New Samba 4.10 port.

svn path=/head/; revision=505446
2025-07-18 01:39:16 -04:00 · 2019-06-30 19:27:35 +00:00 · 2019-06-30 19:27:35 +00:00 · 1c9a85e2cf · 2021-03-31 03:12:20 +00:00
commit 1c9a85e2cf
parent 8dbee3c04d
72 changed files with 2458 additions and 3198 deletions
--- a/net/samba410/Makefile
+++ b/net/samba410/Makefile
@ -1,9 +1,9 @@
 # Created by: timur@FreeBSD.org
 # $FreeBSD$
-PORTNAME=			${SAMBA4_BASENAME}48
+PORTNAME=			${SAMBA4_BASENAME}410
 PORTVERSION=			${SAMBA4_VERSION}
-PORTREVISION=			1
+PORTREVISION=			0
 CATEGORIES?=			net
 MASTER_SITES=			SAMBA/samba/stable SAMBA/samba/rc
 DISTNAME=			${SAMBA4_DISTNAME}
@ -16,16 +16,13 @@ LICENSE_FILE=			${WRKSRC}/COPYING
 IGNORE_NONTHREAD_PYTHON=	needs port lang/python${PYTHON_SUFFIX} to be build with THREADS support
-CONFLICTS_INSTALL?=		samba4-4.0.* samba4[1-79]-4.* p5-Parse-Pidl-4.*
+CONFLICTS_INSTALL?=		samba4-4.0.* samba4[1-9]-4.* p5-Parse-Pidl-4.*
 EXTRA_PATCHES+=			${PATCHDIR}/0001-Zfs-provision-1.patch:-p1
 EXTRA_PATCHES+=			${PATCHDIR}/0001-Freenas-master-mdns-fixes-22.patch:-p1
 EXTRA_PATCHES+=			${PATCHDIR}/0001-audit.patch:-p1
 EXTRA_PATCHES+=			${PATCHDIR}/0001-bug-228462.patch:-p1
 SAMBA4_BASENAME=		samba
 SAMBA4_PORTNAME=		${SAMBA4_BASENAME}4
-SAMBA4_VERSION=			4.8.12
+SAMBA4_VERSION=			4.10.5
 SAMBA4_DISTNAME=		${SAMBA4_BASENAME}-${SAMBA4_VERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|alpha|}
 WRKSRC?=			${WRKDIR}/${DISTNAME}
@ -42,7 +39,6 @@ SAMBA4_BINDDNSDIR=		${SAMBA4_LOCKDIR}/bind-dns
 SAMBA4_PRIVATEDIR=		${SAMBA4_LOCKDIR}/private
 SAMBA4_PAMDIR=			${PREFIX}/lib
 SAMBA4_LIBDIR=			${PREFIX}/lib/${SAMBA4_PORTNAME}
 SAMBA4_MODULEDIR=		${PREFIX}/lib/shared-modules
 SAMBA4_INCLUDEDIR=		${PREFIX}/include/${SAMBA4_PORTNAME}
 SAMBA4_CONFDIR=			${PREFIX}/etc
 SAMBA4_CONFIG=			smb4.conf
@ -74,6 +70,7 @@ USES=				compiler:c++11-lang cpe iconv gettext-runtime \
 				ssl waf
 USE_PERL5=			build
 USE_LDCONFIG=			${SAMBA4_LIBDIR}
 LLD_UNSAFE=			yes
 WAF_CMD=			buildtools/bin/waf
 CONFIGURE_LOG=			bin/config.log
@ -136,7 +133,7 @@ NSUPDATE_DESC=			Use samba NSUPDATE utility for AD DC
 # the system)
 # Readline(sponsored by Python)
 # XXX: USES=readline pollutes CPPFLAGS, so we explicitly put dependency
-LIB_DEPENDS+=			libreadline.so.8:devel/readline
+LIB_DEPENDS+=			libreadline.so:devel/readline
 # popt
 LIB_DEPENDS+=			libpopt.so:devel/popt
 # inotify
@ -148,6 +145,8 @@ LIB_DEPENDS+=			libsunacl.so:sysutils/libsunacl
 # Jansson
 BUILD_DEPENDS+=			jansson>=2.10:devel/jansson
 RUN_DEPENDS+=			jansson>=2.10:devel/jansson
 # tasn1
 LIB_DEPENDS+=			libtasn1.so:security/libtasn1
 # External Samba dependencies
 # Needed for IDL compiler
 BUILD_DEPENDS+=			p5-Parse-Yapp>=0:devel/p5-Parse-Yapp
@ -161,7 +160,7 @@ SAMBA4_BUNDLED_TALLOC?=		no
 SAMBA4_BUNDLED_TEVENT?=		no
 SAMBA4_BUNDLED_TDB?=		no
 SAMBA4_BUNDLED_LDB?=		yes
-SAMBA4_LDB=			13
+SAMBA4_LDB=			15
 # cmocka
 .if defined(SAMBA4_BUNDLED_CMOCKA) && ${SAMBA4_BUNDLED_CMOCKA} == yes
 SAMBA4_BUNDLED_LIBS+=		cmocka
@ -170,47 +169,47 @@ PLIST_SUB+=			SAMBA4_BUNDLED_CMOCKA=""
 SUB_LIST+=			SAMBA4_BUNDLED_CMOCKA=""
 .else
 SAMBA4_BUNDLED_LIBS+=		!cmocka
-BUILD_DEPENDS+=			cmocka>=1.1.1:sysutils/cmocka
+BUILD_DEPENDS+=			cmocka>=1.1.3:sysutils/cmocka
-RUN_DEPENDS+=			cmocka>=1.1.1:sysutils/cmocka
+RUN_DEPENDS+=			cmocka>=1.1.3:sysutils/cmocka
 PLIST_SUB+=			SAMBA4_BUNDLED_CMOCKA="@comment "
 SUB_LIST+=			SAMBA4_BUNDLED_CMOCKA="@comment "
 .endif
 # talloc
 .if defined(SAMBA4_BUNDLED_TALLOC) && ${SAMBA4_BUNDLED_TALLOC} == yes
 SAMBA4_BUNDLED_LIBS+=		talloc
-CONFLICTS+=			talloc1-2.*
+CONFLICTS+=			talloc-* talloc1-*
 PLIST_SUB+=			SAMBA4_BUNDLED_TALLOC=""
 SUB_LIST+=			SAMBA4_BUNDLED_TALLOC=""
 .else
 SAMBA4_BUNDLED_LIBS+=		!talloc
-BUILD_DEPENDS+=			talloc1>=2.1.14:devel/talloc1
+BUILD_DEPENDS+=			talloc>=2.2.0:devel/talloc
-RUN_DEPENDS+=			talloc1>=2.1.14:devel/talloc1
+RUN_DEPENDS+=			talloc>=2.2.0:devel/talloc
 PLIST_SUB+=			SAMBA4_BUNDLED_TALLOC="@comment "
 SUB_LIST+=			SAMBA4_BUNDLED_TALLOC="@comment "
 .endif
 # tevent
 .if defined(SAMBA4_BUNDLED_TEVENT) && ${SAMBA4_BUNDLED_TEVENT} == yes
 SAMBA4_BUNDLED_LIBS+=		tevent
-CONFLICTS+=			tevent1-0.*
+CONFLICTS+=			tevent-* tevent1-*
 PLIST_SUB+=			SAMBA4_BUNDLED_TEVENT=""
 SUB_LIST+=			SAMBA4_BUNDLED_TEVENT=""
 .else
 SAMBA4_BUNDLED_LIBS+=		!tevent
-BUILD_DEPENDS+=			tevent1>=0.9.37:devel/tevent1
+BUILD_DEPENDS+=			tevent>=0.10.0:devel/tevent
-RUN_DEPENDS+=			tevent1>=0.9.37:devel/tevent1
+RUN_DEPENDS+=			tevent>=0.10.0:devel/tevent
 PLIST_SUB+=			SAMBA4_BUNDLED_TEVENT="@comment "
 SUB_LIST+=			SAMBA4_BUNDLED_TEVENT="@comment "
 .endif
 # tdb
 .if defined(SAMBA4_BUNDLED_TDB) && ${SAMBA4_BUNDLED_TDB} == yes
 SAMBA4_BUNDLED_LIBS+=		tdb
-CONFLICTS+=			tdb1-1.*
+CONFLICTS+=			tdb-* tdb1-*
 PLIST_SUB+=			SAMBA4_BUNDLED_TDB=""
 SUB_LIST+=			SAMBA4_BUNDLED_TDB=""
 .else
 SAMBA4_BUNDLED_LIBS+=		!tdb
-BUILD_DEPENDS+=			tdb1>=1.3.15:databases/tdb1
+BUILD_DEPENDS+=			tdb>=1.4.0:databases/tdb
-RUN_DEPENDS+=			tdb1>=1.3.15:databases/tdb1
+RUN_DEPENDS+=			tdb>=1.4.0:databases/tdb
 PLIST_SUB+=			SAMBA4_BUNDLED_TDB="@comment "
 SUB_LIST+=			SAMBA4_BUNDLED_TDB="@comment "
 .endif
@ -218,23 +217,16 @@ SUB_LIST+=			SAMBA4_BUNDLED_TDB="@comment "
 .if (defined(SAMBA4_BUNDLED_LDB) && ${SAMBA4_BUNDLED_LDB} == yes) || !defined(SAMBA4_LDB)
 SAMBA4_BUNDLED_LDB=		yes
 SAMBA4_BUNDLED_LIBS+=		ldb
 CONFLICTS+=			ldb-1.* ldb1[23]-1.*
 PLIST_SUB+=			SAMBA4_BUNDLED_LDB=""
 SUB_LIST+=			SAMBA4_BUNDLED_LDB=""
 SAMBA4_MODULEDIR=		${SAMBA4_LIBDIR}/modules
 .else
 .       if ${SAMBA4_LDB} == 13
 BUILD_DEPENDS+=			ldb13>=1.3.6:databases/ldb13
 RUN_DEPENDS+=			ldb13>=1.3.6:databases/ldb13
 .       elif ${SAMBA4_LDB} == 12
 BUILD_DEPENDS+=			ldb12>=1.2.3:databases/ldb12
 RUN_DEPENDS+=			ldb12>=1.2.3:databases/ldb12
 .       elif ${SAMBA4_LDB} == 11
 BUILD_DEPENDS+=			ldb>=1.1.29:databases/ldb
 RUN_DEPENDS+=			ldb>=1.1.29:databases/ldb
 .       endif
 SAMBA4_BUNDLED_LIBS+=		!ldb
 BUILD_DEPENDS+=			ldb14>=1.5.4:databases/ldb15
 RUN_DEPENDS+=			ldb14>=1.5.4:databases/ldb15
 PLIST_SUB+=			SAMBA4_BUNDLED_LDB="@comment "
 SUB_LIST+=			SAMBA4_BUNDLED_LDB="@comment "
 SAMBA4_MODULEDIR=		${PREFIX}/lib/shared-modules
 .endif
 .if (defined(SAMBA4_BUNDLED_TALLOC) && ${SAMBA4_BUNDLED_TEVENT} == yes) \
@ -272,6 +264,7 @@ CONFIGURE_ARGS+=		\
 				${ICONV_CONFIGURE_BASE}
 ##############################################################################
 BIND911_RUN_DEPENDS=		bind911>=9.11.0.0:dns/bind911
 BIND912_RUN_DEPENDS=		bind912>=9.12.0.0:dns/bind912
 BIND913_RUN_DEPENDS=		bind913>=9.13.0.0:dns/bind913
 BIND914_RUN_DEPENDS=		bind914>=9.14.0.0:dns/bind914
 NSUPDATE_RUN_DEPENDS=		samba-nsupdate:dns/samba-nsupdate
@ -299,13 +292,16 @@ PICKY_DEVELOPER_CONFIGURE_ON=	--picky-developer
 DEVELOPER_IMPLIES=		NTVFS
 DEVELOPER_CONFIGURE_ON=		--enable-developer --enable-selftest --abi-check-disable
-DEVELOPER_BUILD_DEPENDS=	${GDB_CMD}:devel/gdb
+DEVELOPER_RUN_DEPENDS=		${SAMBA4_LMDB_DEPENDS}
 DEVELOPER_BUILD_DEPENDS=	${GDB_CMD}:devel/gdb \
 				${SAMBA4_LMDB_DEPENDS}
 DEVELOPER_TEST_DEPENDS=		${GDB_CMD}:devel/gdb
 DEVELOPER_VARS_OFF=		GDB_CMD=true
 # XXX: Mostly used in conjuction with the DEVELOPER option, don't enable it
 # if you don't know what you are doing
 NTVS_IMPLIES=			AD_DC
 NTVFS_CONFIGURE_WITH=		ntvfs-fileserver
-NTVFS_PLIST_FILES=		lib/shared-modules/service/smb.so \
+NTVFS_PLIST_FILES=		${SAMBA4_MODULEDIR}/service/smb.so \
 				lib/samba4/private/libntvfs-samba4.so
 ##############################################################################
 CLUSTER_CONFIGURE_WITH=		cluster-support
@ -319,6 +315,7 @@ FAM_CONFIGURE_WITH=		fam
 GLUSTERFS_CONFIGURE_ENABLE=	glusterfs
 GLUSTERFS_LIB_DEPENDS=		libglusterfs.so:net/glusterfs
 GLUSTERFS_VARS=			SAMBA4_MODULES+=vfs_glusterfs
 GLUSTERFS_PLIST_FILES+=		man/man8/vfs_glusterfs.8.gz
 GPGME_CONFIGURE_WITH=		gpgme
 GPGME_LIB_DEPENDS=		libgpgme.so:security/gpgme
@ -338,6 +335,8 @@ SYSLOG_CONFIGURE_WITH=		syslog
 UTMP_CONFIGURE_WITH=		utmp
 AD_DC_CONFIGURE_OFF=		--without-ad-dc
 AD_DC_BUILD_DEPENDS=		${SAMBA4_LMDB_DEPENDS}
 AD_DC_RUN_DEPENDS=		${SAMBA4_LMDB_DEPENDS}
 ADS_IMPLIES=			LDAP
 ADS_CONFIGURE_WITH=		ads dnsupdate
@ -406,18 +405,18 @@ CONFIGURE_ARGS+=		--with-shared-modules="${SAMBA4_MODULES:C|-|_|:Q:C|(\\\\ )+|,|
 # XXX: Hack for nss-info_* -> nss_info/* modules
 # Add selected modules to the plist
 .for module in ${SAMBA4_MODULES}
-PLIST_FILES+=			lib/shared-modules/${module:C|_|/|:C|-|_|}.so
+PLIST_FILES+=			${SAMBA4_MODULEDIR}/${module:C|_|/|:C|-|_|}.so
 .endfor
 # Python bindings
 .if defined(NO_PYTHON)
-USES+=				python:2.7,build,test
+USES+=				python:2.7+,build,test
 CONFIGURE_ARGS+=		--disable-python
-PLIST_SUB+=			SAMBA4_PYTHON2="@comment " SAMBA4_PYTHON3="@comment "
+PLIST_SUB+=			SAMBA4_PYTHON="@comment "
-SUB_LIST+=			SAMBA4_PYTHON2="@comment " SAMBA4_PYTHON3="@comment "
+SUB_LIST+=			SAMBA4_PYTHON="@comment "
 .else
-USES+=				python:2.7
+USES+=				python:3.4+
-PLIST_SUB+=			SAMBA4_PYTHON2=""
+PLIST_SUB+=			SAMBA4_PYTHON=""
-SUB_LIST+=			SAMBA4_PYTHON2=""
+SUB_LIST+=			SAMBA4_PYTHON=""
 .if !defined(SAMBA4_BUNDLED_TALLOC)
 SAMBA4_BUNDLED_LIBS+=		!pytalloc-util
@ -437,36 +436,6 @@ RUN_DEPENDS+=			${PYTHON_PKGNAMEPREFIX}dnspython>=1.15.0:dns/py-dnspython@${PY_F
 BUILD_DEPENDS+=			${PYTHON_PKGNAMEPREFIX}iso8601>=0.1.11:devel/py-iso8601@${PY_FLAVOR}
 RUN_DEPENDS+=			${PYTHON_PKGNAMEPREFIX}iso8601>=0.1.11:devel/py-iso8601@${PY_FLAVOR}
 # XXX: This is a gross hack to make port use both Python 2.7+ and 3.3+
 # This is not officially supported, use at your own risk
 .if defined(WITH_SAMBA4_PYTHON3) && ${WITH_SAMBA4_PYTHON3:M3\.[0-9]}
 SAMBA4_PYTHON3_VERSION=		${WITH_SAMBA4_PYTHON3}
 SAMBA4_PYTHON3=			python${SAMBA4_PYTHON3_VERSION}
 SAMBA4_PYTHON3_VER=		${SAMBA4_PYTHON3_VERSION:C/\.//}
 .if !exists(${PORTSDIR}/lang/python${SAMBA4_PYTHON3_VER})
 .error				unsupported or unknown Python version ${SAMBA4_PYTHON3_VERSION}
 .endif
 BUILD_DEPENDS+=			${SAMBA4_PYTHON3}:lang/python${SAMBA4_PYTHON3_VER}
 RUN_DEPENDS+=			${SAMBA4_PYTHON3}:lang/python${SAMBA4_PYTHON3_VER}
 # External Python modules
 BUILD_DEPENDS+=			py${SAMBA4_PYTHON3_VER}-dnspython>=1.15.0:dns/py-dnspython@py${SAMBA4_PYTHON3_VER}
 RUN_DEPENDS+=			py${SAMBA4_PYTHON3_VER}-dnspython>=1.15.0:dns/py-dnspython@py${SAMBA4_PYTHON3_VER}
 BUILD_DEPENDS+=			py${SAMBA4_PYTHON3_VER}-iso8601>=0.1.11:devel/py-iso8601@py${SAMBA4_PYTHON3_VER}
 RUN_DEPENDS+=			py${SAMBA4_PYTHON3_VER}-iso8601>=0.1.11:devel/py-iso8601@py${SAMBA4_PYTHON3_VER}
 # cpython-36m
 SAMBA4_PYTHON3_SO_ABI!=		[ ! -f "${LOCALBASE}/bin/${SAMBA4_PYTHON3}" ] || ${LOCALBASE}/bin/${SAMBA4_PYTHON3} -c 'import sysconfig; print(sysconfig.get_config_var("SOABI") or "")' 2>/dev/null
 SAMBA4_PYTHON3_SITELIBDIR=	lib/python${SAMBA4_PYTHON3_VERSION}/site-packages
 CONFIGURE_ENV+=			PYTHON3_SO_ABI_FLAG=.${SAMBA4_PYTHON3_SO_ABI}
 CONFIGURE_ARGS+=		--extra-python=${LOCALBASE}/bin/${SAMBA4_PYTHON3}
 PLIST_SUB+=			SAMBA4_PYTHON3="" SAMBA4_PYTHON3_SITELIBDIR="${SAMBA4_PYTHON3_SITELIBDIR}"
 SUB_LIST+=			SAMBA4_PYTHON3="" SAMBA4_PYTHON3_SITELIBDIR="${SAMBA4_PYTHON3_SITELIBDIR}"
 .else
 PLIST_SUB+=			SAMBA4_PYTHON3="@comment "
 SUB_LIST+=			SAMBA4_PYTHON3="@comment "
 .endif
 .endif
 # !SAMBA4_SUBPORT
 .endif
@ -484,8 +453,17 @@ PLIST_FILES+=			lib/samba4/private/libaesni-intel-samba4.so
 CONFIGURE_ARGS+=		--accel-aes=none
 .endif
 # Only for 64-bit architectures
 .if ${ARCH} != armv6 && ${ARCH} != armv7 && ${ARCH} != i386 && ${ARCH} != mips && ${ARCH} != powerpc && ${ARCH} != powerpcspe
 .	if defined(SAMBA4_BUNDLED_LDB) && ${SAMBA4_BUNDLED_LDB} == yes && ${PORT_OPTIONS:MAD_DC}
 # LMDB
 SAMBA4_LMDB_DEPENDS=		lmdb>=0.9.16:databases/lmdb
 PLIST_FILES+=			lib/samba4/private/libldb-mdb-int-samba4.so
 .	endif
 .endif
 .if ${PORT_OPTIONS:MGSSAPI_MIT}
-PLIST_FILES+=			lib/shared-modules/krb5/winbind_krb5_localauth.so \
+PLIST_FILES+=			${SAMBA4_MODULEDIR}/krb5/winbind_krb5_localauth.so \
 				man/man8/winbind_krb5_localauth.8.gz
 .	if ${PORT_OPTIONS:MAD_DC}
 PLIST_FILES+=			lib/samba4/krb5/plugins/kdb/samba.so
@ -499,7 +477,7 @@ MAKE_ENV+=			NOCOLOR=yes WAF_LOG_FORMAT='%(c1)s%(zone)s%(c2)s %(message)s'
 .if ${CHOSEN_COMPILER_TYPE} == clang
 CFLAGS+=			-fno-color-diagnostics
 .endif
-# Allow rpcgen ti find proper CPP
+# Allow rpcgen to find proper CPP
 MAKE_ENV+=			RPCGEN_CPP="${CPP}"
 #.if ${readline_ARGS} == port
 #CFLAGS+=			-D_FUNCTION_DEF
@ -565,7 +543,7 @@ pre-build-MANDOC-off:
 				source4/lib/registry/man/regpatch.1 \
 				source4/lib/registry/man/regshell.1 \
 				source4/lib/registry/man/regtree.1 \
-				source4/scripting/man/samba_gpoupdate.8 \
+				source4/scripting/man/samba-gpupdate.8 \
 				source4/torture/man/gentest.1 \
 				source4/torture/man/locktest.1 \
 				source4/torture/man/masktest.1 \
@ -583,14 +561,15 @@ pre-build-MANDOC-off:
 				lib/ldb/man/ldbmodify.1 \
 				lib/ldb/man/ldbrename.1 \
 				lib/ldb/man/ldbdel.1 \
-				lib/ldb/man/ldbedit.1
+				lib/ldb/man/ldbedit.1 \
 				docs-xml/manpages/vfs_freebsd.8
 					${MKDIR} `dirname ${BUILD_WRKSRC}/bin/default/${man}`
 					${INSTALL_MAN} ${FILESDIR}/man/`basename ${man}` ${BUILD_WRKSRC}/bin/default/${man}
 .endfor
 .if ${PORT_OPTIONS:MCLUSTER}
 				${MKDIR} ${BUILD_WRKSRC}/bin/default/ctdb/
-.	for man in		ctdb_diagnostics.1 ctdb.1 ctdbd_wrapper.1 ctdbd.1 \
+.	for man in		ctdb_diagnostics.1 ctdb.1 ctdbd_wrapper.1 ctdbd.1 ltdbtool.1 onnode.1 ping_pong.1 \
-				ltdbtool.1 onnode.1 ping_pong.1 ctdbd.conf.5 \
+				ctdb.conf.5 ctdb.sysconfig.5 ctdb-script.options.5 \
 				ctdb.7 ctdb-statistics.7 ctdb-tunables.7
 					${INSTALL_MAN} ${FILESDIR}/man/${man} ${BUILD_WRKSRC}/bin/default/ctdb/
 .	endfor
--- a/net/samba410/distinfo
+++ b/net/samba410/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1557879791
+TIMESTAMP = 1560986236
-SHA256 (samba-4.8.12.tar.gz) = c162d519101e15d1a1d76df063bfefe8d1656f57fb74e1ef19fe05d341a65d8f
+SHA256 (samba-4.10.5.tar.gz) = 6c10266d5e8c44ce1ea17dc993ace67a83607b4d9a830959c75e3188c6af6375
-SIZE (samba-4.8.12.tar.gz) = 17764832
+SIZE (samba-4.10.5.tar.gz) = 18290612
--- a/net/samba410/files/0001-Zfs-provision-1.patch
+++ b/net/samba410/files/0001-Zfs-provision-1.patch
@ -40,8 +40,8 @@ index 5de986463a5..cd3b91f41b9 100644
 +        file = tempfile.NamedTemporaryFile(dir=sysvol_dir)
         try:
             try:
-                smbd.set_simple_acl(file.name, 0755, gid)
+-                smbd.set_simple_acl(file.name, 0o755, gid)
-+                set_simple_acl(file.name, 0755, gid)
+                set_simple_acl(file.name, 0o755, gid)
             except OSError:
 -                if not smbd.have_posix_acls():
 +                if not smbd.have_posix_acls() and not smbd.have_nfsv4_acls():
@ -69,7 +69,7 @@ index 5de986463a5..cd3b91f41b9 100644
         if not skip_sysvolacl:
@@ -2184,6 +2194,9 @@ def provision(logger, session_info, smbconf=None,
             if not os.path.isdir(paths.netlogon):
-                 os.makedirs(paths.netlogon, 0755)
+                 os.makedirs(paths.netlogon, 0o755)
 +            if smbd.have_nfsv4_acls() and smbd.has_nfsv4_acls(paths.sysvol):
 +                smbd.set_nfsv4_defaults()
@ -120,7 +120,7 @@ diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
 index 63fc5d68c33..f5a536ee186 100644
 --- a/source3/smbd/pysmbd.c
 +++ b/source3/smbd/pysmbd.c
-@@ -368,6 +368,20 @@ static SMB_ACL_T make_simple_acl(TALLOC_
+@@ -387,6 +387,20 @@ static SMB_ACL_T make_simple_acl(TALLOC_
 	return acl;
 }
@ -141,10 +141,12 @@ index 63fc5d68c33..f5a536ee186 100644
 /*
   set a simple ACL on a file, as a test
  */
-@@ -413,6 +427,53 @@ static PyObject *py_smbd_set_simple_acl(
+@@ -432,6 +446,57 @@ static PyObject *py_smbd_set_simple_acl(
 	Py_RETURN_NONE;
 }
- /*
+
 +/*
 +  set a simple NFSv4 ACL on a file, as a test
 + */
 +static PyObject *py_smbd_set_simple_nfsv4_acl(PyObject *self, PyObject *args, PyObject *kwargs)
@ -170,8 +172,9 @@ index 63fc5d68c33..f5a536ee186 100644
 +		return NULL;
 +	}
 +
-+	conn = get_conn(frame, service);
+	conn = get_conn_tos(service, NULL);
 +	if (!conn) {
 +		TALLOC_FREE(frame);
 +		return NULL;
 +	}
 +
@ -180,6 +183,8 @@ index 63fc5d68c33..f5a536ee186 100644
 +	 */
 +	ret = 0;
 +
 +	/* ret = set_sys_acl_conn(fname, SMB_ACL_TYPE_ACCESS, acl, conn); */
 +
 +	if (ret != 0) {
 +		TALLOC_FREE(frame);
 +		errno = ret;
@ -191,11 +196,10 @@ index 63fc5d68c33..f5a536ee186 100644
 +	Py_RETURN_NONE;
 +}
 +
-+/*
+ /*
   chown a file
  */
- static PyObject *py_smbd_chown(PyObject *self, PyObject *args, PyObject *kwargs)
+@@ -540,7 +605,7 @@ static PyObject *py_smbd_unlink(PyObject
@@ -519,7 +580,7 @@ static PyObject *py_smbd_unlink(PyObject
 }
 /*
@ -204,7 +208,7 @@ index 63fc5d68c33..f5a536ee186 100644
  */
 static PyObject *py_smbd_have_posix_acls(PyObject *self)
 {
-@@ -530,6 +591,86 @@ static PyObject *py_smbd_have_posix_acls
+@@ -551,6 +616,86 @@ static PyObject *py_smbd_have_posix_acls
 #endif
 }
@ -291,7 +295,7 @@ index 63fc5d68c33..f5a536ee186 100644
 /*
   set the NT ACL on a file
  */
-@@ -717,9 +858,24 @@ static PyMethodDef py_smbd_methods[] = {
+@@ -843,9 +988,24 @@ static PyMethodDef py_smbd_methods[] = {
 	{ "have_posix_acls",
 		(PyCFunction)py_smbd_have_posix_acls, METH_NOARGS,
 		NULL },
--- a/net/samba410/files/0001-audit.patch
+++ b/net/samba410/files/0001-audit.patch
@ -1,247 +0,0 @@
 From 7d1bcfc99c393367093c903f95a5e365881b7989 Mon Sep 17 00:00:00 2001
 From: "Timur I. Bakeyev" <timur@iXsystems.com>
 Date: Fri, 22 Jun 2018 12:15:30 +0800
 Subject: [PATCH 1/3] Make sure that vfs*audit modules recognize and accept all
 the syslog facilities.
 ---
 source3/modules/vfs_audit.c      | 34 +++++++++++++++++++++++-----------
 source3/modules/vfs_extd_audit.c | 34 +++++++++++++++++++++++-----------
 source3/modules/vfs_full_audit.c | 34 +++++++++++++++++++++++-----------
 3 files changed, 69 insertions(+), 33 deletions(-)
 diff --git a/source3/modules/vfs_audit.c b/source3/modules/vfs_audit.c
 index 12477d5b01f..4f9d16c452e 100644
 --- a/source3/modules/vfs_audit.c
 +++ b/source3/modules/vfs_audit.c
@@ -33,16 +33,28 @@
 static int audit_syslog_facility(vfs_handle_struct *handle)
 {
 	static const struct enum_list enum_log_facilities[] = {
 -		{ LOG_USER, "USER" },
 -		{ LOG_LOCAL0, "LOCAL0" },
 -		{ LOG_LOCAL1, "LOCAL1" },
 -		{ LOG_LOCAL2, "LOCAL2" },
 -		{ LOG_LOCAL3, "LOCAL3" },
 -		{ LOG_LOCAL4, "LOCAL4" },
 -		{ LOG_LOCAL5, "LOCAL5" },
 -		{ LOG_LOCAL6, "LOCAL6" },
 -		{ LOG_LOCAL7, "LOCAL7" },
 -		{ -1, NULL}
 +		{ LOG_AUTH,	"AUTH" },
 +		{ LOG_CRON,	"CRON" },
 +		{ LOG_DAEMON,	"DAEMON" },
 +		{ LOG_FTP,	"FTP" },
 +		{ LOG_KERN,	"KERN" },
 +		{ LOG_LPR,	"LPR" },
 +		{ LOG_MAIL,	"MAIL" },
 +		{ LOG_NEWS,	"NEWS" },
 +		{ LOG_NTP,	"NTP" },
 +		{ LOG_SECURITY,	"SECURITY" },
 +		{ LOG_SYSLOG,	"SYSLOG" },
 +		{ LOG_USER,	"USER" },
 +		{ LOG_UUCP,	"UUCP" },
 +		{ LOG_LOCAL0,	"LOCAL0" },
 +		{ LOG_LOCAL1,	"LOCAL1" },
 +		{ LOG_LOCAL2,	"LOCAL2" },
 +		{ LOG_LOCAL3,	"LOCAL3" },
 +		{ LOG_LOCAL4,	"LOCAL4" },
 +		{ LOG_LOCAL5,	"LOCAL5" },
 +		{ LOG_LOCAL6,	"LOCAL6" },
 +		{ LOG_LOCAL7,	"LOCAL7" },
 +		{ -1,		NULL }
 	};
 	int facility;
@@ -64,7 +76,7 @@ static int audit_syslog_priority(vfs_handle_struct *handle)
 		{ LOG_NOTICE, "NOTICE" },
 		{ LOG_INFO, "INFO" },
 		{ LOG_DEBUG, "DEBUG" },
 -		{ -1, NULL}
 +		{ -1, NULL }
 	};
 	int priority;
 diff --git a/source3/modules/vfs_extd_audit.c b/source3/modules/vfs_extd_audit.c
 index 7d1fe273978..5307569a010 100644
 --- a/source3/modules/vfs_extd_audit.c
 +++ b/source3/modules/vfs_extd_audit.c
@@ -36,16 +36,28 @@ static int vfs_extd_audit_debug_level = DBGC_VFS;
 static int audit_syslog_facility(vfs_handle_struct *handle)
 {
 	static const struct enum_list enum_log_facilities[] = {
 -		{ LOG_USER, "USER" },
 -		{ LOG_LOCAL0, "LOCAL0" },
 -		{ LOG_LOCAL1, "LOCAL1" },
 -		{ LOG_LOCAL2, "LOCAL2" },
 -		{ LOG_LOCAL3, "LOCAL3" },
 -		{ LOG_LOCAL4, "LOCAL4" },
 -		{ LOG_LOCAL5, "LOCAL5" },
 -		{ LOG_LOCAL6, "LOCAL6" },
 -		{ LOG_LOCAL7, "LOCAL7" },
 -		{ -1, NULL}
 +		{ LOG_AUTH,	"AUTH" },
 +		{ LOG_CRON,	"CRON" },
 +		{ LOG_DAEMON,	"DAEMON" },
 +		{ LOG_FTP,	"FTP" },
 +		{ LOG_KERN,	"KERN" },
 +		{ LOG_LPR,	"LPR" },
 +		{ LOG_MAIL,	"MAIL" },
 +		{ LOG_NEWS,	"NEWS" },
 +		{ LOG_NTP,	"NTP" },
 +		{ LOG_SECURITY,	"SECURITY" },
 +		{ LOG_SYSLOG,	"SYSLOG" },
 +		{ LOG_USER,	"USER" },
 +		{ LOG_UUCP,	"UUCP" },
 +		{ LOG_LOCAL0,	"LOCAL0" },
 +		{ LOG_LOCAL1,	"LOCAL1" },
 +		{ LOG_LOCAL2,	"LOCAL2" },
 +		{ LOG_LOCAL3,	"LOCAL3" },
 +		{ LOG_LOCAL4,	"LOCAL4" },
 +		{ LOG_LOCAL5,	"LOCAL5" },
 +		{ LOG_LOCAL6,	"LOCAL6" },
 +		{ LOG_LOCAL7,	"LOCAL7" },
 +		{ -1,		NULL }
 	};
 	int facility;
@@ -67,7 +79,7 @@ static int audit_syslog_priority(vfs_handle_struct *handle)
 		{ LOG_NOTICE, "NOTICE" },
 		{ LOG_INFO, "INFO" },
 		{ LOG_DEBUG, "DEBUG" },
 -		{ -1, NULL}
 +		{ -1, NULL }
 	};
 	int priority;
 diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c
 index a205007f46f..a52af4b5740 100644
 --- a/source3/modules/vfs_full_audit.c
 +++ b/source3/modules/vfs_full_audit.c
@@ -357,16 +357,28 @@ static struct {
 static int audit_syslog_facility(vfs_handle_struct *handle)
 {
 	static const struct enum_list enum_log_facilities[] = {
 -		{ LOG_USER, "USER" },
 -		{ LOG_LOCAL0, "LOCAL0" },
 -		{ LOG_LOCAL1, "LOCAL1" },
 -		{ LOG_LOCAL2, "LOCAL2" },
 -		{ LOG_LOCAL3, "LOCAL3" },
 -		{ LOG_LOCAL4, "LOCAL4" },
 -		{ LOG_LOCAL5, "LOCAL5" },
 -		{ LOG_LOCAL6, "LOCAL6" },
 -		{ LOG_LOCAL7, "LOCAL7" },
 -		{ -1, NULL}
 +		{ LOG_AUTH,	"AUTH" },
 +		{ LOG_CRON,	"CRON" },
 +		{ LOG_DAEMON,	"DAEMON" },
 +		{ LOG_FTP,	"FTP" },
 +		{ LOG_KERN,	"KERN" },
 +		{ LOG_LPR,	"LPR" },
 +		{ LOG_MAIL,	"MAIL" },
 +		{ LOG_NEWS,	"NEWS" },
 +		{ LOG_NTP,	"NTP" },
 +		{ LOG_SECURITY,	"SECURITY" },
 +		{ LOG_SYSLOG,	"SYSLOG" },
 +		{ LOG_USER,	"USER" },
 +		{ LOG_UUCP,	"UUCP" },
 +		{ LOG_LOCAL0,	"LOCAL0" },
 +		{ LOG_LOCAL1,	"LOCAL1" },
 +		{ LOG_LOCAL2,	"LOCAL2" },
 +		{ LOG_LOCAL3,	"LOCAL3" },
 +		{ LOG_LOCAL4,	"LOCAL4" },
 +		{ LOG_LOCAL5,	"LOCAL5" },
 +		{ LOG_LOCAL6,	"LOCAL6" },
 +		{ LOG_LOCAL7,	"LOCAL7" },
 +		{ -1,		NULL }
 	};
 	int facility;
@@ -387,7 +399,7 @@ static int audit_syslog_priority(vfs_handle_struct *handle)
 		{ LOG_NOTICE, "NOTICE" },
 		{ LOG_INFO, "INFO" },
 		{ LOG_DEBUG, "DEBUG" },
 -		{ -1, NULL}
 +		{ -1, NULL }
 	};
 	int priority;
 -- 
 2.16.3
 From b98fc517251ad25b695ef64453ffe3eaaffed5d8 Mon Sep 17 00:00:00 2001
 From: "Timur I. Bakeyev" <timur@iXsystems.com>
 Date: Fri, 22 Jun 2018 12:19:42 +0800
 Subject: [PATCH 2/3] Make "none" is the default setting for the successful and
 failed operations in the vfs_full_audit, so you don't blow up your server by
 just adding this module to the configuration.
