1. Store
  2. Apps
  3. Hardware
  4. Support
  5. Solutions

ClearFoundation

Forums
Welcome, Guest
Flexshare: add samba read list and write list
(1 viewing) 1 Guest
Go to bottomPage: 123
TOPIC: Flexshare: add samba read list and write list
#31383
Flexshare: add samba read list and write list 3 Years, 1 Month ago  
Hello,

This is my trick to implement the samba Read List and Write List to the web interface of clear os flexshare

read list
This is a list of users that are given read-only access to a service. If the connecting user is in this list then they will not be given write access, no matter what the read only option is set to. The list can include group names using the syntax described in the invalid users parameter.
This parameter will not work with the security = share in Samba 3.0. This is by design.
Default: read list =
Example: read list = mary, @students

write list
This is a list of users that are given read-write access to a service. If the connecting user is in this list then they will be given write access, no matter what the read only option is set to. The list can include group names using the @group syntax.
Note that if a user is in both the read list and the write list then they will be given write access.
By design, this parameter will not work with the security = share in Samba 3.0.
Default: write list =
Example: write list = admin, root, @staff

it is based on app-flexshare-5.2-10.i386.rpm and app-flexshare-api-5.2-10.i386.rpm

I made changes in the code of

/var/webconfig/htdocs/admin/flexshare.php
and
/var/webconfig/api/Flexshare.class.php

It works on my server !

You need to create a group for the Read List and a group for the users ine the Write List

the language files must be modified to add translations for
WEB_LANG_READ_LIST "Read List"
WEB_LANG_WRITE_LIST "Write List"
FLEXSHARE_LANG_ERRMSG_INVALID_READ_LIST "Invalid Read List"
FLEXSHARE_LANG_ERRMSG_INVALID_WRITE_LIST "Invalid Write List"

this the diff for flexshare.php
Code:


100c100
<  $flexshare->AddShare($_POST['add_name'], $_POST['add_description'], $_POST['add_group']);
---
>  $flexshare->AddShare($_POST['add_name'], $_POST['add_description'], $_POST['add_group'], $_POST['add_rgroup'], $_POST['add_wgroup']);
127a128,129
>  $flexshare->SetRGroup($name, $_POST['rgroup']);
>  $flexshare->SetWGroup($name, $_POST['wgroup']);
369a372,373
>  <td>" . $shares[$index]['RGroup'] . "</td>
>  <td>" . $shares[$index]['WGroup'] . "</td>
403a408,409
>  WEB_LANG_READ_LIST . "|" .
>  WEB_LANG_WRITE_LIST . "|" .
467a474

472a480,490
>  $add_rgroup = isset($_POST['add_rgroup']) ? $_POST['add_rgroup'] : "";

>  if (empty($add_rgroup) && in_array(Group::CONSTANT_ALL_USERS_GROUP, $groups))
>  $add_rgroup = Group::CONSTANT_ALL_USERS_GROUP;

>  $add_wgroup = isset($_POST['add_wgroup']) ? $_POST['add_wgroup'] : "";

>  if (empty($add_wgroup) && in_array(Group::CONSTANT_ALL_USERS_GROUP, $groups))
>  $add_wgroup = Group::CONSTANT_ALL_USERS_GROUP;


488a507,514
>  <td class='mytablesubheader' nowrap>" . WEB_LANG_READ_LIST . "</td>
>  <td nowrap>" . WebDropDownHash("add_rgroup", $add_rgroup, $owners) . "</td>
>  </tr>
>  <tr>
>  <td class='mytablesubheader' nowrap>" . WEB_LANG_WRITE_LIST . "</td>
>  <td nowrap>" . WebDropDownHash("add_wgroup", $add_wgroup, $owners) . "</td>
>  </tr>
>  <tr>
569a596,631
>  $rgroup_select = '';

>  // Read List
>  foreach ($groups as $group) {
>  $selected = ($group === $share['ShareRGroup']) ? "selected" : '';
>  $rgroup_select .= "<option value='" . $group . "' $selected>" . GROUP_LANG_GROUP . ' - ' . $group . "</option>\n";
>  }

