mirror of
https://github.com/novatiq/packages.git
synced 2026-04-29 23:18:42 +01:00
samba4: add package samba-4.8
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
This commit is contained in:
Andy Walsh
@@ -0,0 +1,7 @@
|
||||
config samba
|
||||
option 'name' 'OpenWrt-SMB'
|
||||
option 'workgroup' 'WORKGROUP'
|
||||
option 'description' 'Samba on OpenWrt'
|
||||
option 'charset' 'UTF-8'
|
||||
option 'homes' '0'
|
||||
|
||||
@@ -0,0 +1,192 @@
|
||||
#!/bin/sh /etc/rc.common
|
||||
|
||||
START=99
|
||||
USE_PROCD=1
|
||||
|
||||
smb_header() {
|
||||
config_get samba_iface $1 interface "loopback lan"
|
||||
|
||||
# resolve interfaces
|
||||
local interfaces=$(
|
||||
. /lib/functions/network.sh
|
||||
|
||||
local net
|
||||
for net in $samba_iface; do
|
||||
local device
|
||||
network_is_up $net || continue
|
||||
network_get_device device "$net"
|
||||
echo -n "${device:-$net} "
|
||||
done
|
||||
)
|
||||
|
||||
local name workgroup description charset
|
||||
local hostname="$(uci_get system.@system[0].hostname)"
|
||||
|
||||
config_get name $1 name "${hostname:-OpenWrt}"
|
||||
config_get workgroup $1 workgroup "${hostname:-WORKGROUP}"
|
||||
config_get description $1 description "Samba on ${hostname:-OpenWrt}"
|
||||
config_get charset $1 charset "UTF-8"
|
||||
|
||||
config_get_bool DISABLE_NETBIOS $1 disable_netbios 0
|
||||
config_get_bool DISABLE_AD_DC $1 disable_ad_dc 0
|
||||
config_get_bool DISABLE_WINBIND $1 disable_winbind 0
|
||||
|
||||
mkdir -p /var/etc
|
||||
sed -e "s#|NAME|#$name#g" \
|
||||
-e "s#|WORKGROUP|#$workgroup#g" \
|
||||
-e "s#|DESCRIPTION|#$description#g" \
|
||||
-e "s#|INTERFACES|#$interfaces#g" \
|
||||
-e "s#|CHARSET|#$charset#g" \
|
||||
/etc/samba/smb.conf.template > /var/etc/smb.conf
|
||||
|
||||
echo -e "\n######### Dynamic written config options #########\n" >> /var/etc/smb.conf
|
||||
if [ "$DISABLE_NETBIOS" -eq 1 ] || [ ! -x /usr/sbin/nmbd ]; then
|
||||
echo -e "\tdisable netbios = yes" >> /var/etc/smb.conf
|
||||
fi
|
||||
|
||||
local homes
|
||||
config_get_bool homes $1 homes 0
|
||||
[ $homes -gt 0 ] && {
|
||||
cat <<EOT >> /var/etc/smb.conf
|
||||
|
||||
[homes]
|
||||
comment = Home Directories
|
||||
browsable = no
|
||||
writable = yes
|
||||
read only = no
|
||||
create mask = 0750
|
||||
EOT
|
||||
}
|
||||
|
||||
[ -L /etc/samba/smb.conf ] || ln -nsf /var/etc/smb.conf /etc/samba/smb.conf
|
||||
}
|
||||
|
||||
smb_add_share() {
|
||||
local name
|
||||
local path
|
||||
local users
|
||||
local public
|
||||
local writable
|
||||
local printable
|
||||
local create_mask
|
||||
|
||||
local browseable
|
||||
local read_only
|
||||
local guest_ok
|
||||
local guest_only
|
||||
local inherit_owner
|
||||
local vfs_objects
|
||||
|
||||
config_get name $1 name
|
||||
config_get path $1 path
|
||||
config_get users $1 users
|
||||
config_get public $1 public
|
||||
config_get writable $1 writable
|
||||
config_get printable $1 printable
|
||||
config_get create_mask $1 create_mask
|
||||
config_get dir_mask $1 dir_mask
|
||||
|
||||
|
||||
config_get browseable $1 browseable
|
||||
config_get read_only $1 read_only
|
||||
config_get guest_ok $1 guest_ok
|
||||
config_get guest_only $1 guest_only
|
||||
config_get inherit_owner $1 inherit_owner
|
||||
config_get vfs_objects $1 vfs_objects
|
||||
|
||||
|
||||
[ -z "$name" -o -z "$path" ] && return
|
||||
|
||||
echo -e "\n[$name]\n\tpath = $path" >> /var/etc/smb.conf
|
||||
[ -n "$users" ] && echo -e "\tvalid users = $users" >> /var/etc/smb.conf
