Menu

[r2093]: / trunk / etc / rc.d / samba  Maximize  Restore  History

Download this file

304 lines (278 with data), 9.1 kB 

#!/bin/sh
# Copyright (c) 2007 Volker Theile (votdev@gmx.de)
# All rights reserved.

# PROVIDE: nmbd smbd winbindd
# REQUIRE: NETWORKING SERVERS DAEMON resolv
# BEFORE: LOGIN
# KEYWORD: shutdown
# XQUERY: -i "count(//samba/enable) > 0" -o "0" -b
# RCVAR: samba

. /etc/rc.subr
. /etc/configxml.subr

name="samba"
rcvar=`set_rcvar`

load_rc_config "${name}"

# Custom commands
extra_commands="reload status"
start_precmd="samba_start_precmd"
start_cmd="samba_cmd"
stop_cmd="samba_cmd"
status_cmd="samba_cmd"

# Defaults
samba_enable="${samba_enable:=NO}"
samba_config_default="/var/etc/smb.conf"
samba_config="${samba_config=${samba_config_default}}"
command_args="${samba_config:+-s "${samba_config}"}"			#"
samba_daemons="nmbd smbd winbindd"
samba_lockdir="${samba_lockdir=/var/run}"
samba_piddir="${samba_piddir=/var/run}"

# Check if 'Active Directory' is enabled?
configxml_isset //ad/enable
ad_enable=$?

# Check if 'LDAP' is enabled?
configxml_isset //ldap/enable
ldap_enable=$?

# Disable AD if LDAP enabled:
if [ 0 -eq ${ldap_enable} ]; then
	ad_enable=1
fi

# Setup dependent variables
if [ -n "${rcvar}" ] && checkyesno "${rcvar}"; then
    nmbd_enable="${nmbd_enable=YES}"
    smbd_enable="${smbd_enable=YES}"
    if [ 0 -eq ${ad_enable} ]; then
			winbindd_enable="${winbindd_enable=YES}"
		fi
fi

# Hack to work around name change of pid file with non-default config
pid_extra=
if [ -n "${samba_config}" -a "${samba_config}" != "${samba_config_default}" ]; then
    pid_extra="-$(basename "${samba_config}")"
fi

# Hack to enable check of dependent variables
eval real_${rcvar}="\${${rcvar}:=NO}"	${rcvar}="YES"

# Defaults for dependent variables
nmbd_enable="${nmbd_enable:=NO}"
nmbd_flags="${nmbd_flags=\"-D\"}"
smbd_enable="${smbd_enable:=NO}"
smbd_flags="${smbd_flags=\"-D\"}"
winbindd_enable="${winbindd_enable:=NO}"
winbindd_flags="${winbindd_flags=''}"

