[PATCH] net/samba4: relocate Sysvol to persist between reboots & move variable data out of /usr/pkg/etc/...

[Matthias Petermann <mp%petermann-it.de@localhost>]

Hello everyone,

with the introduction of FFS ACLs Samba can be used as windows domain 
controller (DC). The DC needs a directory to persist its policies and 
scripts - the so called Sysvol.

The creation of the Sysvol typically takes place during the domain 
provisioning with samba-tool. At the moment, the default Samba4 from 
pkgsrc is configured to put Sysvol below /var/run/sysvol. Unfortunately, 
there is a critical issue with this location: Everything inside /var/run 
gets purged as part of the systems startup sequence. So this means 
losing all your policies, ultimately a corruption of the domain 
controller state at the next reboot.

Therefore, Sysvol needs to be relocated to a persistent place.

I checked how this is implemented elsewhere:

* On Linux systems Sysvol is typically located at /var/lib/samba/sysvol
* On FreeBSD the location is /var/db/samba4/sysvol

As /var/lib is not mentioned in HIER(7) at all, I guess this is Linux 
specific. Therefore I would propose the FreeBSD-way and put it below 
/var/db/samba4/sysvol. In addition to that I think it would be a good 
idea to relocate the variable Samba data (databases, caches) currently 
located at /usr/pkg/etc/samba/private) as well. My proposal for the 
target is /var/db/samba4/private.

Attached is a patch which applies to pkgsrc-current. I did perform the 
usual tests (removing all previous configuration and databases, 
provisioning a new domain, joining a Windows client to the domain) - no 
issues so far.

What do you think?

Kind regards
Matthias

Index: Makefile
===================================================================
RCS file: /cvsroot/pkgsrc/net/samba4/Makefile,v
retrieving revision 1.103
diff -u -r1.103 Makefile
--- Makefile    21 Jul 2020 18:42:25 -0000      1.103
+++ Makefile    28 Jul 2020 00:29:52 -0000
@@ -1,7 +1,7 @@
 # $NetBSD: Makefile,v 1.103 2020/07/21 18:42:25 christos Exp $

 DISTNAME=      samba-4.12.5
-PKGREVISION=   1
+PKGREVISION=   2
 CATEGORIES=    net
 MASTER_SITES=  https://download.samba.org/pub/samba/stable/

@@ -34,8 +34,8 @@
 SMB_LOCALSTATE?=       ${VARBASE}
 SMB_INFO?=             ${PREFIX}/info
 SMB_MAN?=              ${PREFIX}/${PKGMANDIR}
-SMB_STATE?=            ${VARBASE}/run
-SMB_PRIVATE?=          ${PKG_SYSCONFDIR}/private
+SMB_STATE?=            ${VARBASE}/db/samba4
+SMB_PRIVATE?=          ${SMB_STATE}/private
 SMB_PID?=              ${VARBASE}/run
 SMB_CACHE?=            ${VARBASE}/run
 SMB_LOCK?=             ${VARBASE}/run
Index: PLIST
===================================================================
RCS file: /cvsroot/pkgsrc/net/samba4/PLIST,v
retrieving revision 1.31
diff -u -r1.31 PLIST
--- PLIST       6 Jul 2020 14:38:06 -0000       1.31
+++ PLIST       28 Jul 2020 00:29:52 -0000
@@ -37,6 +37,7 @@
 bin/wbinfo
 @pkgdir bind-dns
 @pkgdir etc/samba
+@pkgdir var/db/samba4
 include/charset.h
 include/core/doserr.h
 include/core/error.h