mirror of
https://dev.iopsys.eu/feed/iopsys.git
synced 2025-12-10 07:44:50 +01:00
6a713b2933
If the path is still outside /mnt/ after all the previous checks and enforces have been applied, overwrite the path to "/mnt/". This is usefull in the following scenario: - "/mnt/tmp" is a soft link to "/tmp" - $path is pushed from the web gui as "/" - $dirpath is pushed from the web gui as "tmp" The init script prepends "/mnt/", the $path becomes "/mnt/tmp". Further, the smb.conf would receive "path = /mnt/tmp" and samba would export for share "/tmp". A while-loop (that always prepends "/mnt/" to $(readlink -f $path) if it does not start with "/mnt") would not prevent this case exactly because the soft link and the target directory have the same name, thus the loop would never end.
178 lines
4.4 KiB
Bash
Executable file
178 lines
4.4 KiB
Bash
Executable file
#!/bin/sh /etc/rc.common
|
|
# Copyright (C) 2008-2012 OpenWrt.org
|
|
|
|
START=60
|
|
STOP=40
|
|
USE_PROCD=1
|
|
|
|
useradd()
|
|
{
|
|
local user
|
|
local password
|
|
config_get user $1 user
|
|
config_get password $1 password
|
|
if ! $(grep -rq "^$user:" /etc/passwd) ; then
|
|
echo "adding user $user"
|
|
adduser $user -s /bin/false -D -H -h /mnt/$user -g "samba,pass=$password" && smbpasswd $user $password
|
|
else
|
|
tmp=$(grep -r "^$user:" /etc/passwd | cut -d":" -f5)
|
|
if $(echo $tmp | grep -rq "^samba") ; then
|
|
if [ "$tmp" != "samba,pass=$password" ] ; then
|
|
echo "change user $user"
|
|
deluser $user
|
|
adduser $user -s /bin/false -D -H -h /mnt/$user -g "samba,pass=$password" && smbpasswd $user $password
|
|
fi
|
|
else
|
|
echo "activating samba for system user $user"
|
|
smbpasswd $user $password
|
|
fi
|
|
fi
|
|
}
|
|
|
|
samba_user_exists()
|
|
{
|
|
local user
|
|
config_get user $1 user
|
|
[ "$user" == "$2" ] && echo "1" && break
|
|
}
|
|
|
|
purgepasswd()
|
|
{
|
|
for us in `grep -r "^.*:" /etc/samba/smbpasswd | cut -d":" -f1`; do
|
|
if [ -z "$(config_foreach samba_user_exists sambausers $us)" ] ; then
|
|
smbpasswd -del $us
|
|
grep -r "^$us:" /etc/passwd | cut -d":" -f5 | grep -rq "^samba" && deluser $us
|
|
fi
|
|
done
|
|
|
|
# delete left over samba users in case they were not in /etc/samba/smbpasswd
|
|
for us in `grep ":/mnt/" /etc/passwd | cut -d":" -f1`; do
|
|
deluser $us
|
|
done
|
|
}
|
|
|
|
smb_header() {
|
|
local interface
|
|
config_get interface $1 interface
|
|
|
|
# resolve interfaces
|
|
local interfaces=$(
|
|
. /lib/functions/network.sh
|
|
|
|
local net
|
|
for net in $interface; do
|
|
local device
|
|
network_get_device device "$net" && {
|
|
local subnet
|
|
network_get_subnet subnet "$net" && echo -n "$subnet "
|
|
network_get_subnet6 subnet "$net" && echo -n "$subnet "
|
|
}
|
|
|
|
echo -n "${device:-$net} "
|
|
done
|
|
)
|
|
|
|
local name workgroup description charset
|
|
local hostname="$(uci_get system.@system[0].hostname)"
|
|
|
|
config_get name $1 name "${hostname:-OpenWrt}"