 ---
 source3/modules/vfs_full_audit.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)
 diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c
 index a52af4b5740..bc40c8137dc 100644
 --- a/source3/modules/vfs_full_audit.c
 +++ b/source3/modules/vfs_full_audit.c
@@ -624,6 +624,7 @@ static int smb_full_audit_connect(vfs_handle_struct *handle,
 			 const char *svc, const char *user)
 {
 	int result;
 +	const char *none[] = { "none" };
 	struct vfs_full_audit_private_data *pd = NULL;
 	result = SMB_VFS_NEXT_CONNECT(handle, svc, user);
@@ -663,10 +664,10 @@ static int smb_full_audit_connect(vfs_handle_struct *handle,
 	pd->success_ops = init_bitmap(
 		pd, lp_parm_string_list(SNUM(handle->conn), "full_audit",
 -					"success", NULL));
 +					"success", none));
 	pd->failure_ops = init_bitmap(
 		pd, lp_parm_string_list(SNUM(handle->conn), "full_audit",
 -					"failure", NULL));
 +					"failure", none));
 	/* Store the private data. */
 	SMB_VFS_HANDLE_SET_DATA(handle, pd, NULL,
 -- 
 2.16.3
 From e25f3a6cfc284737d8df941686f6629568763103 Mon Sep 17 00:00:00 2001
 From: "Timur I. Bakeyev" <timur@iXsystems.com>
 Date: Fri, 22 Jun 2018 12:36:07 +0800
 Subject: [PATCH 3/3] Document that vfs_full_audit defaults are "none" for the
 successful and failed operations.
 ---
 docs-xml/manpages/vfs_full_audit.8.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 diff --git a/docs-xml/manpages/vfs_full_audit.8.xml b/docs-xml/manpages/vfs_full_audit.8.xml
 index cefe66d8b6f..ac8473f9990 100644
 --- a/docs-xml/manpages/vfs_full_audit.8.xml
 +++ b/docs-xml/manpages/vfs_full_audit.8.xml
@@ -164,7 +164,7 @@
 		<para>LIST is a list of VFS operations that should be
 		recorded if they succeed. Operations are specified using
 		the names listed above. Operations can be unset by prefixing
 -		the names with "!". The default is all operations.
 +		the names with "!". The default is none operations.
 		</para>
 		</listitem>
@@ -176,7 +176,7 @@
 		<para>LIST is a list of VFS operations that should be
 		recorded if they failed. Operations are specified using
 		the names listed above. Operations can be unset by prefixing
 -		the names with "!". The default is all operations.
 +		the names with "!". The default is none operations.
 		</para>
 		</listitem>
 -- 
 2.16.3
--- a/net/samba410/files/0001-ctdb.patch
+++ b/net/samba410/files/0001-ctdb.patch
@ -1,308 +0,0 @@
 From 8304a62ea7847ba6934d44c1b5b7acef9667750d Mon Sep 17 00:00:00 2001
 From: Martin Schwenke <martin@meltin.net>
 Date: Fri, 8 Jun 2018 19:57:20 +1000
 Subject: [PATCH 1/2] ctdb-common: New include file common/system_network.h
 Contains declarations for functions that need ctdb_sock_addr.
 Signed-off-by: Martin Schwenke <martin@meltin.net>
 ---
 ctdb/common/system.h           | 16 ------------
 ctdb/common/system_aix.c       |  1 +
 ctdb/common/system_common.c    |  2 +-
 ctdb/common/system_freebsd.c   |  1 +
 ctdb/common/system_gnu.c       |  1 +
 ctdb/common/system_kfreebsd.c  |  1 +
 ctdb/common/system_linux.c     |  1 +
 ctdb/common/system_network.h   | 46 ++++++++++++++++++++++++++++++++++
 ctdb/server/ctdb_daemon.c      |  1 +
 ctdb/server/ctdb_recoverd.c    |  2 +-
 ctdb/server/ctdb_takeover.c    |  1 +
 ctdb/tests/src/porting_tests.c |  1 +
 ctdb/tools/ctdb.c              |  1 +
 ctdb/tools/ctdb_killtcp.c      |  2 +-
 14 files changed, 58 insertions(+), 19 deletions(-)
 create mode 100644 ctdb/common/system_network.h
 diff --git a/ctdb/common/system.h b/ctdb/common/system.h
 index e6f65b5e621..38ae67d2ab1 100644
 --- a/ctdb/common/system.h
 +++ b/ctdb/common/system.h
@@ -22,24 +22,8 @@
 #include <talloc.h>
 -/* From system_common.c */
 -
 -uint32_t uint16_checksum(uint16_t *data, size_t n);
 -bool ctdb_sys_have_ip(ctdb_sock_addr *_addr);
 -char *ctdb_sys_find_ifname(ctdb_sock_addr *addr);
 -
 /* From system_<os>.c */
 -int ctdb_sys_send_arp(const ctdb_sock_addr *addr, const char *iface);
 -int ctdb_sys_send_tcp(const ctdb_sock_addr *dest,
 -		      const ctdb_sock_addr *src,
 -		      uint32_t seq, uint32_t ack, int rst);
 -int ctdb_sys_open_capture_socket(const char *iface, void **private_data);
 -int ctdb_sys_close_capture_socket(void *private_data);
 -int ctdb_sys_read_tcp_packet(int s, void *private_data,
 -			     ctdb_sock_addr *src, ctdb_sock_addr *dst,
 -			     uint32_t *ack_seq, uint32_t *seq,
 -			     int *rst, uint16_t *window);
 bool ctdb_sys_check_iface_exists(const char *iface);
 int ctdb_get_peer_pid(const int fd, pid_t *peer_pid);
 diff --git a/ctdb/common/system_aix.c b/ctdb/common/system_aix.c
 index f0a0a62efc0..7be54c7a46b 100644
 --- a/ctdb/common/system_aix.c
 +++ b/ctdb/common/system_aix.c
@@ -38,6 +38,7 @@
 #include "common/logging.h"
 #include "common/system.h"
 +#include "common/system_network.h"
 #if 0
 diff --git a/ctdb/common/system_common.c b/ctdb/common/system_common.c
 index a80189cd6c8..2618bf88c7f 100644
 --- a/ctdb/common/system_common.c
 +++ b/ctdb/common/system_common.c
@@ -26,7 +26,7 @@
 #include "protocol/protocol.h"
 #include "common/logging.h"
 -#include "common/system.h"
 +#include "common/system_network.h"
 /*
   uint16 checksum for n bytes
 diff --git a/ctdb/common/system_freebsd.c b/ctdb/common/system_freebsd.c
 index b709a5c75c1..e5a6522c08f 100644
 --- a/ctdb/common/system_freebsd.c
 +++ b/ctdb/common/system_freebsd.c
@@ -41,6 +41,7 @@
 #include "common/logging.h"
 #include "common/system.h"
 +#include "common/system_network.h"
 #ifndef ETHERTYPE_IP6
 #define ETHERTYPE_IP6 0x86dd
 diff --git a/ctdb/common/system_gnu.c b/ctdb/common/system_gnu.c
 index 38ccd13988b..683843a6b76 100644
 --- a/ctdb/common/system_gnu.c
 +++ b/ctdb/common/system_gnu.c
@@ -40,6 +40,7 @@
 #include "common/logging.h"
 #include "common/system.h"
 +#include "common/system_network.h"
 #ifndef ETHERTYPE_IP6
 #define ETHERTYPE_IP6 0x86dd
 diff --git a/ctdb/common/system_kfreebsd.c b/ctdb/common/system_kfreebsd.c
 index d02f28659cb..cdf13572b2b 100644
 --- a/ctdb/common/system_kfreebsd.c
 +++ b/ctdb/common/system_kfreebsd.c
@@ -40,6 +40,7 @@
 #include "common/logging.h"
 #include "common/system.h"
 +#include "common/system_network.h"
 #ifndef ETHERTYPE_IP6
 #define ETHERTYPE_IP6 0x86dd
 diff --git a/ctdb/common/system_linux.c b/ctdb/common/system_linux.c
 index fa77a45460f..beacbf34138 100644
 --- a/ctdb/common/system_linux.c
 +++ b/ctdb/common/system_linux.c
@@ -37,6 +37,7 @@
 #include "common/logging.h"
 #include "common/system.h"
 +#include "common/system_network.h"
 #ifndef ETHERTYPE_IP6
 #define ETHERTYPE_IP6 0x86dd
 diff --git a/ctdb/common/system_network.h b/ctdb/common/system_network.h
 new file mode 100644
 index 00000000000..b6761d29c76
 --- /dev/null
 +++ b/ctdb/common/system_network.h
@@ -0,0 +1,46 @@
 +/*
 +   System specific network code
 +
 +   Copyright (C) Amitay Isaacs  2015
 +
 +   This program is free software; you can redistribute it and/or modify
 +   it under the terms of the GNU General Public License as published by
 +   the Free Software Foundation; either version 3 of the License, or
 +   (at your option) any later version.
 +
 +   This program is distributed in the hope that it will be useful,
 +   but WITHOUT ANY WARRANTY; without even the implied warranty of
 +   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 +   GNU General Public License for more details.
 +
 +   You should have received a copy of the GNU General Public License
 +   along with this program; if not, see <http://www.gnu.org/licenses/>.
 +*/
 +
 +#ifndef __CTDB_SYSTEM_NETWORK_H__
 +#define __CTDB_SYSTEM_NETWORK_H__
 +
 +#include <talloc.h>
 +
 +#include "protocol/protocol.h"
 +
 +/* From system_common.c */
 +
 +uint32_t uint16_checksum(uint16_t *data, size_t n);
 +bool ctdb_sys_have_ip(ctdb_sock_addr *_addr);
 +char *ctdb_sys_find_ifname(ctdb_sock_addr *addr);
 +
 +/* From system_<os>.c */
 +
 +int ctdb_sys_send_arp(const ctdb_sock_addr *addr, const char *iface);
 +int ctdb_sys_send_tcp(const ctdb_sock_addr *dest,
 +		      const ctdb_sock_addr *src,
 +		      uint32_t seq, uint32_t ack, int rst);
 +int ctdb_sys_open_capture_socket(const char *iface, void **private_data);
 +int ctdb_sys_close_capture_socket(void *private_data);
 +int ctdb_sys_read_tcp_packet(int s, void *private_data,
 +			     ctdb_sock_addr *src, ctdb_sock_addr *dst,
 +			     uint32_t *ack_seq, uint32_t *seq,
 +			     int *rst, uint16_t *window);
 +
 +#endif /* __CTDB_SYSTEM_H__ */
 diff --git a/ctdb/server/ctdb_daemon.c b/ctdb/server/ctdb_daemon.c
 index 35c1ab639b5..37a93ec6de1 100644
 --- a/ctdb/server/ctdb_daemon.c
 +++ b/ctdb/server/ctdb_daemon.c
@@ -43,6 +43,7 @@
 #include "common/rb_tree.h"
 #include "common/reqid.h"
 #include "common/system.h"
 +#include "common/system_network.h"
 #include "common/common.h"
 #include "common/logging.h"
 #include "common/pidfile.h"
 diff --git a/ctdb/server/ctdb_recoverd.c b/ctdb/server/ctdb_recoverd.c
 index 2b94fed7478..73451711845 100644
 --- a/ctdb/server/ctdb_recoverd.c
 +++ b/ctdb/server/ctdb_recoverd.c
@@ -38,7 +38,7 @@
 #include "ctdb_private.h"
 #include "ctdb_client.h"
 -#include "common/system.h"
 +#include "common/system_network.h"
 #include "common/common.h"
 #include "common/logging.h"
 diff --git a/ctdb/server/ctdb_takeover.c b/ctdb/server/ctdb_takeover.c
 index cd240875ba2..a97ce2b6de6 100644
 --- a/ctdb/server/ctdb_takeover.c
 +++ b/ctdb/server/ctdb_takeover.c
@@ -39,6 +39,7 @@
 #include "common/rb_tree.h"
 #include "common/reqid.h"
 #include "common/system.h"
 +#include "common/system_network.h"
 #include "common/common.h"
 #include "common/logging.h"
 diff --git a/ctdb/tests/src/porting_tests.c b/ctdb/tests/src/porting_tests.c
 index 74dbf0781b4..b7ad5256fdc 100644
 --- a/ctdb/tests/src/porting_tests.c
 +++ b/ctdb/tests/src/porting_tests.c
@@ -32,6 +32,7 @@
 #include "protocol/protocol.h"
 #include "common/system.h"
 +#include "common/system_network.h"
 #include "common/logging.h"
 diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
 index 2cb46b057f0..8cbe706ab54 100644
 --- a/ctdb/tools/ctdb.c
 +++ b/ctdb/tools/ctdb.c
@@ -41,6 +41,7 @@
 #include "protocol/protocol_api.h"
 #include "protocol/protocol_util.h"
 #include "common/system.h"
 +#include "common/system_network.h"
 #include "client/client.h"
 #include "client/client_sync.h"
 diff --git a/ctdb/tools/ctdb_killtcp.c b/ctdb/tools/ctdb_killtcp.c
 index 71b5999b10e..408a7b4e121 100644
 --- a/ctdb/tools/ctdb_killtcp.c
 +++ b/ctdb/tools/ctdb_killtcp.c
@@ -30,7 +30,7 @@
 #include "protocol/protocol_util.h"
 #include "common/db_hash.h"
 -#include "common/system.h"
 +#include "common/system_network.h"
 #include "common/logging.h"
 -- 
 2.17.1
 From fb350f80cc072d4b699759a432217211986926be Mon Sep 17 00:00:00 2001
 From: Martin Schwenke <martin@meltin.net>
 Date: Fri, 8 Jun 2018 22:31:48 +1000
 Subject: [PATCH 2/2] ctdb-tests: Switch fake_ctdbd to use ctdb_get_peer_pid()
 This potentially improves portability.
 Signed-off-by: Martin Schwenke <martin@meltin.net>
 ---
 ctdb/tests/src/fake_ctdbd.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)
 diff --git a/ctdb/tests/src/fake_ctdbd.c b/ctdb/tests/src/fake_ctdbd.c
 index 2f4e87f6f6c..0e33f8c02e0 100644
 --- a/ctdb/tests/src/fake_ctdbd.c
 +++ b/ctdb/tests/src/fake_ctdbd.c
@@ -40,6 +40,7 @@
 #include "common/logging.h"
 #include "common/tunable.h"
 #include "common/srvid.h"
 +#include "common/system.h"
 #include "ipalloc_read_known_ips.h"
@@ -3050,8 +3051,6 @@ static struct tevent_req *client_send(TALLOC_CTX *mem_ctx,
 {
 	struct tevent_req *req;
 	struct client_state *state;
 -	struct ucred cr;
 -	socklen_t crl = sizeof(struct ucred);
 	int ret;
 	req = tevent_req_create(mem_ctx, &state, struct client_state);
@@ -3064,12 +3063,11 @@ static struct tevent_req *client_send(TALLOC_CTX *mem_ctx,
 	state->ctdb = ctdb;
 	state->pnn = pnn;
 -	ret = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &cr, &crl);
 +	ret = ctdb_get_peer_pid(fd, &state->pid);
 	if (ret != 0) {
 		tevent_req_error(req, ret);
 		return tevent_req_post(req, ev);
 	}
 -	state->pid = cr.pid;
 	ret = comm_setup(state, ev, fd, client_read_handler, req,
 			 client_dead_handler, req, &state->comm);
 -- 
 2.17.1
--- a/net/samba410/files/man/ctdb-etcd.7
+++ b/net/samba410/files/man/ctdb-etcd.7
@ -1,106 +0,0 @@
 '\" t
 .\"     Title: ctdb-etcd
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
 .\"      Date: 11/20/2017
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
 .TH "CTDB\-ETCD" "7" "11/20/2017" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 .\" http://bugs.debian.org/507673
 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 .ie \n(.g .ds Aq \(aq
 .el       .ds Aq '
 .\" -----------------------------------------------------------------
 .\" * set default formatting
 .\" -----------------------------------------------------------------
 .\" disable hyphenation
 .nh
 .\" disable justification (adjust text to left margin only)
 .ad l
 .\" -----------------------------------------------------------------
 .\" * MAIN CONTENT STARTS HERE *
 .\" -----------------------------------------------------------------
 .SH "NAME"
 ctdb-etcd \- CTDB etcd integration
 .SH "SYNOPSIS"
 .HP \w'\fBctdb_etcd_lock\fR\ 'u
 \fBctdb_etcd_lock\fR
 .SH "DESCRIPTION"
 .PP
 ctdb_etcd_lock is intended to be run as a mutex helper for CTDB\&. It will try to connect to an existing etcd cluster and grab a lock in that cluster to function as CTDB\*(Aqs recovery lock\&. Please see
 \fIctdb/doc/cluster_mutex_helper\&.txt\fR
 for details on the mutex helper API\&. To use this, include the following line in your CTDB config file:
 .sp
 .if n \{\
 .RS 4
 .\}
 .nf
 CTDB_RECOVERY_LOCK="!/usr/local/usr/libexec/ctdb/ctdb_etcd_lock"
 .fi
 .if n \{\
 .RE
 .\}
 .PP
 You can also pass "\-v", "\-vv", or "\-vvv" to include verbose output in the CTDB log\&. Additional "v"s indicate increases in verbosity\&.
 .PP
 This mutex helper expects the system Python interpreter to have access to the etcd Python module\&. It also expects an etcd cluster to be configured and running\&. To integrate with this, there is an optional config file of the following format:
 .sp
 .if n \{\
 .RS 4
 .\}
 .nf
 key = value
 .fi
 .if n \{\
 .RE
 .\}
 .PP
 The following configuration parameters (and their defaults) are defined for use by ctdb_etcd_lock:
 .sp
 .if n \{\
 .RS 4
 .\}
 .nf
 port      = 2379   # connecting port for the etcd cluster
 lock_ttl  = 9      # seconds for TTL
 refresh   = 2      # seconds between attempts to maintain lock
 locks_dir = _ctdb  # where to store CTDB locks in etcd
                   # The final etcd directory for any given lock looks like:
                   #   /_locks/{locks_dir}/{netbios name}/
 .fi
 .if n \{\
 .RE
 .\}
 .PP
 In addition, any keyword parameter that can be used to configure an etcd client may be specified and modified here\&. For more documentation on these parameters, see here: https://github\&.com/jplana/python\-etcd/
 .SH "SEE ALSO"
 .PP
 \fBctdb\fR(7),
 \fBctdbd\fR(1),
 \m[blue]\fB\%http://ctdb.samba.org/\fR\m[]
 .SH "AUTHOR"
 .br
 .PP
 This documentation was written by Jose A\&. Rivera
 .SH "COPYRIGHT"
 .br
 Copyright \(co 2016 Jose A. Rivera
 .br
 .PP
 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&.
 .PP
 This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&.
 .PP
 You should have received a copy of the GNU General Public License along with this program; if not, see
 \m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&.
 .sp
--- a/net/samba410/files/man/ctdb-script.options.5
+++ b/net/samba410/files/man/ctdb-script.options.5
@ -1,13 +1,13 @@
 '\" t
-.\"     Title: ctdbd.conf
+.\"     Title: ctdb-script.options
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 11/20/2017
+.\"      Date: 11/18/2018
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDBD\&.CONF" "5" "11/20/2017" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB\-SCRIPT\&.OPTIO" "5" "11/18/2018" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@ -28,288 +28,44 @@
 .\" * MAIN CONTENT STARTS HERE *
 .\" -----------------------------------------------------------------
 .SH "NAME"
-ctdbd.conf \- CTDB daemon configuration file
+ctdb-script.options \- CTDB scripts configuration files
 .SH "DESCRIPTION"
 .PP
-This file contains CTDB configuration variables that are affect the operation of CTDB\&. The default location of this file is
+Each CTDB script has 2 possible locations for its configuration options:
 /usr/local/etc/ctdb/ctdbd\&.conf\&.
 .PP
-This file is a shell script (see
+/usr/local/etc/ctdb/script\&.options
 \fBsh\fR(1)) but is usually limited to simple variable assignments and shell\-style comments\&.
 .PP
 CTDB configuration variables are grouped into several categories below\&.
 .PP
 Variables defined in this document can also be set in a distribution\-specific configuration file such as
 /etc/sysconfig/ctdb
 (Red Hat) or
 /etc/default/ctdb
 (Debian)\&. However, these files should be reserved for variables used by the initscript\&. A historical alternative is
 /usr/local/etc/ctdb/sysconfig/ctdb
 \- this is deprecated\&.
 .SH "INITSCRIPT CONFIGURATION"
 .PP
 Some options must be available to the initscript so they need to be set in the distribution\-specific initscript configuration, such as
 /etc/sysconfig/ctdb
 or
 /etc/default/ctdb\&.
 .PP
 CTDB_PIDFILE=\fIFILENAME\fR
 .RS 4
-FILENAME is the name of the file used to contain the process ID (PID) of the main CTDB daemon when it is running\&. This is passed from the initscript to
+This is a catch\-all global file for general purpose scripts and for options that are used in multiple event scripts\&.
-\fBctdbd_wrapper\fR(1)\&.
+.RE
 .PP
 \fISCRIPT\fR\&.options
 .RS 4
 That is, options for
 \fISCRIPT\fR
 are placed in a file alongside the script, with a "\&.script" suffix added\&. This style is usually recommended for event scripts\&.
 .sp
-Default is
+Options in this script\-specific file override those in the global file\&.
 /usr/local/var/run/ctdb/ctdbd\&.pid\&. Corresponds to
 \fB\-\-pidfile\fR\&.
 .RE
 .SH "GLOBAL CONFIGURATION"
 .PP
 These options may be used in the initscripts, daemon and scripts\&.
 .PP
 CTDB_BASE=\fIDIRECTORY\fR
 .RS 4
 DIRECTORY containing CTDB scripts and configuration files\&.
 .RE
 .SH "DAEMON CONFIGURATION"
 .PP
 Variables in this section are processed by
 \fBctdbd_wrapper\fR(1)
 and are converted into command\-line arguments to
 \fBctdbd\fR(1)\&. Correspondence with
 \fBctdbd\fR(1)
 options is shown for each variable\&. The the documentation for the relevant options for more details\&.
 .PP
 Many of these variables are also used by event scripts\&.
 .PP
 CTDB_CAPABILITY_LMASTER=yes|no
 .RS 4
 Defaults to yes\&. Corresponds to
 \fB\-\-no\-lmaster\fR\&.
 .RE
 .PP
-CTDB_CAPABILITY_RECMASTER=yes|no
+These files should include simple shell\-style variable assignments and shell\-style comments\&.
 .RS 4
 Defaults to yes\&. Corresponds to
 \fB\-\-no\-recmaster\fR\&.
 .RE
 .PP
 CTDB_DBDIR=\fIDIRECTORY\fR
 .RS 4
 Defaults to
 /usr/local/var/lib/ctdb\&.
 .sp
 Apart from a DIRECTORY, this can take a special value of the form
 \fBtmpfs\fR[:\fIOPTIONS\fR]\&. OPTIONS is a comma\-separated list of any permissible options to the tmpfs filesystem\&. The only pre\-specified default is
 \fBmode=700\fR, which can overridden by specifying
 \fBmode\fR
 in OPTIONS\&. It probably makes sense to specify a maximum
 \fBsize\fR\&.
 .sp
 Corresponds to
 \fB\-\-dbdir\fR\&.
 .RE
 .PP
 CTDB_DBDIR_PERSISTENT=\fIDIRECTORY\fR
 .RS 4
 Defaults to
 /usr/local/var/lib/ctdb/persistent\&.
 .sp
 Corresponds to
 \fB\-\-dbdir\-persistent\fR\&.
 .RE
 .PP
 CTDB_DBDIR_STATE=\fIDIRECTORY\fR
 .RS 4
 Defaults to
 /usr/local/var/lib/ctdb/state\&.
 .sp
 Corresponds to
 \fB\-\-dbdir\-state\fR\&.
 .RE
 .PP
 CTDB_DEBUGLEVEL=\fIDEBUGLEVEL\fR
 .RS 4
 Default is NOTICE\&. Corresponds to
 \fB\-d\fR
 or
 \fB\-\-debug\fR\&.
 .RE
 .PP
 CTDB_EVENT_SCRIPT_DIR=\fIDIRECTORY\fR
 .RS 4
 Default is
 \fICTDB_BASE\fR/events\&.d, so usually
 /usr/local/etc/ctdb/events\&.d\&. Corresponds to
 \fB\-\-event\-script\-dir\fR\&.
 .RE
 .PP
 CTDB_LOGGING=\fISTRING\fR
 .RS 4
 STRING specifies where ctdbd will write its log\&. The default is file:/usr/local/var/log/log\&.ctdb\&. Corresponds to
 \fB\-\-logging\fR\&.
 .sp
 Valid values are:
 .PP
 file:\fIFILENAME\fR
 .RS 4
 FILENAME where ctdbd will write its log\&. This is usually
 /usr/local/var/log/log\&.ctdb\&.
 .RE
 .PP
 syslog[:\fIMETHOD\fR]
 .RS 4
 CTDB will log to syslog\&. By default this will use the syslog(3) API\&.
 .sp
 If METHOD is specified then it specifies an extension that causes logging to be done in a non\-blocking fashion\&. This can be useful under heavy loads that might cause the syslog daemon to dequeue messages too slowly, which would otherwise cause CTDB to block when logging\&. METHOD must be one of:
 .PP
 nonblocking
 .RS 4
 CTDB will log to syslog via
 /dev/log
 in non\-blocking mode\&.
 .RE
 .PP
 udp
 .RS 4
 CTDB will log to syslog via UDP to localhost:514\&. The syslog daemon must be configured to listen on (at least) localhost:514\&. Most implementations will log the messages against hostname "localhost" \- this is a limit of the implementation for compatibility with more syslog daemon implementations\&.
 .RE
 .PP
 udp\-rfc5424
 .RS 4
 As with "udp" but messages are sent in RFC5424 format\&. This method will log the correct hostname but is not as widely implemented in syslog daemons\&.
 .RE
 .RE
 .RE
 .PP
 CTDB_NODES=\fIFILENAME\fR
 .RS 4
 Default is
 \fICTDB_BASE\fR/nodes, so usually
 /usr/local/etc/ctdb/nodes\&. Corresponds to
 \fB\-\-nlist\fR\&.
 .RE
 .PP
 CTDB_NOSETSCHED=yes|no
 .RS 4
 Defaults to no\&. Corresponds to
 \fB\-\-nosetsched\fR\&.
 .sp
 Usually CTDB runs with real\-time priority\&. If you are running CTDB on a platform that does not support real\-time priority, you can set this\&.
 .RE
 .PP
 CTDB_NOTIFY_SCRIPT=\fIFILENAME\fR
 .RS 4
 No default, usually
 /usr/local/etc/ctdb/notify\&.sh\&. Corresponds to
 \fB\-\-notification\-script\fR\&.
 .RE
 .PP
 CTDB_MAX_PERSISTENT_CHECK_ERRORS=\fINUM\fR
 .RS 4
 Default 0\&. Corresponds to
 \fB\-\-max\-persistent\-check\-errors\fR\&.
 .RE
 .PP
 CTDB_NODE_ADDRESS=\fIIPADDR\fR
 .RS 4
 IPADDR is the private IP address that ctdbd will bind to\&. Corresponds to
 \fB\-\-listen\fR\&.
 .sp
 By default ctdbd will select the first address from the nodes list that in can bind to\&. See also
 CTDB_NODES\&.
 .sp
 This option is only required when automatic address detection can not be used\&. This can be the case when running multiple ctdbd daemons/nodes on the same physical host (usually for testing), using InfiniBand for the private network or on Linux when sysctl net\&.ipv4\&.ip_nonlocal_bind=1\&.
 .RE
 .PP
 CTDB_PUBLIC_ADDRESSES=\fIFILENAME\fR
 .RS 4
 No default, usually
 /usr/local/etc/ctdb/public_addresses\&. Corresponds to
 \fB\-\-public\-addresses\fR\&.
 .RE
 .PP
 CTDB_PUBLIC_INTERFACE=\fIINTERFACE\fR
 .RS 4
 No default\&. Corresponds to
 \fB\-\-public\-interface\fR\&.
 .RE
 .PP
 CTDB_RECOVERY_LOCK=\fILOCK\fR
 .RS 4
 LOCK specifies the cluster\-wide mutex used to detect and prevent a partitioned cluster (or "split brain")\&.
 .sp
 No default, but the default configuration file specifies
 /some/place/on/shared/storage, which should be change to a useful value\&. Corresponds to
 \fB\-\-reclock\fR\&.
 .sp
 For information about the recovery lock please see the
 RECOVERY LOCK
 section in
 \fBctdb\fR(7)\&.
 .RE
 .PP
 CTDB_SCRIPT_LOG_LEVEL=\fIDEBUGLEVEL\fR
 .RS 4
 Defaults to ERR\&. Corresponds to
 \fB\-\-script\-log\-level\fR\&.
 .RE
 .PP
 CTDB_SOCKET=\fIFILENAME\fR
 .RS 4
 Defaults to
 /usr/local/var/run/ctdb/ctdbd\&.socket\&. Corresponds to
 \fB\-\-socket\fR\&.
 .sp
 If you change this then you probably want to set this in root\*(Aqs environment (perhaps in a file in
 /etc/profile\&.d) so that you can use the
 \fBctdb\fR(1)
 command in a straightforward manner\&.
 .RE
 .PP
 CTDB_START_AS_DISABLED=yes|no
 .RS 4
 Default is no\&. Corresponds to
 \fB\-\-start\-as\-disabled\fR\&.
 .RE
 .PP
 CTDB_START_AS_STOPPED=yes|no
 .RS 4
 Default is no\&. Corresponds to
 \fB\-\-start\-as\-stopped\fR\&.
 .RE
 .PP
 CTDB_TRANSPORT=tcp|infiniband
 .RS 4
 Defaults to tcp\&. Corresponds to
 \fB\-\-transport\fR\&.
 .RE
 .PP
 While the following variables do not translate into daemon options they are used by
 \fBctdbd_wrapper\fR(1)
 when starting and stopping
 \fBctdbd\fR(1)\&.
 .PP
 CTDB_SHUTDOWN_TIMEOUT=\fINUM\fR
 .RS 4
 NUM is the number of seconds to wait for
 \fBctdbd\fR(1)
 to shut down gracefully before giving up and killing it\&.
 .sp
 Defaults is 30\&.
 .RE
 .PP
 CTDB_STARTUP_TIMEOUT=\fINUM\fR
 .RS 4
 NUM is the number of seconds to wait for
 \fBctdbd\fR(1)
 complete early initialisation up to a point where it is unlikely to abort\&. If
 \fBctdbd\fR
 doesn\*(Aqt complete the "setup" event before this timeout then it is killed\&.
 .sp
 Defaults is 10\&.
 .RE
 .SH "NETWORK CONFIGURATION"
-.SS "NAT GATEWAY"
+.SS "10\&.interface"
 .PP
 This event script handles monitoring of interfaces using by public IP addresses\&.
