Learn Linux, 302 (Mixed environments)

Configure and build Samba from source

Assembling Samba from scratch

Content series:

This content is part # of # in the series: Learn Linux, 302 (Mixed environments)

Stay tuned for additional content in this series.

This content is part of the series:Learn Linux, 302 (Mixed environments)

Stay tuned for additional content in this series.

In this article, learn about these concepts:

  • Identify important Samba packages and their content.
  • Locate and install depended-upon software.
  • Describe the structure of the Samba software.
  • Identify important Samba compilation options.

This article helps you prepare for objective 311.1 in the Linux® Professional Institute (LPI) Certification level 3 (LPIC-3) LPI-302 exam. This objective has a weight of 1.


This article assumes that you have a working knowledge of Linux command-line functions and at least a general understanding of software structure (source code versus binary code) and compilation procedures. To perform the actions described in this article, your computer must have a working Internet connection and C compiler (such as the GNU Compiler Collection [GCC]).

Obtaining Samba source code

Samba source code is readily available from the Samba Web site (see Related topics for a link). If you're familiar with compiling and installing software from source code, you should have little trouble with Samba; however, because of the critical nature of Samba to many installations, you may want to take extra care to ensure that your software is what you believe it to be. To this end, the Samba developers provide authentication keys you can use to validate your download.

Downloading a source tarball

You can download the Samba source code from the main Samba Web page. A link to the latest stable version (3.5.6 at the time of writing) appears on the main page. Click it to obtain this version of the software; the tarball appears wherever your Web browser places its downloads. A download link for the next generation of Samba, version 4, also appears on the main page; however, Samba version 4 is in alpha testing and has been for years. Use it only if you must have its features or if you want to contribute to Samba development.

Near the main download link, you'll find a link to the current version's release notes and another link to the signature, which you use to verify the software's integrity. If you intend to verify the software's integrity, you should download the signature file. (You may need to right-click the link to do this.) This file is called samba-version.tar.asc, where version is the Samba version number.

Additional download options appear on the Samba download page. This page includes links to an archive of older versions of Samba; instructions for downloading the software via Git, Control Version System, and other tools; links to related tools such as graphical user interface managers and Server Message Block (SMB)/Common Internet File System (CIFS) packages for other platforms; and so on. One particularly important link is to the GnuPG (GPG) key for the Samba package. You must download this file (samba-pubkey.asc) if you intend to verify the Samba package's authenticity, as described next.

Verifying the software's authenticity

It's possible to decompress, compile, install, and use Samba without verifying the software's authenticity. However, given the server's critical importance, running the handful of commands required to verify its authenticity is generally a good idea. To do so, perform the following steps:

  1. Ensure that you've downloaded the samba-version.tar.asc and samba-pubkey.asc files.
  2. Type gunzip samba-version.tar.gz to decompress (but not untar) the package file.
  3. If you have not already done so, type gpg --import samba-pubkey.asc to import the Samba public key into your GPG key ring.
  4. Type gpg --verify samba-version.tar.asc to verify the key. The program should respond with a message similar to:

    gpg: Signature made Thu 07 Oct 2010 02:23:24 PM EDT using DSA key ID 6568B7EA
    gpg: Good signature from "Samba Distribution Verification Key 

The output is likely to continue with a message to the effect that the key is not certified with a trusted signature. This message highlights a limitation of the verification procedure just described: If the main Samba Web site were compromised, the attacker could have replaced the Samba package and both keys with fake versions, which could fool you into accepting the bogus keys. You can protect yourself to some extent by using the --keyserver option to gpg in step 4. This option causes gpg to retrieve a key from as part of the verification process. Somebody distributing a fake Samba package would then need to compromise this key server in addition to the Samba server.

Unpacking the tarball

Assuming that your package has passed its verification step (or if you don't want to bother with that step), you can unpack your source code tarball. Do so in your home directory or in a directory such as /usr/src/, which is intended to hold source code for locally installed software. If you unpack the source code in /usr/src/, you may need to acquire root privileges to do so or change the permissions on /usr/src/ to enable an ordinary user to write to that directory.

However you do it, change to the base of the directory in which you want to untar the source code. Then, type the following command:

$ tar xvf ~/samba-.tar

This command assumes that you've already decompressed the tarball and that it's located in the base of your home directory. If the tarball is still compressed, you can either decompress it first or add z to the tar commands and change the file name, as in:

$ tar xvzf ~/samba-.tar.gz

If the file resides somewhere other than the base of your home directory, adjust the path appropriately. Of course, you should also change the file name to reflect the version you're using.

This command produces a list of files as they're being decompressed. If you see error messages, you may not have permission to write to your current directory, or you may have run out of disk space. Once the task finishes successfully, you'll find that a new subdirectory, samba-version, now exists. This is your Samba source code tree.

Compiling Samba

With the source code now available, you can begin the compilation process. Before you jump in, though, check that you have the necessary prerequisite software on your system. You must then configure the software before performing the actual compilation. You may run into problems that you'll have to resolve, as well.

Installing prerequisite software

To compile Samba, a number of other software packages must be available, the most notable of which is GCC. GCC is a set of compilers for the C language, in which most of Samba is written. On most Linux distributions, you can install GCC from a package called, predictably, gcc. Another critical development tool is make, which calls gcc and other development tools in a pattern determined by the Samba developers.