>  foreach ($users as $group) {
>  $selected = ($group === $share['ShareRGroup']) ? "selected" : '';
>  $rgroup_select .= "<option value='" . $group . "' $selected>" . GROUP_LANG_USER . ' - ' . $group . "</option>\n";
>  }

>  if (empty($groups))
>  $rgroup_select = WEB_LANG_GROUP_REQUIRED . " - " . WebUrlJump("groups.php", LOCALE_LANG_CONFIGURE);
>  else
>  $rgroup_select = "<select name='rgroup'>$rgroup_select</select>";

>  //Write List
>  $wgroup_select = '';

>  foreach ($groups as $group) {
>  $selected = ($group === $share['ShareWGroup']) ? "selected" : '';
>  $wgroup_select .= "<option value='" . $group . "' $selected>" . GROUP_LANG_GROUP . ' - ' . $group . "</option>\n";
>  }

>  foreach ($users as $group) {
>  $selected = ($group === $share['ShareWGroup']) ? "selected" : '';
>  $wgroup_select .= "<option value='" . $group . "' $selected>" . GROUP_LANG_USER . ' - ' . $group . "</option>\n";
>  }

>  if (empty($groups))
>  $wgroup_select = WEB_LANG_GROUP_REQUIRED . " - " . WebUrlJump("groups.php", LOCALE_LANG_CONFIGURE);
>  else
>  $wgroup_select = "<select name='wgroup'>$wgroup_select</select>";

585a648,655
>  <td class='mytablesubheader' nowrap>" . WEB_LANG_READ_LIST . "</td>
>  <td>$rgroup_select</td>
>  </tr>
>  <tr>
>  <td class='mytablesubheader' nowrap>" . WEB_LANG_WRITE_LIST . "</td>
>  <td>$wgroup_select</td>
>  </tr>
>  <tr>



and the diff for Flexshare.class.php

Code:


165a166,167
>  const REGEX_SHARE_RGROUP = '^[[:space:]]*ShareRGroup[[:space:]]*=[[:space:]]*(.*$)';
>  const REGEX_SHARE_WGROUP = '^[[:space:]]*ShareWGroup[[:space:]]*=[[:space:]]*(.*$)';
268a271,274
>  } elseif (eregi(self::REGEX_SHARE_RGROUP, $line, $match)) {
>  $share['RGroup'] = $match[1];
>  } elseif (eregi(self::REGEX_SHARE_WGROUP, $line, $match)) {
>  $share['WGroup'] = $match[1];
307a314,315
>   * @param string $rgroup read list of the flexshare
>   * @param string $wgroup write list of the flexshare
314c322
<  function AddShare($name, $description, $group, $internal = false)
---
>  function AddShare($name, $description, $group, $rgroup, $wgroup, $internal = false)
329a338,343
>  if (! $this->IsValidGroup($rgroup))
>  throw new ValidationException(FLEXSHARE_LANG_ERRMSG_INVALID_READ_LIST);

>  if (! $this->IsValidGroup($wgroup))
>  throw new ValidationException(FLEXSHARE_LANG_ERRMSG_INVALID_WRITE_LIST);

378a393,394
>              "  ShareRGroup=$rgroup\n" .
>              "  ShareWGroup=$wgroup\n" .
1717a1734,1755

>  // Add Read list
>  $group = new Group($share['ShareRGroup']);

>  if ($group->Exists()) {
>  $linestoadd .= "\tread list = @\"%D" . '\\' . trim($share["ShareRGroup"]) . "\"\n";
>  } else {
>  $user = new User($share['ShareRGroup']);
>  if ($user->Exists())
>  $linestoadd .= "\tread list = \"%D" . '\\' . trim($share["ShareRGroup"]) . "\"\n";
>  }

>  // Add Write list
>  $group = new Group($share['ShareWGroup']);

>  if ($group->Exists()) {
>  $linestoadd .= "\twrite list = @\"%D" . '\\' . trim($share["ShareWGroup"]) . "\"\n";
>  } else {
>  $user = new User($share['ShareWGroup']);
>  if ($user->Exists())
>  $linestoadd .= "\twrite list = \"%D" . '\\' . trim($share["ShareWGroup"]) . "\"\n";
>  }
2100a2139,2192
>   * Sets a flexshare's read list.
>   *
>   * @param  string  $name  flexshare name
>   * @param  string  $group  flexshare group owner
>   * @returns  void
>   * @throws  ValidationException, EngineException
>   */

