+COMPONENT_ARCHIVE_HASH=	sha256:6d71a9ba77567eae863b9599e451479b99f6acb6042a1d98e7a22422ce599992
 COMPONENT_ARCHIVE_URL=	http://us1.samba.org/samba/ftp/stable/$(COMPONENT_ARCHIVE)
 COMPONENT_BUGDB=	utility/samba
 
--- a/components/samba/samba/Solaris/samba.sh	Wed Sep 18 22:41:28 2013 -0700
+++ b/components/samba/samba/Solaris/samba.sh	Thu Sep 19 10:07:24 2013 -0700
@@ -29,6 +29,8 @@
 
 SAMBA_CONFIG=/etc/samba/smb.conf
 
+NSS_STRICT_NOFORK=DISABLED; export NSS_STRICT_NOFORK
+
 # Check if given service is working properly
 check_running() {
 	case "$SMF_FMRI" in
--- a/components/samba/samba/patches/mozldap.patch	Wed Sep 18 22:41:28 2013 -0700
+++ b/components/samba/samba/patches/mozldap.patch	Thu Sep 19 10:07:24 2013 -0700
@@ -1,57 +1,400 @@
---- a/source3/configure.in	2011-12-12 10:59:00.851079500 -0800
-+++ b/source3/configure.in	2011-12-12 11:29:54.993566333 -0800
[email protected]@ -3368,6 +3368,20 @@
-     with_ldap_support=yes
-     AC_MSG_CHECKING(whether LDAP support is used)
-     AC_MSG_RESULT(yes)
+--- a/source3/param/loadparm.c	2013-03-18 01:59:37.000000000 -0700
++++ b/source3/param/loadparm.c	2013-05-10 23:59:37.528279300 +0200
[email protected]@ -278,6 +278,9 @@
+ 	int ldap_follow_referral;
+ 	char *szLdapSuffix;
+ 	char *szLdapAdminDn;
++	char *szLdapCertDBdir;
++	char *szLdapKeyDBdir;
++	bool ldap_privkey_open;
+ 	int ldap_debug_level;
+ 	int ldap_debug_threshold;
+ 	int iAclCompat;
[email protected]@ -3701,6 +3704,33 @@
+ 		.flags		= FLAG_ADVANCED,
+ 	},
+ 	{
++		.label		= "ldap certdb dir",
++		.type		= P_STRING,
++		.p_class	= P_GLOBAL,
++		.ptr		= &Globals.szLdapCertDBdir,
++		.special	= NULL,
++		.enum_list	= NULL,
++		.flags		= FLAG_ADVANCED,
++	},
++	{
++		.label		= "ldap keydb dir",
++		.type		= P_STRING,
++		.p_class	= P_GLOBAL,
++		.ptr		= &Globals.szLdapKeyDBdir,
++		.special	= NULL,
++		.enum_list	= NULL,
++		.flags		= FLAG_ADVANCED,
++	},
++	{
++		.label		= "ldap privkey open",
++		.type		= P_BOOL,
++		.p_class	= P_GLOBAL,
++		.ptr		= &Globals.ldap_privkey_open,
++		.special	= NULL,
++		.enum_list	= NULL,
++		.flags		= FLAG_ADVANCED,
++	},
++	{
+ 		.label		= "ldap delete dn",
+ 		.type		= P_BOOL,
+ 		.p_class	= P_GLOBAL,
[email protected]@ -5366,6 +5396,9 @@
+ 	string_set(&Globals.szLdapIdmapSuffix, "");
+ 
+ 	string_set(&Globals.szLdapAdminDn, "");
++	string_set(&Globals.szLdapCertDBdir, get_dyn_PRIVATE_DIR());
++	string_set(&Globals.szLdapKeyDBdir, get_dyn_PRIVATE_DIR());
++	Globals.ldap_privkey_open = False;
+ 	Globals.ldap_ssl = LDAP_SSL_START_TLS;
+ 	Globals.ldap_ssl_ads = False;
+ 	Globals.ldap_deref = -1;
[email protected]@ -5747,6 +5780,9 @@
+ 
+ FN_GLOBAL_STRING(lp_ldap_suffix, &Globals.szLdapSuffix)
+ FN_GLOBAL_STRING(lp_ldap_admin_dn, &Globals.szLdapAdminDn)
++FN_GLOBAL_STRING(lp_ldap_certdb_dir, &Globals.szLdapCertDBdir)
++FN_GLOBAL_STRING(lp_ldap_keydb_dir, &Globals.szLdapKeyDBdir)
++FN_GLOBAL_BOOL(lp_ldap_privkey_open, &Globals.ldap_privkey_open)
+ FN_GLOBAL_INTEGER(lp_ldap_ssl, &Globals.ldap_ssl)
