Menu

[r8510]: / experimental / samba3 / files / samba.in  Maximize  Restore  History

Download this file

364 lines (337 with data), 11.7 kB 

#!/bin/sh
# Copyright (c) 2007-2009 Volker Theile (votdev@gmx.de)
# All rights reserved.

# PROVIDE: nmbd smbd winbindd
# REQUIRE: NETWORKING SERVERS DAEMON resolv
# BEFORE: LOGIN
# KEYWORD: shutdown
# XQUERY: -i "count(//samba/enable) > 0" -o "0" -b
# RCVAR: samba

. /etc/rc.subr
. /etc/configxml.subr

name="samba"
rcvar=$(set_rcvar)

load_rc_config "${name}"

# Custom commands
extra_commands="reload status mkconf"
start_precmd="samba_start_precmd"
start_cmd="samba_cmd"
stop_cmd="samba_cmd"
status_cmd="samba_cmd"
reload_cmd="samba_reload_cmd"
rcvar_cmd="samba_rcvar_cmd"
mkconf_cmd="samba_mkconf_cmd"

# Defaults
samba_enable="${samba_enable:=NO}"
samba_config_default="/var/etc/smb.conf"
samba_config="${samba_config=${samba_config_default}}"
command_args="${samba_config:+-s "${samba_config}"}"			#"
samba_daemons="nmbd smbd winbindd"
smbcontrol_command="/usr/bin/smbcontrol"
samba_logdir="${samba_logdir=/var/log/samba}"
samba_lockdir="${samba_lockdir=/var/db/samba}"
samba_piddir="${samba_piddir=/var/run}"
samba_recycle_repository="${samba_recycle_repository:-".recycle/%U"}"
samba_recycle_directory_mode="${samba_recycle_directory_mode:-"0777"}"
samba_recycle_subdir_mode="${samba_recycle_subdir_mode:-"0700"}"
samba_idmap_range="${samba_idmap_range:-"10000-999999"}"
samba_idmap_uid="${samba_idmap_uid:-"10000-999999"}"
samba_idmap_gid="${samba_idmap_gid:-"10000-999999"}"

# Check if 'Active Directory' is enabled?
configxml_isset //ad/enable
samba_idmap=$?

# Check if 'LDAP' is enabled?
configxml_isset //ldap/enable
samba_ldap=$?

# Disable AD if LDAP enabled:
if [ 0 -eq ${samba_ldap} ]; then
	samba_idmap=1
fi

# Create required directories.
[ ! -d "${samba_logdir}" ] && mkdir "${samba_logdir}"
[ ! -d "${samba_lockdir}" ] && mkdir "${samba_lockdir}"

# Setup dependent variables
if [ -n "${rcvar}" ] && checkyesno "${rcvar}"; then
    nmbd_enable="${nmbd_enable=YES}"
    smbd_enable="${smbd_enable=YES}"
    # Check that winbindd is actually configured
    if [ 0 -eq ${samba_idmap} ]; then
			winbindd_enable="${winbindd_enable=YES}"
		fi
fi

# Hack to work around name change of pid file with non-default config
pid_extra=
if [ -n "${samba_config}" -a "${samba_config}" != "${samba_config_default}" ]; then
    pid_extra="-$(basename "${samba_config}")"
fi

# Hack to enable check of dependent variables
eval real_${rcvar}="\${${rcvar}:=NO}"	${rcvar}="YES"

# Defaults for dependent variables
nmbd_enable="${nmbd_enable:=NO}"
nmbd_flags="${nmbd_flags=\"-D\"}"
smbd_enable="${smbd_enable:=NO}"
smbd_flags="${smbd_flags=\"-D\"}"
winbindd_enable="${winbindd_enable:=NO}"
winbindd_flags="${winbindd_flags=''}"