|
||||
[ -n "$public" ] && echo -e "\tpublic = $public" >> /var/etc/smb.conf
|
||||
[ -n "$writable" ] && echo -e "\twritable = $writable" >> /var/etc/smb.conf
|
||||
[ -n "$printable" ] && echo -e "\tprintable = $printable" >> /var/etc/smb.conf
|
||||
[ -n "$create_mask" ] && echo -e "\tcreate mask = $create_mask" >> /var/etc/smb.conf
|
||||
[ -n "$dir_mask" ] && echo -e "\tdirectory mask = $dir_mask" >> /var/etc/smb.conf
|
||||
|
||||
[ -n "$browseable" ] && echo -e "\tbrowseable = $browseable" >> /var/etc/smb.conf
|
||||
[ -n "$read_only" ] && echo -e "\tread only = $read_only" >> /var/etc/smb.conf
|
||||
[ -n "$guest_ok" ] && echo -e "\tguest ok = $guest_ok" >> /var/etc/smb.conf
|
||||
[ -n "$guest_only" ] && echo -e "\tguest only = $guest_only" >> /var/etc/smb.conf
|
||||
[ -n "$inherit_owner" ] && echo -e "\tinherit owner = $inherit_owner" >> /var/etc/smb.conf
|
||||
[ -n "$vfs_objects" ] && echo -e "\tvfs objects = $vfs_objects" >> /var/etc/smb.conf
|
||||
}
|
||||
|
||||
init_config() {
|
||||
# Create samba dirs
|
||||
[ -d /var/lib/samba ] || mkdir -p /var/lib/samba
|
||||
[ -d /var/cache/samba ] || mkdir -p /var/cache/samba
|
||||
[ -d /var/run/samba ] || mkdir -p /var/run/samba
|
||||
[ -d /var/log/samba ] || mkdir -p /var/log/samba
|
||||
[ -d /var/lock ] && chmod 0755 /var/lock || {
|
||||
mkdir -p /var/lock
|
||||
chmod 0755 /var/lock
|
||||
}
|
||||
|
||||
config_load samba4
|
||||
config_foreach smb_header samba
|
||||
config_foreach smb_add_share sambashare
|
||||
}
|
||||
|
||||
reload_service() {
|
||||
init_config
|
||||
|
||||
killall -HUP samba
|
||||
killall -HUP smbd
|
||||
killall -HUP nmbd
|
||||
killall -HUP winbindd
|
||||
}
|
||||
|
||||
service_triggers() {
|
||||
procd_add_reload_trigger samba4
|
||||
|
||||
local i
|
||||
for i in $samba_iface; do
|
||||
procd_add_reload_interface_trigger $i
|
||||
done
|
||||
}
|
||||
|
||||
start_service() {
|
||||
init_config
|
||||
|
||||
# start main AC-DC daemon, will spawn (smbd,nmbd,winbindd) as needed/configured.
|
||||
if [ "$DISABLE_AD_DC" -ne 1 ] && [ -x /usr/sbin/samba ]; then
|
||||
procd_open_instance
|
||||
procd_set_param command /usr/sbin/samba -F
|
||||
procd_set_param respawn
|
||||
procd_set_param file /var/etc/smb.conf
|
||||
procd_close_instance
|
||||
else
|
||||
# start fileserver daemon
|
||||
procd_open_instance
|
||||
procd_set_param command /usr/sbin/smbd -F
|
||||
procd_set_param respawn
|
||||
procd_set_param file /var/etc/smb.conf
|
||||
procd_close_instance
|
||||
|
||||
# start netbios daemon
|
||||
if [ "$DISABLE_NETBIOS" -ne 1 ] && [ -x /usr/sbin/nmbd ]; then
|
||||
procd_open_instance
|
||||
procd_set_param command /usr/sbin/nmbd -F
|
||||
procd_set_param respawn
|
||||
procd_set_param file /var/etc/smb.conf
|
||||
procd_close_instance
|
||||
fi
|
||||
# start winbind daemon
|
||||
if [ "$DISABLE_WINBIND" -ne 1 ] && [ -x /usr/sbin/winbindd ]; then
|
||||
procd_open_instance
|
||||
procd_set_param command /usr/sbin/winbindd -F
|
||||
procd_set_param respawn
|
||||
procd_set_param file /var/etc/smb.conf
|
||||
procd_close_instance
|
||||
fi
|
||||
fi
|
||||
# lower priority using renice (if found)
|
||||
if [ -x /usr/bin/renice ]; then
|
||||
[ -x /usr/sbin/samba ] && renice -n 2 $(pidof samba)
|
||||
[ -x /usr/sbin/smbd ] && renice -n 2 $(pidof smbd)
|
||||
[ -x /usr/sbin/nmbd ] && renice -n 2 $(pidof nmbd)
|
||||
[ -x /usr/sbin/winbindd ] && renice -n 2 $(pidof winbindd)
|
||||
fi
|
||||
}
|
||||
@@ -0,0 +1,100 @@
|
||||
[global]