+ FN_GLOBAL_BOOL(lp_ldap_ssl_ads, &Globals.ldap_ssl_ads)
+ FN_GLOBAL_INTEGER(lp_ldap_deref, &Globals.ldap_deref)
+--- a/source3/include/proto.h	2013-03-18 01:59:37.000000000 -0700
++++ b/source3/include/proto.h	2013-05-11 00:04:26.565521200 +0200
[email protected]@ -1429,6 +1429,9 @@
+ bool lp_passdb_expand_explicit(void);
+ char *lp_ldap_suffix(void);
+ char *lp_ldap_admin_dn(void);
++char *lp_ldap_certdb_dir(void);
++char *lp_ldap_keydb_dir(void);
++bool lp_ldap_privkey_open(void);
+ int lp_ldap_ssl(void);
+ bool lp_ldap_ssl_ads(void);
+ int lp_ldap_deref(void);
+--- a/source3/include/smb_ldap.h	2013-03-18 01:59:37.000000000 -0700
++++ b/source3/include/smb_ldap.h	2013-04-29 13:33:34.602541500 -0700
[email protected]@ -63,6 +63,10 @@
+ 
+ #endif /* HAVE_LDAP_H */
+ 
++#if HAVE_LDAP_SSL_H
++#include <ldap_ssl.h>
++#endif /* HAVE_LDAP_SSL_H */
++
+ #ifndef HAVE_LDAP
+ #define LDAP void
+ #define LDAPMessage void
+--- a/source3/lib/smbldap.c	2013-05-08 10:16:26.000000000 +0200
++++ b/source3/lib/smbldap.c	2013-07-03 09:00:28.482477500 +0200
[email protected]@ -780,7 +780,7 @@
+ 
+ int smb_ldap_start_tls(LDAP *ldap_struct, int version)
+ { 
+-#ifdef LDAP_OPT_X_TLS
++#ifdef HAVE_LDAP_START_TLS_S
+ 	int rc;
+ #endif
+ 
[email protected]@ -788,12 +788,24 @@
+ 		return LDAP_SUCCESS;
+ 	}
+ 
+-#ifdef LDAP_OPT_X_TLS
++#ifdef HAVE_LDAP_START_TLS_S
+ 	if (version != LDAP_VERSION3) {
+ 		DEBUG(0, ("Need LDAPv3 for Start TLS\n"));
+ 		return LDAP_OPERATIONS_ERROR;
+ 	}
+ 
++#ifdef HAVE_LDAPSSL_INIT  /* Netscape */
++	rc = ldapssl_clientauth_init(lp_ldap_certdb_dir(), NULL,
++		lp_ldap_privkey_open(), lp_ldap_keydb_dir(), NULL);
++	if (rc != LDAP_SUCCESS) {
++		DEBUG(0,("ldapssl_clientauth_init with '%s' cert db, "
++			"%s key db, failed: %s\n",
++			lp_ldap_certdb_dir(), lp_ldap_keydb_dir(),
++			ldap_err2string(rc)));
++		return rc;
++	}
++#endif /* HAVE_LDAPSSL_INIT */
++
+ 	if ((rc = ldap_start_tls_s (ldap_struct, NULL, NULL)) != LDAP_SUCCESS)	{
+ 		DEBUG(0,("Failed to issue the StartTLS instruction: %s\n",
+ 			 ldap_err2string(rc)));
[email protected]@ -802,12 +814,14 @@
+ 
+ 	DEBUG (3, ("StartTLS issued: using a TLS connection\n"));
+ 	return LDAP_SUCCESS;
+-#else
++
++#else /* ! HAVE_LDAP_START_TLS_S */
+ 	DEBUG(0,("StartTLS not supported by LDAP client libraries!\n"));
+ 	return LDAP_OPERATIONS_ERROR;
+-#endif
++#endif /* HAVE_LDAP_START_TLS_S */
+ }
+ 
++
+ /********************************************************************
+  setup a connection to the LDAP server based on a uri
+ *******************************************************************/
[email protected]@ -815,8 +829,24 @@
+ static int smb_ldap_setup_conn(LDAP **ldap_struct, const char *uri)
+ {
+ 	int rc;
++#ifdef LDAP_OPT_TIMELIMIT
++	int ot = lp_ldap_timeout();
++#endif
++#ifdef LDAP_X_OPT_CONNECT_TIMEOUT /* Netscape */
++	int ct = lp_ldap_connection_timeout() * 1000;
++#elif defined (LDAP_OPT_NETWORK_TIMEOUT) /* OpenLDAP */
++	struct timeval ct;
++#endif
++#ifndef HAVE_LDAP_INITIALIZE
++	int port = 0;
