#!/usr/bin/python3 # # This file is part of FreedomBox. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as # published by the Free Software Foundation, either version 3 of the # License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . # """ Configuration helper for samba. """ import argparse import configparser import json import os import shutil import stat import subprocess import augeas from plinth import action_utils from plinth.modules.samba.manifest import SHARES_CONF_BACKUP_FILE, SHARES_PATH DEFAULT_FILE = '/etc/default/samba' CONF_PATH = '/etc/samba/smb-freedombox.conf' CONF = r''' # # This file is managed and overwritten by Plinth. If you wish to manage # Samba yourself, disable Samba in Plinth, remove this file and remove # line with --configfile parameter in /etc/default/samba. # # Configuration parameters which differ from Debian default configuration # are commented. To view configured samba shares use command `net conf list`. # [global] workgroup = WORKGROUP log file = /var/log/samba/log.%m max log size = 1000 logging = file panic action = /usr/share/samba/panic-action %d server role = standalone server obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user # connection inactivity timeout in minutes deadtime = 5 # enable registry based shares registry shares = yes ''' # noqa: E501 def parse_arguments(): """Return parsed command line arguments as dictionary.""" parser = argparse.ArgumentParser() subparsers = parser.add_subparsers(dest='subcommand', help='Sub command') subparsers.add_parser('setup', help='Configure samba after install') subparsers.add_parser('get-shares', help='Get configured samba shares') subparser = subparsers.add_parser('add-share', help='Add new samba share') subparser.add_argument('--mount-point', help='Path of the mount point', required=True) subparser.add_argument('--windows-filesystem', required=False, default=False, action='store_true', help='Path is Windows filesystem') subparser = subparsers.add_parser( 'delete-share', help='Delete a samba share configuration') subparser.add_argument('--mount-point', help='Path of the mount point', required=True) subparsers.add_parser('dump-shares', help='Dump share configuration to file') subparsers.add_parser('restore-shares', help='Restore share configuration from file') subparsers.required = True return parser.parse_args() def _close_share(share_name): """Disconnect all samba users who are connected to the share.""" subprocess.check_call(['smbcontrol', 'smbd', 'close-share', share_name]) def _conf_command(parameters, **kwargs): """Run samba configuration registry command.""" subprocess.check_call(['net', 'conf'] + parameters, **kwargs) def _create_share(mount_point, windows_filesystem=False): """Create a samba share.""" open_share_path = os.path.join(mount_point, SHARES_PATH, 'open_share') os.makedirs(open_share_path, exist_ok=True) _make_mounts_readable_by_others(mount_point) # FAT and NTFS partitions don't support chown and chmod if not windows_filesystem: shutil.chown(open_share_path, group='sambashare') os.chmod(open_share_path, 0o2775) share_name = _create_share_name(mount_point) _define_open_share(share_name, open_share_path, windows_filesystem) def _create_share_name(mount_point): """Create a share name.""" share_name = os.path.basename(mount_point) if not share_name: share_name = 'disk' return share_name def _define_open_share(name, path, windows_filesystem=False): """Define an open samba share.""" try: _conf_command(['delshare', name], stderr=subprocess.DEVNULL) except subprocess.CalledProcessError: pass _conf_command(['addshare', name, path, 'writeable=y', 'guest_ok=y']) if not windows_filesystem: _conf_command(['setparm', name, 'force group', 'sambashare']) _conf_command(['setparm', name, 'inherit permissions', 'yes']) def _get_shares(): """Get shares.""" shares = [] output = subprocess.check_output(['net', 'conf', 'list']) config = configparser.ConfigParser() config.read_string(output.decode()) for name in config.sections(): mount_point = config[name]['path'].split(SHARES_PATH)[0] mount_point = os.path.normpath(mount_point) shares.append(dict(name=name, mount_point=mount_point)) return shares def _make_mounts_readable_by_others(mount_point): """Make mounted devices readable/traversible by others.""" dirname = os.path.dirname(mount_point) stats = os.stat(dirname) os.chmod(dirname, stats.st_mode | stat.S_IROTH | stat.S_IXOTH) def _use_config_file(conf_file): """Set samba configuration file location.""" aug = augeas.Augeas( flags=augeas.Augeas.NO_LOAD + augeas.Augeas.NO_MODL_AUTOLOAD) aug.set('/augeas/load/Shellvars/lens', 'Shellvars.lns') aug.set('/augeas/load/Shellvars/incl[last() + 1]', DEFAULT_FILE) aug.load() aug.set('/files' + DEFAULT_FILE + '/SMBDOPTIONS', '--configfile={0}'.format(conf_file)) aug.save() def _validate_mount_point(path): """Validate that given path string is a mount point.""" if path != '/': parent_path = os.path.dirname(path) if os.stat(path).st_dev == os.stat(parent_path).st_dev: raise RuntimeError('Path "{0}" is not a mount point.'.format(path)) def subcommand_add_share(arguments): """Create a samba share.""" mount_point = os.path.normpath(arguments.mount_point) _validate_mount_point(mount_point) _create_share(mount_point, arguments.windows_filesystem) def subcommand_delete_share(arguments): """Delete a samba share configuration.""" mount_point = os.path.normpath(arguments.mount_point) shares = _get_shares() for share in shares: if share['mount_point'] == mount_point: _close_share(share['name']) _conf_command(['delshare', share['name']]) break else: raise RuntimeError( 'Mount point "{0}" is not shared.'.format(mount_point)) def subcommand_get_shares(_): """Get samba shares.""" print(json.dumps(_get_shares())) def subcommand_setup(_): """Configure samba, use custom samba config file.""" with open(CONF_PATH, 'w') as file_handle: file_handle.write(CONF) _use_config_file(CONF_PATH) if action_utils.service_is_running('smbd'): action_utils.service_restart('smbd') def subcommand_dump_shares(_): """Dump registy share configuration.""" os.makedirs(os.path.dirname(SHARES_CONF_BACKUP_FILE), exist_ok=True) with open(SHARES_CONF_BACKUP_FILE, 'w') as backup_file: command = ['net', 'conf', 'list'] subprocess.run(command, stdout=backup_file, check=True) def subcommand_restore_shares(_): """Restore registy share configuration.""" if not os.path.exists(SHARES_CONF_BACKUP_FILE): raise RuntimeError( 'Backup file {0} does not exist.'.format(SHARES_CONF_BACKUP_FILE)) _conf_command(['drop']) _conf_command(['import', SHARES_CONF_BACKUP_FILE]) def main(): """Parse arguments and perform all duties.""" arguments = parse_arguments() subcommand = arguments.subcommand.replace('-', '_') subcommand_method = globals()['subcommand_' + subcommand] subcommand_method(arguments) if __name__ == '__main__': main()