# Requirements
required_files="${samba_config}"
required_dirs="${samba_lockdir}"

create_conf()
{
	# Create smb.conf file.
	/usr/local/bin/xml sel -t \
		-o "[global]" -n \
		-o "encrypt passwords = yes" -n \
		-v "concat('netbios name = ',//samba/netbiosname)" -n \
		-v "concat('workgroup = ',//samba/workgroup)" -n \
		-v "concat('server string = ',//samba/serverdesc)" -n \
		-o "load printers = no" -n \
		-v "concat('security = ',//samba/security)" -n \
		-o "dns proxy = no" -n \
		-o "# Settings to enhance performance:" -n \
		-o "use sendfile = yes" -n \
		-o "strict locking = no" -n \
		-o "read raw = yes" -n \
		-o "write raw = yes" -n \
		-o "oplocks = yes" -n \
		-o "max xmit = 65535" -n \
		-o "deadtime = 15" -n \
		-o "getwd cache = yes" -n \
		-o "socket options = IPTOS_LOWDELAY TCP_NODELAY " \
		-i "string-length(//samba/sndbuf) > 0" \
			-v "concat('SO_SNDBUF=',//samba/sndbuf,' ')" \
		-b \
		-i "string-length(//samba/sndbuf) = 0" \
			-o "SO_SNDBUF=16384 " \
		-b \
		-i "string-length(//samba/rcvbuf) > 0" \
			-v "concat('SO_RCVBUF=',//samba/rcvbuf,' ')" \
		-b \
		-i "string-length(//samba/rcvbuf) = 0" \
			-o "SO_RCVBUF=16384 " \
		-b \
		-n -o "# End of performance section" -n \
		-i "string-length(//samba/winssrv) > 0" \
			-v "concat('wins server = ',//samba/winssrv)" -n \
		-b \
		-i "string-length(//samba/unixcharset) > 0" \
			-v "concat('unix charset = ',//samba/unixcharset)" -n \
		-b \
		-i "string-length(//samba/unixcharset) = 0" \
			-o "unix charset = UTF-8" -n \
		-b \
		-i "count(//samba/largereadwrite) = 0" \
			-o "large readwrite = no" -n \
		-b \
		-i "count(//samba/easupport) > 0" \
			-o "ea support = yes" -n \
		-b \
		-v "concat('local master = ',//samba/localmaster)" -n \
		-v "concat('time server = ',//samba/timesrv)" -n \
		-o "guest account = ftp" -n \
		-o "display charset = UTF-8" -n \
		-o "max log size = 10" -n \
		-o "syslog only = yes" -n \
		-v "concat('syslog = ',//samba/loglevel)" -n \
		-o "load printers = no" -n \
		-o "printing = bsd" -n \
		-o "printcap name = /dev/null" -n \
		-o "disable spoolss = yes" -n \
		-v "concat('log level = ',//samba/loglevel)" -n \
		-v "concat('dos charset = ',//samba/doscharset)" -n \
		-o "smb passwd file = /var/etc/private/smbpasswd" -n \
		-o "private dir = /var/etc/private" -n \
		-i "//samba/security[. = 'share']" \
			-o "passdb backend = smbpasswd" -n \
			-i "string-length(//samba/createmask) > 0" -v "concat('create mask = ',//samba/createmask)" -n -b \
			-i "string-length(//samba/createmask) = 0" -o "create mask = 0666" -n -b \
			-i "string-length(//samba/directorymask) > 0" -v "concat('directory mask = ',//samba/directorymask)" -n -b \
			-i "string-length(//samba/directorymask) = 0" -o "directory mask = 0777" -n -b \
			-o "force user = ftp" -n \
			-o "force group = ftp" -n \
		-b \
		-i "//samba/security[. = 'domain']" \
			-o "passdb backend = smbpasswd" -n \
			-o "allow trusted domains = no" -n \
			-o "dns proxy = no" -n \
			-o "ldap ssl = no" -n \
			-v "concat('idmap backend = rid:',//samba/workgroup,'=10000-20000')" -n \
			-o "idmap uid = 10000-20000" -n \
			-o "idmap gid = 10000-20000" -n \
			-o "winbind enum groups = yes" -n \
			-o "winbind enum users = yes" -n \
			-o "winbind use default domain = yes" -n \
			-o "template homedir = /mnt" -n \
			-o "template shell = /bin/sh" -n \
		-b \
		-i "//samba/security[. = 'user']" \
			-o "passdb backend = smbpasswd" -n \
		-b \
		-i "count(//ldap/enable) > 0" \
			-v "concat('passdb backend = ldapsam:ldap://',//ldap/hostname)" -n \
			-v "concat('ldap admin dn = ',//ldap/binddn)" -n \
			-v "concat('ldap suffix = ',//ldap/base)" -n \
			-v "concat('ldap user suffix = ',//ldap/user_suffix)" -n \
			-v "concat('ldap group suffix = ',//ldap/group_suffix)" -n \
			-o "security = user" -n \
			-o "ldap replication sleep = 1000" -n \
			-o "ldap passwd sync = true" -n \
			-o "ldapsam:trusted = true" -n \
			-o "ldap ssl = no" -n \
		-b \
		-m "//samba/auxparam" \
			-v "." -n \
		-b \
		-n \
		-m "//samba/share" \
			-v "concat('[',name,']')" -n \
			-v "concat('comment = ',comment)" -n \
			-v "concat('path = ',path)" -n \
			-o "writeable = yes" -n \
			-o "printable = no" -n \
			-o "veto files = /.snap/" -n \
			-o "hide dot files = yes" -n \
			-i "//samba/security[. = 'share']" \
				-o "guest ok = yes" -n \
			-b \
			-i "//samba/security[. = 'domain']" \
				-o "guest ok = no" -n \
			-b \
			-i "//samba/security[. = 'user']" \
				-o "guest ok = no" -n \
			-b \
			-i "count(browseable) = 0" \
				-o "browseable = no" -n \
			-b \
			-i "count(inheritpermissions) > 0" \
				-o "inherit permissions = yes" -n \
			-b \
			-i "count(recyclebin) > 0" \
				-o "vfs objects = recycle" -n \
				-o "recycle:keeptree = yes" -n \
				-o "recycle:versions = yes" -n \
			-b \
			-i "count(//afp/enable) > 0" \
				-o "#vfs objects = netatalk" -n \
			-b \
			-m "auxparam" \
				-v "." -n \
			-b \
			-i "string-length(hostsallow) > 0" \
				-v "concat('hosts allow = ',hostsallow)" -n \
			-b \
			-i "string-length(hostsdeny) > 0" \
				-v "concat('hosts deny = ',hostsdeny)" -n \
			-b \
			-n \
		-b \
		${configxml_file} | /usr/local/bin/xml unesc > ${samba_config}
}