|
|
config_get workgroup $1 workgroup "${hostname:-OpenWrt}"
|
|
config_get description $1 description "Samba on ${hostname:-OpenWrt}"
|
|
config_get charset $1 charset "UTF-8"
|
|
|
|
mkdir -p /var/etc
|
|
sed -e "s#|NAME|#$name#g" \
|
|
-e "s#|WORKGROUP|#$workgroup#g" \
|
|
-e "s#|DESCRIPTION|#$description#g" \
|
|
-e "s#|INTERFACES|#$interfaces#g" \
|
|
-e "s#|CHARSET|#$charset#g" \
|
|
/etc/samba/smb.conf.template > /var/etc/smb.conf
|
|
|
|
local homes
|
|
config_get_bool homes $1 homes 0
|
|
[ $homes -gt 0 ] && {
|
|
cat <<EOT >> /var/etc/smb.conf
|
|
|
|
[homes]
|
|
comment = Home Directories
|
|
browsable = no
|
|
read only = no
|
|
create mode = 0750
|
|
EOT
|
|
}
|
|
|
|
[ -L /etc/samba/smb.conf ] || $(rm -f /etc/samba/smb.conf; ln -nsf /var/etc/smb.conf /etc/samba/smb.conf)
|
|
}
|
|
|
|
smb_add_share() {
|
|
local name
|
|
local path
|
|
local users
|
|
local read_only
|
|
local guest_ok
|
|
local create_mask
|
|
local dir_mask
|
|
local browseable
|
|
local dirpath
|
|
|
|
config_get name $1 name
|
|
config_get path $1 path
|
|
config_get users $1 users
|
|
config_get read_only $1 read_only
|
|
config_get guest_ok $1 guest_ok
|
|
config_get create_mask $1 create_mask
|
|
config_get dir_mask $1 dir_mask
|
|
config_get browseable $1 browseable
|
|
config_get dirpath $1 dirpath
|
|
|
|
[ -z "$name" -o -z "$path" ] && return
|
|
|
|
path="$path/$dirpath"
|
|
path=$(readlink -f $path)
|
|
|
|
# restrict the shared paths to always be under /mnt/ tree
|
|
[ "${path:0:4}" == "/mnt" ] || path="/mnt/"$path
|
|
|
|
# if the real path is still not under /mnt/, overwrite it completely
|
|
# (very unlikely case, but possible). increases security
|
|
path=$(readlink -f $path)
|
|
[ "${path:0:4}" == "/mnt" ] || path="/mnt/"
|
|
|
|
echo -e "\n[$name]\n\tpath = $path" >> /var/etc/smb.conf
|
|
[ -n "$users" ] && echo -e "\tvalid users = $users" >> /var/etc/smb.conf
|
|
[ -n "$read_only" ] && echo -e "\tread only = $read_only" >> /var/etc/smb.conf
|
|
[ -n "$guest_ok" ] && echo -e "\tguest ok = $guest_ok" >> /var/etc/smb.conf
|
|
[ -n "$create_mask" ] && echo -e "\tcreate mask = $create_mask" >> /var/etc/smb.conf
|
|
[ -n "$dir_mask" ] && echo -e "\tdirectory mask = $dir_mask" >> /var/etc/smb.conf
|
|
[ -n "$browseable" ] && echo -e "\tbrowseable = $browseable" >> /var/etc/smb.conf
|
|
}
|
|
|
|
start_service() {
|
|
config_load samba
|
|
purgepasswd
|
|
config_foreach useradd sambausers
|
|
config_foreach smb_header samba
|
|
config_foreach smb_add_share sambashare
|
|
|
|
procd_open_instance
|
|
procd_set_param command "/bin/smbd" -F
|
|
procd_close_instance
|
|
|
|
procd_open_instance
|
|
procd_set_param command "/bin/nmbd" -F
|
|
procd_close_instance
|
|
}
|
|
|
|
stop_service() {
|
|
service_stop /bin/smbd
|
|
service_stop /bin/nmbd
|
|
}
|
|
|
|
reload_service() {
|
|
stop
|
|
start
|
|
}
|
|
|
|
service_triggers() {
|
|
procd_add_reload_trigger samba network
|
|
}
|