 .PP
 CTDB_PARTIALLY_ONLINE_INTERFACES=yes|no
 .RS 4
 Whether one or more offline interfaces should cause a monitor event to fail if there are other interfaces that are up\&. If this is "yes" and a node has some interfaces that are down then
 \fBctdb status\fR
 will display the node as "PARTIALLYONLINE"\&.
 .sp
 Note that CTDB_PARTIALLY_ONLINE_INTERFACES=yes is not generally compatible with NAT gateway or LVS\&. NAT gateway relies on the interface configured by CTDB_NATGW_PUBLIC_IFACE to be up and LVS replies on CTDB_LVS_PUBLIC_IFACE to be up\&. CTDB does not check if these options are set in an incompatible way so care is needed to understand the interaction\&.
 .sp
 Default is "no"\&.
 .RE
 .SS "11\&.natgw"
 .PP
 Provides CTDB\*(Aqs NAT gateway functionality\&.
 .PP
 NAT gateway is used to configure fallback routing for nodes when they do not host any public IP addresses\&. For example, it allows unhealthy nodes to reliably communicate with external infrastructure\&. One node in a NAT gateway group will be designated as the NAT gateway master node and other (slave) nodes will be configured with fallback routes via the NAT gateway master node\&. For more information, see the
 NAT GATEWAY
@ -435,7 +191,9 @@ Note that
 \fICTDB_NATGW_DEFAULT_GATEWAY\fR
 is not specified\&.
 .RE
-.SS "POLICY ROUTING"
+.SS "13\&.per_ip_routing"
 .PP
 Provides CTDB\*(Aqs policy routing functionality\&.
 .PP
 A node running CTDB may be a component of a complex network topology\&. In particular, public addresses may be spread across several different networks (or VLANs) and it may not be possible to route packets from these public addresses via the system\*(Aqs default route\&. Therefore, CTDB has support for policy routing via the
 13\&.per_ip_routing
@ -460,7 +218,7 @@ File format:
 .RS 4
 .\}
 .nf
-\fIIPADDR\fR \fIDEST\-IPADDR/MASK\fR [\fIGATEWAY\-IPADDR\fR]
+		\fIIPADDR\fR \fIDEST\-IPADDR/MASK\fR [\fIGATEWAY\-IPADDR\fR]
 .fi
 .if n \{\
@ -518,24 +276,14 @@ CTDB_PER_IP_ROUTING_TABLE_ID_HIGH=9000
 .RE
 .\}
 .RE
-.SS "LVS"
+.SS "91\&.lvs"
 .PP
 Provides CTDB\*(Aqs LVS functionality\&.
 .PP
 For a general description see the
 LVS
 section in
 \fBctdb\fR(7)\&.
 .sp
 .it 1 an-trap
 .nr an-no-space-flag 1
 .nr an-break-flag 1
 .br
 .ps +1
 \fBEventscript\fR
 .RS 4
 .RS 4
 91\&.lvs
 .RE
 .RE
 .PP
 CTDB_LVS_NODES=\fIFILENAME\fR
 .RS 4
@ -577,53 +325,50 @@ CTDB_LVS_PUBLIC_IP=\fIIPADDR\fR
 .RS 4
 CTDB_LVS_PUBLIC_IP is the LVS public address\&. No default\&.
 .RE
 .SS "MISCELLANEOUS NETWORK CONFIGURATION"
 .PP
 CTDB_PARTIALLY_ONLINE_INTERFACES=yes|no
 .RS 4
 Whether one or more offline interfaces should cause a monitor event to fail if there are other interfaces that are up\&. If this is "yes" and a node has some interfaces that are down then
 \fBctdb status\fR
 will display the node as "PARTIALLYONLINE"\&.
 .sp
 Note that CTDB_PARTIALLY_ONLINE_INTERFACES=yes is incompatible with NAT gateway, since NAT gateway relies on the interface configured by CTDB_NATGW_PUBLIC_IFACE to be up\&.
 .sp
 Default is "no"\&.
 .RE
 .SH "SERVICE CONFIGURATION"
 .PP
 CTDB can be configured to manage and/or monitor various NAS (and other) services via its eventscripts\&.
 .PP
 In the simplest case CTDB will manage a service\&. This means the service will be started and stopped along with CTDB, CTDB will monitor the service and CTDB will do any required reconfiguration of the service when public IP addresses are failed over\&.
-.SS "SAMBA"
+.SS "20\&.multipathd"
 .sp
 .it 1 an-trap
 .nr an-no-space-flag 1
 .nr an-break-flag 1
 .br
 .ps +1
 \fBEventscripts\fR
 .RS 4
 .RS 4
 49\&.winbind
 .RE
 .RS 4
 50\&.samba
 .RE
 .RE
 .PP
-CTDB_MANAGES_SAMBA=yes|no
+Provides CTDB\*(Aqs Linux multipathd service management\&.
 .RS 4
 Should CTDB manage Samba?
 .sp
 Default is no\&.
 .RE
 .PP
-CTDB_MANAGES_WINBIND=yes|no
+It can monitor multipath devices to ensure that active paths are available\&.
 .PP
 CTDB_MONITOR_MPDEVICES=\fIMP\-DEVICE\-LIST\fR
 .RS 4
-Should CTDB manage Winbind?
+MP\-DEVICE\-LIST is a list of multipath devices for CTDB to monitor?
 .sp
-Default is no\&.
+No default\&.
 .RE
 .SS "31\&.clamd"
 .PP
 This event script provide CTDB\*(Aqs ClamAV anti\-virus service management\&.
 .PP
 This eventscript is not enabled by default\&. Use
 \fBctdb enablescript\fR
 to enable it\&.
 .PP
 CTDB_CLAMD_SOCKET=\fIFILENAME\fR
 .RS 4
 FILENAME is the socket to monitor ClamAV\&.
 .sp
 No default\&.
 .RE
 .SS "49\&.winbind"
 .PP
 Provides CTDB\*(Aqs Samba winbind service management\&.
 .PP
 CTDB_SERVICE_WINBIND=\fISERVICE\fR
 .RS 4
 Distribution specific SERVICE for managing winbindd\&.
 .sp
 Default is "winbind"\&.
 .RE
 .SS "50\&.samba"
 .PP
 Provides the core of CTDB\*(Aqs Samba file service management\&.
 .PP
 CTDB_SAMBA_CHECK_PORTS=\fIPORT\-LIST\fR
 .RS 4
@ -652,37 +397,13 @@ Distribution specific SERVICE for managing smbd\&.
 .sp
 Default is distribution\-dependant\&.
 .RE
 .SS "60\&.nfs"
 .PP
-CTDB_SERVICE_WINBIND=\fISERVICE\fR
+This event script (along with 06\&.nfs) provides CTDB\*(Aqs NFS service management\&.
 .RS 4
 Distribution specific SERVICE for managing winbindd\&.
 .sp
 Default is "winbind"\&.
 .RE
 .SS "NFS"
 .PP
 This includes parameters for the kernel NFS server\&. Alternative NFS subsystems (such as
 \m[blue]\fBNFS\-Ganesha\fR\m[]\&\s-2\u[1]\d\s+2) can be integrated using
 \fICTDB_NFS_CALLOUT\fR\&.
 .sp
 .it 1 an-trap
 .nr an-no-space-flag 1
 .nr an-break-flag 1
 .br
 .ps +1
 \fBEventscript\fR
 .RS 4
 .RS 4
 60\&.nfs
 .RE
 .RE
 .PP
 CTDB_MANAGES_NFS=yes|no
 .RS 4
 Should CTDB manage NFS?
 .sp
 Default is no\&.
 .RE
 .PP
 CTDB_NFS_CALLOUT=\fICOMMAND\fR
 .RS 4
@ -744,83 +465,9 @@ CTDB_NFS_STATE_MNT=\fIDIR\fR
 .RS 4
 The directory where a clustered NFS\*(Aq shared state will be located\&. No default\&.
 .RE
-.SS "APACHE HTTPD"
+.SS "70\&.iscsi"
 .PP
-CTDB can manage the Apache web server\&.
+Provides CTDB\*(Aqs Linux iSCSI tgtd service management\&.
 .sp
 .it 1 an-trap
 .nr an-no-space-flag 1
 .nr an-break-flag 1
 .br
 .ps +1
 \fBEventscript\fR
 .RS 4
 .RS 4
 41\&.httpd
 .RE
 .RE
 .PP
 CTDB_MANAGES_HTTPD=yes|no
 .RS 4
 Should CTDB manage the Apache web server?
 .sp
 Default is no\&.
 .RE
 .SS "CLAMAV"
 .PP
 CTDB has support to manage the popular anti\-virus daemon ClamAV\&.
 .sp
 .it 1 an-trap
 .nr an-no-space-flag 1
 .nr an-break-flag 1
 .br
 .ps +1
 \fBEventscript\fR
 .RS 4
 .RS 4
 31\&.clamd
 .RE
 .PP
 This eventscript is not enabled by default\&. Use
 \fBctdb enablescript\fR
 to enable it\&.
 .RE
 .PP
 CTDB_MANAGES_CLAMD=yes|no
 .RS 4
 Should CTDB manage ClamAV?
 .sp
 Default is no\&.
 .RE
 .PP
 CTDB_CLAMD_SOCKET=\fIFILENAME\fR
 .RS 4
 FILENAME is the socket to monitor ClamAV\&.
 .sp
 No default\&.
 .RE
 .SS "ISCSI"
 .PP
 CTDB has support for managing the Linux iSCSI tgtd service\&.
 .sp
 .it 1 an-trap
 .nr an-no-space-flag 1
 .nr an-break-flag 1
 .br
 .ps +1
 \fBEventscript\fR
 .RS 4
 .RS 4
 70\&.iscsi
 .RE
 .RE
 .PP
 CTDB_MANAGES_ISCSI=yes|no
 .RS 4
 Should CTDB manage iSCSI tgtd?
 .sp
 Default is no\&.
 .RE
 .PP
 CTDB_START_ISCSI_SCRIPTS=\fIDIRECTORY\fR
 .RS 4
@ -828,74 +475,25 @@ DIRECTORY on shared storage containing scripts to start tgtd for each public IP
 .sp
 No default\&.
 .RE
-.SS "MULTIPATHD"
+.SH "DATABASE SETUP"
 .PP
-CTDB can monitor multipath devices to ensure that active paths are available\&.
+CTDB checks the consistency of databases during startup\&.
 .SS "00\&.ctdb"
 .PP
 CTDB_MAX_CORRUPT_DB_BACKUPS=\fINUM\fR
 .RS 4
 NUM is the maximum number of volatile TDB database backups to be kept (for each database) when a corrupt database is found during startup\&. Volatile TDBs are zeroed during startup so backups are needed to debug any corruption that occurs before a restart\&.
 .sp
-.it 1 an-trap
+Default is 10\&.
 .nr an-no-space-flag 1
 .nr an-break-flag 1
 .br
 .ps +1
 \fBEventscript\fR
 .RS 4
 .RS 4
 20\&.multipathd
 .RE
 .SH "SYSTEM RESOURCE MONITORING"
 .SS "05\&.system"
 .PP
-This eventscript is not enabled by default\&. Use
+Provides CTDB\*(Aqs filesystem and memory usage monitoring\&.
 \fBctdb enablescript\fR
 to enable it\&.
 .RE
 .PP
 CTDB_MONITOR_MPDEVICES=\fIMP\-DEVICE\-LIST\fR
 .RS 4
 MP\-DEVICE\-LIST is a list of multipath devices for CTDB to monitor?
 .sp
 No default\&.
 .RE
 .SS "VSFTPD"
 .PP
 CTDB can manage the vsftpd FTP server\&.
 .sp
 .it 1 an-trap
 .nr an-no-space-flag 1
 .nr an-break-flag 1
 .br
 .ps +1
 \fBEventscript\fR
 .RS 4
 .RS 4
 40\&.vsftpd
 .RE
 .RE
 .PP
 CTDB_MANAGES_VSFTPD=yes|no
 .RS 4
 Should CTDB manage the vsftpd FTP server?
 .sp
 Default is no\&.
 .RE
 .SS "SYSTEM RESOURCE MONITORING CONFIGURATION"
 .PP
 CTDB can experience seemingly random (performance and other) issues if system resources become too constrained\&. Options in this section can be enabled to allow certain system resources to be checked\&. They allows warnings to be logged and nodes to be marked unhealthy when system resource usage reaches the configured thresholds\&.
 .PP
 Some checks are enabled by default\&. It is recommended that these checks remain enabled or are augmented by extra checks\&. There is no supported way of completely disabling the checks\&.
 .sp
 .it 1 an-trap
 .nr an-no-space-flag 1
 .nr an-break-flag 1
 .br
 .ps +1
 \fBEventscripts\fR
 .RS 4
 .RS 4
 05\&.system
 .RE
 .PP
 Filesystem and memory usage monitoring is in
 05\&.system\&.
 .RE
 .PP
 CTDB_MONITOR_FILESYSTEM_USAGE=\fIFS\-LIMIT\-LIST\fR
 .RS 4
@ -903,9 +501,9 @@ FS\-LIMIT\-LIST is a space\-separated list of
 \fIFILESYSTEM\fR:\fIWARN_LIMIT\fR[:\fIUNHEALTHY_LIMIT\fR]
 triples indicating that warnings should be logged if the space used on FILESYSTEM reaches WARN_LIMIT%\&. If usage reaches UNHEALTHY_LIMIT then the node should be flagged unhealthy\&. Either WARN_LIMIT or UNHEALTHY_LIMIT may be left blank, meaning that check will be omitted\&.
 .sp
-Default is to warn for each filesystem containing a database directory (\fBCTDB_DBDIR\fR,
+Default is to warn for each filesystem containing a database directory (volatile\ \&database\ \&directory,
-\fBCTDB_DBDIR_PERSISTENT\fR,
+persistent\ \&database\ \&directory,
-\fBCTDB_DBDIR_STATE\fR) with a threshold of 90%\&.
+state\ \&database\ \&directory) with a threshold of 90%\&.
 .RE
 .PP
 CTDB_MONITOR_MEMORY_USAGE=\fIMEM\-LIMITS\fR
@ -925,186 +523,25 @@ indicating that warnings should be logged if swap usage reaches WARN_LIMIT%\&. I
 .sp
 Default is 25, so warnings will be logged when swap usage reaches 25%\&.
 .RE
-.SS "MISCELLANEOUS SERVICE\-RELATED CONFIGURATION"
+.SH "EVENT SCRIPT DEBUGGING"
-.PP
+.SS "debug\-hung\-script\&.sh"
 CTDB_MANAGED_SERVICES=\fISERVICE\-LIST\fR
 .RS 4
 SERVICE\-LIST is a space\-separated list of SERVICEs that CTDB should manage\&. This can be used as an alternative to the
 \fICTDB_MANAGES_\fR\fI\fISERVICE\fR\fR
 variables\&.
 .sp
 No default\&.
 .RE
 .SH "TUNABLES CONFIGURATION"
 .PP
 CTDB tunables (see
 \fBctdbd-tunables\fR(7)) can be set from the configuration file\&. They are set as follows:
 .sp
 .if n \{\
 .RS 4
 .\}
 .nf
 CTDB_SET_\fITUNABLE\fR=\fIVALUE\fR
 .fi
 .if n \{\
 .RE
 .\}
 .PP
 For example:
 .sp
 .if n \{\
 .RS 4
 .\}
 .nf
 CTDB_SET_MonitorInterval=20
 .fi
 .if n \{\
 .RE
 .\}
 .sp
 .SH "DEBUG AND TEST"
 .PP
 Variable in this section are for debugging and testing CTDB\&. They should not generally be needed\&.
 .PP
 CTDB_DEBUG_HUNG_SCRIPT=\fIFILENAME\fR
 .RS 4
 FILENAME is a script to run to log debug information when an event script times out\&.
 .sp
 Default is
 \fICTDB_BASE\fR/debug\-hung\-script\&.sh\&.
 .RE
 .PP
 CTDB_DEBUG_HUNG_SCRIPT_LOGFILE=\fIFILENAME\fR
 .RS 4
 FILENAME specifies where log messages should go when debugging hung eventscripts\&. This is a testing option\&. See also
 CTDB_DEBUG_HUNG_SCRIPT\&.
 .sp
 No default\&. Messages go to stdout/stderr and are logged to the same place as other CTDB log messages\&.
 .RE
 .PP
 CTDB_DEBUG_HUNG_SCRIPT_STACKPAT=\fIREGEXP\fR
 .RS 4
-REGEXP specifies interesting processes for which stack traces should be logged when debugging hung eventscripts and those processes are matched in pstree output\&. REGEXP is an extended regexp so choices are separated by pipes (\*(Aq|\*(Aq)\&. However, REGEXP should not contain parentheses\&. See also
+REGEXP specifies interesting processes for which stack traces should be logged when debugging hung eventscripts and those processes are matched in pstree output\&. REGEXP is an extended regexp so choices are separated by pipes (\*(Aq|\*(Aq)\&. However, REGEXP should not contain parentheses\&. See also the
-CTDB_DEBUG_HUNG_SCRIPT\&.
+\fBctdb.conf\fR(5)
 [event] "debug\ \&script" option\&.
 .sp
 Default is "exportfs|rpcinfo"\&.
 .RE
 .PP
 CTDB_DEBUG_LOCKS=\fIFILENAME\fR
 .RS 4
 FILENAME is a script to run to log debug information when an CTDB fails to freeze databases during recovery\&.
 .sp
 No default, usually
 \fICTDB_BASE\fR/debug_locks\&.sh\&.
 .RE
 .PP
 CTDB_SYS_ETCDIR=\fIDIRECTORY\fR
 .RS 4
 DIRECTORY containing system configuration files\&. This is used to provide alternate configuration when testing and should not need to be changed from the default\&.
 .sp
 Default is
 /etc\&.
 .RE
 .PP
 CTDB_INIT_STYLE=debian|redhat|suse
 .RS 4
 This is the init style used by the Linux distribution (or other operating system) being used\&. This is usually determined dynamically by checking the system\&. This variable is used by the initscript to determine which init system primitives to use\&. It is also used by some eventscripts to choose the name of initscripts for certain services, since these can vary between distributions\&.
 .sp
 No fixed default\&.
 .sp
 If this option needs to be changed from the calculated default for the initscript to function properly, then it must be set in the distribution\-specific initscript configuration, such as
 /etc/sysconfig/ctdb
 .RE
 .PP
 CTDB_MAX_CORRUPT_DB_BACKUPS=\fINUM\fR
 .RS 4
 NUM is the maximum number of volatile TDB database backups to be kept (for each database) when a corrupt database is found during startup\&. Volatile TDBs are zeroed during startup so backups are needed to debug any corruption that occurs before a restart\&.
 .sp
 Default is 10\&.
 .RE
 .PP
 CTDB_MAX_OPEN_FILES=\fINUM\fR
 .RS 4
 NUM is the maximum number of open files\&.
 .sp
 There is no default\&.
 .RE
 .PP
 CTDB_RC_LOCAL=\fIFILENAME\fR
 .RS 4
 FILENAME is a script fragment to be sourced by the
 functions
 that is sourced by scripts\&. On example use would be to override function definitions in unit tests\&. As a sanity check, this file must be executable for it to be used\&.
 .sp
 No default\&.
 .RE
 .PP
 CTDB_RUN_TIMEOUT_MONITOR=yes|no
 .RS 4
 Whether CTDB should simulate timing out monitor events\&. This uses the
 99\&.timeout
 eventscript\&.
 .sp
 Default is no\&.
 .RE
 .PP
 CTDB_SUPPRESS_COREFILE=yes|no
 .RS 4
 Whether CTDB core files should be suppressed\&.
 .sp
 Default is no\&.
 .RE
 .PP
 CTDB_VALGRIND=yes|no|\fICOMMAND\fR
 .RS 4
 If "yes", this causes
 \fBctdbd\fR(1)
 to be run under
 \fBvalgrind\fR(1)
 with logs going to
 /usr/local/var/log/ctdb_valgrind\&. If neither "yes" nor "no" then the value is assumed to be a COMMAND (e\&.g\&. a
 \fBvalgrind\fR
 variation, a
 \fBgdb\fR(1)
 command) that is used in place of the default
 \fBvalgrind\fR
 command\&. In either case, the
 \fB\-\-valgrind\fR
 option is passed to
 \fBctdbd\fR\&.
 .sp
 Default is no\&.
 .RE
 .PP
 CTDB_VARDIR=\fIDIRECTORY\fR
 .RS 4
 DIRECTORY containing CTDB files that are modified at runtime\&.
 .sp
 Defaults to
 /usr/local/var/lib/ctdb\&.
 .RE
 .SH "FILES"
 .RS 4
-/usr/local/etc/ctdb/ctdbd\&.conf
+/usr/local/etc/ctdb/script\&.options
 .RE
 .RS 4
 /etc/sysconfig/ctdb
 .RE
 .RS 4
 /etc/default/ctdb
 .RE
 .RS 4
 /usr/local/etc/ctdb/sysconfig/ctdb
 .RE
 .SH "SEE ALSO"
 .PP
 \fBctdbd\fR(1),
 \fBctdbd_wrapper\fR(1),
 \fBonnode\fR(1),
 \fBctdb\fR(7),
 \fBctdb-tunables\fR(7),
 \m[blue]\fB\%http://ctdb.samba.org/\fR\m[]
 .SH "AUTHOR"
 .br
--- a/net/samba410/files/man/ctdb-statistics.7
+++ b/net/samba410/files/man/ctdb-statistics.7
@ -2,12 +2,12 @@
 .\"     Title: ctdb-statistics
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 11/20/2017
+.\"      Date: 11/18/2018
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDB\-STATISTICS" "7" "11/20/2017" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB\-STATISTICS" "7" "11/18/2018" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@ -237,6 +237,17 @@ Number of REQ_CONTROL messages from the other nodes\&.
 .PP
 Number of REPLY_CONTROL messages from the other nodes\&.
 .RE
 .sp
 .it 1 an-trap
 .nr an-no-space-flag 1
 .nr an-break-flag 1
 .br
 .ps +1
 \fBreq_tunnel\fR
 .RS 4
 .PP
 Number of REQ_TUNNEL messages from the other nodes\&.
 .RE
 .SS "client"
 .PP
 This section lists various types of messages processed which originated from clients via unix domain socket\&.
@ -273,6 +284,17 @@ Number of REQ_MESSAGE messages from the clients\&.
 .PP
 Number of REQ_CONTROL messages from the clients\&.
 .RE
 .sp
 .it 1 an-trap
 .nr an-no-space-flag 1
 .nr an-break-flag 1
 .br
 .ps +1
 \fBreq_tunnel\fR
 .RS 4
 .PP
 Number of REQ_TUNNEL messages from the clients\&.
 .RE
 .SS "timeouts"
 .PP
 This section lists timeouts occurred when sending various messages\&.
--- a/net/samba410/files/man/ctdb-tunables.7
+++ b/net/samba410/files/man/ctdb-tunables.7
@ -2,12 +2,12 @@
 .\"     Title: ctdb-tunables
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 11/20/2017
+.\"      Date: 11/18/2018
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDB\-TUNABLES" "7" "11/20/2017" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB\-TUNABLES" "7" "11/18/2018" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@ -41,7 +41,35 @@ commands for more details\&.
 .PP
 Unless otherwise stated, tunables should be set to the same value on all nodes\&. Setting tunables to different values across nodes may produce unexpected results\&. Future releases may set (some or most) tunables globally across the cluster but doing so is currently a manual process\&.
 .PP
-The tunable variables are listed alphabetically\&.
+Tunables can be set at startup from the
 /usr/local/etc/ctdb/ctdb\&.tunables
 configuration file\&.
 .sp
 .if n \{\
 .RS 4
 .\}
 .nf
 \fITUNABLE\fR=\fIVALUE\fR
 .fi
 .if n \{\
 .RE
 .\}
 .PP
 For example:
 .sp
 .if n \{\
 .RS 4
 .\}
 .nf
 MonitorInterval=20
 .fi
 .if n \{\
 .RE
 .\}
 .PP
 The available tunable variables are listed alphabetically below\&.
 .SS "AllowClientDBAttach"
 .PP
 Default: 1
@ -98,13 +126,6 @@ Default: 120
 When databases are frozen we do not allow clients to attach to the databases\&. Instead of returning an error immediately to the client, the attach request from the client is deferred until the database becomes available again at which stage we respond to the client\&.
 .PP
 This timeout controls how long we will defer the request from the client before timing it out and returning an error to the client\&.
 .SS "DisableIPFailover"
 .PP
 Default: 0
 .PP
 When set to non\-zero, ctdb will not perform failover or failback\&. Even if a node fails while holding public IPs, ctdb will not recover the IPs or assign them to another node\&.
 .PP
 When this tunable is enabled, ctdb will no longer attempt to recover the cluster by failing IP addresses over to other nodes\&. This leads to a service outage until the administrator has manually performed IP failover to replacement nodes using the \*(Aqctdb moveip\*(Aq command\&.
 .SS "ElectionTimeout"
 .PP
 Default: 3
@ -218,16 +239,11 @@ When set to 1, ctdb will not perform failback of IP addresses when a node become
 Use with caution! Normally when a node becomes available to the cluster ctdb will try to reassign public IP addresses onto the new node as a way to distribute the workload evenly across the clusternode\&. Ctdb tries to make sure that all running nodes have approximately the same number of public addresses it hosts\&.
 .PP
 When you enable this tunable, ctdb will no longer attempt to rebalance the cluster by failing IP addresses back to the new nodes\&. An unbalanced cluster will therefore remain unbalanced until there is manual intervention from the administrator\&. When this parameter is set, you can manually fail public IP addresses over to the new node(s) using the \*(Aqctdb moveip\*(Aq command\&.
 .SS "NoIPHostOnAllDisabled"
 .PP
 Default: 0
 .PP
 If no nodes are HEALTHY then by default ctdb will happily host public IPs on disabled (unhealthy or administratively disabled) nodes\&. This can cause problems, for example if the underlying cluster filesystem is not mounted\&. When set to 1 and a node is disabled, any IPs hosted by this node will be released and the node will not takeover any IPs until it is no longer disabled\&.
 .SS "NoIPTakeover"
 .PP
 Default: 0
 .PP
-When set to 1, ctdb will not allow IP addresses to be failed over to other nodes\&. Any IP addresses already hosted on healthy nodes will remain\&. Usually IP addresses hosted on unhealthy nodes will also remain, if NoIPHostOnAllDisabled is 0\&. However, if NoIPHostOnAllDisabled is 1 then IP addresses will be released by unhealthy nodes and will become un\-hosted\&.
+When set to 1, ctdb will not allow IP addresses to be failed over to other nodes\&. Any IP addresses already hosted on healthy nodes will remain\&. Any IP addresses hosted on unhealthy nodes will be released by unhealthy nodes and will become un\-hosted\&.
 .SS "PullDBPreallocation"
 .PP
 Default: 10*1024*1024
@ -310,7 +326,7 @@ Once a recovery has completed, no additional recoveries are permitted until this
 .PP
 Default: 1000
 .PP
-Some databases have seqnum tracking enabled, so that samba will be able to detect asynchronously when there has been updates to the database\&. Everytime a database is updated its sequence number is increased\&.
+Some databases have seqnum tracking enabled, so that samba will be able to detect asynchronously when there has been updates to the database\&. Every time a database is updated its sequence number is increased\&.
 .PP
 This tunable is used to specify in milliseconds how frequently ctdb will send out updates to remote nodes to inform them that the sequence number is increased\&.
 .SS "StatHistoryInterval"
@ -333,11 +349,6 @@ Once a STICKY record has been migrated onto a node, it will be pinned down on th
 Default: 9
 .PP
 This is the duration in seconds in which ctdb tries to complete IP failover\&.
 .SS "TDBMutexEnabled"
 .PP
 Default: 1
 .PP
 This parameter enables TDB_MUTEX_LOCKING feature on volatile databases if the robust mutexes are supported\&. This optimizes the record locking using robust mutexes and is much more efficient that using posix locks\&.
 .SS "TickleUpdateInterval"
 .PP
 Default: 20
@ -384,11 +395,15 @@ The maximum time in seconds for which the vacuuming process is allowed to run\&.
 Default: 0
 .PP
 When set to non\-zero, ctdb assigns verbose names for some of the talloc allocated memory objects\&. These names are visible in the talloc memory report generated by \*(Aqctdb dumpmemory\*(Aq\&.
 .SH "FILES>"
 .RS 4
 /usr/local/etc/ctdb/ctdb\&.tunables
 .RE
 .SH "SEE ALSO"
 .PP
 \fBctdb\fR(1),
 \fBctdbd\fR(1),
-\fBctdbd.conf\fR(5),
+\fBctdb.conf\fR(5),
 \fBctdb\fR(7),
 \m[blue]\fB\%http://ctdb.samba.org/\fR\m[]
 .SH "AUTHOR"
--- a/net/samba410/files/man/ctdb.1
+++ b/net/samba410/files/man/ctdb.1
@ -2,12 +2,12 @@
 .\"     Title: ctdb
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 11/20/2017
+.\"      Date: 11/18/2018
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDB" "1" "11/20/2017" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB" "1" "11/18/2018" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@ -110,12 +110,6 @@ Print useage information to the screen\&.
 .RS 4
 Change the debug level for the command\&. Default is NOTICE\&.
 .RE
 .PP
 \-\-socket=\fIFILENAME\fR
 .RS 4
 Specify that FILENAME is the name of the Unix domain socket to use when connecting to the local CTDB daemon\&. The default is
 /usr/local/var/run/ctdb/ctdbd\&.socket\&.
 .RE
 .SH "ADMINISTRATIVE COMMANDS"
 .PP
 These are commands used to monitor and administer a CTDB cluster\&.
@ -164,7 +158,7 @@ Sometimes this number will be shown as "INVALID"\&. This only means that the ctd
 \fBVirtual Node Number (VNN) map\fR
 .RS 4
 .PP
-Consists of the number of virtual nodes and mapping from virtual node numbers to physical node numbers\&. Virtual nodes host CTDB databases\&. Only nodes that are participating in the VNN map can become lmaster or dmaster for database records\&.
+Consists of the number of virtual nodes and mapping from virtual node numbers to physical node numbers\&. Only nodes that are participating in the VNN map can become lmaster for database records\&.
 .RE
 .sp
 .it 1 an-trap
@ -553,18 +547,19 @@ Interface[2]: Name:eth5 Link:up References:2 (active)
 .PP
 This command is used to control event daemon and to inspect status of various events\&.
 .PP
-run \fIEVENT\fR \fITIMEOUT\fR [\fIARGUMENTS\fR]
+The commands below require a component to be specified\&. In the current version the only valid component is
 legacy\&.
 .PP
 run \fITIMEOUT\fR \fICOMPONENT\fR \fIEVENT\fR [\fIARGUMENTS\fR]
 .RS 4
-This command can be used to manually run specified EVENT with optional ARGUMENTS\&. The event will be allowed to run a maximum of TIMEOUT seconds\&. If TIMEOUT is 0, then there is no time limit for running the event\&.
+This command can be used to manually run specified EVENT in COMPONENT with optional ARGUMENTS\&. The event will be allowed to run a maximum of TIMEOUT seconds\&. If TIMEOUT is 0, then there is no time limit for running the event\&.
 .RE
 .PP
-status [\fIEVENT\fR] [lastrun|lastpass|lastfail]
+status \fICOMPONENT\fR \fIEVENT\fR
 .RS 4
-This command displays the last execution status of the specified EVENT\&. If no event is specified, then the status of last executed monitor event will be displayed\&.
+This command displays the last execution status of the specified EVENT in COMPONENT\&.
 .sp
-To see the last successful execution of the event, lastpass can be specified\&. Similarly lastfail can be specified to see the last unsuccessful execution of the event\&. The optional lastrun can be specified to query the last execution of the event\&.
+The command will terminate with the exit status corresponding to the overall status of event that is displayed\&.
 .sp
 The command will terminate with the exit status corresponding to the overall status of event that is displayed\&. If lastpass is specified, then the command will always terminate with 0\&. If lastfail is specified then the command will always terminate with non\-zero exit status\&. If lastrun is specified, then the command will terminate with 0 or not depending on if the last execution of the event was successful or not\&.
 .sp
 The output is the list of event scripts executed\&. Each line shows the name, status, duration and start time for each script\&.
 .sp
@ -578,7 +573,6 @@ Example output:
 01\&.reclock           OK         0\&.013 Sat Dec 17 19:39:11 2016
 05\&.system            OK         0\&.029 Sat Dec 17 19:39:11 2016
 06\&.nfs               OK         0\&.014 Sat Dec 17 19:39:11 2016
 10\&.external          DISABLED  
 10\&.interface         OK         0\&.037 Sat Dec 17 19:39:11 2016
 11\&.natgw             OK         0\&.011 Sat Dec 17 19:39:11 2016
 11\&.routing           OK         0\&.007 Sat Dec 17 19:39:11 2016
@ -592,7 +586,6 @@ Example output:
 60\&.nfs               OK         0\&.376 Sat Dec 17 19:39:12 2016
 70\&.iscsi             OK         0\&.009 Sat Dec 17 19:39:12 2016
 91\&.lvs               OK         0\&.007 Sat Dec 17 19:39:12 2016
 99\&.timeout           OK         0\&.007 Sat Dec 17 19:39:12 2016
 .fi
 .if n \{\
@ -600,9 +593,11 @@ Example output:
 .\}
 .RE
 .PP
-script list
+script list \fICOMPONENT\fR
 .RS 4
-List the available event scripts\&.
+List the available event scripts in COMPONENT\&. Enabled scripts are flagged with a \*(Aq*\*(Aq\&.
 .sp
 Generally, event scripts are provided by CTDB\&. However, local or 3rd party event scripts may also be available\&. These are shown in a separate section after those provided by CTDB\&.