>  function SetRGroup($name, $group)
>  {
>  if (COMMON_DEBUG_MODE)
>  self::Log(COMMON_DEBUG, 'called', __METHOD__, __LINE__);

>  if (! $this->IsValidGroup($group))
>  throw new ValidationException(FLEXSHARE_LANG_ERRMSG_INVALID_GROUP);

>  if ($this->GetParameter($name, 'ShareRGroup') == $group)
>  return;

>  $this->SetParameter($name, 'ShareRGroup', $group);
>  $enabled = 0;
>  if ($this->GetParameter($name, 'ShareEnabled'))
>  $enabled = (int)$this->GetParameter($name, 'ShareEnabled');
>  $this->ToggleShare($name, $enabled, true);
>  }

>  /**
>   * Sets a flexshare's write list.
>   *
>   * @param  string  $name  flexshare name
>   * @param  string  $group  flexshare group owner
>   * @returns  void
>   * @throws  ValidationException, EngineException
>   */

>  function SetWGroup($name, $group)
>  {
>  if (COMMON_DEBUG_MODE)
>  self::Log(COMMON_DEBUG, 'called', __METHOD__, __LINE__);

>  if (! $this->IsValidGroup($group))
>  throw new ValidationException(FLEXSHARE_LANG_ERRMSG_INVALID_GROUP);

>  if ($this->GetParameter($name, 'ShareWGroup') == $group)
>  return;

>  $this->SetParameter($name, 'ShareWGroup', $group);
>  $enabled = 0;
>  if ($this->GetParameter($name, 'ShareEnabled'))
>  $enabled = (int)$this->GetParameter($name, 'ShareEnabled');
>  $this->ToggleShare($name, $enabled, true);
>  }

>  /**

Eric Mols
Fresh Boarder
Posts: 5
graphgraph
User Offline Click here to see the profile of this user
Last Edit: 2011/08/17 06:16 By newreal.
The administrator has disabled public write access.
Eric Mols, Network and System Expert at ToledoSolutions.be
 
#31388
Re: Flexshare: add samba read list and write list 3 Years, 1 Month ago  
Eric, thanks for that it looks great!

As a suggestion could you provide the changes as a unified diff so that users can just apply the patch?

For example:-
Code:

diff -uNrp /var/webconfig/htdocs/admin/flexshare.php /var/webconfig/htdocs/admin/flexshare.php.NEW  > flexshare.php.diff
diff -uNrp /var/webconfig/api/Flexshare.class.php /var/webconfig/api/Flexshare.class.php.NEW > Flexshare.class.php.diff



People can then apply the patches by running
Code:

cd /var/webconfig/htdocs/admin/
patch < /var/tmp/flexshare.php.diff
cd /var/webconfig/api/
patch < /var/tmp/Flexshare.class.php.diff

Tim Burgess
Moderator
Posts: 6619
graph
User Offline Click here to see the profile of this user
Last Edit: 2011/08/17 08:01 By timb80.
The administrator has disabled public write access.
 
#31389
Re:Flexshare: add samba read list and write list 3 Years, 1 Month ago  
Eric Mols
Fresh Boarder
Posts: 5
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
Eric Mols, Network and System Expert at ToledoSolutions.be
 
#31406
Re:Flexshare: add samba read list and write list 3 Years, 1 Month ago  
Hi Eric,

This is great- Thanks!

Is there a way to make this modification allow multiple selections in the drop down menus so that one can select multiple individual users or groups per Read and Write list?

Possibly even a No-Access List to block a specific user / group.

Something like that will make the Flexshare system much better.
Ryan
Senior Boarder
Posts: 42
graphgraph
User Offline Click here to see the profile of this user
Last Edit: 2011/08/17 13:17 By zwankie.
The administrator has disabled public write access.
 
#31434
Re:Flexshare: add samba read list and write list 3 Years ago  
On ClearOS 5.2 (Updated) we get some errors when trying to Enable or Delete a new Flexsshare after this modification:

Group name not set.
Flexshare invalid

Anyone with this problem?

