From 9bc07f60ed265c9be035fb4718bf977daf9d675d Mon Sep 17 00:00:00 2001
From: Veiko Aasa <veiko17@disroot.org>
Date: Sat, 16 Mar 2024 12:23:50 +0200
Subject: [PATCH] samba: Fix Samba not accessible from IPv6 localhost ::1
 address

Also:
 - Remove addressses [fc00::]/7 and [fe80::] from `allow hosts`, as
those had no effect as described in #2334.
 - Remove unknown parameter `access control = yes` from Samba
configuration.

Tests performed in a stable container:

- After Samba app upgrade was performed, enabled Samba Home share.

- Using the `testparm` command, checked that the share is accessible
from ::1 IPv6 address:
```
> sudo testparm -s /etc/samba/smb-freedombox.conf  host-ip ::1
Allow connection from host-ip (::1) to disk_home

> sudo testparm -s /etc/samba/smb-freedombox.conf  host-ip ::2
Denied connection from host-ip (::2)
Deny connection from host-ip (::2) to disk_home
```

- Checked that when `ping localhost` returns ::1 in the container,
all the Samba tests pass.

Closes #2334.

Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
---
 plinth/modules/samba/__init__.py   | 2 +-
 plinth/modules/samba/privileged.py | 3 +--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/plinth/modules/samba/__init__.py b/plinth/modules/samba/__init__.py
index f81cd5d88..da213d0b1 100644
--- a/plinth/modules/samba/__init__.py
+++ b/plinth/modules/samba/__init__.py
@@ -41,7 +41,7 @@ class SambaApp(app_module.App):
 
     app_id = 'samba'
 
-    _version = 3
+    _version = 4
 
     def __init__(self) -> None:
         """Create components for the app."""
diff --git a/plinth/modules/samba/privileged.py b/plinth/modules/samba/privileged.py
index cb10482b4..c29e2f6cf 100644
--- a/plinth/modules/samba/privileged.py
+++ b/plinth/modules/samba/privileged.py
@@ -45,8 +45,7 @@ CONF = r'''
    # https://en.wikipedia.org/wiki/Private_network
    # https://en.wikipedia.org/wiki/Link-local_address
    # https://en.wikipedia.org/wiki/Unique_local_address
-   access control = yes
-   hosts allow = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 169.254.0.0/16 [::1] [fc00::]/7 [fe80::]
+   hosts allow = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 169.254.0.0/16 ::1
    hosts deny = all
 '''  # noqa: E501