 .sp
 Example output:
 .sp
@ -610,25 +605,25 @@ Example output:
 .RS 4
 .\}
 .nf
-00\&.ctdb             
+* 00\&.ctdb             
-01\&.reclock          
+* 01\&.reclock          
-05\&.system           
+* 05\&.system           
-06\&.nfs              
+* 06\&.nfs              
-10\&.external          DISABLED
+* 10\&.interface        
-10\&.interface        
+  11\&.natgw            
-11\&.natgw            
+  11\&.routing          
-11\&.routing          
+  13\&.per_ip_routing   
-13\&.per_ip_routing   
+  20\&.multipathd       
-20\&.multipathd       
+  31\&.clamd            
-31\&.clamd            
+  40\&.vsftpd           
-40\&.vsftpd           
+  41\&.httpd            
-41\&.httpd            
+* 49\&.winbind          
-49\&.winbind          
+* 50\&.samba            
-50\&.samba            
+* 60\&.nfs              
-60\&.nfs              
+  70\&.iscsi            
-70\&.iscsi            
+  91\&.lvs              
-91\&.lvs              
+
-99\&.timeout          
+* 02\&.local            
 .fi
 .if n \{\
@ -636,14 +631,14 @@ Example output:
 .\}
 .RE
 .PP
-script enable \fISCRIPT\fR
+script enable \fICOMPONENT\fR \fISCRIPT\fR
 .RS 4
-Enable the specified event SCRIPT\&. Only enabled scripts will be executed when running any event\&.
+Enable the specified event SCRIPT in COMPONENT\&. Only enabled scripts will be executed when running any event\&.
 .RE
 .PP
-script disable \fISCRIPT\fR
+script disable \fICOMPONENT\fR \fISCRIPT\fR
 .RS 4
-Disable the specified event SCRIPT\&. This will prevent the script from executing when running any event\&.
+Disable the specified event SCRIPT in COMPONENT\&. This will prevent the script from executing when running any event\&.
 .RE
 .SS "scriptstatus"
 .PP
@ -670,7 +665,6 @@ This command is deprecated\&. It\*(Aqs provided for backward compatibility\&. In
 01\&.reclock           OK         0\&.010 Sat Dec 17 19:40:46 2016
 05\&.system            OK         0\&.030 Sat Dec 17 19:40:46 2016
 06\&.nfs               OK         0\&.014 Sat Dec 17 19:40:46 2016
 10\&.external          DISABLED  
 10\&.interface         OK         0\&.041 Sat Dec 17 19:40:46 2016
 11\&.natgw             OK         0\&.008 Sat Dec 17 19:40:46 2016
 11\&.routing           OK         0\&.007 Sat Dec 17 19:40:46 2016
@ -725,7 +719,6 @@ DatabaseMaxDead         = 5
 RerecoveryTimeout       = 10
 EnableBans              = 1
 NoIPFailback            = 0
 DisableIPFailover       = 0
 VerboseMemoryNames      = 0
 RecdPingTimeout         = 60
 RecdFailCount           = 10
@ -753,8 +746,6 @@ DBRecordCountWarn       = 100000
 DBRecordSizeWarn        = 10000000
 DBSizeWarn              = 100000000
 PullDBPreallocation     = 10485760
 NoIPHostOnAllDisabled   = 0
 TDBMutexEnabled         = 1
 LockProcessesPerDB      = 200
 RecBufferSizeLimit      = 1000000
 QueueBufferSize         = 1024
@ -1278,24 +1269,24 @@ Most databases are not persistent and only store the state information that the
 .nf
 # ctdb getdbmap
 Number of databases:10
-dbid:0x435d3410 name:notify\&.tdb path:/usr/local/var/lib/ctdb/notify\&.tdb\&.0
+dbid:0x435d3410 name:notify\&.tdb path:/var/lib/ctdb/notify\&.tdb\&.0
-dbid:0x42fe72c5 name:locking\&.tdb path:/usr/local/var/lib/ctdb/locking\&.tdb\&.0
+dbid:0x42fe72c5 name:locking\&.tdb path:/var/lib/ctdb/locking\&.tdb\&.0
-dbid:0x1421fb78 name:brlock\&.tdb path:/usr/local/var/lib/ctdb/brlock\&.tdb\&.0
+dbid:0x1421fb78 name:brlock\&.tdb path:/var/lib/ctdb/brlock\&.tdb\&.0
-dbid:0x17055d90 name:connections\&.tdb path:/usr/local/var/lib/ctdb/connections\&.tdb\&.0
+dbid:0x17055d90 name:connections\&.tdb path:/var/lib/ctdb/connections\&.tdb\&.0
-dbid:0xc0bdde6a name:sessionid\&.tdb path:/usr/local/var/lib/ctdb/sessionid\&.tdb\&.0
+dbid:0xc0bdde6a name:sessionid\&.tdb path:/var/lib/ctdb/sessionid\&.tdb\&.0
-dbid:0x122224da name:test\&.tdb path:/usr/local/var/lib/ctdb/test\&.tdb\&.0
+dbid:0x122224da name:test\&.tdb path:/var/lib/ctdb/test\&.tdb\&.0
-dbid:0x2672a57f name:idmap2\&.tdb path:/usr/local/var/lib/ctdb/persistent/idmap2\&.tdb\&.0 PERSISTENT
+dbid:0x2672a57f name:idmap2\&.tdb path:/var/lib/ctdb/persistent/idmap2\&.tdb\&.0 PERSISTENT
-dbid:0xb775fff6 name:secrets\&.tdb path:/usr/local/var/lib/ctdb/persistent/secrets\&.tdb\&.0 PERSISTENT
+dbid:0xb775fff6 name:secrets\&.tdb path:/var/lib/ctdb/persistent/secrets\&.tdb\&.0 PERSISTENT
-dbid:0xe98e08b6 name:group_mapping\&.tdb path:/usr/local/var/lib/ctdb/persistent/group_mapping\&.tdb\&.0 PERSISTENT
+dbid:0xe98e08b6 name:group_mapping\&.tdb path:/var/lib/ctdb/persistent/group_mapping\&.tdb\&.0 PERSISTENT
-dbid:0x7bbbd26c name:passdb\&.tdb path:/usr/local/var/lib/ctdb/persistent/passdb\&.tdb\&.0 PERSISTENT
+dbid:0x7bbbd26c name:passdb\&.tdb path:/var/lib/ctdb/persistent/passdb\&.tdb\&.0 PERSISTENT
 # ctdb getdbmap  # example for unhealthy database
 Number of databases:1
-dbid:0xb775fff6 name:secrets\&.tdb path:/usr/local/var/lib/ctdb/persistent/secrets\&.tdb\&.0 PERSISTENT UNHEALTHY
+dbid:0xb775fff6 name:secrets\&.tdb path:/var/lib/ctdb/persistent/secrets\&.tdb\&.0 PERSISTENT UNHEALTHY
 # ctdb \-X getdbmap
 |ID|Name|Path|Persistent|Unhealthy|
-|0x7bbbd26c|passdb\&.tdb|/usr/local/var/lib/ctdb/persistent/passdb\&.tdb\&.0|1|0|
+|0x7bbbd26c|passdb\&.tdb|/var/lib/ctdb/persistent/passdb\&.tdb\&.0|1|0|
 .fi
 .if n \{\
@ -1447,16 +1438,16 @@ This command displays more details about a database\&.
 # ctdb getdbstatus test\&.tdb\&.0
 dbid: 0x122224da
 name: test\&.tdb
-path: /usr/local/var/lib/ctdb/test\&.tdb\&.0
+path: /var/lib/ctdb/test\&.tdb\&.0
 PERSISTENT: no
 HEALTH: OK
 # ctdb getdbstatus registry\&.tdb  # with a corrupted TDB
 dbid: 0xf2a58948
 name: registry\&.tdb
-path: /usr/local/var/lib/ctdb/persistent/registry\&.tdb\&.0
+path: /var/lib/ctdb/persistent/registry\&.tdb\&.0
 PERSISTENT: yes
-HEALTH: NO\-HEALTHY\-NODES \- ERROR \- Backup of corrupted TDB in \*(Aq/usr/local/var/lib/ctdb/persistent/registry\&.tdb\&.0\&.corrupted\&.20091208091949\&.0Z\*(Aq
+HEALTH: NO\-HEALTHY\-NODES \- ERROR \- Backup of corrupted TDB in \*(Aq/var/lib/ctdb/persistent/registry\&.tdb\&.0\&.corrupted\&.20091208091949\&.0Z\*(Aq
 .fi
 .if n \{\
@ -1482,9 +1473,6 @@ This command will trigger the recovery daemon to do a cluster recovery\&.
 .SS "ipreallocate, sync"
 .PP
 This command will force the recovery master to perform a full ip reallocation process and redistribute all ip addresses\&. This is useful to "reset" the allocations back to its default state if they have been changed using the "moveip" command\&. While a "recover" will also perform this reallocation, a recovery is much more hevyweight since it will also rebuild all the databases\&.
 .SS "getmonmode"
 .PP
 This command prints the monitoring mode of a node\&. This indicates when CTDB is monitoring services on the node\&. The monitoring mode is either ENABLED or DISABLED\&.
 .SS "attach \fIDBNAME\fR [persistent|replicated]"
 .PP
 Create a new CTDB database called DBNAME and attach to it on all nodes\&.
@ -1513,33 +1501,6 @@ command\&.
 .SS "unban"
 .PP
 This command is used to unban a node that has either been administratively banned using the ban command or has been automatically banned\&.
 .SS "check_srvids \fISRVID\fR \&.\&.\&."
 .PP
 This command checks whether a set of srvid message ports are registered on the node or not\&. The command takes a list of values to check\&.
 .sp
 .it 1 an-trap
 .nr an-no-space-flag 1
 .nr an-break-flag 1
 .br
 .ps +1
 \fBExample\fR
 .RS 4
 .sp
 .if n \{\
 .RS 4
 .\}
 .nf
 # ctdb check_srvids 1 2 3 14765
 Server id 0:1 does not exist
 Server id 0:2 does not exist
 Server id 0:3 does not exist
 Server id 0:14765 exists
 .fi
 .if n \{\
 .RE
 .\}
 .RE
 .SH "SEE ALSO"
 .PP
 \fBctdbd\fR(1),
--- a/net/samba410/files/man/ctdb.7
+++ b/net/samba410/files/man/ctdb.7
@ -2,12 +2,12 @@
 .\"     Title: ctdb
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 11/20/2017
+.\"      Date: 11/18/2018
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDB" "7" "11/20/2017" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB" "7" "11/18/2018" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@ -87,12 +87,16 @@ model of cluster management\&. All nodes in a cluster elect one node to be the l
 \fIrecovery master\fR\&. This node takes and holds the recovery lock to assert its privileged role in the cluster\&.
 .PP
 By default, the recovery lock is implemented using a file (specified by
-\fICTDB_RECOVERY_LOCK\fR) residing in shared storage (usually) on a cluster filesystem\&. To support a recovery lock the cluster filesystem must support lock coherence\&. See
+\fIrecovery lock\fR
 in the
 [cluster]
 section of
 \fBctdb.conf\fR(5)) residing in shared storage (usually) on a cluster filesystem\&. To support a recovery lock the cluster filesystem must support lock coherence\&. See
 \fBping_pong\fR(1)
 for more details\&.
 .PP
 The recovery lock can also be implemented using an arbitrary cluster mutex call\-out by using an exclamation point (\*(Aq!\*(Aq) as the first character of
-\fICTDB_RECOVERY_LOCK\fR\&. For example, a value of
+\fIrecovery lock\fR\&. For example, a value of
 \fB!/usr/local/bin/myhelper recovery\fR
 would run the given helper with the specified arguments\&. See the source code relating to cluster mutexes for clues about writing call\-outs\&.
 .PP
@ -131,12 +135,11 @@ One or more public IP addresses that are used to provide NAS or other services\&
 .PP
 Each node is configured with a unique, permanently assigned private address\&. This address is configured by the operating system\&. This address uniquely identifies a physical node in the cluster and is the address that CTDB daemons will use to communicate with the CTDB daemons on other nodes\&.
 .PP
-Private addresses are listed in the file specified by the
+Private addresses are listed in the file
 \fICTDB_NODES\fR
 configuration variable (see
 \fBctdbd.conf\fR(5), default
 /usr/local/etc/ctdb/nodes)\&. This file contains the list of private addresses for all nodes in the cluster, one per line\&. This file must be the same on all nodes in the cluster\&.
 .PP
 Some users like to put this configuration file in their cluster filesystem\&. A symbolic link should be used in this case\&.
 .PP
 Private addresses should not be used by clients to connect to services provided by the cluster\&.
 .PP
 It is strongly recommended that the private addresses are configured on a private network that is separate from client networks\&. This is because the CTDB protocol is both unauthenticated and unencrypted\&. If clients share the private network then steps need to be taken to stop injection of packets to relevant ports on the private addresses\&. It is also likely that CTDB protocol traffic between nodes could leak sensitive information if it can be intercepted\&.
@ -164,11 +167,11 @@ Public addresses are used to provide services to clients\&. Public addresses are
 .PP
 The CTDB cluster will assign/reassign these public addresses across the available healthy nodes in the cluster\&. When one node fails, its public addresses will be taken over by one or more other nodes in the cluster\&. This ensures that services provided by all public addresses are always available to clients, as long as there are nodes available capable of hosting this address\&.
 .PP
-The public address configuration is stored in a file on each node specified by the
+The public address configuration is stored in
-\fICTDB_PUBLIC_ADDRESSES\fR
+/usr/local/etc/ctdb/public_addresses
-configuration variable (see
+on each node\&. This file contains a list of the public addresses that the node is capable of hosting, one per line\&. Each entry also contains the netmask and the interface to which the address should be assigned\&. If this file is missing then no public addresses are configured\&.
-\fBctdbd.conf\fR(5), recommended
+.PP
-/usr/local/etc/ctdb/public_addresses)\&. This file contains a list of the public addresses that the node is capable of hosting, one per line\&. Each entry also contains the netmask and the interface to which the address should be assigned\&.
+Some users who have the same public addresses on all nodes like to put this configuration file in their cluster filesystem\&. A symbolic link should be used in this case\&.
 .PP
 Example
 /usr/local/etc/ctdb/public_addresses
@ -311,7 +314,7 @@ Client access to the cluster is load\-balanced across the HEALTHY nodes in an LV
 command is used to show which nodes are currently load\-balanced across\&.
 .PP
 In each LVS group, one of the nodes is selected by CTDB to be the LVS master\&. This node receives all traffic from clients coming in to the LVS public address and multiplexes it across the internal network to one of the nodes that LVS is using\&. When responding to the client, that node will send the data back directly to the client, bypassing the LVS master node\&. The command
-\fBctdb lvsmaster\fR
+\fBctdb lvs master\fR
 will show which node is the current LVS master\&.
 .PP
 The path used for a client I/O is:
@ -360,7 +363,7 @@ Selected node processes the request\&.
 Node responds back to client\&.
 .RE
 .PP
-This means that all incoming traffic to the cluster will pass through one physical node, which limits scalability\&. You can send more data to the LVS address that one physical node can multiplex\&. This means that you should not use LVS if your I/O pattern is write\-intensive since you will be limited in the available network bandwidth that node can handle\&. LVS does work wery well for read\-intensive workloads where only smallish READ requests are going through the LVSMASTER bottleneck and the majority of the traffic volume (the data in the read replies) goes straight from the processing node back to the clients\&. For read\-intensive i/o patterns you can achieve very high throughput rates in this mode\&.
+This means that all incoming traffic to the cluster will pass through one physical node, which limits scalability\&. You can send more data to the LVS address that one physical node can multiplex\&. This means that you should not use LVS if your I/O pattern is write\-intensive since you will be limited in the available network bandwidth that node can handle\&. LVS does work very well for read\-intensive workloads where only smallish READ requests are going through the LVSMASTER bottleneck and the majority of the traffic volume (the data in the read replies) goes straight from the processing node back to the clients\&. For read\-intensive i/o patterns you can achieve very high throughput rates in this mode\&.
 .PP
 Note: you can use LVS and public addresses at the same time\&.
 .PP
@ -474,7 +477,7 @@ file to limit the NATGW functionality of those nodes\&.
 See the
 NAT GATEWAY
 section in
-\fBctdbd.conf\fR(5)
+\fBctdb-script.options\fR(5)
 for more details of NATGW configuration\&.
 .SS "Implementation details"
 .PP
@ -499,7 +502,7 @@ This is implemented in the
 eventscript\&. Please see the eventscript file and the
 NAT GATEWAY
 section in
-\fBctdbd.conf\fR(5)
+\fBctdb-script.options\fR(5)
 for more details\&.
 .SH "POLICY ROUTING"
 .PP
@ -515,7 +518,7 @@ There are 4 configuration variables related to policy routing:
 \fICTDB_PER_IP_ROUTING_TABLE_ID_HIGH\fR\&. See the
 POLICY ROUTING
 section in
-\fBctdbd.conf\fR(5)
+\fBctdb-script.options\fR(5)
 for more details\&.
 .SS "Configuration"
 .PP
@ -682,18 +685,12 @@ Here is a more complete example configuration\&.
 .\}
 .PP
 The routes local packets as expected, the default route is as previously discussed, but packets to 192\&.168\&.200\&.0/24 are routed via the alternate gateway 192\&.168\&.1\&.254\&.
-.SH "NOTIFICATION SCRIPT"
+.SH "NOTIFICATIONS"
 .PP
-When certain state changes occur in CTDB, it can be configured to perform arbitrary actions via a notification script\&. For example, sending SNMP traps or emails when a node becomes unhealthy or similar\&.
+When certain state changes occur in CTDB, it can be configured to perform arbitrary actions via notifications\&. For example, sending SNMP traps or emails when a node becomes unhealthy or similar\&.
 .PP
-This is activated by setting the
+The notification mechanism runs all executable files ending in "\&.script" in
-\fICTDB_NOTIFY_SCRIPT\fR
+/usr/local/etc/ctdb/events/notification/, ignoring any failures and continuing to run all files\&.
 configuration variable\&. The specified script must be executable\&.
 .PP
 Use of the provided
 /usr/local/etc/ctdb/notify\&.sh
 script is recommended\&. It executes files in
 /usr/local/etc/ctdb/notify\&.d/\&.
 .PP
 CTDB currently generates notifications after CTDB changes to these states:
 .RS 4
@ -711,11 +708,11 @@ healthy
 .RS 4
 unhealthy
 .RE
-.SH "DEBUG LEVELS"
+.SH "LOG LEVELS"
 .PP
-Valid values for DEBUGLEVEL are:
+Valid log levels, in increasing order of verbosity, are:
 .RS 4
-ERR
+ERROR
 .RE
 .RS 4
 WARNING
@ -737,14 +734,15 @@ See the cluster as one single multihomed samba server where one of the NICs (the
 .PP
 NOTE: This does require that the cluster filesystem you use can cope with WAN\-link latencies\&. Not all cluster filesystems can handle WAN\-link latencies! Whether this will provide very good WAN\-accelerator performance or it will perform very poorly depends entirely on how optimized your cluster filesystem is in handling high latency for data and metadata operations\&.
 .PP
-To activate a node as being a remote cluster node you need to set the following two parameters in /etc/sysconfig/ctdb for the remote node:
+To activate a node as being a remote cluster node you need to set the following two parameters in /usr/local/etc/ctdb/ctdb\&.conf for the remote node:
 .sp
 .if n \{\
 .RS 4
 .\}
 .nf
-CTDB_CAPABILITY_LMASTER=no
+[legacy]
-CTDB_CAPABILITY_RECMASTER=no
+  lmaster capability = false
  recmaster capability = false
 .fi
 .if n \{\
@ -761,7 +759,9 @@ Verify with the command "ctdb getcapabilities" that that node no longer has the
 \fBltdbtool\fR(1),
 \fBonnode\fR(1),
 \fBping_pong\fR(1),
-\fBctdbd.conf\fR(5),
+\fBctdb.conf\fR(5),
 \fBctdb-script.options\fR(5),
 \fBctdb.sysconfig\fR(5),
 \fBctdb-statistics\fR(7),
 \fBctdb-tunables\fR(7),
 \m[blue]\fB\%http://ctdb.samba.org/\fR\m[]
--- a/net/samba410/files/man/ctdb.conf.5
+++ b/net/samba410/files/man/ctdb.conf.5
@ -0,0 +1,359 @@
 '\" t
 .\"     Title: ctdb.conf
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
 .\"      Date: 11/18/2018
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
 .TH "CTDB\&.CONF" "5" "11/18/2018" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 .\" http://bugs.debian.org/507673
 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 .ie \n(.g .ds Aq \(aq
 .el       .ds Aq '
 .\" -----------------------------------------------------------------
 .\" * set default formatting
 .\" -----------------------------------------------------------------
 .\" disable hyphenation
 .nh
 .\" disable justification (adjust text to left margin only)
 .ad l
 .\" -----------------------------------------------------------------
 .\" * MAIN CONTENT STARTS HERE *
 .\" -----------------------------------------------------------------
 .SH "NAME"
 ctdb.conf \- CTDB configuration file
 .SH "DESCRIPTION"
 .PP
 This file contains CTDB configuration options that affect the operation of CTDB daemons and command\-line tools\&. The default location of this file is
 /usr/local/etc/ctdb/ctdb\&.conf\&.
 .PP
 Note that this is a Samba\-style configuration file, so it has a very different syntax to previous CTDB configuration files\&.
 .PP
 For event script options please see
 \fBctdb-script.options\fR(5)\&.
 .PP
 Configuration options are grouped into several sections below\&. There are only a few options in each section, allowing them to be ordered (approximately) in decreasing order of importance\&.
 .SH "LOGGING CONFIGURATION"
 .PP
 Options in this section control CTDB\*(Aqs logging\&. They are valid within the
 \fIlogging\fR
 section of file, indicated by
 [logging]\&.
 .PP
 log level = \fILOGLEVEL\fR
 .RS 4
 LOGLEVEL is a string that controls the verbosity of ctdbd\*(Aqs logging\&. See the
 LOG LEVELS
 section in
 \fBctdb\fR(7)
 for more details\&.
 .sp
 Default:
 NOTICE
 .RE
 .PP
 location = \fISTRING\fR
 .RS 4
 STRING specifies where ctdbd will write its log\&.
 .sp
 Valid values are:
 .PP
 file:\fIFILENAME\fR
 .RS 4
 FILENAME where ctdbd will write its log\&. This is usually
 /var/log/log\&.ctdb\&.
 .RE
 .PP
 syslog[:\fIMETHOD\fR]
 .RS 4
 CTDB will log to syslog\&. By default this will use the syslog(3) API\&.
 .sp
 If METHOD is specified then it specifies an extension that causes logging to be done in a non\-blocking fashion\&. This can be useful under heavy loads that might cause the syslog daemon to dequeue messages too slowly, which would otherwise cause CTDB to block when logging\&. METHOD must be one of:
 .PP
 nonblocking
 .RS 4
 CTDB will log to syslog via
 /dev/log
 in non\-blocking mode\&.
 .RE
 .PP
 udp
 .RS 4
 CTDB will log to syslog via UDP to localhost:514\&. The syslog daemon must be configured to listen on (at least) localhost:514\&. Most implementations will log the messages against hostname "localhost" \- this is a limit of the implementation for compatibility with more syslog daemon implementations\&.
 .RE
 .PP
 udp\-rfc5424
 .RS 4
 As with "udp" but messages are sent in RFC5424 format\&. This method will log the correct hostname but is not as widely implemented in syslog daemons\&.
 .RE
 .RE
 .sp
 Default: file:/var/log/log\&.ctdb
 .RE
 .SH "CLUSTER CONFIGURATION"
 .PP
 Options in this section affect the CTDB cluster setup\&. They are valid within the
 \fIcluster\fR
 section of file, indicated by
 [cluster]\&.
 .PP
 recovery lock = \fILOCK\fR
 .RS 4
 LOCK specifies the cluster\-wide mutex used to detect and prevent a partitioned cluster (or "split brain")\&.
 .sp
 For information about the recovery lock please see the
 RECOVERY LOCK
 section in
 \fBctdb\fR(7)\&.
 .sp
 Default: NONE\&. However, uses of a recovery lock is
 \fIstrongly recommended\fR\&.
 .RE
 .PP
 node address = \fIIPADDR\fR
 .RS 4
 IPADDR is the private IP address that ctdbd will bind to\&.
 .sp
 This option is only required when automatic address detection can not be used\&. This can be the case when running multiple ctdbd daemons/nodes on the same physical host (usually for testing), using InfiniBand for the private network or on Linux when sysctl net\&.ipv4\&.ip_nonlocal_bind=1\&.
 .sp
 Default: CTDB selects the first address from the nodes list that it can bind to\&. See also the
 PRIVATE ADDRESS
 section in
 \fBctdb\fR(7)\&.
 .RE
 .PP
 transport = tcp|ib
 .RS 4
 This option specifies which transport to use for ctdbd internode communications on the private network\&.
 .sp
 ib
 means InfiniBand\&. The InfiniBand support is not regularly tested\&. If it is known to be broken then it may be disabled so that a value of
 ib
 is considered invalid\&.
 .sp
 Default:
 tcp
 .RE
 .SH "DATABASE CONFIGURATION"
 .PP
 Options in this section affect the CTDB database setup\&. They are valid within the
 \fIdatabase\fR
 section of file, indicated by
 [database]\&.
 .PP
 volatile database directory = \fIDIRECTORY\fR
 .RS 4
 DIRECTORY on local storage where CTDB keeps a local copy of volatile TDB databases\&. This directory is local for each node and should not be stored on the shared cluster filesystem\&.
 .sp
 Mounting a tmpfs (or similar memory filesystem) on this directory can provide a significant performance improvement when there is I/O contention on the local disk\&.
 .sp
 Default:
 /var/lib/ctdb/volatile
 .RE
 .PP
 persistent database directory=\fIDIRECTORY\fR
 .RS 4
 DIRECTORY on local storage where CTDB keeps a local copy of persistent TDB databases\&. This directory is local for each node and should not be stored on the shared cluster filesystem\&.
 .sp
 Default:
 /var/lib/ctdb/persistent
 .RE
 .PP
 state database directory = \fIDIRECTORY\fR
 .RS 4
 DIRECTORY on local storage where CTDB keeps a local copy of internal state TDB databases\&. This directory is local for each node and should not be stored on the shared cluster filesystem\&.
 .sp
 Default:
 /var/lib/ctdb/state
 .RE
 .PP
 tdb mutexes = true|false
 .RS 4
 This parameter enables TDB_MUTEX_LOCKING feature on volatile databases if the robust mutexes are supported\&. This optimizes the record locking using robust mutexes and is much more efficient that using posix locks\&.
 .sp
 If robust mutexes are unreliable on the platform being used then they can be disabled by setting this to
 false\&.
 .RE
 .PP
 lock debug script = \fIFILENAME\fR
 .RS 4
 FILENAME is a script used by CTDB\*(Aqs database locking code to attempt to provide debugging information when CTDB is unable to lock an entire database or a record\&.
 .sp
 This script should be a bare filename relative to the CTDB configuration directory (/usr/local/etc/ctdb/)\&. Any directory prefix is ignored and the path is calculated relative to this directory\&.
 .sp
 CTDB provides a lock debugging script and installs it as
 /usr/local/etc/ctdb/debug_locks\&.sh\&.
 .sp
 Default: NONE
 .RE
 .SH "EVENT HANDLING CONFIGURATION"
 .PP
 Options in this section affect CTDB event handling\&. They are valid within the
 \fIevent\fR
 section of file, indicated by
 [event]\&.
 .PP
 debug script = \fIFILENAME\fR
 .RS 4
 FILENAME is a script used by CTDB\*(Aqs event handling code to attempt to provide debugging information when an event times out\&.
 .sp
 This script should be a bare filename relative to the CTDB configuration directory (/usr/local/etc/ctdb/)\&. Any directory prefix is ignored and the path is calculated relative to this directory\&.
 .sp
 CTDB provides a script for debugging timed out event scripts and installs it as
 /usr/local/etc/ctdb/debug\-hung\-script\&.sh\&.
 .sp
 Default: NONE
 .RE
 .SH "FAILOVER CONFIGURATION"
 .PP
 Options in this section affect CTDB failover\&. They are valid within the
 \fIfailover\fR
 section of file, indicated by
 [failover]\&.
 .PP
 disabled = true|false
 .RS 4
 If set to
 true
 then public IP failover is disabled\&.
 .sp
 Default:
 false
 .RE
 .SH "LEGACY CONFIGURATION"
 .PP
 Options in this section affect legacy CTDB setup\&. They are valid within the
 \fIlegacy\fR
 section of file, indicated by
 [legacy]\&.
 .PP
 ctdb start as stopped = true|false
 .RS 4
 If set to
 true
 CTDB starts in the STOPPED state\&.
 .sp
 To allow the node to take part in the cluster it must be manually continued with the the
 \fBctdb continue\fR
 command\&.
 .sp
 Please see the
 NODE STATES
 section in
 \fBctdb\fR(7)
 for more information about the STOPPED state\&.
 .sp
 Default:
 false
 .RE
 .PP
 start as disabled = true|false
 .RS 4
 If set to
 true
 CTDB starts in the DISABLED state\&.
 .sp
 To allow the node to host public IP addresses and services, it must be manually enabled using the
 \fBctdb enable\fR
 command\&.
 .sp
 Please see the
 NODE STATES
 section in
 \fBctdb\fR(7)
 for more information about the DISABLED state\&.
 .sp
 Default:
 false
 .RE
 .PP
 realtime scheduling = true|false
 .RS 4
 Usually CTDB runs with real\-time priority\&. This helps it to perform effectively on a busy system, such as when there are thousands of Samba clients\&. If you are running CTDB on a platform that does not support real\-time priority, you can set this to
 false\&.
 .sp
 Default:
 true
 .RE
 .PP
 recmaster capability = true|false
 .RS 4
 Indicates whether a node can become the recovery master for the cluster\&. If this is set to
 false
 then the node will not be able to become the recovery master for the cluster\&. This feature is primarily used for making a cluster span across a WAN link and use CTDB as a WAN\-accelerator\&.
 .sp
 Please see the
 REMOTE CLUSTER NODES
 section in
 \fBctdb\fR(7)
 for more information\&.
 .sp
 Default:
 true
 .RE
 .PP
 lmaster capability = true|false
 .RS 4
 Indicates whether a node can become a location master for records in a database\&. If this is set to
 false
 then the node will not be part of the vnnmap\&. This feature is primarily used for making a cluster span across a WAN link and use CTDB as a WAN\-accelerator\&.
 .sp
 Please see the
 REMOTE CLUSTER NODES
 section in
 \fBctdb\fR(7)
 for more information\&.
 .sp
 Default:
 true
 .RE
 .PP
 script log level = \fILOGLEVEL\fR
 .RS 4
 This option sets the debug level of event script output to LOGLEVEL\&.
 .sp
 See the
 DEBUG LEVELS
 section in
 \fBctdb\fR(7)
 for more information\&.
 .sp
 Default:
 ERROR
 .RE
 .SH "FILES"
 .RS 4
 /usr/local/etc/ctdb/ctdb\&.conf
 .RE
 .SH "SEE ALSO"
 .PP
 \fBctdbd\fR(1),
 \fBonnode\fR(1),
 \fBctdb.sysconfig\fR(5),
 \fBctdb-script.options\fR(5),
 \fBctdb\fR(7),
 \fBctdb-tunables\fR(7),
 \m[blue]\fB\%http://ctdb.samba.org/\fR\m[]
 .SH "AUTHOR"
 .br
 .PP
 This documentation was written by Amitay Isaacs, Martin Schwenke
 .SH "COPYRIGHT"
 .br
 Copyright \(co 2007 Andrew Tridgell, Ronnie Sahlberg
 .br
 .PP
 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&.
 .PP
 This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&.
 .PP
 You should have received a copy of the GNU General Public License along with this program; if not, see
 \m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&.
 .sp
--- a/net/samba410/files/man/ctdb.sysconfig.5
+++ b/net/samba410/files/man/ctdb.sysconfig.5
@ -0,0 +1,139 @@
 '\" t
 .\"     Title: ctdb.sysconfig
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
 .\"      Date: 11/18/2018
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
 .TH "CTDB\&.SYSCONFIG" "5" "11/18/2018" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 .\" http://bugs.debian.org/507673
 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 .ie \n(.g .ds Aq \(aq
 .el       .ds Aq '
 .\" -----------------------------------------------------------------
 .\" * set default formatting
 .\" -----------------------------------------------------------------
 .\" disable hyphenation
 .nh
 .\" disable justification (adjust text to left margin only)
 .ad l
 .\" -----------------------------------------------------------------
 .\" * MAIN CONTENT STARTS HERE *
 .\" -----------------------------------------------------------------
 .SH "NAME"
 ctdb.sysconfig \- CTDB daemon configuration file
 .SH "DESCRIPTION"
 .PP
 This file contains configuration that affects the operation of CTDB\&. This is a distribution\-specific service configuration file such as
 /etc/sysconfig/ctdb
 (Red Hat) or
 /etc/default/ctdb
 (Debian) and is a shell script (see
 \fBsh\fR(1))\&.
 .SH "GLOBAL CONFIGURATION"
 .PP
 CTDB_INIT_STYLE=debian|redhat|suse
 .RS 4
 This is the init style used by the Linux distribution (or other operating system) being used\&. This is usually determined dynamically by checking the system\&. This variable is used by the initscript to determine which init system primitives to use\&. It is also used by some eventscripts to choose the name of initscripts for certain services, since these can vary between distributions\&.
 .sp
 If using CTDB\*(Aqs event scripts are unable to determine an appropriate default then this option can also be placed in a relevant
 \fBctdb-script.options\fR(5)
 file\&.
 .sp
 Default: NONE\&. Guessed, based on features of distribution\&.
 .RE
 .PP
 CTDB_STARTUP_TIMEOUT=\fINUM\fR
 .RS 4
 NUM is the number of seconds to wait for
 \fBctdbd\fR(1)
 complete early initialisation up to a point where it is unlikely to abort\&. If
 \fBctdbd\fR
 doesn\*(Aqt complete the "setup" event before this timeout then it is killed\&.