Some advice?
Ryan
Senior Boarder
Posts: 42
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#31437
Re:Flexshare: add samba read list and write list 3 Years ago  
could you provide a copy of th lines in /var/log/messages ?

Only the ones for flexshare* and group*

Tx
Eric Mols
Fresh Boarder
Posts: 5
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
Eric Mols, Network and System Expert at ToledoSolutions.be
 
#31439
Re:Flexshare: add samba read list and write list 3 Years ago  
Hi Eric,

/var/log/messages shows nothing for flexshare or group at all.
Ryan
Senior Boarder
Posts: 42
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#31440
Re:Flexshare: add samba read list and write list 3 Years ago  
SERVER-smbd shows:

[2011/08/18 12:10:49.300591, 1] smbd/server.c:240(cleanup_timeout_fn)
Cleaning up brl and lock database after unclean shutdown
[2011/08/18 12:11:13.553633, 1] smbd/server.c:267(remove_child_pid)
Scheduled cleanup of brl and lock database after unclean shutdown
[2011/08/18 12:11:33.553982, 1] smbd/server.c:240(cleanup_timeout_fn)
Cleaning up brl and lock database after unclean shutdown
[2011/08/18 12:49:39.403537, 1] smbd/server.c:267(remove_child_pid)
Scheduled cleanup of brl and lock database after unclean shutdown
[2011/08/18 12:49:59.403822, 1] smbd/server.c:240(cleanup_timeout_fn)
Cleaning up brl and lock database after unclean shutdown
[2011/08/18 13:17:25.887980, 1] smbd/server.c:267(remove_child_pid)
Scheduled cleanup of brl and lock database after unclean shutdown
[2011/08/18 13:17:45.887978, 1] smbd/server.c:240(cleanup_timeout_fn)
Cleaning up brl and lock database after unclean shutdown
[2011/08/18 14:23:19.897366, 1] param/loadparm.c:6890(service_ok)
NOTE: Service profiles is flagged unavailable.
[2011/08/18 14:24:39.103747, 1] param/loadparm.c:6890(service_ok)
NOTE: Service profiles is flagged unavailable.
Ryan
Senior Boarder
Posts: 42
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#31442
Re:Flexshare: add samba read list and write list 3 Years ago  
ok

check your /etc/flexshare.conf

I copy one share of mine as a sample
Code:


<Share compta>
  FileEnabled=1
  FilePermission=4
  FilePublicAccess=
  FileRecycleBin=1
  FileAuditLog=0
  FileBrowseable=1
  FileModified=1312979680
  FileComment=Flexshare - Comptabilite
  ShareDescription=Comptabilite
  ShareGroup=comptables
  ShareRGroup=comptables
  ShareWGroup=comptables
  ShareCreated=1312903354
  ShareModified=1312903354
  ShareEnabled=1
  ShareDir=/var/flexshare/shares/compta
  ShareInternal=
</Share>



Please, check if you have
Code:


 ShareRGroup=xxxxxx
  ShareWGroup=xxxxxx


in you share definition.
Eric Mols
Fresh Boarder
Posts: 5
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
Eric Mols, Network and System Expert at ToledoSolutions.be
 
#31443
Re:Flexshare: add samba read list and write list 3 Years ago  
This is what I have for the new share just created.

<Share test>
FileEnabled=0
FilePermission=4
FilePublicAccess=
FileRecycleBin=1
FileAuditLog=0
FileBrowseable=1
FileModified=1313670785
FileComment=Flexshare - Test
ShareDescription=Test
ShareGroup=allusers
ShareRGroup=charles.xxxx
ShareWGroup=lizelle.xxxxx
ShareCreated=1313668822
ShareModified=1313668822
ShareEnabled=1
ShareDir=/var/flexshare/shares/test
ShareInternal=
</Share>
Ryan
Senior Boarder
Posts: 42
graphgraph
User Offline Click here to see the profile of this user
Last Edit: 2011/08/18 09:08 By zwankie.
The administrator has disabled public write access.
 
Go to topPage: 123
  get the latest posts directly to your desktop