# Requirements
required_files="${samba_config}"
required_dirs="${samba_lockdir}"

samba_mkconf_cmd()
{
	# Create smb.conf file
	/usr/local/bin/xml sel -t \
		-o "[global]" -n \
		-o "encrypt passwords = yes" -n \
		-v "concat('netbios name = ',//samba/netbiosname)" -n \
		-v "concat('workgroup = ',//samba/workgroup)" -n \
		-v "concat('server string = ',//samba/serverdesc)" -n \
		-v "concat('security = ',//samba/security)" -n \
		-o "dns proxy = no" -n \
		-o "# Settings to enhance performance:" -n \
		-i "count(//samba/usesendfile) > 0" \
			-o "use sendfile = yes" -n \
		-b \
		-o "strict locking = no" -n \
		-o "read raw = yes" -n \
		-o "write raw = yes" -n \
		-o "oplocks = yes" -n \
		-o "max xmit = 65535" -n \
		-o "deadtime = 15" -n \
		-o "getwd cache = yes" -n \
		-o "socket options = IPTOS_LOWDELAY TCP_NODELAY " \
		-i "string-length(//samba/sndbuf) > 0" \
			-v "concat('SO_SNDBUF=',//samba/sndbuf,' ')" \
		-b \
		-i "string-length(//samba/sndbuf) = 0" \
			-o "SO_SNDBUF=16384 " \
		-b \
		-i "string-length(//samba/rcvbuf) > 0" \
			-v "concat('SO_RCVBUF=',//samba/rcvbuf,' ')" \
		-b \
		-i "string-length(//samba/rcvbuf) = 0" \
			-o "SO_RCVBUF=16384 " \
		-b \
		-n -o "# End of performance section" -n \
		-i "string-length(//samba/winssrv) > 0" \
			-v "concat('wins server = ',//samba/winssrv)" -n \
		-b \
		-i "string-length(//samba/unixcharset) > 0" \
			-v "concat('unix charset = ',//samba/unixcharset)" -n \
		-b \
		-i "string-length(//samba/unixcharset) = 0" \
			-o "unix charset = UTF-8" -n \
		-b \
		-i "count(//samba/largereadwrite) = 0" \
			-o "large readwrite = no" -n \
		-b \
		-i "count(//samba/easupport) > 0" \
			-o "ea support = yes" -n \
		-b \
		-i "count(//samba/storedosattributes) > 0" \
			-o "store dos attributes = yes" -n \
		-b \
		-v "concat('local master = ',//samba/localmaster)" -n \
		-v "concat('time server = ',//samba/timesrv)" -n \
		-i "string-length(//samba/guestaccount) > 0" -v "concat('guest account = ',//samba/guestaccount)" -n -b \
		-i "string-length(//samba/guestaccount) = 0" -o "guest account = ftp" -n -b \
		-i "count(nullpasswords) > 0" -o "null passwords = yes" -n -b \
		-o "display charset = LOCALE" -n \
		-o "max log size = 10" -n \
		-o "syslog only = yes" -n \
		-v "concat('syslog = ',//samba/loglevel)" -n \
		-o "load printers = no" -n \
		-o "printing = bsd" -n \
		-o "printcap name = /dev/null" -n \
		-o "disable spoolss = yes" -n \
		-v "concat('log level = ',//samba/loglevel)" -n \
		-v "concat('dos charset = ',//samba/doscharset)" -n \
		-o "smb passwd file = /var/etc/private/smbpasswd" -n \
		-o "private dir = /var/etc/private" -n \
		-i "//samba/security[. = 'share']" \
			-o "passdb backend = smbpasswd" -n \
			-i "string-length(//samba/createmask) > 0" -v "concat('create mask = ',//samba/createmask)" -n -b \
			-i "string-length(//samba/createmask) = 0" -o "create mask = 0666" -n -b \
			-i "string-length(//samba/directorymask) > 0" -v "concat('directory mask = ',//samba/directorymask)" -n -b \
			-i "string-length(//samba/directorymask) = 0" -o "directory mask = 0777" -n -b \
			-o "force user = ftp" -n \
			-o "force group = ftp" -n \