++	fstring protocol;
++	fstring host;
++	/* Following symbols are only available if Mozldap	*/
++	/* is compiled with LDAP_DEBUG on			*/
++	/* extern int lber_debug, ldap_debug; */
++#endif
+ 
+-	DEBUG(10, ("smb_ldap_setup_connection: %s\n", uri));
++	DEBUG(10, ("smb_ldap_setup_conn: %s\n", uri));
+ 
+ #ifdef HAVE_LDAP_INITIALIZE
+ 
[email protected]@ -837,74 +867,105 @@
+ 	return LDAP_SUCCESS;
+ #else 
+ 
++	/* lber_debug =  255 ; */
++	/* ldap_debug =  1023 | 0x4000 ; */
 +
-+    ##############################
-+    # Check if LDAP SDK is Mozilla
-+    AC_CACHE_CHECK([for LDAP_OPT_SIZELIMIT macro],samba_cv_HAVE_LDAP_MOZ,[
-+    AC_TRY_COMPILE([
-+#include <stdio.h>
-+#include <ldap.h>],
-+    [printf("%s\n", LDAP_OPT_SIZELIMIT);],
-+    samba_cv_HAVE_LDAP_MOZ=yes,samba_cv_HAVE_LDAP_MOZ=no)])
-+    if test x"$samba_cv_HAVE_LDAP_MOZ" = x"yes"; then
-+	AC_DEFINE(HAVE_HAVE_LDAP_MOZ,1,
-+		[Whether the LDAP SDK is Mozilla])
-+    fi
+ 	/* Parse the string manually */
+ 
+-	{
+-		int port = 0;
+-		fstring protocol;
+-		fstring host;
+-		SMB_ASSERT(sizeof(protocol)>10 && sizeof(host)>254);
++	SMB_ASSERT(sizeof(protocol)>10 && sizeof(host)>254);
+ 
+ 
+-		/* skip leading "URL:" (if any) */
+-		if ( strnequal( uri, "URL:", 4 ) ) {
+-			uri += 4;
+-		}
++	/* skip leading "URL:" (if any) */
++	if ( strnequal( uri, "URL:", 4 ) ) {
++		uri += 4;
++	}
+ 
+-		sscanf(uri, "%10[^:]://%254[^:/]:%d", protocol, host, &port);
++	sscanf(uri, "%10[^:]://%254[^:/]:%d", protocol, host, &port);
+ 
+-		if (port == 0) {
+-			if (strequal(protocol, "ldap")) {
+-				port = LDAP_PORT;
+-			} else if (strequal(protocol, "ldaps")) {
+-				port = LDAPS_PORT;
+-			} else {
+-				DEBUG(0, ("unrecognised protocol (%s)!\n", protocol));
+-			}
++	if (port == 0) {
++		if (strequal(protocol, "ldap")) {
++			port = LDAP_PORT;
++		} else if (strequal(protocol, "ldaps")) {
++			port = LDAPS_PORT;
++		} else {
++			DEBUG(0, ("unrecognised protocol (%s)!\n", protocol));
++			return LDAP_OPERATIONS_ERROR;
+ 		}
++	}
+ 
++	if (strequal(protocol, "ldap")) {
+ 		if ((*ldap_struct = ldap_init(host, port)) == NULL)	{
+ 			DEBUG(0, ("ldap_init failed !\n"));
+ 			return LDAP_OPERATIONS_ERROR;
+ 		}
+-
+-	        if (strequal(protocol, "ldaps")) {
++	} else if (strequal(protocol, "ldaps")) {
+ #ifdef LDAP_OPT_X_TLS
+-			int tls = LDAP_OPT_X_TLS_HARD;
+-			if (ldap_set_option (*ldap_struct, LDAP_OPT_X_TLS, &tls) != LDAP_SUCCESS)
+-			{
+-				DEBUG(0, ("Failed to setup a TLS session\n"));
++		int tls = LDAP_OPT_X_TLS_HARD;
++		if ((*ldap_struct = ldap_init(host, port)) == NULL)	{
++			DEBUG(0, ("ldap_init failed !\n"));
++			return LDAP_OPERATIONS_ERROR;
++		}
++		if (ldap_set_option (*ldap_struct, LDAP_OPT_X_TLS, &tls) != LDAP_SUCCESS) {
++			DEBUG(0, ("Failed to setup a TLS session\n"));
++		}
++
++		DEBUG(3,("LDAPS option set...!\n"));
 +
-   else
-     if test x"$with_ldap_support" = x"yes"; then
- 	AC_MSG_ERROR(libldap is needed for LDAP support)
[email protected]@ -3415,8 +3429,21 @@
++#elif defined(HAVE_LDAPSSL_INIT) /* Netscape */