samba_start_precmd() {
	create_conf

	# XXX: Never delete winbindd_idmap, winbindd_cache and group_mapping
	if [ -n "${samba_lockdir}" -a -d "${samba_lockdir}" ]; then
		echo -n "Removing stale Samba tdb files: "
		for file in brlock.tdb browse.dat connections.tdb gencache.tdb \
				locking.tdb messages.tdb namelist.debug sessionid.tdb \
				unexpected.tdb
		do
	    rm "${samba_lockdir}/${file}" </dev/null 2>/dev/null && echo -n '.'
		done
		echo " done"
	fi
}

samba_rcvar_cmd() {
	# Prevent recursive calling
	unset "${rc_arg}_cmd" "${rc_arg}_precmd" "${rc_arg}_postcmd"
	# Check master variable
	echo "# ${name}"
	if [ -n "${rcvar}" ]; then
		# Use original configured value
		if checkyesno "real_${rcvar}"; then
			echo "\$${rcvar}=YES"
		else
			echo "\$${rcvar}=NO"
		fi
	fi
	# Check dependent variables
	samba_cmd "${_rc_prefix}${rc_arg}" ${rc_extra_args}
}

samba_cmd() {
	local name rcvar command pidfile samba_daemons

	# Prevent recursive calling
	unset "${rc_arg}_cmd" "${rc_arg}_precmd" "${rc_arg}_postcmd"

	# Stop processes in the reverse to order
	if [ "${rc_arg}" = "stop" ]; then
		samba_daemons=$(reverse_list ${samba_daemons})
	fi

	# Start additional processes when starting
	if [ "${rc_arg}" = "start" ]; then
		if [ 0 -eq ${ad_enable} ]; then
			local _srvname=`configxml_get "//ad/ad_srv_name"`
			local _username=`configxml_get "//ad/admin_name"`
			local _password=`configxml_get "//ad/admin_pass"`
			/usr/local/bin/net rpc join -S ${_srvname} -U ${_username}%${_password}
		fi
 		if [ 0 -eq ${ldap_enable} ]; then
			local _password=`configxml_get "//ldap/bindpw"`
			/usr/local/bin/smbpasswd -w ${_password}
		fi
	fi

	# Apply to all the daemons
	for name in ${samba_daemons}; do
		rcvar=$(set_rcvar)
		command="/usr/local/sbin/${name}"
		pidfile="${samba_piddir}/${name}${pid_extra}.pid"
		run_rc_command "${_rc_prefix}${rc_arg}" ${rc_extra_args}
	done

	# Start additional processes when starting
	if [ "${rc_arg}" = "start" ]; then
		/etc/rc.d/smbpasswd
	fi
}

run_rc_command "$1"
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.