|
||||
netbios name = |NAME|
|
||||
interfaces = |INTERFACES|
|
||||
server string = |DESCRIPTION|
|
||||
unix charset = |CHARSET|
|
||||
workgroup = |WORKGROUP|
|
||||
|
||||
## This global parameter allows the Samba admin to limit what interfaces on a machine will serve SMB requests.
|
||||
bind interfaces only = yes
|
||||
|
||||
## time for inactive connections to-be closed in minutes
|
||||
deadtime = 15
|
||||
|
||||
## disable core dumps
|
||||
enable core files = no
|
||||
|
||||
## set security (auto, user, domain, ads)
|
||||
security = user
|
||||
|
||||
## This parameter controls whether a remote client is allowed or required to use SMB encryption.
|
||||
## It has different effects depending on whether the connection uses SMB1 or SMB2 and newer:
|
||||
## If the connection uses SMB1, then this option controls the use of a Samba-specific extension to the SMB protocol introduced in Samba 3.2 that makes use of the Unix extensions.
|
||||
## If the connection uses SMB2 or newer, then this option controls the use of the SMB-level encryption that is supported in SMB version 3.0 and above and available in Windows 8 and newer.
|
||||
##(default/auto,desired,required,off)
|
||||
#smb encrypt = default
|
||||
|
||||
## set invalid users
|
||||
invalid users = root
|
||||
|
||||
## map unknow users to guest
|
||||
map to guest = Bad User
|
||||
|
||||
## allow client access to accounts that have null passwords.
|
||||
null passwords = yes
|
||||
|
||||
## The old plaintext passdb backend. Some Samba features will not work if this passdb backend is used. (NOTE: enabled for size reasons)
|
||||
## (tdbsam,smbpasswd,ldapsam)
|
||||
passdb backend = smbpasswd
|
||||
|
||||
## Set location of smbpasswd ('smbd -b' will show default compiled location)
|
||||
#smb passwd file = /etc/samba/smbpasswd
|
||||
|
||||
## LAN/WAN options (IPTOS_LOWDELAY TCP_NODELAY) WAN (IPTOS_THROUGHPUT)
|
||||
socket options = IPTOS_LOWDELAY TCP_NODELAY
|
||||
|
||||
## lower CPU useage if supported
|
||||
use sendfile = yes
|
||||
|
||||
## samba will behave as previous versions of Samba would and will fail the lock request immediately if the lock range cannot be obtained.
|
||||
#blocking locks = No
|
||||
|
||||
## disable loading of all printcap printers by default (iprint, cups, lpstat)
|
||||
load printers = No
|
||||
printcap name = /dev/null
|
||||
|
||||
## Disable that nmbd is acting as a WINS server for unknow netbios names
|
||||
#dns proxy = No
|
||||
|
||||
## win/unix user mapping backend
|
||||
#idmap config * : backend = tdb
|
||||
|
||||
## Allows the server name that is advertised through MDNS to be set to the hostname rather than the Samba NETBIOS name.
|
||||
## This allows an administrator to make Samba registered MDNS records match the case of the hostname rather than being in all capitals.
|
||||
## (netbios, mdns)
|
||||
#mdns name = mdns
|
||||
|
||||
## Clients that only support netbios won't be able to see your samba server when netbios support is disabled.
|
||||
#disable netbios = Yes
|
||||
|
||||
## Setting this value to no will cause nmbd never to become a local master browser.
|
||||
#local master = no
|
||||
|
||||
## (auto, yes) If this is set to yes, on startup, nmbd will force an election, and it will have a slight advantage in winning the election. It is recommended that this parameter is used in conjunction with domain master = yes, so that nmbd can guarantee becoming a domain master.
|
||||
#preferred master = yes
|
||||
|
||||
## (445 139) Specifies which ports the server should listen on for SMB traffic.
|
||||
## 139 is netbios/nmbd
|
||||
#smb ports = 445 139
|
||||
|
||||
## This is a list of files and directories that are neither visible nor accessible.
|
||||
## Each entry in the list must be separated by a '/', which allows spaces to be included in the entry. '*' and '?' can be used to specify multiple files or directories as in DOS wildcards.
|
||||
veto files = /Thumbs.db/.DS_Store/._.DS_Store/.apdisk/
|
||||
|
||||
## If a directory that is to be deleted contains nothing but veto files this deletion will fail unless you also set the delete veto files parameter to yes.
|
||||
delete veto files = yes
|
||||
|
||||
################ Filesystem and creation rules ################
|
||||
## reported filesystem type (NTFS,Samba,FAT)
|
||||
#fstype = FAT
|
||||
|
||||
## Allows a user who has write access to the file (by whatever means, including an ACL permission) to modify the permissions (including ACL) on it.
|
||||
#dos filemode = Yes
|
||||
|
||||
## file/dir creating rules
|
||||
#create mask = 0666
|
||||
#directory mask = 0777
|
||||
#force group = root
|
||||
#force user = root
|
||||
#inherit owner = windows and unix
|
||||
################################################################
|
||||
Reference in New Issue
Block a user