++		if (*ldap_struct != NULL) {
++			rc = ldap_unbind_s(*ldap_struct);
++			if (rc == LDAP_SUCCESS) {
++			    DEBUG(10, ("LDAP already bound... unbound.\n"));
++			} else {
++			    DEBUG(10, ("ldap_unbind_s failed: %s\n",
++				ldap_err2string(rc)));
+ 			}
++			*ldap_struct = NULL;
++		}
++		rc = ldapssl_clientauth_init(lp_ldap_certdb_dir(), NULL,
++			lp_ldap_privkey_open(), lp_ldap_keydb_dir(), NULL);
++		if (rc != LDAP_SUCCESS) {
++			DEBUG(0,("ldapssl_clientauth_init with '%s' cert db, "
++				"%s key db, failed: %s\n",
++				lp_ldap_certdb_dir(), lp_ldap_keydb_dir(),
++				ldap_err2string(rc)));
++			return rc;
++		}
+ 
+-			DEBUG(3,("LDAPS option set...!\n"));
++		if ((*ldap_struct = ldapssl_init(host, port, True)) == NULL) {
++			DEBUG(0, ("ldapssl_init to %s:%d failed!\n", host,
++				port));
++			return LDAP_OPERATIONS_ERROR;
++		}
+ #else
+-			DEBUG(0,("smbldap_open_connection: Secure connection not supported by LDAP client libraries!\n"));
++		DEBUG(0,("smbldap_open_connection: Secure connection not supported by LDAP client libraries!\n"));
+ 			return LDAP_OPERATIONS_ERROR;
+ #endif /* LDAP_OPT_X_TLS */
+-		}
+ 	}
+ #endif /* HAVE_LDAP_INITIALIZE */
+ 
++#ifdef LDAP_OPT_TIMELIMIT
++	rc = ldap_set_option(*ldap_struct, LDAP_OPT_TIMELIMIT, &ot);
++	if (rc != LDAP_SUCCESS) {
++		DEBUG(0,("Failed to setup a ldap operation timeout %d: %s\n",
++			ot, ldap_err2string(rc)));
++	}
++#endif
++
+ 	/* now set connection timeout */
+ #ifdef LDAP_X_OPT_CONNECT_TIMEOUT /* Netscape */
+-	{
+-		int ct = lp_ldap_connection_timeout()*1000;
+-		rc = ldap_set_option(*ldap_struct, LDAP_X_OPT_CONNECT_TIMEOUT, &ct);
+-		if (rc != LDAP_SUCCESS) {
+-			DEBUG(0,("Failed to setup an ldap connection timeout %d: %s\n",
+-				ct, ldap_err2string(rc)));
+-		}
++	rc = ldap_set_option(*ldap_struct, LDAP_X_OPT_CONNECT_TIMEOUT, &ct);
++	if (rc != LDAP_SUCCESS) {
++		DEBUG(0,("Failed to setup an ldap connection timeout %d: %s\n",
++			ct, ldap_err2string(rc)));
+ 	}
+ #elif defined (LDAP_OPT_NETWORK_TIMEOUT) /* OpenLDAP */
+-	{
+-		struct timeval ct;
+-		ct.tv_usec = 0;
+-		ct.tv_sec = lp_ldap_connection_timeout();
+-		rc = ldap_set_option(*ldap_struct, LDAP_OPT_NETWORK_TIMEOUT, &ct);
+-		if (rc != LDAP_SUCCESS) {
+-			DEBUG(0,("Failed to setup an ldap connection timeout %d: %s\n",
+-				(int)ct.tv_sec, ldap_err2string(rc)));
+-		}
++	ct.tv_usec = 0;
++	ct.tv_sec = lp_ldap_connection_timeout();
++	rc = ldap_set_option(*ldap_struct, LDAP_OPT_NETWORK_TIMEOUT, &ct);
++	if (rc != LDAP_SUCCESS) {
++		DEBUG(0,("Failed to setup an ldap connection timeout %d: %s\n",
++			(int)ct.tv_sec, ldap_err2string(rc)));
+ 	}
+ #endif
+ 
[email protected]@ -1094,7 +1155,7 @@
+ 	 * our credentials. At least *try* to secure the connection - Guenther */
+ 
+ 	smb_ldap_upgrade_conn(ldap_struct, &version);
+-	smb_ldap_start_tls(ldap_struct, version);
++	/* smb_ldap_start_tls(ldap_struct, version); */
+ 
+ 	/** @TODO Should we be doing something to check what servers we rebind to?