The Samba code relies on several other libraries—software packages that provide support functions for other programs' use. Chances are, these libraries are already installed on your computer, but to compile a program, you need the libraries' header files, which are often installed in separate packages with names that end in -dev or -devel. At a minimum, use your distribution's packaging tools to ensure that the libc or libc6 development libraries are installed. Some libraries might or might not be required based on your configuration choices. If a library is missing, the configure script—or possibly the build process itself—will produce an error message, so you should be able to track down the relevant library.

Many distributions make it easy to install a basic selection of development tools and libraries in a single operation. In Ubuntu, for instance, you can install the build-essential package. Distributions such as Fedora enable you to install large groups of packages when you install the operating system, so if you know you'll be using a computer for software development when you install the operating system, you can select the relevant package group at that time. If you can't find such an option for your operating system, you'll have to muddle through by installing packages piecemeal.

Configuring Samba

To configure Samba, first change to the source3 subdirectory of the main Samba source code directory. This directory holds the source code for the main Samba package.

Note: Other subdirectories off of the main Samba source code directory hold the source code for ancillary programs, support programs, documentation, and so on. For instance, the client subdirectory holds files related to Linux's ability to mount SMB/CIFS shares as a client; the swat subdirectory holds source code for the Samba Web Administration Tool (SWAT). Building the main Samba package also compiles some of these programs, but you may need to compile others manually. Compiling the main body of Samba, in the source3 subdirectory, builds the critical smbd and nmbd server programs along with support libraries and many related tools.

The configure script handles the configuration process. In the simplest case, you can type ./configure to configure Samba using its default options. Quite a few parameters are available to tweak Samba's compile-time options, though. Type ./configure --help to see a list of these options. (If you're working from a console that doesn't scroll, you may want to redirect the output to a file so that you can peruse it via less or read it in a text editor.)

You can also set various environment variables, which are also detailed in the ./configure --help output. For the most part, the defaults work fine; however, if you know enough about the relevant systems, you can tweak options to suit your needs. For instance, you might set the CFLAGS environment variable to tweak your C compiler's flags. If you don't understand an environment variable, it's best to leave it alone.

Once you've perused the options and environment variables, you can configure your Samba build:

$ CFLAGS="-O3" ./configure --without-ldap

This example tells the script to use the -O3 GCC compiler flag and compile Samba without support for Lightweight Directory Access Protocol. You can change or omit these options, of course, for your own installation.

Compiling the software

Actually compiling the software takes very little effort on your part. Simply type:

$ make

The result is a series of lines describing what the make utility is doing, such as the following:

Compiling lib/netapi/joindomain.c
Compiling lib/netapi/serverinfo.c
Compiling lib/netapi/getdc.c

With any luck, this process will continue until the software is compiled, which is likely to take several minutes, although the exact time varies depending on your computer's speed. If your computer has more than one processor or a multi-core processor, you may want to use the -j option to make to have it run multiple compile jobs simultaneously, thus speeding up the process. For instance, you could type make -j 4 to have make compile up to four source code files simultaneously. Once the software has compiled, you can use the install target to make to install it:

# make install

Although you can perform previous actions as an ordinary user (assuming you have Write access to the source code directory tree as that user), using make install requires you to have root privileges, because this command copies the Samba binary and documentation files into system directories on the computer (typically in /usr/local/, unless you change the location via configure script options).

Resolving problems

Unfortunately, configuration and compilation sometimes fail. The most common cause of such problems is a missing library. If the configure step fails, you're likely to see a message near the end of the output that specifies what's missing—for instance, the message may indicate that it can't find Pluggable Authentication Module libraries. You should then use your system's package management tools, such as Synaptic or Yumex, to search for and install the relevant software. Remember that you may need to install the development libraries separately from the main library package.

You can handle errors at the make stage in a similar way; however, such errors often generate huge numbers of error messages. Ignore the later errors in the list; scroll upward until you find the first error message. Frequently, one error leads to another, which leads to another, and so on. Correcting the first error breaks this chain and often enables the software to compile correctly.

Correcting make errors may require more interpretation than correcting configure errors, because the make errors are likely to reference missing files or even improper syntax within a file. If a missing file is the culprit, its name may serve as a clue; try searching your distribution's packages for the file name minus any extension it has; doing so may lead you to a missing development library that configure neglected to flag. If this fails, try a Web search on the file name; this is likely to lead you to the name of the library you need to install. If the error relates to incorrect syntax, the problem is more serious. You might be able to disable a feature with a relevant configure script option; however, it could be that you'll need to upgrade (or downgrade) your C compiler or the version of Samba you're trying to compile. If you're dealing with a prerelease version of the software, you may have encountered a bug that you'll need to patch yourself. This type of job is well beyond the scope of this article, so you may need to seek help from the Samba developers or a knowledgeable programmer.

Moving forward

The LPIC-3 311.2 objective—and the next article in this series—describe how to install Samba from source and from binary packages. This task necessarily includes launching the Samba server programs, smbd and nmbd. (Additional servers handle ancillary tasks, such as SWAT for Web-based configuration.)

Downloadable resources

Related topics

ArticleTitle=Learn Linux, 302 (Mixed environments): Configure and build Samba from source