		-b \
		-i "//samba/security[. = 'domain']" \
			-o "passdb backend = smbpasswd" -n \
			-o "allow trusted domains = no" -n \
			-o "dns proxy = no" -n \
			-o "ldap ssl = no" -n \
			-v "concat('idmap domains = ',//ad/domainname_netbios)" -n \
			-v "concat('idmap config ',//ad/domainname_netbios,':backend = rid')" -n \
			-v "concat('idmap config ',//ad/domainname_netbios,':range = ${samba_idmap_range}')" -n \
			-o "idmap uid = ${samba_idmap_uid}" -n \
			-o "idmap gid = ${samba_idmap_gid}" -n \
			-o "winbind enum groups = yes" -n \
			-o "winbind enum users = yes" -n \
			-o "winbind use default domain = yes" -n \
			-o "template homedir = /mnt" -n \
			-o "template shell = /bin/sh" -n \
		-b \
		-i "//samba/security[. = 'user']" \
			-i "count(//ldap/enable) = 0" \
				-o "passdb backend = smbpasswd" -n \
			-b \
			-i "count(//ldap/enable) > 0" \
				-v "concat('passdb backend = ldapsam:"ldap://',//ldap/hostname,'"')" -n \
				-v "concat('ldap admin dn = ',//ldap/rootbinddn)" -n \
				-v "concat('ldap suffix = ',//ldap/base)" -n \
				-v "concat('ldap user suffix = ',//ldap/user_suffix)" -n \
				-v "concat('ldap group suffix = ',//ldap/group_suffix)" -n \
				-v "concat('ldap machine suffix = ',//ldap/machine_suffix)" -n \
				-o "ldap replication sleep = 1000" -n \
				-o "ldap passwd sync = yes" -n \
				-o "ldap ssl = no" -n \
				-o "ldapsam:trusted = yes" -n \
				-o "idmap uid = ${samba_idmap_uid}" -n \
				-o "idmap gid = ${samba_idmap_gid}" -n \
			-b \
		-b \
		-m "//samba/auxparam" \
			-v "." -n \
		-b \
		-n \
		-m "//samba/share" \
			-v "concat('[',name,']')" -n \
			-v "concat('comment = ',comment)" -n \
			-v "concat('path = ',path)" -n \
			-i "count(readonly) = 0" \
				-o "writeable = yes" -n \
			-b \
			-o "printable = no" -n \
			-o "veto files = /.snap/" -n \
			-i "count(hidedotfiles) > 0" \
				-o "hide dot files = yes" -n \
			-b \
			-i "count(hidedotfiles) = 0" \
				-o "hide dot files = no" -n \
			-b \
			-i "//samba/security[. = 'share']" \
				-o "guest ok = yes" -n \
			-b \
			-i "//samba/security[. = 'domain']" \
				-o "guest ok = no" -n \
			-b \
			-i "//samba/security[. = 'user']" \
				-o "guest ok = no" -n \
			-b \
			-i "count(browseable) = 0" \
				-o "browseable = no" -n \
			-b \
			-i "count(inheritpermissions) > 0" \
				-o "inherit permissions = yes" -n \
			-b \
			-i "count(recyclebin) > 0" \
				-o "vfs objects = recycle" -n \
				-o "recycle:repository = ${samba_recycle_repository}" -n \
				-o "recycle:keeptree = yes" -n \
				-o "recycle:versions = yes" -n \
				-o "recycle:touch = yes" -n \
				-o "recycle:directory_mode = ${samba_recycle_directory_mode}" -n \
				-o "recycle:subdir_mode = ${samba_recycle_subdir_mode}" -n \
			-b \
			-i "count(//afp/enable) > 0" \
				-o "#vfs objects = netatalk" -n \
			-b \
			-m "auxparam" \
				-v "." -n \
			-b \
			-i "string-length(hostsallow) > 0" \
				-v "concat('hosts allow = ',hostsallow)" -n \
			-b \
			-i "string-length(hostsdeny) > 0" \
				-v "concat('hosts deny = ',hostsdeny)" -n \
			-b \
			-n \
		-b \
		${configxml_file} | /usr/local/bin/xml unesc > ${samba_config}
}

