Reasons:
- Privileged action security: restoring Samba configuration from a backup file
could expose any folder in OS and allows to run any commmand as a root user.
- Samba backups aren't so useful as only app configuration is included.
Configured shares are trivial to enable without backups. Also, providing
backups could be misleading as stored user files aren't actually backupped.
Tests performed:
- All Samba functional tests pass.
- Restoring from an old backup that also includes Samba is not failing,
restoring Samba is skipped.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Disable and mask the nmb service, which is alias to the already
disabled nmbd service.
Tests performed:
- Upgrading Samba app works.
- Systemd doesn't show nmb.service in erroneous state after upgrade.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
NetBIOS was used with now deprecated SMB1 protocol.
Tests performed:
- Windows 10 can access shares when the nmbd service is disabled.
- In stable and testing containers, all the samba module tests pass.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Also:
- Remove addressses [fc00::]/7 and [fe80::] from `allow hosts`, as
those had no effect as described in #2334.
- Remove unknown parameter `access control = yes` from Samba
configuration.
Tests performed in a stable container:
- After Samba app upgrade was performed, enabled Samba Home share.
- Using the `testparm` command, checked that the share is accessible
from ::1 IPv6 address:
```
> sudo testparm -s /etc/samba/smb-freedombox.conf host-ip ::1
Allow connection from host-ip (::1) to disk_home
> sudo testparm -s /etc/samba/smb-freedombox.conf host-ip ::2
Denied connection from host-ip (::2)
Deny connection from host-ip (::2) to disk_home
```
- Checked that when `ping localhost` returns ::1 in the container,
all the Samba tests pass.
Closes#2334.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Tests:
- Uninstall samba. Notice that /etc/default/samba and
/etc/samba/smb-freedombox.conf are removed.
- Reinstall samba and notice that the two files are restored to their expected
content.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Drop all Samba shares when app is uninstalled
Test:
1. Install app, enable Open Share and Group Share
2. Reinstall app and confirm all shares get dropped
Signed-off-by: nbenedek <contact@nbenedek.me>
[sunil: Update docstrings]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
The reason for this patch is explained in issue #789 .
See also: !2250
Signed-off-by: nbenedek <contact@nbenedek.me>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
[jvalleroy: Don't enable app when upgrading]
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests work (uninstall fails)
- Initial setup works
- File /etc/default/samba is updated
- Dump and restore share during backup/restore works
- Setup run successfully during restore
- /var/lib/plinth/backups-data/samba-shares-dump.conf
- Adding/deleting a share works
- Not tested: Add a share on ntfs or vfat file system works
- Showing list of shares in app view works
- Getting list of samba users in app view works
- Handling errors during add/delete share works
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>