 .sp
 Defaults: 10
 .RE
 .SH "RESOURCE LIMITS"
 .SS "Maximum number of open files"
 .PP
 CTDB can use a lot of file descriptors, especially when used with Samba\&. If there are thousands of smbd processes connected to CTDB when this can mean that thousands of file descriptors are used\&. For CTDB, it is often necessary to increase limit on the maximum number of open files\&.
 .PP
 The maximum number of open files should be configured using an operating system mechanism\&.
 .PP
 systemd
 .RS 4
 The
 LimitNOFILE=\fBLIMIT\fR
 option can be used in a unit/service file increase the maximum number of open files\&. See
 \fBsystemd.exec\fR(5)
 for details\&.
 .RE
 .PP
 SYSV init
 .RS 4
 Use a command like
 \fBulimit \-n \fR\fB\fBLIMIT\fR\fR
 to increase the maximum number of open files\&. This command can be put in the relevant distribution\-specific service configuration file\&.
 .RE
 .SS "Allowing core dumps"
 .PP
 Many distributions do not allow core dump files to be generated by default\&. To assist with debugging, core files can be enabled\&. This should be configured using an operating system mechanism\&.
 .PP
 systemd
 .RS 4
 The
 LimitCORE=0|unlimited
 option can be used in a unit/service file\&.
 0
 disallows core files,
 unlimited
 allows them\&. maximum number of open files\&. See
 \fBsystemd.exec\fR(5)
 for details\&.
 .RE
 .PP
 SYSV init
 .RS 4
 Use a command like
 \fBulimit \-c 0|unlimited\fR
 to disable or enable core files as required\&. This command can be put in the relevant distribution\-specific service configuration file\&.
 .RE
 .SH "FILES"
 .RS 4
 /etc/sysconfig/ctdb
 .RE
 .RS 4
 /etc/default/ctdb
 .RE
 .RS 4
 /usr/local/etc/ctdb/script\&.options
 .RE
 .SH "SEE ALSO"
 .PP
 \fBctdbd\fR(1),
 \fBctdb-script.options\fR(5),
 \fBctdb\fR(7),
 \m[blue]\fB\%http://ctdb.samba.org/\fR\m[]
 .SH "AUTHOR"
 .br
 .PP
 This documentation was written by Martin Schwenke
 .SH "COPYRIGHT"
 .br
 Copyright \(co 2007 Andrew Tridgell, Ronnie Sahlberg
 .br
 .PP
 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&.
 .PP
 This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&.
 .PP
 You should have received a copy of the GNU General Public License along with this program; if not, see
 \m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&.
 .sp
--- a/net/samba410/files/man/ctdb_diagnostics.1
+++ b/net/samba410/files/man/ctdb_diagnostics.1
@ -2,12 +2,12 @@
 .\"     Title: ctdb_diagnostics
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 11/20/2017
+.\"      Date: 11/18/2018
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDB_DIAGNOSTICS" "1" "11/20/2017" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDB_DIAGNOSTICS" "1" "11/18/2018" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
--- a/net/samba410/files/man/ctdb_mutex_ceph_rados_helper.7
+++ b/net/samba410/files/man/ctdb_mutex_ceph_rados_helper.7
@ -1,79 +0,0 @@
 '\" t
 .\"     Title: Ceph RADOS Mutex
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
 .\"      Date: 11/20/2017
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
 .TH "CEPH RADOS MUTEX" "7" "11/20/2017" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 .\" http://bugs.debian.org/507673
 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 .ie \n(.g .ds Aq \(aq
 .el       .ds Aq '
 .\" -----------------------------------------------------------------
 .\" * set default formatting
 .\" -----------------------------------------------------------------
 .\" disable hyphenation
 .nh
 .\" disable justification (adjust text to left margin only)
 .ad l
 .\" -----------------------------------------------------------------
 .\" * MAIN CONTENT STARTS HERE *
 .\" -----------------------------------------------------------------
 .SH "NAME"
 ctdb_mutex_ceph_rados_helper \- Ceph RADOS cluster mutex helper
 .SH "DESCRIPTION"
 .PP
 ctdb_mutex_ceph_rados_helper can be used as a recovery lock provider for CTDB\&. When configured, split brain avoidance during CTDB recovery will be handled using locks against an object located in a Ceph RADOS pool\&. To enable this functionality, include the following line in your CTDB config file:
 .sp
 .if n \{\
 .RS 4
 .\}
 .nf
 CTDB_RECOVERY_LOCK="!ctdb_mutex_ceph_rados_helper [Cluster] [User] [Pool] [Object]"
 Cluster: Ceph cluster name (e\&.g\&. ceph)
 User: Ceph cluster user name (e\&.g\&. client\&.admin)
 Pool: Ceph RADOS pool name
 Object: Ceph RADOS object name
 .fi
 .if n \{\
 .RE
 .\}
 .PP
 The Ceph cluster
 \fICluster\fR
 must be up and running, with a configuration, and keyring file for
 \fIUser\fR
 located in a librados default search path (e\&.g\&. /etc/ceph/)\&.
 \fIPool\fR
 must already exist\&.
 .SH "SEE ALSO"
 .PP
 \fBctdb\fR(7),
 \fBctdbd\fR(1),
 \m[blue]\fB\%http://ctdb.samba.org/\fR\m[]
 .SH "AUTHOR"
 .br
 .PP
 This documentation was written by David Disseldorp
 .SH "COPYRIGHT"
 .br
 Copyright \(co 2016 David Disseldorp
 .br
 .PP
 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version\&.
 .PP
 This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&.
 .PP
 You should have received a copy of the GNU General Public License along with this program; if not, see
 \m[blue]\fB\%http://www.gnu.org/licenses\fR\m[]\&.
 .sp
--- a/net/samba410/files/man/ctdbd.1
+++ b/net/samba410/files/man/ctdbd.1
@ -2,12 +2,12 @@
 .\"     Title: ctdbd
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 11/20/2017
+.\"      Date: 11/18/2018
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDBD" "1" "11/20/2017" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDBD" "1" "11/18/2018" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@ -45,298 +45,21 @@ See
 for an overview of CTDB\&.
 .SH "GENERAL OPTIONS"
 .PP
-\-d, \-\-debug=\fIDEBUGLEVEL\fR
+\-i, \-\-interactive
 .RS 4
-This option sets the debug level to DEBUGLEVEL, which controls what will be written by the logging subsystem\&. The default is 2\&.
+Enable interactive mode\&. This will make ctdbd run in the foreground and not detach from the terminal\&. By default ctdbd will detach itself and run in the background as a daemon\&.
 .sp
 See the
 DEBUG LEVELS
 section in
 \fBctdb\fR(7)
 for more information\&.
 .RE
 .PP
 \-\-dbdir=\fIDIRECTORY\fR
 .RS 4
 DIRECTORY on local storage where ctdbd keeps a local copy of TDB databases\&. This directory is local for each node and should not be stored on the shared cluster filesystem\&.
 .sp
 Defaults to
 /usr/local/var/lib/ctdb\&.
 .RE
 .PP
 \-\-dbdir\-persistent=\fIDIRECTORY\fR
 .RS 4
 DIRECTORY on local storage where ctdbd keeps a local copy of persistent TDB databases\&. This directory is local for each node and should not be stored on the shared cluster filesystem\&.
 .sp
 Defaults to
 /usr/local/var/lib/ctdb/persistent\&.
 .RE
 .PP
 \-\-dbdir\-state=\fIDIRECTORY\fR
 .RS 4
 DIRECTORY on local storage where ctdbd keep internal state TDB files\&. This directory is local for each node and should not be stored on the shared cluster filesystem\&.
 .sp
 Defaults to
 /usr/local/var/lib/ctdb/state\&.
 .RE
 .PP
 \-\-event\-script\-dir=\fIDIRECTORY\fR
 .RS 4
 DIRECTORY where the CTDB event scripts are stored\&. See the
 EVENT SCRIPTS
 section in
 \fBctdb\fR(7)
 for more information\&.
 .sp
 Default is
 \fBCTDB_BASE\fR/events\&.d, so usually
 /usr/local/etc/ctdb/events\&.d, which is part of the CTDB installation\&.
 .RE
 .PP
 \-\-listen=\fIIPADDR\fR
 .RS 4
 IPADDR is the private IP address that ctdbd will bind to\&.
 .sp
 By default ctdbd will select the first address from the nodes list that in can bind to\&. See also
 \-\-nlist\&.
 .sp
 This option is only required when automatic address detection can not be used\&. This can be the case when running multiple ctdbd daemons/nodes on the same physical host (usually for testing), using InfiniBand for the private network or on Linux when sysctl net\&.ipv4\&.ip_nonlocal_bind=1\&.
 .RE
 .PP
 \-\-logging=\fISTRING\fR
 .RS 4
 STRING specifies where ctdbd will write its log\&. The default is file:/usr/local/var/log/log\&.ctdb\&.
 .sp
 Valid values are:
 .PP
 file:\fIFILENAME\fR
 .RS 4
 FILENAME where ctdbd will write its log\&. This is usually
 /usr/local/var/log/log\&.ctdb\&.
 .RE
 .PP
 syslog[:\fIMETHOD\fR]
 .RS 4
 CTDB will log to syslog\&. By default this will use the syslog(3) API\&.
 .sp
 Under heavy loads syslog(3) can block if the syslog daemon processes messages too slowly\&. This can cause CTDB to block when logging\&.
 .sp
 If METHOD is specified then it specifies an extension that causes logging to be done in a non\-blocking mode\&. Note that
 \fIthis may cause messages to be dropped\fR\&. METHOD must be one of:
 .PP
 nonblocking
 .RS 4
 CTDB will log to syslog via
 /dev/log
 in non\-blocking mode\&.
 .RE
 .PP
 udp
 .RS 4
 CTDB will log to syslog via UDP to localhost:514\&. The syslog daemon must be configured to listen on (at least) localhost:514\&. Most syslog daemons will log the messages with hostname "localhost" \- this is a limitation of the implementation, for compatibility with more syslog daemons\&.
 .RE
 .PP
 udp\-rfc5424
 .RS 4
 As with "udp" but messages are sent in RFC5424 format\&. This method will log the correct hostname but is not as widely implemented in syslog daemons\&.
 .RE
 .RE
 .RE
 .PP
 \-\-max\-persistent\-check\-errors=\fINUM\fR
 .RS 4
 NUM specifies the maximum number of health check failures allowed for persistent databases during startup\&.
 .sp
 The default value is 0\&. Setting this to non\-zero allows a node with unhealthy persistent databases to startup and join the cluster as long as there is another node with healthy persistent databases\&.
 .RE
 .PP
 \-\-nlist=\fIFILENAME\fR
 .RS 4
 FILENAME containing a list of the private IP addresses, one per line, for each node in the cluster\&. This file
 \fImust be the same on each node\fR
 in the cluster\&.
 .sp
 Default is
 \fBCTDB_BASE\fR/nodes, so usually
 /usr/local/etc/ctdb/nodes\&.
 .RE
 .PP
 \-\-no\-lmaster
 .RS 4
 This argument specifies that this node can NOT become an lmaster for records in the database\&. This means that it will never show up in the vnnmap\&. This feature is primarily used for making a cluster span across a WAN link and use CTDB as a WAN\-accelerator\&.
 .sp
 Please see the
 REMOTE CLUSTER NODES
 section in
 \fBctdb\fR(7)
 for more information\&.
 .RE
 .PP
 \-\-no\-recmaster
 .RS 4
 This argument specifies that this node can NOT become a recmaster for the database\&. This feature is primarily used for making a cluster span across a WAN link and use CTDB as a WAN\-accelerator\&.
 .sp
 Please see the
 REMOTE CLUSTER NODES
 section in
 \fBctdb\fR(7)
 for more information\&.
 .RE
 .PP
 \-\-notification\-script=\fIFILENAME\fR
 .RS 4
 FILENAME specifying a script to be invoked by ctdbd when certain state changes occur\&.
 .sp
 This file is usually
 /usr/local/etc/ctdb/notify\&.sh\&.
 .sp
 Please see the
 NOTIFICATION SCRIPT
 section in
 \fBctdb\fR(7)
 for more information\&.
 .RE
 .PP
 \-\-pidfile=\fIFILENAME\fR
 .RS 4
 FILENAME for file containing process ID of main CTDB daemon\&. This file is automatically created and removed by CTDB\&.
 .sp
 The default is to not create a PID file\&.
 .RE
 .PP
 \-\-public_addresses=\fIFILENAME\fR
 .RS 4
 FILENAME specifying a file containing the public IP addresses to use on the cluster when CTDB should use IP takeover\&. This file contains a list of IP addresses, netmasks and interfaces\&. CTDB will distribute these public IP addresses appropriately across the available nodes\&.
 .sp
 The IP addresses specified in this file can differ across nodes\&.
 .sp
 This is usually the file
 /usr/local/etc/ctdb/public_addresses
 .RE
 .PP
 \-\-public\-interface=\fIINTERFACE\fR
 .RS 4
 Default INTERFACE on which to attach public IP addresses\&.
 .sp
 When using public IP addresses, this is only required if interfaces are not explicitly specified in the public addresses file\&.
 .RE
 .PP
 \-\-reclock=\fILOCK\fR
 .RS 4
 LOCK specifies the cluster\-wide mutex used to detect and prevent a partitioned cluster (or "split brain")\&.
 .sp
 For information about the recovery lock please see the
 RECOVERY LOCK
 section in
 \fBctdb\fR(7)\&.
 .RE
 .PP
 \-\-start\-as\-disabled
 .RS 4
 This makes ctdbd start in the DISABLED state\&.
 .sp
 To allow the node to host public IP addresses and services, it must be manually enabled using the
 \fBctdb enable\fR
 command\&.
 .sp
 Please see the
 NODE STATES
 section in
 \fBctdb\fR(7)
 for more information about the DISABLED state\&.
 .RE
 .PP
 \-\-start\-as\-stopped
 .RS 4
 This makes ctdbd start in the STOPPED state\&.
 .sp
 To allow the node to take part in the cluster it must be manually continued with the the
 \fBctdb enable\fR
 command\&.
 .sp
 Please see the
 NODE STATES
 section in
 \fBctdb\fR(7)
 for more information about the STOPPED state\&.
 .RE
 .PP
 \-\-transport=tcp|infiniband
 .RS 4
 This option specifies which transport to use for ctdbd internode communications\&. The default is "tcp"\&.
 .sp
 The "infiniband" support is not regularly tested\&.
 .RE
 .PP
 \-?, \-\-help
 .RS 4
 Display a summary of options\&.
 .RE
 .SH "DEBUGGING OPTIONS"
 .PP
 \-i, \-\-interactive
 .RS 4
 Enable interactive mode\&. This will make ctdbd run in the foreground and not detach from the terminal\&. By default ctdbd will detach itself and run in the background as a daemon\&.
 .RE
 .PP
 \-\-nopublicipcheck
 .RS 4
 This option is used when testing with multiple local daemons on a single machine\&. It disables checks related to public IP addresses\&.
 .RE
 .PP
 \-\-nosetsched
 .RS 4
 This is a debugging option\&. This option is only used when debugging ctdbd\&.
 .sp
 Normally ctdbd will change its scheduler to run as a real\-time process\&. This is the default mode for a normal ctdbd operation to gurarantee that ctdbd always gets the CPU cycles that it needs\&.
 .sp
 This option is used to tell ctdbd to
 \fInot\fR
 run as a real\-time process and instead run ctdbd as a normal userspace process\&. This is useful for debugging and when you want to run ctdbd under valgrind or gdb\&. (You don\*(Aqt want to attach valgrind or gdb to a real\-time process\&.)
 .RE
 .PP
 \-\-socket=\fIFILENAME\fR
 .RS 4
 FILENAME specifies the name of the Unix domain socket that ctdbd will create\&. This socket is used by local clients to communicate with ctdbd\&.
 .sp
 The default is
 /usr/local/var/run/ctdb/ctdbd\&.socket\&. You only need to use this option if you plan to run multiple ctdbd daemons on the same physical host, usually for testing\&.
 .RE
 .PP
 \-\-script\-log\-level=\fIDEBUGLEVEL\fR
 .RS 4
 This option sets the debug level of event script output to DEBUGLEVEL\&. The default is ERR\&.
 .sp
 See the
 DEBUG LEVELS
 section in
 \fBctdb\fR(7)
 for more information\&.
 .RE
 .PP
 \-\-sloppy\-start
 .RS 4
 This is debugging option\&. This speeds up the initial recovery during startup at the expense of some consistency checking\&.
 \fIDon\*(Aqt use this option in production\fR\&.
 .RE
 .PP
 \-\-torture
 .RS 4
 This option is only used for development and testing of CTDB\&. It adds artificial errors and failures to the common codepaths in ctdbd to verify that ctdbd can recover correctly from failures\&.
 .sp
 \fIDo not use this option\fR
 unless you are developing and testing new functionality in CTDB\&.
 .RE
 .PP
 \-\-valgrinding
 .RS 4
 This is a debugging option\&. This option is only used when debugging ctdbd\&. This enables additional debugging capabilities and implies \-\-nosetsched\&.
 .RE
 .SH "SEE ALSO"
 .PP
 \fBctdb\fR(1),
 \fBctdbd_wrapper\fR(1),
 \fBonnode\fR(1),
 \fBctdb.conf\fR(5),
 \fBctdb\fR(7),
 \fBctdb-tunables\fR(7),
 \m[blue]\fB\%http://ctdb.samba.org/\fR\m[]
--- a/net/samba410/files/man/ctdbd_wrapper.1
+++ b/net/samba410/files/man/ctdbd_wrapper.1
@ -2,12 +2,12 @@
 .\"     Title: ctdbd_wrapper
 .\"    Author: 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\"      Date: 11/20/2017
+.\"      Date: 11/18/2018
 .\"    Manual: CTDB - clustered TDB database
 .\"    Source: ctdb
 .\"  Language: English
 .\"
-.TH "CTDBD_WRAPPER" "1" "11/20/2017" "ctdb" "CTDB \- clustered TDB database"
+.TH "CTDBD_WRAPPER" "1" "11/18/2018" "ctdb" "CTDB \- clustered TDB database"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@ -31,24 +31,18 @@
 ctdbd_wrapper \- Wrapper for ctdbd
 .SH "SYNOPSIS"
 .HP \w'\fBctdbd_wrapper\fR\ 'u
-\fBctdbd_wrapper\fR {\fIPIDFILE\fR} {start | stop}
+\fBctdbd_wrapper\fR {start | stop}
 .SH "DESCRIPTION"
 .PP
 ctdbd_wrapper is used to start or stop the main CTDB daemon\&.
 .PP
 \fIPIDFILE\fR
 specifies the location of the file containing the PID of the main CTDB daemon\&.
 .PP
 ctdbd_wrapper constructs command\-line options for ctdbd from configuration variables specified in
 \fBctdbd.conf\fR(5)\&.
 .PP
 See
 \fBctdb\fR(7)
 for an overview of CTDB\&.
 .SH "SEE ALSO"
 .PP
 \fBctdbd\fR(1),
-\fBctdbd.conf\fR(5),
+\fBctdb.sysconfig\fR(5),
 \fBctdb\fR(7),
 \m[blue]\fB\%http://ctdb.samba.org/\fR\m[]
 .SH "AUTHOR"
--- a/net/samba410/files/man/samba_gpoupdate.8
+++ b/net/samba410/files/man/samba_gpoupdate.8
--- a/net/samba410/files/man/vfs_freebsd.8
+++ b/net/samba410/files/man/vfs_freebsd.8
@ -0,0 +1,204 @@
 '\" t
 .\"     Title: vfs_freebsd
 .\"    Author: [see the "AUTHOR" section]
 .\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
 .\"      Date: 06/24/2019
 .\"    Manual: System Administration tools
 .\"    Source: Samba 4.10.5
 .\"  Language: English
 .\"
 .TH "VFS_FREEBSD" "8" "06/24/2019" "Samba 4\&.10\&.5" "System Administration tools"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 .\" http://bugs.debian.org/507673
 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 .ie \n(.g .ds Aq \(aq
 .el       .ds Aq '
 .\" -----------------------------------------------------------------
 .\" * set default formatting
 .\" -----------------------------------------------------------------
 .\" disable hyphenation
 .nh
 .\" disable justification (adjust text to left margin only)
 .ad l
 .\" -----------------------------------------------------------------
 .\" * MAIN CONTENT STARTS HERE *
 .\" -----------------------------------------------------------------
 .SH "NAME"
 vfs_freebsd \- FreeBSD\-specific VFS functions
 .SH "SYNOPSIS"
 .HP \w'\ 'u
 vfs objects = freebsd
 .SH "DESCRIPTION"
 .PP
 This VFS module is part of the
 \fBsamba\fR(7)
 suite\&.
 .PP
 The
 vfs_freebsd
 module implements some of the FreeBSD\-specific VFS functions\&.
 .PP
 This module is stackable\&.
 .SH "OPTIONS"
 .PP
 freebsd:extattr mode=[legacy|compat|secure]
 .RS 4
 This parameter defines how the emulation of the Linux attr(5) extended attributes is performed through the FreeBSD native extattr(9) system calls\&.
 .sp
 Currently the
 \fIsecurity\fR,
 \fIsystem\fR,
 \fItrusted\fR
 and
 \fIuser\fR
 extended attribute(xattr) classes are defined in Linux\&. Contrary FreeBSD has only
 \fIUSER\fR
 and
 \fISYSTEM\fR
 extended attribute(extattr) namespaces, so mapping of one set into another isn\*(Aqt straightforward and can be done in different ways\&.
 .sp
 Historically the Samba(7) built\-in xattr mapping implementation simply converted
 \fIsystem\fR
 and
 \fIuser\fR
 xattr into corresponding
 \fISYSTEM\fR
 and
 \fIUSER\fR
 extattr namespaces, dropping the class prefix name with the separating dot and using attribute name only within the mapped namespace\&. It also rejected any other xattr classes, like
 \fIsecurity\fR
 and
 \fItrusted\fR
 as invalid\&. Such behavior in particular broke AD provisioning on UFS2 file systems as essential
 \fIsecurity\&.NTACL\fR
 xattr was rejected as invalid\&.
 .sp
 This module tries to address this problem and provide secure, where it\*(Aqs possible, way to map Linux xattr into FreeBSD\*(Aqs extattr\&.
 .sp
 When
 \fImode\fR
 is set to the
 \fIlegacy (default)\fR
 then modified version of built\-in mapping is used, where
 \fIsystem\fR
 xattr is mapped into SYSTEM namespace, while
 \fIsecure\fR,
 \fItrusted\fR
 and
 \fIuser\fR
 xattr are all mapped into the USER namespace, dropping class prefixes and mix them all together\&. This is the way how Samba FreeBSD ports were patched up to the 4\&.9 version and that created multiple potential security issues\&. This mode is aimed for the compatibility with the legacy installations only and should be avoided in new setups\&.
 .sp
 The
 \fIcompat\fR
 mode is mostly designed for the jailed environments, where it\*(Aqs not possible to write extattrs into the secure SYSTEM namespace, so all four classes are mapped into the USER namespace\&. To preserve information about origin of the extended attribute it is stored together with the class preffix in the
 \fIclass\&.attribute\fR
 format\&.
 .sp
 The
 \fIsecure\fR
 mode is meant for storing extended attributes in a secure manner, so that
 \fIsecurity\fR,
 \fIsystem\fR
 and
 \fItrusted\fR
 are stored in the SYSTEM namespace, which can be modified only by root\&.
 .RE
 .SH ""
 .sp
 .it 1 an-trap
 .nr an-no-space-flag 1
 .nr an-break-flag 1
 .br
 .B Table\ \&1.\ \&Attributes mapping
 .TS
 allbox tab(:);
 lB lB lB lB lB.
 T{
 T}:T{
 built\-in
 T}:T{
 legacy
 T}:T{
 compat/jail
 T}:T{
 secure
 T}
 .T&
 lB l l l l
 lB l l l l
 lB l l l l
 lB l l l l.
 T{
 user
 T}:T{
 USER; attribute
 T}:T{
 USER; attribute
 T}:T{
 USER; user\&.attribute
 T}:T{
 USER; user\&.attribute
 T}
 T{
 system
 T}:T{
 SYSTEM; attribute
 T}:T{
 SYSTEM; attribute
 T}:T{
 USER; system\&.attribute
 T}:T{
 SYSTEM; system\&.attribute
 T}
 T{
 trusted
 T}:T{
 FAIL
 T}:T{
 USER; attribute
 T}:T{
 USER; trusted\&.attribute
 T}:T{
 SYSTEM; trusted\&.attribute
 T}
 T{
 security
 T}:T{
 FAIL
 T}:T{
 USER; attribute
 T}:T{
 USER; security\&.attribute
 T}:T{
 SYSTEM; security\&.attribute
 T}
 .TE
 .sp 1
 .SH "EXAMPLES"
 .PP
 Use secure method of setting extended attributes on the share:
 .sp
 .if n \{\
 .RS 4
 .\}
 .nf
 	\fI[sysvol]\fR
 	\m[blue]\fBvfs objects = freebsd\fR\m[]
 	\m[blue]\fBfreebsd:extattr mode = secure\fR\m[]
 .fi
 .if n \{\
 .RE
 .\}
 .SH "VERSION"
 .PP
 This man page is part of version 4\&.10\&.5 of the Samba suite\&.
 .SH "AUTHOR"
 .PP
 The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&.
 .PP
 This module was written by Timur I\&. Bakeyev
--- a/net/samba410/files/patch-bind14
+++ b/net/samba410/files/patch-bind14
@ -1,19 +1,9 @@
--- source4/dns_server/wscript_build.orig	2018-01-14 20:41:58 UTC
+--- source4/dns_server/wscript_build.orig	2019-01-15 10:07:00 UTC
 +++ source4/dns_server/wscript_build
-@@ -58,6 +58,36 @@
+@@ -68,6 +68,26 @@ bld.SAMBA_LIBRARY('dlz_bind9_12',
                   deps='samba-hostconfig samdb-common gensec popt dnsserver_common',
                   enabled=bld.AD_DC_BUILD_IS_ENABLED())
 +bld.SAMBA_LIBRARY('dlz_bind9_12',
 +                  source='dlz_bind9.c',
 +                  cflags='-DBIND_VERSION_9_12',
 +                  private_library=True,
 +                  link_name='modules/bind9/dlz_bind9_12.so',
 +                  realname='dlz_bind9_12.so',
 +                  install_path='${MODULESDIR}/bind9',
 +                  deps='samba-hostconfig samdb-common gensec popt dnsserver_common',
 +                  enabled=bld.AD_DC_BUILD_IS_ENABLED())
 +
 +bld.SAMBA_LIBRARY('dlz_bind9_13',
 +                  source='dlz_bind9.c',
 +                  cflags='-DBIND_VERSION_9_13',
@ -37,52 +27,46 @@
 bld.SAMBA_LIBRARY('dlz_bind9_for_torture',
                   source='dlz_bind9.c',
                   cflags='-DBIND_VERSION_9_8',
--- source4/dns_server/dlz_minimal.h.orig	2018-01-14 20:41:58 UTC
+--- source4/dns_server/dlz_minimal.h.orig	2019-01-15 10:07:00 UTC
 +++ source4/dns_server/dlz_minimal.h
-@@ -31,7 +31,7 @@
+@@ -31,10 +31,7 @@
 #elif defined (BIND_VERSION_9_10)
 # define DLZ_DLOPEN_VERSION 3
 # define DNS_CLIENTINFO_VERSION 1
 -#elif defined (BIND_VERSION_9_11)
 -# define DLZ_DLOPEN_VERSION 3
 -# define DNS_CLIENTINFO_VERSION 2
 -#elif defined (BIND_VERSION_9_12)
 +#elif defined (BIND_VERSION_9_11) || defined (BIND_VERSION_9_12) || defined (BIND_VERSION_9_13) || defined (BIND_VERSION_9_14)
 # define DLZ_DLOPEN_VERSION 3
 # define DNS_CLIENTINFO_VERSION 2
 #else
--- source4/setup/named.conf.dlz.orig	2018-01-14 22:41:59 UTC
+--- source4/setup/named.conf.dlz.orig	2019-06-22 09:56:57 UTC
 +++ source4/setup/named.conf.dlz
-@@ -21,5 +21,14 @@ dlz "AD DNS Zone" {
+@@ -22,5 +22,8 @@ dlz "AD DNS Zone" {
     # For BIND 9.11.x
     ${BIND9_11} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_11.so";
-+
+ 
 +    # For BIND 9.12.x
 +    ${BIND9_12} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_12.so";
 +
 +    # For BIND 9.13.x
 +    ${BIND9_13} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_13.so";
 +
 +    # For BIND 9.14.x
 +    ${BIND9_14} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_14.so";
 };
--- python/samba/provision/sambadns.py.orig	2018-01-17 09:08:39 UTC
+--- python/samba/provision/sambadns.py.orig	2019-01-15 10:07:00 UTC
 +++ python/samba/provision/sambadns.py
-@@ -937,6 +937,9 @@ def create_named_conf(paths, realm, dnsd
+@@ -960,6 +960,8 @@ def create_named_conf(paths, realm, dnsd
         bind9_9 = '#'
         bind9_10 = '#'
         bind9_11 = '#'
-+        bind9_12 = '#'
+         bind9_12 = '#'
 +        bind9_13 = '#'
 +        bind9_14 = '#'
         if bind_info.upper().find('BIND 9.8') != -1:
             bind9_8 = ''
         elif bind_info.upper().find('BIND 9.9') != -1:
-@@ -945,6 +947,12 @@ def create_named_conf(paths, realm, dnsd
+@@ -970,6 +972,10 @@ def create_named_conf(paths, realm, dnsd
             bind9_10 = ''
         elif bind_info.upper().find('BIND 9.11') != -1:
             bind9_11 = ''
-+        elif bind_info.upper().find('BIND 9.12') != -1:
+         elif bind_info.upper().find('BIND 9.12') != -1:
-+            bind9_12 = ''
+             bind9_12 = ''
 +        elif bind_info.upper().find('BIND 9.13') != -1:
 +            bind9_13 = ''
 +        elif bind_info.upper().find('BIND 9.14') != -1:
@ -90,12 +74,12 @@
         elif bind_info.upper().find('BIND 9.7') != -1:
             raise ProvisioningError("DLZ option incompatible with BIND 9.7.")