samba_start_precmd() {
	# XXX: Never delete winbindd_idmap, winbindd_cache and group_mapping
	if [ -n "${samba_lockdir}" -a -d "${samba_lockdir}" ]; then
		echo -n "Removing stale Samba tdb files: "
		for file in brlock.tdb browse.dat connections.tdb gencache.tdb \
				locking.tdb messages.tdb namelist.debug sessionid.tdb \
				unexpected.tdb
		do
	    rm "${samba_lockdir}/${file}" </dev/null 2>/dev/null && echo -n '.'
		done
		echo " done"
	fi
}

samba_rcvar_cmd() {
	# Prevent recursive calling
	unset "${rc_arg}_cmd" "${rc_arg}_precmd" "${rc_arg}_postcmd"
	# Check master variable
	echo "# ${name}"
	if [ -n "${rcvar}" ]; then
		# Use original configured value
		if checkyesno "real_${rcvar}"; then
			echo "\$${rcvar}=YES"
		else
			echo "\$${rcvar}=NO"
		fi
	fi
	# Check dependent variables
	samba_cmd "${_rc_prefix}${rc_arg}" ${rc_extra_args}
}

samba_reload_cmd() {
	local name rcvar command pidfile
	# Prevent recursive calling
	unset "${rc_arg}_cmd" "${rc_arg}_precmd" "${rc_arg}_postcmd"
	# Apply to all the daemons
	for name in ${samba_daemons}; do
		rcvar=$(set_rcvar)
		command="/usr/local/sbin/${name}"
		pidfile="${samba_piddir}/${name}${pid_extra}.pid"
		# Daemon should be enabled and running
		if [ -n "${rcvar}" ] && checkyesno "${rcvar}"; then
			if [ -n "$(check_pidfile "${pidfile}" "${command}")" ]; then
				debug "reloading ${name} configuration"
				echo "Reloading ${name}."
				# XXX: Hack with pid_extra
				"${smbcontrol_command}" "${name}${pid_extra}" 'reload-config' ${command_args} >/dev/null 2>&1
			fi
		fi
	done
}

samba_cmd() {
	local name rcvar command pidfile samba_daemons
	# Prevent recursive calling
	unset "${rc_arg}_cmd" "${rc_arg}_precmd" "${rc_arg}_postcmd"
	# Stop processes in the reverse to order
	if [ "${rc_arg}" = "stop" ]; then
		samba_daemons=$(reverse_list ${samba_daemons})
	fi

	# Start additional processes when starting
	if [ "${rc_arg}" = "start" ]; then
		if [ 0 -eq ${samba_idmap} ]; then
			local _srvname=`configxml_get "//ad/domaincontrollername"`
			local _username=`configxml_get "//ad/username"`
			local _password=`configxml_get "//ad/password"`
			/usr/local/bin/net rpc join -S ${_srvname} -U ${_username}%${_password}
		fi
 		if [ 0 -eq ${samba_ldap} ]; then
			local _password=`configxml_get "//ldap/rootbindpw"`
			/usr/local/bin/smbpasswd -w ${_password}
		fi
	fi

	# Apply to all the daemons
	for name in ${samba_daemons}; do
		rcvar=$(set_rcvar)
		command="/usr/local/sbin/${name}"
		pidfile="${samba_piddir}/${name}${pid_extra}.pid"

		run_rc_command "${_rc_prefix}${rc_arg}" ${rc_extra_args}
	done

	# Start additional processes when starting
	if [ "${rc_arg}" = "start" ]; then
		/etc/rc.d/smbpasswd
	fi
}

# Create required config file
samba_mkconf_cmd

run_rc_command "$1"
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.