+ 	    Could we get a referral to a machine that we don't want to give our
+--- a/source3/configure.in	2013-04-26 03:05:37.000000000 -0700
++++ b/source3/configure.in	2013-05-09 13:54:35.613605329 -0700
[email protected]@ -3485,6 +3485,14 @@
+   fi
+ 
+   ##################################################################
++  # check for ldap_ssl.h (Mozldap)
++  AC_CHECK_HEADERS([ldap_ssl.h], [], [],
++  [[#if HAVE_LDAP_H
++  #include <ldap.h>
++  #endif
++  ]])
++
++  ##################################################################
+   # HP/UX does not have ber_tag_t in lber.h - it must be configured as
+   # unsigned int in include/includes.h
+   case $host_os in
[email protected]@ -3551,6 +3562,14 @@
+   AC_CHECK_LIB_EXT(ldap, LDAP_LIBS, ldap_init)
+ 
+   ########################################################
++  # check for Netscape mozldap SSL API
++  AC_CHECK_FUNC_EXT(ldapssl_init,$LDAP_LIBS)
++
++  ########################################################
++  # check for StartTLS on API
++  AC_CHECK_FUNC_EXT(ldap_start_tls_s,$LDAP_LIBS)
++
++  ########################################################
+   # If we have LDAP, does it's rebind procedure take 2 or 3 arguments?
+   # Check found in pam_ldap 145.
+   AC_CHECK_FUNC_EXT(ldap_set_rebind_proc,$LDAP_LIBS)
[email protected]@ -3627,33 +3646,17 @@
      # Check to see whether there is enough LDAP functionality to be able
      # to build AD support.
  
 -# HPUX only has ldap_init; ok, we take care of this in smbldap.c
 -case "$host_os" in
-+ if test x"$samba_cv_HAVE_LDAP_MOZ" = x"yes"; then
-+  # Mozilla LDAP C-SDK has only has ldap_open/ldap_init; ok, we take care of this in smbldap.c
-+  AC_CHECK_FUNC_EXT(ldap_open,$LDAP_LIBS)
-+
-+  if test x"$ac_cv_func_ext_ldap_open" != x"yes"; then
-+    if test x"$with_ads_support" = x"yes"; then
-+      AC_MSG_ERROR(Active Directory support with Mozldap C-SDK requires ldap_open)
-+    elif test x"$with_ads_support" = x"auto"; then
-+      AC_MSG_WARN(Disabling Active Directory support (requires ldap_open with Mozldap C-SDK))
-+      with_ads_support=no
-+    fi
-+  fi
-+ else
-+  # HPUX only has ldap_init; ok, we take care of this in smbldap.c
-+  case "$host_os" in
- 	*hpux*)
-     AC_CHECK_FUNC_EXT(ldap_init,$LDAP_LIBS)
+-	*hpux*)
+-    AC_CHECK_FUNC_EXT(ldap_init,$LDAP_LIBS)
++    # URL-open support is added into smbldap.c so ldap_init is enough
++    AC_CHECK_LIB_EXT(ldap, LDAP_LIBS, ldap_init)
  
[email protected]@ -3441,7 +3468,8 @@
+-    if test x"$ac_cv_func_ext_ldap_init" != x"yes"; then
++    if test x"$ac_cv_lib_ext_ldap_ldap_init" != x"yes"; then
+ 	if test x"$with_ads_support" = x"yes"; then
+-	    AC_MSG_ERROR(Active Directory support on HPUX requires ldap_init)
++	    AC_MSG_ERROR(Active Directory support requires ldap_init)
+ 	elif test x"$with_ads_support" = x"auto"; then
+-	    AC_MSG_WARN(Disabling Active Directory support (requires ldap_init on HPUX))
++	    AC_MSG_WARN(Disabling Active Directory support (requires ldap_init))
+ 	    with_ads_support=no
  	fi
      fi
-     ;;
+-    ;;
+-	*)
+-    AC_CHECK_FUNC_EXT(ldap_initialize,$LDAP_LIBS)
+-
