nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-28 08:03:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
FreedomBox/actions/samba
Veiko Aasa dbdd482e61
samba: fixes and improvements 
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2019-12-01 11:30:35 -05:00

248 lines
8.1 KiB
Python
Executable File
Raw Blame History

#!/usr/bin/python3
#
# This file is part of FreedomBox.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
"""
Configuration helper for samba.
"""
import argparse
import configparser
import json
import os
import shutil
import stat
import subprocess
import augeas
from plinth import action_utils
from plinth.modules.samba.manifest import SHARES_CONF_BACKUP_FILE, SHARES_PATH
DEFAULT_FILE = '/etc/default/samba'
CONF_PATH = '/etc/samba/smb-freedombox.conf'
CONF = r'''
#
# This file is managed and overwritten by Plinth. If you wish to manage
# Samba yourself, disable Samba in Plinth, remove this file and remove
# line with --configfile parameter in /etc/default/samba.
#
# Configuration parameters which differ from Debian default configuration
# are commented. To view configured samba shares use command `net conf list`.
#
[global]
workgroup = WORKGROUP
log file = /var/log/samba/log.%m
max log size = 1000
logging = file
panic action = /usr/share/samba/panic-action %d
server role = standalone server
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
# connection inactivity timeout in minutes
deadtime = 5
# enable registry based shares
registry shares = yes
''' # noqa: E501
def parse_arguments():
"""Return parsed command line arguments as dictionary."""
parser = argparse.ArgumentParser()
subparsers = parser.add_subparsers(dest='subcommand', help='Sub command')
subparsers.add_parser('setup', help='Configure samba after install')
subparsers.add_parser('get-shares', help='Get configured samba shares')
subparser = subparsers.add_parser('add-share', help='Add new samba share')
subparser.add_argument('--mount-point', help='Path of the mount point',
required=True)
subparser.add_argument('--windows-filesystem', required=False,
default=False, action='store_true',
help='Path is Windows filesystem')
subparser = subparsers.add_parser(
'delete-share', help='Delete a samba share configuration')
subparser.add_argument('--mount-point', help='Path of the mount point',
required=True)
subparsers.add_parser('dump-shares',
help='Dump share configuration to file')
subparsers.add_parser('restore-shares',
help='Restore share configuration from file')
subparsers.required = True
return parser.parse_args()
def _close_share(share_name):
"""Disconnect all samba users who are connected to the share."""
subprocess.check_call(['smbcontrol', 'smbd', 'close-share', share_name])
def _conf_command(parameters, **kwargs):
"""Run samba configuration registry command."""
subprocess.check_call(['net', 'conf'] + parameters, **kwargs)
def _create_share(mount_point, windows_filesystem=False):
"""Create a samba share."""
open_share_path = os.path.join(mount_point, SHARES_PATH, 'open_share')
os.makedirs(open_share_path, exist_ok=True)
_make_mounts_readable_by_others(mount_point)
# FAT and NTFS partitions don't support chown and chmod
if not windows_filesystem:
shutil.chown(open_share_path, group='sambashare')
os.chmod(open_share_path, 0o2775)
share_name = _create_share_name(mount_point)
_define_open_share(share_name, open_share_path, windows_filesystem)
def _create_share_name(mount_point):
"""Create a share name."""
share_name = os.path.basename(mount_point)
if not share_name:
share_name = 'disk'
return share_name
def _define_open_share(name, path, windows_filesystem=False):
"""Define an open samba share."""
try:
_conf_command(['delshare', name], stderr=subprocess.DEVNULL)
except subprocess.CalledProcessError:
pass
_conf_command(['addshare', name, path, 'writeable=y', 'guest_ok=y'])
if not windows_filesystem:
_conf_command(['setparm', name, 'force group', 'sambashare'])
_conf_command(['setparm', name, 'inherit permissions', 'yes'])
def _get_shares():
"""Get shares."""
shares = []
output = subprocess.check_output(['net', 'conf', 'list'])
config = configparser.ConfigParser()
config.read_string(output.decode())
for name in config.sections():
mount_point = config[name]['path'].split(SHARES_PATH)[0]
mount_point = os.path.normpath(mount_point)
shares.append(dict(name=name, mount_point=mount_point))
return shares
def _make_mounts_readable_by_others(mount_point):
"""Make mounted devices readable/traversible by others."""
dirname = os.path.dirname(mount_point)
stats = os.stat(dirname)
os.chmod(dirname, stats.st_mode | stat.S_IROTH | stat.S_IXOTH)
def _use_config_file(conf_file):
"""Set samba configuration file location."""
aug = augeas.Augeas(
flags=augeas.Augeas.NO_LOAD + augeas.Augeas.NO_MODL_AUTOLOAD)
aug.set('/augeas/load/Shellvars/lens', 'Shellvars.lns')
aug.set('/augeas/load/Shellvars/incl[last() + 1]', DEFAULT_FILE)
aug.load()
aug.set('/files' + DEFAULT_FILE + '/SMBDOPTIONS',
'--configfile={0}'.format(conf_file))
aug.save()
def _validate_mount_point(path):
"""Validate that given path string is a mount point."""
if path != '/':
parent_path = os.path.dirname(path)
if os.stat(path).st_dev == os.stat(parent_path).st_dev:
raise RuntimeError('Path "{0}" is not a mount point.'.format(path))
def subcommand_add_share(arguments):
"""Create a samba share."""
mount_point = os.path.normpath(arguments.mount_point)
_validate_mount_point(mount_point)
_create_share(mount_point, arguments.windows_filesystem)
def subcommand_delete_share(arguments):
"""Delete a samba share configuration."""
mount_point = os.path.normpath(arguments.mount_point)
shares = _get_shares()
for share in shares:
if share['mount_point'] == mount_point:
_close_share(share['name'])
_conf_command(['delshare', share['name']])
break
else:
raise RuntimeError(
'Mount point "{0}" is not shared.'.format(mount_point))
def subcommand_get_shares(_):
"""Get samba shares."""
print(json.dumps(_get_shares()))
def subcommand_setup(_):
"""Configure samba, use custom samba config file."""
with open(CONF_PATH, 'w') as file_handle:
file_handle.write(CONF)
_use_config_file(CONF_PATH)
if action_utils.service_is_running('smbd'):
action_utils.service_restart('smbd')
def subcommand_dump_shares(_):
"""Dump registy share configuration."""
os.makedirs(os.path.dirname(SHARES_CONF_BACKUP_FILE), exist_ok=True)
with open(SHARES_CONF_BACKUP_FILE, 'w') as backup_file:
command = ['net', 'conf', 'list']
subprocess.run(command, stdout=backup_file, check=True)
def subcommand_restore_shares(_):
"""Restore registy share configuration."""
if not os.path.exists(SHARES_CONF_BACKUP_FILE):
raise RuntimeError(
'Backup file {0} does not exist.'.format(SHARES_CONF_BACKUP_FILE))
_conf_command(['drop'])
_conf_command(['import', SHARES_CONF_BACKUP_FILE])
def main():
"""Parse arguments and perform all duties."""
arguments = parse_arguments()
subcommand = arguments.subcommand.replace('-', '_')
subcommand_method = globals()['subcommand_' + subcommand]
subcommand_method(arguments)
if __name__ == '__main__':
main()
Reference in New Issue View Git Blame Copy Permalink