         else:
-@@ -955,7 +961,10 @@ def create_named_conf(paths, realm, dnsd
+@@ -981,8 +987,9 @@ def create_named_conf(paths, realm, dnsd
-                     "BIND9_8" : bind9_8,
+                     "BIND9_9": bind9_9,
-                     "BIND9_9" : bind9_9,
+                     "BIND9_10": bind9_10,
-                     "BIND9_10" : bind9_10,
+                     "BIND9_11": bind9_11,
-                    "BIND9_11" : bind9_11
+-                    "BIND9_12": bind9_12
-+                    "BIND9_11" : bind9_11,
+-
 +                    "BIND9_12" : bind9_12,
 +                    "BIND9_13" : bind9_13,
 +                    "BIND9_14" : bind9_14
--- a/net/samba410/files/patch-buildtoolswafsambasamba_python.py
+++ b/net/samba410/files/patch-buildtoolswafsambasamba_python.py
@ -1,40 +0,0 @@
 --- buildtools/wafsamba/samba_python.py.orig	2018-01-13 09:07:51 UTC
 +++ buildtools/wafsamba/samba_python.py
@@ -76,17 +76,35 @@ def SAMBA_CHECK_PYTHON_HEADERS(conf, man
 def _check_python_headers(conf, mandatory):
     try:
 +        from python import _get_python_variables
         Configure.ConfigurationError
         conf.check_python_headers(mandatory=mandatory)
 +        conf.env['PYTHON_SO_ABI'] = _get_python_variables(
 +            conf.env['PYTHON'],
 +            ["get_config_var('SOABI') or ''"],
 +            ['from distutils.sysconfig import get_config_var']
 +        )[0]
     except Configure.ConfigurationError:
         if mandatory:
              raise
     if conf.env['PYTHON_VERSION'] > '3':
 -        abi_pattern = os.path.splitext(conf.env['pyext_PATTERN'])[0]
 -        conf.env['PYTHON_SO_ABI_FLAG'] = abi_pattern % ''
 +        '''Be caucious here - conf parameter is PYTHON_SO_ABI_FLAG,
 +           while environment variable is PYTHON3_SO_ABI_FLAG'''
 +        override_PYTHON_SO_ABI_FLAG = os.getenv('PYTHON3_SO_ABI_FLAG', None)
 +        if override_PYTHON_SO_ABI_FLAG is not None:
 +            conf.env['PYTHON_SO_ABI_FLAG'] = override_PYTHON_SO_ABI_FLAG
 +            conf.env['pyext_PATTERN'] = '%%s%s.%s' % (conf.env['PYTHON_SO_ABI_FLAG'], conf.env['SHLIBEXT'])
 +        if not conf.env['PYTHON_SO_ABI_FLAG']:
 +            if conf.env['PYTHON_SO_ABI']:
 +                conf.env['PYTHON_SO_ABI_FLAG'] = '.'+conf.env['PYTHON_SO_ABI']
 +                conf.env['pyext_PATTERN'] = '%%s%s.%s' % (conf.env['PYTHON_SO_ABI_FLAG'], conf.env['SHLIBEXT'])
 +            else:
 +                abi_pattern = os.path.splitext(conf.env['pyext_PATTERN'])[0]
 +                conf.env['PYTHON_SO_ABI_FLAG'] = abi_pattern % ''
     else:
         conf.env['PYTHON_SO_ABI_FLAG'] = ''
 +
     conf.env['PYTHON_LIBNAME_SO_ABI_FLAG'] = (
         conf.env['PYTHON_SO_ABI_FLAG'].replace('_', '-'))
--- a/net/samba410/files/patch-buildtools_scripts_abi__gen.sh
+++ b/net/samba410/files/patch-buildtools_scripts_abi__gen.sh
@ -1,4 +1,4 @@
--- buildtools/scripts/abi_gen.sh.orig	2017-07-04 14:05:25 UTC
+--- buildtools/scripts/abi_gen.sh.orig	2019-01-15 10:07:00 UTC
 +++ buildtools/scripts/abi_gen.sh
@@ -9,13 +9,14 @@ GDBSCRIPT="gdb_syms.$$"
 cat <<EOF
--- a/net/samba410/files/patch-buildtools_wafsamba_samba__autoconf.py
+++ b/net/samba410/files/patch-buildtools_wafsamba_samba__autoconf.py
@ -1,6 +1,6 @@
--- buildtools/wafsamba/samba_autoconf.py.orig	2016-10-07 04:45:35 UTC
+--- buildtools/wafsamba/samba_autoconf.py.orig	2019-01-15 10:07:00 UTC
 +++ buildtools/wafsamba/samba_autoconf.py
-@@ -548,7 +548,7 @@ def library_flags(self, libs):
+@@ -575,7 +575,7 @@ def library_flags(self, libs):
 @conf
@ -9,7 +9,7 @@
     '''check if a set of libraries exist as system libraries
     returns the sublist of libs that do exist as a syslib or []
-@@ -568,11 +568,29 @@ int foo()
+@@ -595,11 +595,29 @@ int foo()
             ret.append(lib)
             continue
@ -19,21 +19,21 @@
         (ccflags, ldflags, cpppath) = library_flags(conf, lib)
 +
         if shlib:
-            res = conf.check(features='c cshlib', fragment=fragment, lib=lib, uselib_store=lib, ccflags=ccflags, ldflags=ldflags, uselib=lib.upper(), mandatory=False)
+-            res = conf.check(features='c cshlib', fragment=fragment, lib=lib, uselib_store=lib, cflags=ccflags, ldflags=ldflags, uselib=lib.upper(), mandatory=False)
 +            res = conf.check(features='c cshlib',
 +                             fragment=fragment,
 +                             lib=lib,
 +                             uselib_store=lib,
-+                             ccflags=ccflags,
+                             cflags=ccflags,
 +                             ldflags=ldflags,
 +                             uselib=lib.upper(),
 +                             mandatory=False,
 +                             msg=msg)
         else:
-            res = conf.check(lib=lib, uselib_store=lib, ccflags=ccflags, ldflags=ldflags, uselib=lib.upper(), mandatory=False)
+-            res = conf.check(lib=lib, uselib_store=lib, cflags=ccflags, ldflags=ldflags, uselib=lib.upper(), mandatory=False)
 +            res = conf.check(lib=lib,
 +                             uselib_store=lib,
-+                             ccflags=ccflags,
+                             cflags=ccflags,
 +                             ldflags=ldflags,
 +                             uselib=lib.upper(),
 +                             mandatory=False,
@ -41,7 +41,7 @@
         if not res:
             if mandatory:
-@@ -873,7 +891,7 @@ def SAMBA_CHECK_UNDEFINED_SYMBOL_FLAGS(c
+@@ -927,6 +945,6 @@ def SAMBA_CHECK_UNDEFINED_SYMBOL_FLAGS(c
         conf.env.undefined_ldflags = conf.ADD_LDFLAGS('-Wl,-no-undefined', testflags=True)
     if not sys.platform.startswith("openbsd") and conf.env.undefined_ignore_ldflags == []:
@ -49,4 +49,3 @@
 +        if conf.CHECK_LDFLAGS(['-undefined', 'dynamic_lookup'] + conf.env.WERROR_CFLAGS):
             conf.env.undefined_ignore_ldflags = ['-undefined', 'dynamic_lookup']
 @conf
--- a/net/samba410/files/patch-buildtools_wafsamba_samba__install.py
+++ b/net/samba410/files/patch-buildtools_wafsamba_samba__install.py
@ -1,4 +1,4 @@
--- buildtools/wafsamba/samba_install.py.orig	2017-07-04 10:05:25 UTC
+--- buildtools/wafsamba/samba_install.py.orig	2019-01-15 10:07:00 UTC
 +++ buildtools/wafsamba/samba_install.py
@@ -118,7 +118,7 @@ def install_library(self):
                 inst_name    = bld.make_libname(t.target)
--- a/net/samba410/files/patch-buildtools_wafsamba_wafsamba.py
+++ b/net/samba410/files/patch-buildtools_wafsamba_wafsamba.py
--- a/net/samba410/files/patch-buildtools_wafsamba_wscript
+++ b/net/samba410/files/patch-buildtools_wafsamba_wscript
@ -1,13 +1,13 @@
--- buildtools/wafsamba/wscript.orig	2017-04-28 11:57:26 UTC
+--- buildtools/wafsamba/wscript.orig	2019-01-15 10:07:00 UTC
 +++ buildtools/wafsamba/wscript
-@@ -74,12 +74,17 @@ def set_options(opt):
+@@ -80,12 +80,17 @@ def options(opt):
-                    help=("private library directory [PREFIX/lib/%s]" % Utils.g_module.APPNAME),
+                    help=("private library directory [PREFIX/lib/%s]" % Context.g_module.APPNAME),
                    action="store", dest='PRIVATELIBDIR', default=None)
 +    opt.add_option('--with-openldap',
 +                   help='additional directory to search for OpenLDAP libs',
 +                   action='store', dest='ldap_open', default=None,
-+                   match = ['Checking for header ldap.h', 'Checking for header lber.h', 'Checking for library lber', 'Checking for library ldap'])
+                   match = ['Checking for library lber', 'Checking for library ldap'])
 +
     opt.add_option('--with-libiconv',
                    help='additional directory to search for libiconv',
--- a/net/samba410/files/patch-ctdb__wscript
+++ b/net/samba410/files/patch-ctdb__wscript
@ -1,6 +1,6 @@
--- ctdb/wscript.orig	2018-08-24 11:58:20 UTC
+--- ctdb/wscript.orig	2019-05-22 10:16:26 UTC
 +++ ctdb/wscript
-@@ -90,6 +90,9 @@ def set_options(opt):
+@@ -104,6 +104,9 @@ def options(opt):
     opt.add_option('--enable-ceph-reclock',
                    help=("Enable Ceph CTDB recovery lock helper (default=no)"),
                    action="store_true", dest='ctdb_ceph_reclock', default=False)
@ -10,7 +10,7 @@
     opt.add_option('--with-logdir',
                    help=("Path to log directory"),
-@@ -231,7 +234,7 @@ def configure(conf):
+@@ -260,7 +263,7 @@ def configure(conf):
             conf.env['LIBPATH_CEPH-COMMON'] = conf.env['LIBPATH_RADOS'] + '/ceph'
         if (conf.CHECK_HEADERS('rados/librados.h', False, False, 'rados') and
@ -19,25 +19,24 @@
             conf.CHECK_LIB('ceph-common', shlib=True)
             Logs.info('Building with Ceph librados recovery lock support')
             conf.define('HAVE_LIBRADOS', 1)
-@@ -268,9 +271,15 @@ def configure(conf):
+@@ -300,8 +303,14 @@ def configure(conf):
                     conf.env.CTDB_VARDIR,
                     conf.env.CTDB_RUNDIR))
-    conf.env.CTDB_TEST_DATADIR = os.path.join(conf.env.EXEC_PREFIX,
+-    conf.env.CTDB_TEST_DATADIR = os.path.join(conf.env.CTDB_DATADIR, 'tests')
 -    conf.env.CTDB_TEST_LIBEXECDIR = os.path.join(conf.env.LIBEXECDIR, 'ctdb/tests')
 +    if Options.options.ctdb_no_tests:
 +        conf.env.ctdb_tests = False
 +    else:
 +        conf.env.ctdb_tests = True
 +
 +    if conf.env.ctdb_tests:
-+        conf.env.CTDB_TEST_DATADIR = os.path.join(conf.env.EXEC_PREFIX,
+        conf.env.CTDB_TEST_DATADIR = os.path.join(conf.env.CTDB_DATADIR, 'tests')
                                               'share/ctdb/tests')
 -    conf.env.CTDB_TEST_LIBEXECDIR = os.path.join(conf.env.LIBEXECDIR, 'ctdb/tests')
 +        conf.env.CTDB_TEST_LIBEXECDIR = os.path.join(conf.env.LIBEXECDIR, 'ctdb/tests')
     # Allow unified compilation and separate compilation of utilities
     # to find includes
-@@ -605,9 +614,9 @@ def build(bld):
+@@ -679,9 +688,9 @@ def build(bld):
     if bld.env.HAVE_LIBRADOS:
         bld.SAMBA_BINARY('ctdb_mutex_ceph_rados_helper',
                          source='utils/ceph/ctdb_mutex_ceph_rados_helper.c',
@ -50,13 +49,13 @@
     sed_expr1 = 's|/usr/local/var/lib/ctdb|%s|g'  % (bld.env.CTDB_VARDIR)
     sed_expr2 = 's|/usr/local/etc/ctdb|%s|g'      % (bld.env.CTDB_ETCDIR)
-@@ -750,6 +759,9 @@ def build(bld):
+@@ -858,6 +867,9 @@ def build(bld):
-     bld.install_dir(bld.env.CTDB_RUNDIR)
+     for d in ['volatile', 'persistent', 'state']:
-     bld.install_dir(bld.env.CTDB_VARDIR)
+         bld.INSTALL_DIR(os.path.join(bld.env.CTDB_VARDIR, d))
 +    if not bld.env.ctdb_tests:
 +        return
 +
-     # Unit tests
+     bld.SAMBA_BINARY('errcode',
-     ctdb_unit_tests = [
+                      source='tests/src/errcode.c',
-         'db_hash_test',
+                      deps='replace',
--- a/net/samba410/files/patch-dnssock.c
+++ b/net/samba410/files/patch-dnssock.c
@ -1,13 +0,0 @@
 --- lib/addns/dnssock.c.orig	2018-06-11 14:38:36 UTC
 +++ lib/addns/dnssock.c
@@ -221,9 +221,7 @@ static DNS_ERROR dns_send_udp(struct dns
 	ssize_t ret;
 	do {
 -		ret = sendto(conn->s, buf->data, buf->offset, 0,
 -		     (struct sockaddr *)&conn->RecvAddr,
 -		     sizeof(conn->RecvAddr));
 +		ret = send(conn->s, buf->data, buf->offset, 0);
 	} while ((ret == -1) && (errno == EINTR));
 	if (ret != buf->offset) {
--- a/net/samba410/files/patch-dbwrap
+++ b/net/samba410/files/patch-dbwrap
@ -1,4 +1,4 @@
--- lib/dbwrap/dbwrap.c.orig	2018-01-17 10:08:39 UTC
+--- lib/dbwrap/dbwrap.c.orig	2019-01-15 10:07:00 UTC
 +++ lib/dbwrap/dbwrap.c
@@ -28,6 +28,9 @@
 #include "lib/util/util_tdb.h"
@ -10,20 +10,20 @@
 /*
  * Fall back using fetch if no genuine exists operation is provided
  */
--- lib/dbwrap/dbwrap_local_open.c.orig	2018-01-14 21:41:58.000000000 +0100
+--- lib/dbwrap/dbwrap_local_open.c.orig	2019-01-15 10:07:00 UTC
-+++ lib/dbwrap/dbwrap_local_open.c	2018-03-29 23:49:51.888588000 +0200
+++ lib/dbwrap/dbwrap_local_open.c
-@@ -24,6 +24,9 @@
+@@ -23,6 +23,9 @@
 #include "dbwrap/dbwrap_tdb.h"
 #include "tdb.h"
 #include "lib/param/param.h"
 +#undef DBGC_CLASS
 +#define DBGC_CLASS DBGC_LOCKING
 +
 struct db_context *dbwrap_local_open(TALLOC_CTX *mem_ctx,
 				     struct loadparm_context *lp_ctx,
 				     const char *name,
--- lib/dbwrap/dbwrap_rbt.c.orig	2018-01-17 09:08:39.000000000 +0100
+ 				     int hash_size, int tdb_flags,
-+++ lib/dbwrap/dbwrap_rbt.c	2018-03-29 23:50:13.427755000 +0200
+--- lib/dbwrap/dbwrap_rbt.c.orig	2019-01-15 10:07:00 UTC
 +++ lib/dbwrap/dbwrap_rbt.c
@@ -24,6 +24,9 @@
 #include "../lib/util/rbtree.h"
 #include "../lib/util/dlinklist.h"
@ -34,8 +34,8 @@
 #define DBWRAP_RBT_ALIGN(_size_) (((_size_)+15)&~15)
 struct db_rbt_ctx {
--- lib/dbwrap/dbwrap_tdb.c.orig	2018-01-17 09:08:39.000000000 +0100
+--- lib/dbwrap/dbwrap_tdb.c.orig	2019-01-15 10:07:00 UTC
-+++ lib/dbwrap/dbwrap_tdb.c	2018-03-29 23:50:40.789642000 +0200
+++ lib/dbwrap/dbwrap_tdb.c
@@ -27,6 +27,9 @@
 #include "lib/param/param.h"
 #include "libcli/util/error.h"
@ -46,8 +46,8 @@
 struct db_tdb_ctx {
 	struct tdb_wrap *wtdb;
--- lib/dbwrap/dbwrap_util.c.orig	2018-01-17 09:08:39.000000000 +0100
+--- lib/dbwrap/dbwrap_util.c.orig	2019-01-15 10:07:00 UTC
-+++ lib/dbwrap/dbwrap_util.c	2018-03-29 23:51:35.907061000 +0200
+++ lib/dbwrap/dbwrap_util.c
@@ -26,6 +26,9 @@
 #include "dbwrap.h"
 #include "lib/util/util_tdb.h"
@ -58,8 +58,8 @@
 struct dbwrap_fetch_int32_state {
 	NTSTATUS status;
 	int32_t result;
--- source3/lib/dbwrap/dbwrap_ctdb.c.orig	2018-01-17 09:08:39.000000000 +0100
+--- source3/lib/dbwrap/dbwrap_ctdb.c.orig	2019-01-15 10:07:00 UTC
-+++ source3/lib/dbwrap/dbwrap_ctdb.c	2018-03-29 23:57:41.784931000 +0200
+++ source3/lib/dbwrap/dbwrap_ctdb.c
@@ -38,6 +38,9 @@
 #include "lib/cluster_support.h"
 #include "lib/util/tevent_ntstatus.h"
@ -70,8 +70,8 @@
 struct db_ctdb_transaction_handle {
 	struct db_ctdb_ctx *ctx;
 	/*
--- source3/lib/dbwrap/dbwrap_open.c.orig	2018-01-17 09:08:39.000000000 +0100
+--- source3/lib/dbwrap/dbwrap_open.c.orig	2019-01-15 10:07:00 UTC
-+++ source3/lib/dbwrap/dbwrap_open.c	2018-03-29 23:57:54.680614000 +0200
+++ source3/lib/dbwrap/dbwrap_open.c
@@ -31,6 +31,9 @@
 #include "ctdbd_conn.h"
 #include "messages.h"
@ -82,8 +82,8 @@
 bool db_is_local(const char *name)
 {
 	const char *sockname = lp_ctdbd_socket();
--- source3/lib/dbwrap/dbwrap_watch.c.orig	2018-01-17 09:08:39.000000000 +0100
+--- source3/lib/dbwrap/dbwrap_watch.c.orig	2019-01-15 10:07:00 UTC
-+++ source3/lib/dbwrap/dbwrap_watch.c	2018-03-29 23:58:09.746298000 +0200
+++ source3/lib/dbwrap/dbwrap_watch.c
@@ -28,6 +28,9 @@
 #include "server_id_watch.h"
 #include "lib/dbwrap/dbwrap_private.h"
--- a/net/samba410/files/patch-dynconfig__wscript
+++ b/net/samba410/files/patch-dynconfig__wscript
@ -1,6 +1,6 @@
--- dynconfig/wscript.orig	2017-07-04 10:05:25 UTC
+--- dynconfig/wscript.orig	2019-01-15 10:07:00 UTC
 +++ dynconfig/wscript
-@@ -137,6 +137,8 @@ dynconfig = {
+@@ -141,6 +141,8 @@ dynconfig = {
     'PKGCONFIGDIR' : {
          'STD-PATH':  '${LIBDIR}/pkgconfig',
          'FHS-PATH':  '${LIBDIR}/pkgconfig',
@ -9,24 +9,24 @@
     },
     'CODEPAGEDIR' : {
          'STD-PATH':  '${DATADIR}/codepages',
-@@ -237,8 +239,8 @@ dynconfig = {
+@@ -247,8 +249,8 @@ dynconfig = {
          'DELAY':     True,
     },
     'CONFIGFILE' : {
 -         'STD-PATH':  '${CONFIGDIR}/smb.conf',
 -         'FHS-PATH':  '${CONFIGDIR}/smb.conf',
-+         'STD-PATH':  '${CONFIGDIR}/smb4.conf',
+         'STD-PATH':  '${CONFIGDIR}/%%SAMBA4_CONFIG%%',
-+         'FHS-PATH':  '${CONFIGDIR}/smb4.conf',
+         'FHS-PATH':  '${CONFIGDIR}/%%SAMBA4_CONFIG%%',
          'DELAY':     True,
     },
     'LMHOSTSFILE' : {
-@@ -297,9 +299,6 @@ def configure(conf):
+@@ -307,9 +309,6 @@ def configure(conf):
         flavor = 'FHS-PATH'
     else:
         flavor = 'STD-PATH'
 -        if conf.env.PREFIX == '/usr' or conf.env.PREFIX == '/usr/local':
 -           Logs.error("Don't install directly under /usr or /usr/local without using the FHS option (--enable-fhs)")
-           raise Utils.WafError("ERROR: invalid --prefix=%s value" % (conf.env.PREFIX))
+-           raise Errors.WafError("ERROR: invalid --prefix=%s value" % (conf.env.PREFIX))
     explicit_set ={}
--- a/net/samba410/files/patch-examples_pdb_wscript__build
+++ b/net/samba410/files/patch-examples_pdb_wscript__build
@ -1,4 +1,4 @@
--- examples/pdb/wscript_build.orig	2017-11-14 06:05:12 UTC
+--- examples/pdb/wscript_build.orig	2019-01-15 10:07:00 UTC
 +++ examples/pdb/wscript_build
@@ -3,7 +3,7 @@
 bld.SAMBA3_MODULE('pdb_test',
--- a/net/samba410/files/patch-glusterfs
+++ b/net/samba410/files/patch-glusterfs
@ -1,31 +0,0 @@
 --- lib/replace/system/filesys.h.orig	2017-12-16 01:37:41 UTC
 +++ lib/replace/system/filesys.h
@@ -213,8 +213,10 @@
    this allows us to use a uniform error handling for our xattr
    wrappers
 */
 -#ifndef ENOATTR
 +#if !defined(ENOATTR) && defined(ENODATA)
 #define ENOATTR ENODATA
 +#elif defined(ENOATTR) && !defined(ENODATA)
 +#define ENODATA ENOATTR
 #endif
 --- source3/modules/vfs_glusterfs.c.orig	2017-12-23 08:02:15 UTC
 +++ source3/modules/vfs_glusterfs.c
@@ -36,12 +36,13 @@
  */
 #include "includes.h"
 +#include "system/filesys.h"
 +#include "smbd/globals.h"
 #include "smbd/smbd.h"
 #include <stdio.h>
 #include <glusterfs/api/glfs.h>
 #include "lib/util/dlinklist.h"
 #include "lib/util/tevent_unix.h"
 -#include "smbd/globals.h"
 #include "lib/util/sys_rw.h"
 #include "smbprofile.h"
 #include "modules/posixacl_xattr.h"
--- a/net/samba410/files/patch-libutildebug.c
+++ b/net/samba410/files/patch-libutildebug.c
@ -1,78 +0,0 @@
 --- lib/util/debug.c.orig	2017-09-17 19:15:34 UTC
 +++ lib/util/debug.c
@@ -653,7 +653,8 @@ static int debug_lookup_classname_int(co
 {
 	size_t i;
 -	if (!classname) return -1;
 +	if (!classname)
 +		return -1;
 	for (i=0; i < debug_num_classes; i++) {
 		if (strcmp(classname, classname_table[i])==0)
@@ -752,12 +753,21 @@ static void debug_dump_status(int level)
 	}
 }
 +static void debug_set_all_levels(int level)
 +{
 +	size_t i;
 +	/* Array is debug_num_classes long */
 +	for (i = DBGC_ALL; i < debug_num_classes; i++) {
 +		DEBUGLEVEL_CLASS[i] = level;
 +	}
 +}
 +
 static bool debug_parse_param(char *param)
 {
 	char *class_name;
 	char *class_level;
 	char *saveptr = NULL;
 -	int ndx;
 +	int ndx, level;
 	class_name = strtok_r(param, ":", &saveptr);
 	if (class_name == NULL) {
@@ -774,7 +784,13 @@ static bool debug_parse_param(char *para
 		return false;
 	}
 -	DEBUGLEVEL_CLASS[ndx] = atoi(class_level);
 +	level = atoi(class_level);
 +
 +	if(ndx == DBGC_ALL) {
 +		debug_set_all_levels(level);
 +	} else {
 +		DEBUGLEVEL_CLASS[ndx] = level;
 +	}
 	return true;
 }
@@ -790,7 +806,7 @@ bool debug_parse_levels(const char *para
 	size_t str_len = strlen(params_str);
 	char str[str_len+1];
 	char *tok, *saveptr;
 -	size_t i;
 +	int level = 0;
 	/* Just in case */
 	debug_init();
@@ -806,16 +822,11 @@ bool debug_parse_levels(const char *para
 	 * v.s. "all:10", this is the traditional way to set DEBUGLEVEL
 	 */
 	if (isdigit(tok[0])) {
 -		DEBUGLEVEL_CLASS[DBGC_ALL] = atoi(tok);
 +		level = atoi(tok);
 		tok = strtok_r(NULL, LIST_SEP, &saveptr);
 -	} else {
 -		DEBUGLEVEL_CLASS[DBGC_ALL] = 0;
 	}
 -	/* Array is debug_num_classes long */
 -	for (i = DBGC_ALL+1; i < debug_num_classes; i++) {
 -		DEBUGLEVEL_CLASS[i] = DEBUGLEVEL_CLASS[DBGC_ALL];
 -	}
 +	debug_set_all_levels(level);
 	while (tok != NULL) {
 		bool ok;
--- a/net/samba410/files/patch-lib_crypto_wscript__configure
+++ b/net/samba410/files/patch-lib_crypto_wscript__configure
@ -1,6 +1,6 @@
--- lib/crypto/wscript_configure.orig	2017-09-17 19:15:34 UTC
+--- lib/crypto/wscript_configure.orig	2019-01-15 10:07:00 UTC
 +++ lib/crypto/wscript_configure
-@@ -4,10 +4,10 @@ import Utils
+@@ -4,10 +4,10 @@ from waflib import Errors, Logs
 if not conf.CHECK_FUNCS_IN('MD5Init', 'bsd', headers='bsd/md5.h',
     checklibc=True):
--- a/net/samba410/files/patch-lib_ldb_ldbkeyvalue_ldbkvcache.c
+++ b/net/samba410/files/patch-lib_ldb_ldbkeyvalue_ldbkvcache.c
@ -1,6 +1,6 @@
--- lib/ldb/ldb_tdb/ldb_cache.c.orig	2018-03-04 05:41:25 UTC
+--- lib/ldb/ldb_key_value/ldb_kv_cache.c.orig	2019-01-15 10:07:00 UTC
-+++ lib/ldb/ldb_tdb/ldb_cache.c
+++ lib/ldb/ldb_key_value/ldb_kv_cache.c
-@@ -91,7 +91,9 @@ static int ldb_schema_attribute_compare(
+@@ -90,7 +90,9 @@ static int ldb_schema_attribute_compare(
 {
 	const struct ldb_schema_attribute *sa1 = (const struct ldb_schema_attribute *)p1;
 	const struct ldb_schema_attribute *sa2 = (const struct ldb_schema_attribute *)p2;
--- a/net/samba410/files/patch-lib_ldb_ldb__mdb_ldb__mdb.c
+++ b/net/samba410/files/patch-lib_ldb_ldb__mdb_ldb__mdb.c
@ -0,0 +1,11 @@
 --- lib/ldb/ldb_mdb/ldb_mdb.c.orig	2019-01-15 10:07:00 UTC
 +++ lib/ldb/ldb_mdb/ldb_mdb.c
@@ -183,7 +183,7 @@ static int lmdb_store(struct ldb_kv_priv
 	if (flags == TDB_INSERT) {
 		mdb_flags = MDB_NOOVERWRITE;
 -	} else if ((flags == TDB_MODIFY)) {
 +	} else if (flags == TDB_MODIFY) {
 		/*
 		 * Modifying a record, ensure that it exists.
 		 * This mimics the TDB semantics
--- a/net/samba410/files/patch-lib_ldb_wscript
+++ b/net/samba410/files/patch-lib_ldb_wscript
@ -0,0 +1,24 @@
 --- lib/ldb/wscript.orig	2019-05-07 08:38:21 UTC
 +++ lib/ldb/wscript
@@ -451,7 +451,7 @@ def build(bld):
         LDB_TOOLS='ldbadd ldbsearch ldbdel ldbmodify ldbedit ldbrename'
         for t in LDB_TOOLS.split():
 -            bld.SAMBA_BINARY(t, 'tools/%s.c' % t, deps='ldb-cmdline ldb',
 +            bld.SAMBA_BINARY('samba-%s' % t, 'tools/%s.c' % t, deps='ldb-cmdline ldb',
                              manpages='man/%s.1' % t)
         # ldbtest doesn't get installed
@@ -463,10 +463,10 @@ def build(bld):
         else:
             lmdb_deps = ''
         # ldbdump doesn't get installed
 -        bld.SAMBA_BINARY('ldbdump',
 +        bld.SAMBA_BINARY('samba-ldbdump',
                          'tools/ldbdump.c',
                          deps='ldb-cmdline ldb' + lmdb_deps,
 -                         install=False)
 +                         install=True)
         bld.SAMBA_LIBRARY('ldb-cmdline',
                           source='tools/ldbutil.c tools/cmdline.c',
--- a/net/samba410/files/patch-lib_replace_wscript
+++ b/net/samba410/files/patch-lib_replace_wscript
@ -1,11 +1,11 @@
--- lib/replace/wscript.orig	2017-08-24 11:27:53 UTC
+--- lib/replace/wscript.orig	2019-01-15 10:07:00 UTC
 +++ lib/replace/wscript
-@@ -81,7 +81,7 @@ def configure(conf):
+@@ -119,7 +119,7 @@ def configure(conf):
-     conf.CHECK_HEADERS('sys/atomic.h')
+     conf.CHECK_HEADERS('sys/atomic.h stdatomic.h')
     conf.CHECK_HEADERS('libgen.h')
 -    if conf.CHECK_CFLAGS('-Wno-format-truncation'):
 +    if conf.CHECK_CFLAGS(['-Wno-format-truncation'] + conf.env.WERROR_CFLAGS):
         conf.define('HAVE_WNO_FORMAT_TRUNCATION', '1')
-     # Check for process set name support
+     if conf.CHECK_CFLAGS('-Wno-unused-function'):
--- a/net/samba410/files/patch-lib_talloc_talloc.c
+++ b/net/samba410/files/patch-lib_talloc_talloc.c
@ -1,6 +1,6 @@
--- lib/talloc/talloc.c.orig	2018-01-13 09:07:51 UTC
+--- lib/talloc/talloc.c.orig	2019-01-15 10:07:00 UTC
 +++ lib/talloc/talloc.c
-@@ -387,6 +387,9 @@ void talloc_lib_init(void) __attribute__
+@@ -391,6 +391,9 @@ void talloc_lib_init(void) __attribute__
 void talloc_lib_init(void)
 {
 	uint32_t random_value;
@ -10,7 +10,7 @@
 #if defined(HAVE_GETAUXVAL) && defined(AT_RANDOM)
 	uint8_t *p;
 	/*
-@@ -420,6 +423,7 @@ void talloc_lib_init(void)
+@@ -424,6 +427,7 @@ void talloc_lib_init(void)
 		 */
 		random_value = ((uintptr_t)talloc_lib_init & 0xFFFFFFFF);
 	}
--- a/net/samba410/files/patch-lib_talloc_wscript
+++ b/net/samba410/files/patch-lib_talloc_wscript
@ -1,6 +1,6 @@
--- lib/talloc/wscript.orig	2018-01-17 09:08:39 UTC
+--- lib/talloc/wscript.orig	2019-05-07 08:38:21 UTC
 +++ lib/talloc/wscript
-@@ -46,13 +46,14 @@ def configure(conf):
+@@ -45,13 +45,14 @@ def configure(conf):
     conf.env.TALLOC_COMPAT1 = False
     if conf.env.standalone_talloc:
         conf.env.TALLOC_COMPAT1 = Options.options.TALLOC_COMPAT1
--- a/net/samba410/files/patch-lib_util_wscript__build
+++ b/net/samba410/files/patch-lib_util_wscript__build
@ -1,6 +1,6 @@
--- lib/util/wscript_build.orig	2017-07-04 10:05:25 UTC
+--- lib/util/wscript_build.orig	2019-05-07 08:38:21 UTC
 +++ lib/util/wscript_build
-@@ -133,7 +133,7 @@ else:
+@@ -151,7 +151,7 @@ else:
     bld.SAMBA_LIBRARY('samba-modules',
                       source='modules.c',
--- a/net/samba410/files/patch-librpcidlxattr.idl
+++ b/net/samba410/files/patch-librpcidlxattr.idl
@ -1,13 +0,0 @@
 Signed-off-by: Alexander Zagrebin <alex@zagrebin.ru>
 --- librpc/idl/xattr.idl.orig	2017-12-17 05:40:37 UTC
 +++ librpc/idl/xattr.idl	2017-12-17
@@ -168,7 +168,7 @@ interface xattr
 		      can discard if this doesn't match the underlying ACL hash.
 	*/
 -	const char *XATTR_NTACL_NAME = "security.NTACL";
 +	const char *XATTR_NTACL_NAME = "user.NTACL";
 	const int XATTR_SD_HASH_SIZE = 64;
 	const int XATTR_SD_HASH_TYPE_NONE = 0x0;
--- a/net/samba410/files/patch-listen-backlog
+++ b/net/samba410/files/patch-listen-backlog
@ -0,0 +1,94 @@
 --- lib/tevent/echo_server.c.orig	2019-01-15 10:07:00 UTC
 +++ lib/tevent/echo_server.c
@@ -633,7 +633,7 @@ int main(int argc, const char **argv)
 		exit(1);
 	}
 -	ret = listen(listen_sock, 5);
 +	ret = listen(listen_sock, -1);
 	if (ret == -1) {
 		perror("listen() failed");
 		exit(1);
 --- source3/include/local.h.orig	2019-01-15 10:07:00 UTC
 +++ source3/include/local.h
@@ -173,7 +173,18 @@
 #define WINBIND_SERVER_MUTEX_WAIT_TIME (( ((NUM_CLI_AUTH_CONNECT_RETRIES) * ((CLI_AUTH_TIMEOUT)/1000)) + 5)*2)
 /* size of listen() backlog in smbd */
 +#if defined (FREEBSD)
 +#define SMBD_LISTEN_BACKLOG -1
 +#else 
 #define SMBD_LISTEN_BACKLOG 50
 +#endif
 +
 +/* size of listen() default backlog */
 +#if defined (FREEBSD)
 +#define DEFAULT_LISTEN_BACKLOG -1
 +#else
 +#define DEFAULT_LISTEN_BACKLOG 5
 +#endif
 /* Number of microseconds to wait before a sharing violation. */
 #define SHARING_VIOLATION_USEC_WAIT 950000
 --- source3/libsmb/unexpected.c.orig	2019-01-15 10:07:00 UTC
 +++ source3/libsmb/unexpected.c
@@ -95,7 +95,7 @@ NTSTATUS nb_packet_server_create(TALLOC_
 		status = map_nt_error_from_unix(errno);
 		goto fail;
 	}
 -	rc = listen(result->listen_sock, 5);
 +	rc = listen(result->listen_sock, DEFAULT_LISTEN_BACKLOG);
 	if (rc < 0) {
 		status = map_nt_error_from_unix(errno);
 		goto fail;
 --- source3/rpc_server/rpc_server.c.orig	2019-01-15 10:07:00 UTC
 +++ source3/rpc_server/rpc_server.c
@@ -158,7 +158,7 @@ bool setup_named_pipe_socket(const char 
 		goto out;
 	}
 -	rc = listen(state->fd, 5);
 +	rc = listen(state->fd, DEFAULT_LISTEN_BACKLOG);
 	if (rc < 0) {
 		DEBUG(0, ("Failed to listen on pipe socket %s: %s\n",
 			  pipe_name, strerror(errno)));
@@ -830,7 +830,7 @@ bool setup_dcerpc_ncalrpc_socket(struct 
 		goto out;
 	}
 -	rc = listen(state->fd, 5);
 +	rc = listen(state->fd, DEFAULT_LISTEN_BACKLOG);
 	if (rc < 0) {
 		DEBUG(0, ("Failed to listen on ncalrpc socket %s: %s\n",
 			  name, strerror(errno)));
 --- source3/utils/smbfilter.c.orig	2019-01-15 10:07:00 UTC
 +++ source3/utils/smbfilter.c
@@ -291,7 +291,7 @@ static void start_filter(char *desthost)
 		exit(1);
 	}
 -	if (listen(s, 5) == -1) {
 +	if (listen(s, DEFAULT_LISTEN_BACKLOG) == -1) {
 		d_printf("listen failed\n");
 	}
 --- source3/winbindd/winbindd.c.orig	2019-01-15 10:07:00 UTC
 +++ source3/winbindd/winbindd.c
@@ -1317,7 +1317,7 @@ static bool winbindd_setup_listeners(voi
 	if (pub_state->fd == -1) {
 		goto failed;
 	}
 -	rc = listen(pub_state->fd, 5);
 +	rc = listen(pub_state->fd, DEFAULT_LISTEN_BACKLOG);
 	if (rc < 0) {
 		goto failed;
 	}
@@ -1349,7 +1349,7 @@ static bool winbindd_setup_listeners(voi
 	if (priv_state->fd == -1) {
 		goto failed;
 	}
 -	rc = listen(priv_state->fd, 5);
 +	rc = listen(priv_state->fd, DEFAULT_LISTEN_BACKLOG);
 	if (rc < 0) {
 		goto failed;
 	}
--- a/net/samba410/files/0001-Freenas-master-mdns-fixes-22.patch
+++ b/net/samba410/files/0001-Freenas-master-mdns-fixes-22.patch
@ -10,15 +10,9 @@ Subject: [PATCH] Freenas/master mdns fixes (#22)
 * Fix mDNS browsing in smbclient
 Signed-off-by: Timur I. Bakeyev <timur@iXsystems.com>
 ---
 source3/client/dnsbrowse.c |  17 ++--
 source3/smbd/dnsregister.c | 193 +++++++++++++++++++++++++++++----------------
 2 files changed, 137 insertions(+), 73 deletions(-)
-diff --git a/source3/client/dnsbrowse.c b/source3/client/dnsbrowse.c
+--- source3/client/dnsbrowse.c.orig	2019-01-15 10:07:00 UTC
-index efd57d42d88..83aef966d2a 100644
+++ source3/client/dnsbrowse.c
 --- a/source3/client/dnsbrowse.c
 +++ b/source3/client/dnsbrowse.c
@@ -39,6 +39,7 @@ struct mdns_smbsrv_result
 struct mdns_browse_state
 {
@ -27,7 +21,7 @@ index efd57d42d88..83aef966d2a 100644
 	int browseDone;
 };
-@@ -64,7 +65,7 @@ static void do_smb_resolve(struct mdns_smbsrv_result *browsesrv)
+@@ -64,7 +65,7 @@ static void do_smb_resolve(struct mdns_s
 	struct timeval tv;
 	DNSServiceErrorType err;
@ -36,7 +30,7 @@ index efd57d42d88..83aef966d2a 100644
 	err = DNSServiceResolve(&mdns_conn_sdref, 0 /* flags */,
 		browsesrv->ifIndex,
-@@ -91,7 +91,7 @@ static void do_smb_resolve(struct mdns_s
+@@ -91,7 +92,7 @@ static void do_smb_resolve(struct mdns_s
 		}
 	}
@ -45,7 +39,7 @@ index efd57d42d88..83aef966d2a 100644
 	DNSServiceRefDeallocate(mdns_conn_sdref);
 }
-@@ -124,18 +125,19 @@ do_smb_browse_reply(DNSServiceRef sdRef, DNSServiceFlags flags,
+@@ -124,18 +125,19 @@ do_smb_browse_reply(DNSServiceRef sdRef,
 		return;
 	}
@ -84,11 +78,39 @@ index efd57d42d88..83aef966d2a 100644
 	err = DNSServiceBrowse(&mdns_conn_sdref, 0, 0, "_smb._tcp", "",
 			do_smb_browse_reply, &bstate);
-diff --git a/source3/smbd/dnsregister.c b/source3/smbd/dnsregister.c
+--- source3/smbd/dnsregister.c.orig	2019-01-15 10:07:00 UTC
-index df189001a09..f25b60f4611 100644
+++ source3/smbd/dnsregister.c
--- a/source3/smbd/dnsregister.c
+@@ -29,6 +29,29 @@
-+++ b/source3/smbd/dnsregister.c
+  * browse for advertised SMB services.