+-    if test x"$ac_cv_func_ext_ldap_initialize" != x"yes"; then
+-	if test x"$with_ads_support" = x"yes"; then
+-	    AC_MSG_ERROR(Active Directory support requires ldap_initialize)
+-	elif test x"$with_ads_support" = x"auto"; then
+-	    AC_MSG_WARN(Disabling Active Directory support (requires ldap_initialize))
+-	    with_ads_support=no
+-	fi
+-    fi
+-    ;;
 -esac
-+  esac
-+ fi
  
  
      AC_CHECK_FUNC_EXT(ldap_add_result_entry,$LDAP_LIBS)
--- a/components/samba/samba/samba-license	Wed Sep 18 22:41:28 2013 -0700
+++ b/components/samba/samba/samba-license	Thu Sep 19 10:07:24 2013 -0700
@@ -2,8 +2,8 @@
 This package may include technology which may be subject to one or more
 of the following additional notices:
 
-Samba 3.6.15
-Oracle Internal Tracking Number 13398
+Samba 3.6.18
+Oracle Internal Tracking Number 14896
 
                         GNU GENERAL PUBLIC LICENSE
                           Version 3, 29 June 2007
--- a/components/samba/samba/samba.p5m	Wed Sep 18 22:41:28 2013 -0700
+++ b/components/samba/samba/samba.p5m	Thu Sep 19 10:07:24 2013 -0700
@@ -198,6 +198,8 @@
 file usr/include/smb_share_modes.h path=usr/include/samba/smb_share_modes.h
 file usr/include/talloc.h path=usr/include/samba/talloc.h
 file usr/include/tdb.h path=usr/include/samba/tdb.h
+file usr/include/tevent.h path=usr/include/samba/tevent.h
+file usr/include/tevent_internal.h path=usr/include/samba/tevent_internal.h
 file usr/include/wbclient.h path=usr/include/samba/wbclient.h
 # nsswitch modules
 file build/$(MACH32)/nsswitch/libnss_winbind.so path=usr/lib/nss_winbind.so.1
@@ -228,6 +230,8 @@
 file build/$(MACH64)/source3/bin/libtalloc.so.2 path=usr/lib/samba/$(MACH64)/libtalloc.so.2
 file path=usr/lib/samba/libtdb.so.1.2.9
 file build/$(MACH64)/source3/bin/libtdb.so.1 path=usr/lib/samba/$(MACH64)/libtdb.so.1
+file path=usr/lib/samba/libtevent.so.0.9.11
+file build/$(MACH64)/source3/bin/libtevent.so.0.9.11 path=usr/lib/samba/$(MACH64)/libtevent.so.0.9.11
 file path=usr/lib/samba/libwbclient.so.0
 file build/$(MACH64)/source3/bin/libwbclient.so.0 path=usr/lib/samba/$(MACH64)/libwbclient.so.0
 file path=usr/lib/samba/lowcase.dat
@@ -735,11 +739,15 @@
 link path=usr/lib/samba/libtalloc.so target=libtalloc.so.2
 link path=usr/lib/samba/libtdb.so.1 target=libtdb.so.1.2.9
 link path=usr/lib/samba/libtdb.so target=libtdb.so.1
+link path=usr/lib/samba/libtevent.so target=libtevent.so.0
+link path=usr/lib/samba/libtevent.so.0 target=libtevent.so.0.9.11
 link path=usr/lib/samba/libwbclient.so target=libwbclient.so.0
 link path=usr/lib/samba/$(MACH64)/libtalloc.so.1 target=libtalloc.so.2
 link path=usr/lib/samba/$(MACH64)/libtalloc.so target=libtalloc.so.2
 link path=usr/lib/samba/$(MACH64)/libtdb.so target=libtdb.so.1
 link path=usr/lib/samba/$(MACH64)/libwbclient.so target=libwbclient.so.0
+link path=usr/lib/samba/$(MACH64)/libtevent.so target=libtevent.so.0
+link path=usr/lib/samba/$(MACH64)/libtevent.so.0 target=libtevent.so.0.9.11
 link path=usr/lib/samba/nss_info/adex.so target=../idmap/adex.so
 link path=usr/lib/samba/nss_info/hash.so target=../idmap/hash.so
 link path=usr/lib/samba/nss_info/rfc2307.so target=../idmap/ad.so