-@@ -36,85 +36,111 @@
+  */
 +/*
 + * Time Machine Errata:
 + * sys=adVF=0x100 -- this is required when ._adisk._tcp is present on device. When it is
 + * set, the MacOS client will send a NetShareEnumAll IOCTL and shares will be visible.
 + * Otherwise, Finder will only see the Time Machine share. In the absence of ._adisk._tcp
 + * MacOS will _always_ send NetShareEnumAll IOCTL.
 + *
 + * waMa=0 -- MacOS server uses waMa=0, while embedded devices have it set to their Mac Address.
 + * Speculation in Samba-Technical indicates that this stands for "Wireless AirDisk Mac Address".
 + *
 + * adVU -- AirDisk Volume UUID. Mac OS servers generate a UUID. Time machine over SMB works without one
 + * set. Netatalk generates a UUID and stores it persistently in afp_voluuid.conf. This can be
 + * set by adding the share parameter "fruit:volume_uuid = "
 + *
 + * dk(n)=adVF=
 + *      0xa1, 0x81 - AFP support
 + *      0xa2, 0x82 - SMB support
 + *      0xa3, 0x83 - AFP and SMB support
 + *
 + * adVN -- AirDisk Volume Name. We set this to the share name.
 + *
 + */
 +
 #define DNS_REG_RETRY_INTERVAL (5*60)  /* in seconds */
 #ifdef WITH_DNSSD_SUPPORT
@@ -36,85 +59,177 @@
 #include <dns_sd.h>
 struct dns_reg_state {
@ -156,8 +178,63 @@ index df189001a09..f25b60f4611 100644
 -					  struct tevent_fd *fde,
 -					  uint16_t flags,
 -					  void *private_data);
 +int TXTRecordPrintf(TXTRecordRef * rec, const char * key, const char * fmt, ... )
 +{
 +	int ret = 0;
 +	char *str;
 +	va_list ap;
 +	va_start( ap, fmt );
 -static bool dns_register_smbd_schedule(struct dns_reg_state *dns_state,
 +	if( 0 > vasprintf(&str, fmt, ap ) ) {
 +		va_end(ap);
 +		return -1;
 +	}
 +	va_end(ap);
 +
 +	if( kDNSServiceErr_NoError != TXTRecordSetValue(rec, key, strlen(str), str) ) {
 +		ret = -1;
 +	}
 +
 +	free(str);
 +	return ret;
 +}
 +
 +int TXTRecordKeyPrintf(TXTRecordRef * rec, const char * key_fmt, int key_var, const char * fmt, ...)
 +{
 +	int ret = 0;
 +	char *key = NULL, *str = NULL;
 +	va_list ap;
 +
 +	if( 0 > asprintf(&key, key_fmt, key_var)) {
 +		DEBUG(1, ("Failed in asprintf\n"));
 +		return -1; 
 +	}
 +
 +	va_start( ap, fmt );
 +	if( 0 > vasprintf(&str, fmt, ap )) {
 +		va_end(ap);
 +		DEBUG(1, ("Failed in vasprintf\n"));
 +		ret = -1;
 +		goto exit;
 +	}
 +	va_end(ap);
 +
 +	if( kDNSServiceErr_NoError != TXTRecordSetValue(rec, key, strlen(str), str) ) {
 +		DEBUG(1, ("Failed in TXTRecordSetValuen"));
 +		ret = -1;
 +		goto exit;
 +	}
 +
 +	exit:
 +	if (str)
 +		free(str);
 +	if (key)
 +		free(key);
 +	return ret;
 +}
 +
 +
 +static bool dns_register_smbd_schedule(struct reg_state *state,
 				       struct timeval tval)
 {
@ -204,12 +281,22 @@ index df189001a09..f25b60f4611 100644
 -					  struct dns_reg_state);
 +	struct reg_state *state = (struct reg_state *)private_data;
 	DNSServiceErrorType err;
 +	int snum;
 +	size_t dk = 0;
 +	bool sys_txt_created = false;
 +	TXTRecordRef txt_adisk;
 +	TXTRecordRef txt_devinfo;
 +	char *servname;
 +	char *v_uuid;
 +	int num_services = lp_numservices();
 -	dns_reg_state_destructor(dns_state);
 +	reg_state_destructor(state);
 -	DEBUG(6, ("registering _smb._tcp service on port %d\n",
 -		  dns_state->port));
 +	TXTRecordCreate(&txt_adisk, 0, NULL);
 +
 +	DEBUG(6, ("registering _smb._tcp service on port %d index %d\n",
 +		  state->port, state->if_index));
@ -240,15 +327,88 @@ index df189001a09..f25b60f4611 100644
 +			NULL		/* TXT record data */,
 +			dns_register_smbd_callback /* callback func */,
 +			NULL		/* callback context */);
 +
 	if (err != kDNSServiceErr_NoError) {
 		/* Failed to register service. Schedule a re-try attempt.
-@@ -123,24 +149,24 @@ static void dns_register_smbd_retry(struct tevent_context *ctx,
+@@ -123,24 +238,96 @@ static void dns_register_smbd_retry(stru
 		goto retry;
 	}
 -	dns_state->fd = DNSServiceRefSockFD(dns_state->srv_ref);
 -	if (dns_state->fd == -1) {
 +	/*
 +	 * Check for services that are configured as Time Machine targets
 +	 *
 +	 */
 +	for (snum = 0; snum < num_services; snum++) {
 +		if (lp_snum_ok(snum) && lp_parm_bool(snum, "fruit", "time machine", false))
 +		{
 +			if (!sys_txt_created) {
 +				if( 0 > TXTRecordPrintf(&txt_adisk, "sys", "adVF=0x100") ) {
 +					DEBUG(1, ("Failed to create Zeroconf TXTRecord for sys") );
 +					goto retry;
 +				}
 +				else
 +				{
 +					sys_txt_created = true;
 +				}
 +			}
 +
 +			v_uuid = lp_parm_const_string(snum, "fruit", "volume_uuid", NULL);
 +			servname = lp_const_servicename(snum);
 +			DEBUG(1, ("Registering volume %s for TimeMachine\n", servname));
 +			if (v_uuid) {
 +				if( 0 > TXTRecordKeyPrintf(&txt_adisk, "dk%zu", dk++, "adVN=%s,adVF=0x82,adVU=%s",
 +					servname, v_uuid) ) {
 +					DEBUG(1, ("Could not set Zeroconf TXTRecord for dk%zu \n", dk));
 +					goto retry;
 +				} 
 +				DEBUG(1, ("Registering TimeMachine with the following TXT parameters: "
 +					  "dk%zu,adVN=%s,adVF=0x82,adVU=%s\n", dk, servname, v_uuid) );
 +			}
 +			else {
 +				if( 0 > TXTRecordKeyPrintf(&txt_adisk, "dk%zu", dk++, "adVN=%s,adVF=0x82",
 +					servname) ) {
 +					DEBUG(1, ("Could not set Zeroconf TXTRecord for dk%zu \n", dk));
 +					goto retry;
 +				}
 +				DEBUG(1, ("Registering TimeMachine with the following TXT parameters: "
 +					  "dk%zu,adVN=%s,adVF=0x82\n", dk, servname) );
 +			}
 +		}
 +	}
 +
 +	if (dk) {
 +		err = DNSServiceRegister(&state->srv_ref,
 +				0		/* flags */,
 +				state->if_index /* interface index */,
 +				NULL		/* service name */,
 +				"_adisk._tcp"	/* service type */,
 +				NULL		/* domain */,
 +				""		/* SRV target host name */,
 +				/*
 +				 * We would probably use port 0 zero, but we can't, from man DNSServiceRegister:
 +				 *   "A value of 0 for a port is passed to register placeholder services.
 +				 *    Place holder services are not found  when browsing, but other
 +				 *    clients cannot register with the same name as the placeholder service."
 +				 * We therefor use port 9 which is used by the adisk service type.
 +				 */
 +				htons(9)	/* port */,
 +				TXTRecordGetLength(&txt_adisk)		/* TXT record len */,
 +				TXTRecordGetBytesPtr(&txt_adisk)	/* TXT record data */,
 +				dns_register_smbd_callback /* callback func */,
 +				NULL		/* callback context */);
 +
 +
 +		if (err != kDNSServiceErr_NoError) {
 +			/* Failed to register service. Schedule a re-try attempt.
 +			 */
 +			DEBUG(1, ("unable to register with mDNS (err %d)\n", err));
 +			goto retry;
 +		}
 +	}
 +
 +	state->fd = DNSServiceRefSockFD(state->srv_ref);
 +	if (state->fd == -1) {
 		goto retry;
@ -278,7 +438,7 @@ index df189001a09..f25b60f4611 100644
 		timeval_current_ofs(DNS_REG_RETRY_INTERVAL, 0));
 }
-@@ -150,44 +176,77 @@ static void dns_register_smbd_fde_handler(struct tevent_context *ev,
+@@ -150,44 +337,77 @@ static void dns_register_smbd_fde_handle
 					  uint16_t flags,
 					  void *private_data)
 {
@ -303,16 +463,16 @@ index df189001a09..f25b60f4611 100644
 -	dns_register_smbd_schedule(dns_state,
 -		timeval_current_ofs(DNS_REG_RETRY_INTERVAL, 0));
 +	dns_register_smbd_schedule(state, timeval_zero());
- }
+}
- 
+
 +static int dns_reg_state_destructor(struct dns_reg_state *state)
 +{
 +	if (state != NULL) {
 +		talloc_free(state);
 +	}
 +	return 0;
-+}
+ }
-+
+ 
 +
 bool smbd_setup_mdns_registration(struct tevent_context *ev,
 				  TALLOC_CTX *mem_ctx,
@ -347,7 +507,8 @@ index df189001a09..f25b60f4611 100644
 +	for (i = 0; i < dns_state->count; i++) {
 +		struct interface *iface = get_interface(i);
 +		struct reg_state *state = &dns_state->drs[i];
-+
+ 
 -	return dns_register_smbd_schedule(dns_state, timeval_zero());
 +		state->mem_ctx = mem_ctx;
 +		state->srv_ref = NULL;
 +		state->event_ctx = ev;
@ -357,8 +518,7 @@ index df189001a09..f25b60f4611 100644
 +		state->fd = -1;
 +
 +		state->if_index = bind_all ? kDNSServiceInterfaceIndexAny : iface->if_index;
- 
+
 -	return dns_register_smbd_schedule(dns_state, timeval_zero());
 +		dns_register_smbd_schedule(&dns_state->drs[i], timeval_zero());
 +	}
 +	
@ -370,6 +530,3 @@ index df189001a09..f25b60f4611 100644
 #else /* WITH_DNSSD_SUPPORT */
 bool smbd_setup_mdns_registration(struct tevent_context *ev,
 -- 
 2.14.2
--- a/net/samba410/files/patch-nsswitch_wscript__build
+++ b/net/samba410/files/patch-nsswitch_wscript__build
@ -1,6 +1,6 @@
--- nsswitch/wscript_build.orig	2017-07-04 10:05:25 UTC
+--- nsswitch/wscript_build.orig	2019-01-15 10:07:00 UTC
 +++ nsswitch/wscript_build
-@@ -54,12 +54,14 @@ elif (host_os.rfind('freebsd') > -1):
+@@ -61,12 +61,14 @@ elif (host_os.rfind('freebsd') > -1):
 			  source='winbind_nss_linux.c winbind_nss_freebsd.c',
 			  deps='winbind-client',
 			  realname='nss_winbind.so.1',
--- a/net/samba410/files/patch-source3moduleswscript_build
+++ b/net/samba410/files/patch-source3moduleswscript_build
@ -1,17 +0,0 @@
 --- source3/modules/wscript_build.orig	2018-02-25 05:33:23 UTC
 +++ source3/modules/wscript_build
@@ -222,6 +222,14 @@ bld.SAMBA3_MODULE('vfs_zfsacl',
                  internal_module=bld.SAMBA3_IS_STATIC_MODULE('vfs_zfsacl'),
                  enabled=bld.SAMBA3_IS_ENABLED_MODULE('vfs_zfsacl'))
 +bld.SAMBA3_MODULE('vfs_freebsd',
 +                 subsystem='vfs',
 +                 source='vfs_freebsd.c',
 +                 deps='samba-util',
 +                 init_function='',
 +                 internal_module=bld.SAMBA3_IS_STATIC_MODULE('vfs_freebsd'),
 +                 enabled=bld.SAMBA3_IS_ENABLED_MODULE('vfs_freebsd'))
 +
 xdr_buf_hack = 'sed -e "s@^\([ \t]*register int32_t \*buf\);@\\1 = buf;@"'
 bld.SAMBA_GENERATOR('nfs41acl-xdr-c',
--- a/net/samba410/files/patch-source3_include_includes.h
+++ b/net/samba410/files/patch-source3_include_includes.h
@ -1,6 +1,6 @@
--- source3/include/includes.h.orig	2018-04-03 05:23:35 UTC
+--- source3/include/includes.h.orig	2019-01-15 10:07:00 UTC
 +++ source3/include/includes.h
-@@ -323,6 +323,8 @@ typedef char fstring[FSTRING_LEN];
+@@ -322,6 +322,8 @@ typedef char fstring[FSTRING_LEN];
  * the *bottom* of include files so as not to conflict. */
 #ifdef ENABLE_DMALLOC
 #  include <dmalloc.h>
--- a/net/samba410/files/patch-source3_lib_sysquotas__4B.c
+++ b/net/samba410/files/patch-source3_lib_sysquotas__4B.c
@ -1,4 +1,4 @@
--- source3/lib/sysquotas_4B.c.orig	2019-01-28 03:56:23 UTC
+--- source3/lib/sysquotas_4B.c.orig	2019-01-15 10:07:00 UTC
 +++ source3/lib/sysquotas_4B.c
@@ -141,7 +141,14 @@ static int sys_quotactl_4B(const char * 
 		/* ENOTSUP means quota support is not compiled in. EINVAL
--- a/net/samba410/files/patch-source3_lib_util.c
+++ b/net/samba410/files/patch-source3_lib_util.c
@ -1,8 +1,6 @@
-Signed-off-by: Alexander Zagrebin <alex@zagrebin.ru>
+--- source3/lib/util.c.orig	2019-05-07 08:38:21 UTC
-
+++ source3/lib/util.c
--- source3/lib/util.c.orig	2017-12-17 05:35:49 UTC
+@@ -1916,7 +1916,10 @@ bool any_nt_status_not_ok(NTSTATUS err1,
 +++ source3/lib/util.c	2017-12-17
@@ -2036,7 +2036,10 @@ bool any_nt_status_not_ok(NTSTATUS err1,
 int timeval_to_msec(struct timeval t)
 {
--- a/net/samba410/files/patch-source3_librpc_crypto_gse.c
+++ b/net/samba410/files/patch-source3_librpc_crypto_gse.c
@ -1,6 +1,6 @@
--- source3/librpc/crypto/gse.c.orig	2017-07-04 10:05:25 UTC
+--- source3/librpc/crypto/gse.c.orig	2019-01-15 10:07:00 UTC
 +++ source3/librpc/crypto/gse.c
-@@ -610,11 +610,12 @@ static NTSTATUS gse_get_server_auth_toke
+@@ -621,11 +621,12 @@ static NTSTATUS gse_get_server_auth_toke
 	struct gse_context *gse_ctx =
 		talloc_get_type_abort(gensec_security->private_data,
 				      struct gse_context);
--- a/net/samba410/files/patch-source3_modules_vfs__fruit.c
+++ b/net/samba410/files/patch-source3_modules_vfs__fruit.c
@ -11,14 +11,9 @@ parsed by afpinfo_unpack().
 FreeBSD Bug: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228462
 Signed-off-by: Ralph Boehme <slow@samba.org>
 ---
 source3/modules/vfs_fruit.c | 32 ++++++++++++++++++++++++--------
 1 file changed, 27 insertions(+), 4 deletions(-)
-diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c
+--- source3/modules/vfs_fruit.c.orig	2019-05-07 08:38:21 UTC
-index df3cd0c899e..d84e6991036 100644
+++ source3/modules/vfs_fruit.c
 --- a/source3/modules/vfs_fruit.c
 +++ b/source3/modules/vfs_fruit.c
@@ -2350,6 +2350,8 @@ static ssize_t afpinfo_pack(const AfpInf
 	return AFP_INFO_SIZE;
 }
@ -52,7 +47,7 @@ index df3cd0c899e..d84e6991036 100644
 	}
 	return ai;
-@@ -4171,9 +4183,20 @@ static ssize_t fruit_pread_meta_stream(v
+@@ -4242,9 +4254,20 @@ static ssize_t fruit_pread_meta_stream(v
 {
 	ssize_t nread;
 	int ret;
--- a/net/samba410/files/patch-source3_modules_vfsstreamsxattr.c
+++ b/net/samba410/files/patch-source3_modules_vfsstreamsxattr.c
@ -1,4 +1,4 @@
--- source3/modules/vfs_streams_xattr.c.orig	2018-11-08 07:58:08 UTC
+--- source3/modules/vfs_streams_xattr.c.orig	2019-01-15 10:07:00 UTC
 +++ source3/modules/vfs_streams_xattr.c
@@ -1,10 +1,10 @@
 /*
@ -130,7 +130,7 @@
 		   stream_name));
 	talloc_free(sname);
-@@ -265,8 +320,8 @@ static int streams_xattr_fstat(vfs_handl
+@@ -270,8 +325,8 @@ static int streams_xattr_fstat(vfs_handl
 		return -1;
 	}
@ -141,7 +141,7 @@
 	if (sbuf->st_ex_size == -1) {
 		TALLOC_FREE(smb_fname_base);
 		SET_STAT_INVALID(*sbuf);
-@@ -441,10 +496,10 @@ static int streams_xattr_open(vfs_handle
+@@ -446,10 +501,10 @@ static int streams_xattr_open(vfs_handle
 		goto fail;
 	}
@ -155,7 +155,7 @@
 	if (!NT_STATUS_IS_OK(status)) {
 		if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
-@@ -475,19 +530,13 @@ static int streams_xattr_open(vfs_handle
+@@ -480,19 +535,13 @@ static int streams_xattr_open(vfs_handle
 		/*
 		 * The attribute does not exist or needs to be truncated
 		 */
@ -176,7 +176,7 @@
 				       flags & O_EXCL ? XATTR_CREATE : 0);
 		if (ret != 0) {
 			goto fail;
-@@ -643,8 +692,8 @@ static int streams_xattr_rename(vfs_hand
+@@ -678,8 +727,8 @@ static int streams_xattr_rename(vfs_hand
 	}
 	/* read the old stream */
@ -187,7 +187,7 @@
 	if (!NT_STATUS_IS_OK(status)) {
 		errno = ENOENT;
 		goto fail;
-@@ -731,14 +780,13 @@ static NTSTATUS walk_xattr_streams(vfs_h
+@@ -766,14 +815,13 @@ static NTSTATUS walk_xattr_streams(vfs_h
 			continue;
 		}
@ -204,7 +204,7 @@
 				names[i],
 				smb_fname->base_name,
 				nt_errstr(status)));
-@@ -800,16 +848,17 @@ struct streaminfo_state {
+@@ -835,16 +883,17 @@ struct streaminfo_state {
 	NTSTATUS status;
 };
@ -225,7 +225,7 @@
 		state->status = NT_STATUS_NO_MEMORY;
 		return false;
 	}
-@@ -929,14 +978,17 @@ static ssize_t streams_xattr_pwrite(vfs_
+@@ -964,14 +1013,17 @@ static ssize_t streams_xattr_pwrite(vfs_
 				    files_struct *fsp, const void *data,
 				    size_t n, off_t offset)
 {
@ -246,7 +246,7 @@
 	if (sio == NULL) {
 		return SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
-@@ -946,6 +998,8 @@ static ssize_t streams_xattr_pwrite(vfs_
+@@ -981,6 +1033,8 @@ static ssize_t streams_xattr_pwrite(vfs_
 		return -1;
 	}
@ -255,7 +255,7 @@
 	/* Create an smb_filename with stream_name == NULL. */
 	smb_fname_base = synthetic_smb_fname(talloc_tos(),
 					sio->base,
-@@ -953,39 +1007,55 @@ static ssize_t streams_xattr_pwrite(vfs_
+@@ -988,39 +1042,55 @@ static ssize_t streams_xattr_pwrite(vfs_
 					NULL,
 					fsp->fsp_name->flags);
 	if (smb_fname_base == NULL) {
@ -332,7 +332,7 @@
 	if (ret == -1) {
 		return -1;
-@@ -998,15 +1068,17 @@ static ssize_t streams_xattr_pread(vfs_h
+@@ -1033,15 +1103,17 @@ static ssize_t streams_xattr_pread(vfs_h
 				   files_struct *fsp, void *data,
 				   size_t n, off_t offset)
 {
@ -355,7 +355,7 @@
 	if (sio == NULL) {
 		return SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset);
-@@ -1016,6 +1088,8 @@ static ssize_t streams_xattr_pread(vfs_h
+@@ -1051,6 +1123,8 @@ static ssize_t streams_xattr_pread(vfs_h
 		return -1;
 	}
@ -364,7 +364,7 @@
 	/* Create an smb_filename with stream_name == NULL. */
 	smb_fname_base = synthetic_smb_fname(talloc_tos(),
 					sio->base,
-@@ -1023,31 +1097,35 @@ static ssize_t streams_xattr_pread(vfs_h
+@@ -1058,31 +1132,35 @@ static ssize_t streams_xattr_pread(vfs_h
 					NULL,
 					fsp->fsp_name->flags);
 	if (smb_fname_base == NULL) {
@ -413,7 +413,7 @@
 }
 struct streams_xattr_pread_state {
-@@ -1214,16 +1292,18 @@ static int streams_xattr_ftruncate(struc
+@@ -1249,16 +1327,18 @@ static int streams_xattr_ftruncate(struc
 					struct files_struct *fsp,
 					off_t offset)
 {
@ -439,7 +439,7 @@
 	if (sio == NULL) {
 		return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, offset);
-@@ -1233,6 +1313,8 @@ static int streams_xattr_ftruncate(struc
+@@ -1268,6 +1348,8 @@ static int streams_xattr_ftruncate(struc
 		return -1;
 	}
@ -448,7 +448,7 @@
 	/* Create an smb_filename with stream_name == NULL. */
 	smb_fname_base = synthetic_smb_fname(talloc_tos(),
 					sio->base,
-@@ -1240,40 +1322,46 @@ static int streams_xattr_ftruncate(struc
+@@ -1275,40 +1357,46 @@ static int streams_xattr_ftruncate(struc
 					NULL,
 					fsp->fsp_name->flags);
 	if (smb_fname_base == NULL) {
@ -511,7 +511,7 @@
 	if (ret == -1) {
 		return -1;
-@@ -1291,9 +1379,9 @@ static int streams_xattr_fallocate(struc
+@@ -1326,9 +1414,9 @@ static int streams_xattr_fallocate(struc
         struct stream_io *sio =
 		(struct stream_io *)VFS_FETCH_FSP_EXTENSION(handle, fsp);
--- a/net/samba410/files/patch-source3_modules_vfsvirusfilterutils.c
+++ b/net/samba410/files/patch-source3_modules_vfsvirusfilterutils.c
@ -1,6 +1,6 @@
--- source3/modules/vfs_virusfilter_utils.c.orig	2018-02-21 03:34:19 UTC
+--- source3/modules/vfs_virusfilter_utils.c.orig	2019-01-15 10:07:00 UTC
 +++ source3/modules/vfs_virusfilter_utils.c
-@@ -391,6 +391,10 @@ bool virusfilter_io_writel(
+@@ -392,6 +392,10 @@ bool virusfilter_io_writel(
 bool virusfilter_io_writefl(
 	struct virusfilter_io_handle *io_h,
@ -11,7 +11,7 @@
 	const char *data_fmt, ...)
 {
 	va_list ap;
-@@ -414,6 +418,10 @@ bool virusfilter_io_writefl(
+@@ -415,6 +419,10 @@ bool virusfilter_io_writefl(
 bool virusfilter_io_vwritefl(
 	struct virusfilter_io_handle *io_h,
@ -22,7 +22,7 @@
 	const char *data_fmt, va_list ap)
 {
 	char data[VIRUSFILTER_IO_BUFFER_SIZE + VIRUSFILTER_IO_EOL_SIZE];
-@@ -665,6 +673,11 @@ bool virusfilter_io_readl(TALLOC_CTX *ct
+@@ -666,6 +674,11 @@ bool virusfilter_io_readl(TALLOC_CTX *ct
 bool virusfilter_io_writefl_readl(
 	struct virusfilter_io_handle *io_h,
 	char **read_line,
--- a/net/samba410/files/patch-source3_registry_tests_test__regfio.c
+++ b/net/samba410/files/patch-source3_registry_tests_test__regfio.c
@ -0,0 +1,10 @@
 --- source3/registry/tests/test_regfio.c.orig	2019-05-07 08:38:21 UTC
 +++ source3/registry/tests/test_regfio.c
@@ -24,6 +24,7 @@
 #include <errno.h>
 #include <stdlib.h>
 +#include <unistd.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <fcntl.h>
--- a/net/samba410/files/patch-source3_rpc__server_mdssvc_mdssvc.c
+++ b/net/samba410/files/patch-source3_rpc__server_mdssvc_mdssvc.c
@ -1,15 +0,0 @@
 ../source3/rpc_server/mdssvc/mdssvc.c:157:9: error: format specifies type 'unsigned long' but the argument has type 'size_t' (aka 'unsigned int') [-Werror,-Wformat]
                                    dalloc_size(dd));
                                    ^~~~~~~~~~~~~~~
 --- source3/rpc_server/mdssvc/mdssvc.c.orig	2019-04-09 01:04:10 UTC
 +++ source3/rpc_server/mdssvc/mdssvc.c
@@ -151,7 +151,7 @@ char *mds_dalloc_dump(DALLOC_CTX *dd, in
 	}
 	logstring = talloc_asprintf(dd,
 -				    "%s%s(#%lu): {\n",
 +				    "%s%s(#%zu): {\n",
 				    tab_string1,
 				    talloc_get_name(dd),
 				    dalloc_size(dd));
--- a/net/samba410/files/patch-source3_smbd_quotas.c
+++ b/net/samba410/files/patch-source3_smbd_quotas.c
@ -1,4 +1,4 @@
--- source3/smbd/quotas.c.orig	2017-07-04 10:05:26 UTC
+--- source3/smbd/quotas.c.orig	2019-01-15 10:07:00 UTC
 +++ source3/smbd/quotas.c
@@ -125,6 +125,7 @@ static bool nfs_quotas(char *nfspath, ui
 	if (!cutstr)
--- a/net/samba410/files/patch-source3_smbd_utmp.c
+++ b/net/samba410/files/patch-source3_smbd_utmp.c
@ -1,4 +1,4 @@
--- source3/smbd/utmp.c.orig	2018-01-15 12:41:58 UTC
+--- source3/smbd/utmp.c.orig	2019-01-15 10:07:00 UTC
 +++ source3/smbd/utmp.c
@@ -257,7 +257,7 @@ static char *uw_pathname(TALLOC_CTX *ctx
  Update utmp file directly.  No subroutine interface: probably a BSD system.
@ -101,7 +101,7 @@
 -	else
 -		ux.ut_syslen = 0;
 -#endif
-#if defined(HAVE_UT_UT_HOST)
+-#if defined(HAVE_UX_UT_HOST)
 -	utmp_strcpy(ux.ut_host, hostname, sizeof(ux.ut_host));
 -#endif
 -
--- a/net/samba410/files/patch-source3_torture_cmd__vfs.c
+++ b/net/samba410/files/patch-source3_torture_cmd__vfs.c
@ -0,0 +1,138 @@
 --- source3/torture/cmd_vfs.c.orig	2019-01-15 10:07:00 UTC
 +++ source3/torture/cmd_vfs.c
@@ -141,6 +141,82 @@ static NTSTATUS cmd_disk_free(struct vfs
 	return NT_STATUS_OK;
 }
 +static NTSTATUS cmd_get_quota(struct vfs_state *vfs, TALLOC_CTX *mem_ctx, int argc, const char **argv)
 +{
 +	struct smb_filename *smb_fname = NULL;
 +	uint64_t quota, bsize, dfree, dsize;
 +	enum SMB_QUOTA_TYPE qtype;
 +	SMB_DISK_QUOTA D;
 +	unid_t id;
 +	int r;
 +
 +	if (argc != 4) {
 +		printf("Usage: get_quota <path> [user|group] id\n");
 +		return NT_STATUS_OK;
 +	}
 +
 +	smb_fname = synthetic_smb_fname(talloc_tos(),
 +					argv[1],
 +					NULL,
 +					NULL,
 +					ssf_flags());
 +	if (smb_fname == NULL) {
 +		return NT_STATUS_NO_MEMORY;
 +	}
 +
 +	if(strcmp(argv[2], "user") == 0) {
 +		qtype = SMB_USER_FS_QUOTA_TYPE;
 +	}
 +	else if(strcmp(argv[2], "group") == 0) {
 +		qtype = SMB_GROUP_FS_QUOTA_TYPE;
 +	}
 +	else {
 +		printf("Usage: get_quota <path> [user|group] id\n");
 +		return NT_STATUS_OK;
 +	}
 +
 +	id.uid = atoi(argv[3]);
 +
 +	ZERO_STRUCT(D);
 +
 +	r = SMB_VFS_GET_QUOTA(vfs->conn, smb_fname, qtype, id, &D);
 +
 +	if (r == -1 && errno != ENOSYS) {
 +		return NT_STATUS_UNSUCCESSFUL;
 +	}
 +
 +	if (r == 0 && (D.qflags & QUOTAS_DENY_DISK) == 0) {
 +		return NT_STATUS_UNSUCCESSFUL;
 +	}
 +
 +	bsize = D.bsize;
 +	/* Use softlimit to determine disk space, except when it has been exceeded */
 +	if (
 +		(D.softlimit && D.curblocks >= D.softlimit) ||
 +		(D.hardlimit && D.curblocks >= D.hardlimit) ||
 +		(D.isoftlimit && D.curinodes >= D.isoftlimit) ||
 +		(D.ihardlimit && D.curinodes>=D.ihardlimit)
 +	) {
 +		dfree = 0;
 +		dsize = D.curblocks;
 +	} else if (D.softlimit==0 && D.hardlimit==0) {
 +		return NT_STATUS_UNSUCCESSFUL;
 +	} else {
 +		if (D.softlimit == 0) {
 +			D.softlimit = D.hardlimit;
 +		}
 +		dfree = D.softlimit - D.curblocks;
 +		dsize = D.softlimit;
 +	}
 +
 +	printf("get_quota: bsize = %lu, dfree = %lu, dsize = %lu\n",
 +			(unsigned long)bsize,
 +			(unsigned long)dfree,
 +			(unsigned long)dsize);
 +
 +	return NT_STATUS_OK;
 +}
 +
 static NTSTATUS cmd_opendir(struct vfs_state *vfs, TALLOC_CTX *mem_ctx, int argc, const char **argv)
 {
@@ -1947,6 +2023,7 @@ struct cmd_set vfs_commands[] = {
 	{ "connect",   cmd_connect,   "VFS connect()",    "connect" },
 	{ "disconnect",   cmd_disconnect,   "VFS disconnect()",    "disconnect" },
 	{ "disk_free",   cmd_disk_free,   "VFS disk_free()",    "disk_free <path>" },
 +	{ "get_quota",   cmd_get_quota,   "VFS get_quota()",    "get_quota <path> [user|group] id" },
 	{ "opendir",   cmd_opendir,   "VFS opendir()",    "opendir <fname>" },
 	{ "readdir",   cmd_readdir,   "VFS readdir()",    "readdir" },
 	{ "mkdir",   cmd_mkdir,   "VFS mkdir()",    "mkdir <path>" },
@@ -1977,33 +2054,22 @@ struct cmd_set vfs_commands[] = {
 	{ "link",   cmd_link,   "VFS link()",    "link <oldpath> <newpath>" },
 	{ "mknod",   cmd_mknod,   "VFS mknod()",    "mknod <path> <mode> <dev>" },
 	{ "realpath",   cmd_realpath,   "VFS realpath()",    "realpath <path>" },
 -	{ "getxattr", cmd_getxattr, "VFS getxattr()",
 -	  "getxattr <path> <name>" },
 -	{ "listxattr", cmd_listxattr, "VFS listxattr()",
 -	  "listxattr <path>" },
 -	{ "setxattr", cmd_setxattr, "VFS setxattr()",
 -	  "setxattr <path> <name> <value> [<flags>]" },
 -	{ "removexattr", cmd_removexattr, "VFS removexattr()",
 -	  "removexattr <path> <name>\n" },
 -	{ "fget_nt_acl", cmd_fget_nt_acl, "VFS fget_nt_acl()", 
 -	  "fget_nt_acl <fd>\n" },
 -	{ "get_nt_acl", cmd_get_nt_acl, "VFS get_nt_acl()", 
 -	  "get_nt_acl <path>\n" },
 -	{ "fset_nt_acl", cmd_fset_nt_acl, "VFS fset_nt_acl()", 
 -	  "fset_nt_acl <fd>\n" },
 -	{ "set_nt_acl", cmd_set_nt_acl, "VFS open() and fset_nt_acl()", 
 -	  "set_nt_acl <file>\n" },
 +	{ "getxattr", cmd_getxattr, "VFS getxattr()", "getxattr <path> <name>" },
 +	{ "listxattr", cmd_listxattr, "VFS listxattr()", "listxattr <path>" },
 +	{ "setxattr", cmd_setxattr, "VFS setxattr()", "setxattr <path> <name> <value> [<flags>]" },
 +	{ "removexattr", cmd_removexattr, "VFS removexattr()", "removexattr <path> <name>\n" },
 +	{ "fget_nt_acl", cmd_fget_nt_acl, "VFS fget_nt_acl()", "fget_nt_acl <fd>\n" },
 +	{ "get_nt_acl", cmd_get_nt_acl, "VFS get_nt_acl()", "get_nt_acl <path>\n" },
 +	{ "fset_nt_acl", cmd_fset_nt_acl, "VFS fset_nt_acl()", "fset_nt_acl <fd>\n" },
 +	{ "set_nt_acl", cmd_set_nt_acl, "VFS open() and fset_nt_acl()", "set_nt_acl <file>\n" },
 	{ "sys_acl_get_file", cmd_sys_acl_get_file, "VFS sys_acl_get_file()", "sys_acl_get_file <path>" },
 	{ "sys_acl_get_fd", cmd_sys_acl_get_fd, "VFS sys_acl_get_fd()", "sys_acl_get_fd <fd>" },
 -	{ "sys_acl_blob_get_file", cmd_sys_acl_blob_get_file,
 -	  "VFS sys_acl_blob_get_file()", "sys_acl_blob_get_file <path>" },
 -	{ "sys_acl_blob_get_fd", cmd_sys_acl_blob_get_fd,
 -	  "VFS sys_acl_blob_get_fd()", "sys_acl_blob_get_fd <path>" },
 +	{ "sys_acl_blob_get_file", cmd_sys_acl_blob_get_file, "VFS sys_acl_blob_get_file()", "sys_acl_blob_get_file <path>" },
 +	{ "sys_acl_blob_get_fd", cmd_sys_acl_blob_get_fd, "VFS sys_acl_blob_get_fd()", "sys_acl_blob_get_fd <path>" },
 	{ "sys_acl_delete_def_file", cmd_sys_acl_delete_def_file, "VFS sys_acl_delete_def_file()", "sys_acl_delete_def_file <path>" },
 -	{ "test_chain", cmd_test_chain, "test chain code",
 -	  "test_chain" },
 +	{ "test_chain", cmd_test_chain, "test chain code", "test_chain" },
 	{ "translate_name", cmd_translate_name, "VFS translate_name()", "translate_name unix_filename" },
 	{ NULL }
 };
--- a/net/samba410/files/patch-source3_utils_net.c
+++ b/net/samba410/files/patch-source3_utils_net.c
@ -1,6 +1,6 @@
--- source3/utils/net.c.orig	2017-07-04 10:05:26 UTC
+--- source3/utils/net.c.orig	2019-01-15 10:07:00 UTC
 +++ source3/utils/net.c
-@@ -1087,8 +1087,13 @@ static struct functable net_func[] = {
+@@ -1096,8 +1096,13 @@ static void get_credentials_file(struct 
 		lp_set_cmdline("netbios name", c->opt_requester_name);
 	}
--- a/net/samba410/files/patch-source3_utils_net__time.c
+++ b/net/samba410/files/patch-source3_utils_net__time.c
@ -1,6 +1,6 @@
--- source3/utils/net_time.c.orig	2017-07-04 10:05:26 UTC
+--- source3/utils/net_time.c.orig	2019-01-15 10:07:00 UTC
 +++ source3/utils/net_time.c
-@@ -75,10 +75,15 @@ static const char *systime(time_t t)
+@@ -81,10 +81,15 @@ static const char *systime(time_t t)
 	if (!tm) {
 		return "unknown";
 	}
--- a/net/samba410/files/patch-source3_winbindd_wscript__build
+++ b/net/samba410/files/patch-source3_winbindd_wscript__build
@ -1,4 +1,4 @@
--- source3/winbindd/wscript_build.orig	2017-11-14 04:44:42 UTC
+--- source3/winbindd/wscript_build.orig	2019-01-15 10:07:00 UTC
 +++ source3/winbindd/wscript_build
@@ -2,7 +2,7 @@
--- a/net/samba410/files/patch-source3__wscript
+++ b/net/samba410/files/patch-source3__wscript
@ -1,14 +1,14 @@
--- source3/wscript.orig	2018-06-26 18:42:46 UTC
+--- source3/wscript.orig	2019-05-07 08:38:21 UTC
 +++ source3/wscript
-@@ -47,6 +47,7 @@ def set_options(opt):
+@@ -50,6 +50,7 @@ def options(opt):
-     opt.SAMBA3_ADD_OPTION('sendfile-support')
+     opt.SAMBA3_ADD_OPTION('sendfile-support', default=None)
     opt.SAMBA3_ADD_OPTION('utmp')
     opt.SAMBA3_ADD_OPTION('avahi', with_name="enable", without_name="disable")
 +    opt.SAMBA3_ADD_OPTION('dnssd', with_name="enable", without_name="disable")
     opt.SAMBA3_ADD_OPTION('iconv')
     opt.SAMBA3_ADD_OPTION('acl-support')
     opt.SAMBA3_ADD_OPTION('dnsupdate')
-@@ -802,32 +803,38 @@ msg.msg_accrightslen = sizeof(fd);
+@@ -787,34 +788,39 @@ msg.msg_accrightslen = sizeof(fd);
     if Options.options.with_utmp:
         conf.env.with_utmp = True
@ -26,6 +26,7 @@
 +        conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_name', headers='utmpx.h utmp.h',
                                     define='HAVE_UT_UT_NAME')
 -        conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_user', headers='utmp.h',
 +
 +        conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_user', headers='utmpx.h utmp.h',
                                     define='HAVE_UT_UT_USER')
 -        conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_id', headers='utmp.h',
@ -51,6 +52,8 @@
                                     define='HAVE_UT_UT_EXIT')
 -        conf.CHECK_STRUCTURE_MEMBER('struct utmpx', 'ut_syslen', headers='utmpx.h',
 -                                    define='HAVE_UX_UT_SYSLEN')
 -        conf.CHECK_STRUCTURE_MEMBER('struct utmpx', 'ut_host', headers='utmpx.h',
 -                                    define='HAVE_UX_UT_HOST')
 +        conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_syslen', headers='utmpx.h utmp.h',
 +                                    define='HAVE_UT_UT_SYSLEN')
         conf.CHECK_CODE('struct utmp utarg; struct utmp *utreturn; utreturn = pututline(&utarg);',
@ -61,7 +64,7 @@
                           define='SIZEOF_UTMP_UT_LINE', critical=False)
         if not conf.CONFIG_SET('SIZEOF_UTMP_UT_LINE'):
             conf.env.with_utmp = False
-@@ -849,6 +856,17 @@ msg.msg_accrightslen = sizeof(fd);
+@@ -836,6 +842,17 @@ msg.msg_accrightslen = sizeof(fd);
         conf.SET_TARGET_TYPE('avahi-common', 'EMPTY')
         conf.SET_TARGET_TYPE('avahi-client', 'EMPTY')
@ -79,22 +82,13 @@
     if Options.options.with_iconv:
         conf.env.with_iconv = True
         if not conf.CHECK_FUNCS_IN('iconv_open', 'iconv', headers='iconv.h'):
-@@ -1637,7 +1655,7 @@ main() {
+@@ -1730,9 +1747,6 @@ main() {
         if not conf.env['FLEX']:
             conf.fatal("Spotlight support requested but flex missing")
         conf.CHECK_COMMAND('%s --version' % conf.env['FLEX'], msg='Using flex version', define=None, on_target=False)
 -        versions = ['1.0', '0.16', '0.14']
 +        versions = ['2.0', '1.0', '0.16', '0.14']
         for version in versions:
             testlib = 'tracker-sparql-' + version
             if conf.CHECK_CFG(package=testlib,
@@ -1729,9 +1747,6 @@ main() {
     if conf.CONFIG_SET('HAVE_VXFS'):
         default_shared_modules.extend(TO_LIST('vfs_vxfs'))
-
+ 
 -    if conf.CONFIG_SET('HAVE_DBUS'):
 -        default_shared_modules.extend(TO_LIST('vfs_snapper'))
- 
+-
     explicit_shared_modules = TO_LIST(Options.options.shared_modules, delimiter=',')
     explicit_static_modules = TO_LIST(Options.options.static_modules, delimiter=',')
--- a/net/samba410/files/patch-source3_wscript__build
+++ b/net/samba410/files/patch-source3_wscript__build
@ -1,14 +1,6 @@
--- source3/wscript_build.orig	2017-07-25 13:09:58 UTC
+--- source3/wscript_build.orig	2019-05-07 08:38:21 UTC
 +++ source3/wscript_build
-@@ -124,7 +124,6 @@ ldapsam_pdb_match = ['!priv2ld', '!smbldap_search_doma
+@@ -236,11 +236,9 @@ bld.SAMBA3_SUBSYSTEM('SMBREGISTRY',
                      '!get_attr_list']
 private_pdb_match.append('!pdb_nds_*')
 private_pdb_match.append('!pdb_ldapsam_init*')
 -private_pdb_match.append('!pdb_*_init')
 private_pdb_match = private_pdb_match + ldapsam_pdb_match
 bld.SAMBA3_LIBRARY('samba-passdb',
@@ -221,11 +221,9 @@ bld.SAMBA3_SUBSYSTEM('SMBREGISTRY',
                         talloc
                         replace
                         util_reg
@ -21,7 +13,7 @@
                         ''')
 # Do not link against this use 'smbconf'
-@@ -488,7 +486,7 @@ bld.SAMBA3_LIBRARY('secrets3',
+@@ -514,7 +512,7 @@ bld.SAMBA3_LIBRARY('secrets3',
 bld.SAMBA3_LIBRARY('smbldap',
                     source='lib/smbldap.c',
@ -30,7 +22,7 @@
                     enabled=bld.CONFIG_SET("HAVE_LDAP"),
                     private_library=False,
                     abi_directory='lib/ABI',
-@@ -713,6 +711,7 @@ bld.SAMBA3_LIBRARY('smbd_base',
+@@ -739,6 +737,7 @@ bld.SAMBA3_LIBRARY('smbd_base',
                         smbd_conn
                         param_service
                         AVAHI
@ -38,7 +30,7 @@
                         PRINTBASE
                         PROFILE
                         LOCKING
-@@ -1089,6 +1088,7 @@ bld.SAMBA3_BINARY('client/smbclient',
+@@ -1116,6 +1115,7 @@ bld.SAMBA3_BINARY('client/smbclient',
                       msrpc3
                       RPC_NDR_SRVSVC
                       cli_smb_common
@ -46,7 +38,7 @@
                       archive
                       ''')
-@@ -1254,8 +1254,7 @@ bld.SAMBA3_BINARY('vfstest',
+@@ -1284,8 +1284,7 @@ bld.SAMBA3_BINARY('vfstest',
                       popt_samba3
                       smbconf
                       SMBREADLINE
--- a/net/samba410/files/patch-source4_heimdal__build_wscript__configure
+++ b/net/samba410/files/patch-source4_heimdal__build_wscript__configure
@ -0,0 +1,20 @@
 --- source4/heimdal_build/wscript_configure.orig	2019-01-15 10:07:00 UTC
 +++ source4/heimdal_build/wscript_configure
@@ -171,7 +171,7 @@ if not krb5_config:
     krb5_config = conf.find_program("krb5-config", var="HEIMDAL_KRB5_CONFIG")
 if krb5_config:
     # Not ideal, but seems like the best way to get at these paths:
 -    f = open(krb5_config[0], 'r')
 +    f = open(krb5_config[0], 'r', errors='ignore')
     try:
         for l in f:
             if l.startswith("libdir="):
@@ -181,6 +181,8 @@ if krb5_config:
                 heimdal_includedirs.append(include_path)
                 conf.define('HEIMDAL_KRB5_TYPES_PATH',
                             include_path + "/krb5-types.h")
 +    except:
 +        pass
     finally:
         f.close()
--- a/net/samba410/files/patch-source4_heimdal_lib_roken_rand.c
+++ b/net/samba410/files/patch-source4_heimdal_lib_roken_rand.c
@ -1,6 +1,6 @@
--- source4/heimdal/lib/roken/rand.c.orig	2018-01-14 04:41:58 UTC
+--- source4/heimdal/lib/roken/rand.c.orig	2019-01-15 10:07:00 UTC
 +++ source4/heimdal/lib/roken/rand.c
-@@ -37,7 +37,6 @@
+@@ -37,7 +37,6 @@ void ROKEN_LIB_FUNCTION
 rk_random_init(void)
 {
 #if defined(HAVE_ARC4RANDOM)
--- a/net/samba410/files/patch-source4_kdc_kdc-service-mit.c
+++ b/net/samba410/files/patch-source4_kdc_kdc-service-mit.c
@ -1,4 +1,4 @@
--- source4/kdc/kdc-service-mit.c.orig	2018-01-18 00:08:39 UTC
+--- source4/kdc/kdc-service-mit.c.orig	2019-01-15 10:07:00 UTC
 +++ source4/kdc/kdc-service-mit.c
@@ -36,9 +36,13 @@
 #include "kdc/samba_kdc.h"
--- a/net/samba410/files/patch-source4_lib_http_http.c
+++ b/net/samba410/files/patch-source4_lib_http_http.c
@ -1,6 +1,6 @@
--- source4/lib/http/http.c.orig	2017-07-04 10:05:26 UTC
+--- source4/lib/http/http.c.orig	2019-01-15 10:07:00 UTC
 +++ source4/lib/http/http.c
-@@ -112,7 +112,19 @@ static enum http_read_status http_parse_
+@@ -134,7 +134,19 @@ static enum http_read_status http_parse_
 		return HTTP_ALL_DATA_READ;
 	}
@ -20,7 +20,7 @@
 	if (n != 2) {
 		DEBUG(0, ("%s: Error parsing header '%s'\n", __func__, line));
 		status = HTTP_DATA_CORRUPTED;
-@@ -138,7 +150,7 @@ error:
+@@ -160,7 +172,7 @@ error:
 static bool http_parse_response_line(struct http_read_response_state *state)
 {
 	bool	status = true;
@ -29,7 +29,7 @@
 	char	*msg = NULL;
 	char	major;
 	char	minor;
-@@ -158,12 +170,22 @@ static bool http_parse_response_line(str
+@@ -180,12 +192,22 @@ static bool http_parse_response_line(str
 		return false;
 	}
@ -56,7 +56,7 @@
 	if (n != 5) {
 		DEBUG(0, ("%s: Error parsing header\n",	__func__));
-@@ -171,6 +193,10 @@ static bool http_parse_response_line(str
+@@ -193,6 +215,10 @@ static bool http_parse_response_line(str
 		goto error;
 	}
--- a/net/samba410/files/patch-third__party_aesni-intel_wscript
+++ b/net/samba410/files/patch-third__party_aesni-intel_wscript
@ -1,33 +0,0 @@
 --- third_party/aesni-intel/wscript.orig	2017-09-17 19:15:34 UTC
 +++ third_party/aesni-intel/wscript
@@ -4,14 +4,19 @@ import Utils
 def configure(conf):
     if Options.options.accel_aes.lower() == "intelaesni":
 -        if conf.CHECK_CFLAGS('-Wp,-E,-lang-asm', ''):
 -            if conf.env['SYSTEM_UNAME_MACHINE'] == 'x86_64':
 +        asm_flags = ('-Wp,-E,-lang-asm', '-xassembler-with-cpp')
 +        for f in asm_flags:
 +            if conf.CHECK_CFLAGS(f, ''):
 +                conf.DEFINE('AESNI_INTEL_CFLAGS', f)
 +                break
 +        if conf.CONFIG_SET('AESNI_INTEL_CFLAGS'):
 +            if conf.env['SYSTEM_UNAME_MACHINE'] in ('x86_64', 'amd64'):
                 print("Compiling with Intel AES instructions")
                 conf.DEFINE('HAVE_AESNI_INTEL', 1)
             else:
                 raise Utils.WafError('--accel-aes=intelaesni selected and non x86_64 CPU')
         else:
 -            raise Utils.WafError('--accel-aes=intelaesni selected and compiler rejects -Wp,-E,-lang-asm')
 +            raise Utils.WafError('--aes-accel=intelaesni selected and compiler rejects ' + str(asm_flags))
         if not conf.CHECK_LDFLAGS('-Wl,-z,noexecstack'):
             raise Utils.WafError('--accel-aes=intelaesni selected and linker rejects -z noexecstack')
@@ -21,6 +26,6 @@ def build(bld):
     bld.SAMBA_LIBRARY('aesni-intel',
         source='aesni-intel_asm.c',
 -        cflags='-Wp,-E,-lang-asm',
 +        cflags=bld.CONFIG_GET('AESNI_INTEL_CFLAGS'),
         ldflags='-Wl,-z,noexecstack',
         private_library=True)
--- a/net/samba410/files/patch-third_partywafwafadmin__Logs.py
+++ b/net/samba410/files/patch-third_partywafwafadmin__Logs.py
@ -1,21 +0,0 @@
 --- third_party/waf/wafadmin/Logs.py.orig	2017-07-04 10:05:26 UTC
 +++ third_party/waf/wafadmin/Logs.py
@@ -23,6 +23,9 @@ colors_lst = {
 'cursor_off' :'\x1b[?25l',
 }
 +WAF_LOG_FORMAT = os.environ.get('WAF_LOG_FORMAT', LOG_FORMAT)
 +WAF_HOUR_FORMAT = os.environ.get('WAF_HOUR_FORMAT', HOUR_FORMAT)
 +
 got_tty = False
 term = os.environ.get('TERM', 'dumb')
 if not term in ['dumb', 'emacs']:
@@ -84,7 +87,7 @@ class log_filter(logging.Filter):
 class formatter(logging.Formatter):
 	def __init__(self):
 -		logging.Formatter.__init__(self, LOG_FORMAT, HOUR_FORMAT)
 +		logging.Formatter.__init__(self, WAF_LOG_FORMAT, WAF_HOUR_FORMAT)
 	def format(self, rec):
 		if rec.levelno >= logging.WARNING or rec.levelno == logging.INFO:
--- a/net/samba410/files/patch-third_partywafwafadminToolscc.py
+++ b/net/samba410/files/patch-third_partywafwafadminToolscc.py
@ -1,11 +0,0 @@
 --- third_party/waf/wafadmin/Tools/cc.py.orig	2017-07-04 10:05:26 UTC
 +++ third_party/waf/wafadmin/Tools/cc.py
@@ -88,7 +88,7 @@ def c_hook(self, node):
 		raise Utils.WafError('Have you forgotten to set the feature "cc" on %s?' % str(self))
 	return task
 -cc_str = '${CC} ${CCFLAGS} ${CPPFLAGS} ${_CCINCFLAGS} ${_CCDEFFLAGS} ${CC_SRC_F}${SRC} ${CC_TGT_F}${TGT}'
 +cc_str = '${CC} ${CCFLAGS} ${_CCINCFLAGS} ${CPPFLAGS} ${_CCDEFFLAGS} ${CC_SRC_F}${SRC} ${CC_TGT_F}${TGT}'
 cls = Task.simple_task_type('cc', cc_str, 'GREEN', ext_out='.o', ext_in='.c', shell=False)
 cls.scan = ccroot.scan
 cls.vars.append('CCDEPS')
--- a/net/samba410/files/patch-source3_modules_vfs__freebsd.c
+++ b/net/samba410/files/patch-source3_modules_vfs__freebsd.c
@ -1,6 +1,33 @@
--- /dev/null	2018-11-29 02:13:13 UTC
+--- docs-xml/wscript_build.orig	2019-06-25 00:52:38 UTC
 +++ docs-xml/wscript_build
@@ -79,6 +79,7 @@ vfs_module_manpages = ['vfs_acl_tdb',
                        'vfs_extd_audit',
                        'vfs_fake_perms',
                        'vfs_fileid',
 +                       'vfs_freebsd',
                        'vfs_fruit',
                        'vfs_full_audit',
                        'vfs_glusterfs',
 --- source3/modules/wscript_build.orig	2019-05-07 08:38:21 UTC
 +++ source3/modules/wscript_build
@@ -243,6 +243,14 @@ bld.SAMBA3_MODULE('vfs_zfsacl',
                  internal_module=bld.SAMBA3_IS_STATIC_MODULE('vfs_zfsacl'),
                  enabled=bld.SAMBA3_IS_ENABLED_MODULE('vfs_zfsacl'))
 +bld.SAMBA3_MODULE('vfs_freebsd',
 +                 subsystem='vfs',
 +                 source='vfs_freebsd.c',
 +                 deps='samba-util',
 +                 init_function='',
 +                 internal_module=bld.SAMBA3_IS_STATIC_MODULE('vfs_freebsd'),
 +                 enabled=bld.SAMBA3_IS_ENABLED_MODULE('vfs_freebsd'))
 +
 xdr_buf_hack = 'sed -e "s@^\([ \t]*register int32_t \*buf\);@\\1 = buf;@"'
 bld.SAMBA_GENERATOR('nfs41acl-xdr-c',
 --- source3/modules/vfs_freebsd.c.orig	2019-06-22 11:56:57 UTC
 +++ source3/modules/vfs_freebsd.c
-@@ -0,0 +1,795 @@
+@@ -0,0 +1,808 @@
 +/*
 + * This module implements VFS calls specific to FreeBSD
 + *
@ -140,7 +167,7 @@
 +static extattr_attr* freebsd_map_xattr(enum extattr_mode extattr_mode, const char *name, extattr_attr *attr)
 +{
 +	int attrnamespace = EXTATTR_NAMESPACE_EMPTY;
-+	const char *attrname = name;
+	const char *p, *attrname = name;
 +
 +	if(name == NULL || name[0] == '\0') {
 +		return NULL;
@ -153,33 +180,46 @@
 +	uint16_t flags = freebsd_map_attrname(name);
 +
 +	switch(flags) {
 +		case EXTATTR_USER:
 +			attrnamespace = EXTATTR_NAMESPACE_USER;
 +			if(extattr_mode == FREEBSD_EXTATTR_LEGACY)
 +				attrname = name + 5;
 +			break;
 +		case EXTATTR_SECURITY:
 +		case EXTATTR_TRUSTED:
 +			attrnamespace = (extattr_mode == FREEBSD_EXTATTR_SECURE) ?
 +					EXTATTR_NAMESPACE_SYSTEM :
 +					EXTATTR_NAMESPACE_USER;
 +			break;
 +		case EXTATTR_SYSTEM:
 +			attrnamespace = (extattr_mode == FREEBSD_EXTATTR_SECURE) ?
 +					EXTATTR_NAMESPACE_SYSTEM :
 +					EXTATTR_NAMESPACE_USER;
-+			if (extattr_mode == FREEBSD_EXTATTR_LEGACY)
+			break;
-+				attrname = name + 7;
+		case EXTATTR_USER:
 +			attrnamespace = EXTATTR_NAMESPACE_USER;
 +			break;
 +		default:
 +			/* Default to "user" namespace if nothing else was specified */
 +			attrnamespace = EXTATTR_NAMESPACE_USER;
 +			flags = EXTATTR_USER;
 +			break;
 +	}
 +
 +	if (extattr_mode == FREEBSD_EXTATTR_LEGACY) {
 +		switch(flags) {
 +			case EXTATTR_SECURITY:
 +				attrname = name + 9;
 +				break;
 +			case EXTATTR_TRUSTED:
 +				attrname = name + 8;
 +				break;
 +			case EXTATTR_SYSTEM:
 +				attrname = name + 7;
 +				break;
 +			case EXTATTR_USER:
 +				attrname = name + 5;
 +				break;
 +			default:
 +				attrname = ((p=strchr(name, '.')) != NULL) ? p + 1 : name;
 +				break;
 +		}
 +	}
 +
 +	attr->namespace = attrnamespace;
 +	attr->data.flags = flags;
-+	strlcpy(attr->name, attrname, EXTATTR_MAXNAMELEN+1);
+	strlcpy(attr->name, attrname, EXTATTR_MAXNAMELEN + 1);
 +
 +	return attr;
 +}
@ -796,3 +836,175 @@
 +
 +	return ret;
 +}
 --- docs-xml/manpages/vfs_freebsd.8.xml.orig	2019-06-25 00:51:54 UTC
 +++ docs-xml/manpages/vfs_freebsd.8.xml
@@ -0,0 +1,169 @@
 +<?xml version="1.0" encoding="iso-8859-1"?>
 +<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
 +<refentry id="vfs_freebsd.8">
 +
 +<refmeta>
 +	<refentrytitle>vfs_freebsd</refentrytitle>
 +	<manvolnum>8</manvolnum>
 +	<refmiscinfo class="source">Samba</refmiscinfo>
 +	<refmiscinfo class="manual">System Administration tools</refmiscinfo>
 +	<refmiscinfo class="version">&doc.version;</refmiscinfo>
 +</refmeta>
 +
 +<refnamediv>
 +	<refname>vfs_freebsd</refname>
 +	<refpurpose>FreeBSD-specific VFS functions</refpurpose>
 +</refnamediv>
 +
 +<refsynopsisdiv>
 +	<cmdsynopsis>
 +		<command>vfs objects = freebsd</command>
 +	</cmdsynopsis>
 +</refsynopsisdiv>
 +
 +<refsect1>
 +	<title>DESCRIPTION</title>
 +
 +	<para>This VFS module is part of the <citerefentry><refentrytitle>samba</refentrytitle>
 +	<manvolnum>7</manvolnum></citerefentry> suite.</para>
 +
 +	<para>The <command>vfs_freebsd</command> module implements some of the FreeBSD-specific VFS functions.</para>
 +
 +	<para>This module is stackable.</para>
 +</refsect1>
 +
 +
 +<refsect1>
 +	<title>OPTIONS</title>
 +
 +	<variablelist>
 +
 +	<varlistentry>
 +		<term>freebsd:extattr mode=[legacy|compat|secure]</term>
 +		<listitem>
 +		<para>This parameter defines how the emulation of the Linux attr(5) extended attributes
 +		is performed through the FreeBSD native extattr(9) system calls.</para>
 +
 +		<para>Currently the <emphasis>security</emphasis>, <emphasis>system</emphasis>,
 +		<emphasis>trusted</emphasis> and <emphasis>user</emphasis> extended attribute(xattr)
 +		classes are defined in Linux. Contrary FreeBSD has only <emphasis>USER</emphasis> 
 +		and <emphasis>SYSTEM</emphasis> extended attribute(extattr) namespaces, so mapping
 +		of one set into another isn't straightforward and can be done in different ways.</para>
 +
 +		<para>Historically the Samba(7) built-in xattr mapping implementation simply converted
 +		<emphasis>system</emphasis> and <emphasis>user</emphasis> xattr into corresponding 
 +		<emphasis>SYSTEM</emphasis> and <emphasis>USER</emphasis> extattr namespaces, dropping
 +		the class prefix name with the separating dot and using attribute name only within the 
 +		mapped namespace. It also rejected any other xattr classes, like <emphasis>security</emphasis>
 +		and <emphasis>trusted</emphasis> as invalid. Such behavior in particular broke AD
 +		provisioning on UFS2 file systems as essential <emphasis>security.NTACL</emphasis>
 +		xattr was rejected as invalid.</para>
 +
 +		<para>This module tries to address this problem and provide secure, where it's possible,
 +		way to map Linux xattr into FreeBSD's extattr.</para>
 +
 +		<para>When <emphasis>mode</emphasis> is set to the <emphasis>legacy (default)</emphasis>
 +		then modified version of built-in mapping is used, where <emphasis>system</emphasis> xattr
 +		is mapped into SYSTEM namespace, while <emphasis>secure</emphasis>, <emphasis>trusted</emphasis>
 +		and <emphasis>user</emphasis> xattr are all mapped into the USER namespace, dropping class 
 +		prefixes and mix them all together. This is the way how Samba FreeBSD ports were patched
 +		up to the 4.9 version and that created multiple potential security issues. This mode is aimed for
 +		the compatibility with the legacy installations only and should be avoided in new setups.</para>
 +
 +		<para>The <emphasis>compat</emphasis> mode is mostly designed for the jailed environments,
 +		where it's not possible to write extattrs into the secure SYSTEM namespace, so all four
 +		classes are mapped into the USER namespace. To preserve information about origin of the
 +		extended attribute it is stored together with the class preffix in the <emphasis>class.attribute</emphasis>
 +		format.</para>
 +
 +		<para>The <emphasis>secure</emphasis> mode is meant for storing extended attributes in a secure
 +		manner, so that <emphasis>security</emphasis>, <emphasis>system</emphasis> and <emphasis>trusted</emphasis>
 +		are stored in the SYSTEM namespace, which can be modified only by root.
 +		</para>
 +		</listitem>
 +	</varlistentry>
 +
 +
 +	</variablelist>
 +</refsect1>
 +
 +<refsect1>
 +	<table frame="all" rowheader="firstcol">
 +		<title>Attributes mapping</title>
 +		<tgroup cols='5' align='left' colsep='1' rowsep='1'>
 +		<thead>
 +			<row>
 +			<entry> </entry>
 +			<entry>built-in</entry>
 +			<entry>legacy</entry>
 +			<entry>compat/jail</entry>
 +			<entry>secure</entry>
 +			</row>
 +		</thead>
 +		<tbody>
 +			<row>
 +			<entry>user</entry>
 +			<entry>USER; attribute</entry>
 +			<entry>USER; attribute</entry>
 +			<entry>USER; user.attribute</entry>
 +			<entry>USER; user.attribute</entry>
 +			</row>
 +			<row>
 +			<entry>system</entry>
 +			<entry>SYSTEM; attribute</entry>
 +			<entry>SYSTEM; attribute</entry>
 +			<entry>USER; system.attribute</entry>
 +			<entry>SYSTEM; system.attribute</entry>
 +			</row>
 +			<row>
 +			<entry>trusted</entry>
 +			<entry>FAIL</entry>
 +			<entry>USER; attribute</entry>
 +			<entry>USER; trusted.attribute</entry>
 +			<entry>SYSTEM; trusted.attribute</entry>
 +			</row>
 +			<row>
 +			<entry>security</entry>
 +			<entry>FAIL</entry>
 +			<entry>USER; attribute</entry>
 +			<entry>USER; security.attribute</entry>
 +			<entry>SYSTEM; security.attribute</entry>
 +			</row>
 +		</tbody>
 +		</tgroup>
 +	</table>
 +</refsect1>
 +
 +<refsect1>
 +	<title>EXAMPLES</title>
 +
 +	<para>Use secure method of setting extended attributes on the share:</para>
 +
 +<programlisting>
 +	<smbconfsection name="[sysvol]"/>
 +	<smbconfoption name="vfs objects">freebsd</smbconfoption>
 +	<smbconfoption name="freebsd:extattr mode">secure</smbconfoption>
 +</programlisting>
 +
 +</refsect1>
 +
 +<refsect1>
 +	<title>VERSION</title>
 +
 +	<para>This man page is part of version &doc.version; of the Samba suite.
 +	</para>
 +</refsect1>
 +
 +<refsect1>
 +	<title>AUTHOR</title>
 +
 +	<para>The original Samba software and related utilities
 +	were created by Andrew Tridgell. Samba is now developed
 +	by the Samba Team as an Open Source project similar
 +	to the way the Linux kernel is developed.</para>
 +
 +	<para>This module was written by Timur I. Bakeyev</para>
 +
 +</refsect1>
 +
 +</refentry>
--- a/net/samba410/pkg-plist
+++ b/net/samba410/pkg-plist