|
Flexshare: add samba read list and write list 1 Year, 9 Months ago
|
|
Hello,
This is my trick to implement the samba Read List and Write List to the web interface of clear os flexshare
read list
This is a list of users that are given read-only access to a service. If the connecting user is in this list then they will not be given write access, no matter what the read only option is set to. The list can include group names using the syntax described in the invalid users parameter.
This parameter will not work with the security = share in Samba 3.0. This is by design.
Default: read list =
Example: read list = mary, @students
write list
This is a list of users that are given read-write access to a service. If the connecting user is in this list then they will be given write access, no matter what the read only option is set to. The list can include group names using the @group syntax.
Note that if a user is in both the read list and the write list then they will be given write access.
By design, this parameter will not work with the security = share in Samba 3.0.
Default: write list =
Example: write list = admin, root, @staff
it is based on app-flexshare-5.2-10.i386.rpm and app-flexshare-api-5.2-10.i386.rpm
I made changes in the code of
/var/webconfig/htdocs/admin/flexshare.php
and
/var/webconfig/api/Flexshare.class.php
It works on my server ! 
You need to create a group for the Read List and a group for the users ine the Write List
the language files must be modified to add translations for
WEB_LANG_READ_LIST "Read List"
WEB_LANG_WRITE_LIST "Write List"
FLEXSHARE_LANG_ERRMSG_INVALID_READ_LIST "Invalid Read List"
FLEXSHARE_LANG_ERRMSG_INVALID_WRITE_LIST "Invalid Write List"
this the diff for flexshare.php
| Code: |
100c100
< $flexshare->AddShare($_POST['add_name'], $_POST['add_description'], $_POST['add_group']);
---
> $flexshare->AddShare($_POST['add_name'], $_POST['add_description'], $_POST['add_group'], $_POST['add_rgroup'], $_POST['add_wgroup']);
127a128,129
> $flexshare->SetRGroup($name, $_POST['rgroup']);
> $flexshare->SetWGroup($name, $_POST['wgroup']);
369a372,373
> <td>" . $shares[$index]['RGroup'] . "</td>
> <td>" . $shares[$index]['WGroup'] . "</td>
403a408,409
> WEB_LANG_READ_LIST . "|" .
> WEB_LANG_WRITE_LIST . "|" .
467a474
>
472a480,490
> $add_rgroup = isset($_POST['add_rgroup']) ? $_POST['add_rgroup'] : "";
>
> if (empty($add_rgroup) && in_array(Group::CONSTANT_ALL_USERS_GROUP, $groups))
> $add_rgroup = Group::CONSTANT_ALL_USERS_GROUP;
>
> $add_wgroup = isset($_POST['add_wgroup']) ? $_POST['add_wgroup'] : "";
>
> if (empty($add_wgroup) && in_array(Group::CONSTANT_ALL_USERS_GROUP, $groups))
> $add_wgroup = Group::CONSTANT_ALL_USERS_GROUP;
>
>
488a507,514
> <td class='mytablesubheader' nowrap>" . WEB_LANG_READ_LIST . "</td>
> <td nowrap>" . WebDropDownHash("add_rgroup", $add_rgroup, $owners) . "</td>
> </tr>
> <tr>
> <td class='mytablesubheader' nowrap>" . WEB_LANG_WRITE_LIST . "</td>
> <td nowrap>" . WebDropDownHash("add_wgroup", $add_wgroup, $owners) . "</td>
> </tr>
> <tr>
569a596,631
> $rgroup_select = '';
>
> // Read List
> foreach ($groups as $group) {
> $selected = ($group === $share['ShareRGroup']) ? "selected" : '';
> $rgroup_select .= "<option value='" . $group . "' $selected>" . GROUP_LANG_GROUP . ' - ' . $group . "</option>\n";
> }
>
> foreach ($users as $group) {
> $selected = ($group === $share['ShareRGroup']) ? "selected" : '';
> $rgroup_select .= "<option value='" . $group . "' $selected>" . GROUP_LANG_USER . ' - ' . $group . "</option>\n";
> }
>
> if (empty($groups))
> $rgroup_select = WEB_LANG_GROUP_REQUIRED . " - " . WebUrlJump("groups.php", LOCALE_LANG_CONFIGURE);
> else
> $rgroup_select = "<select name='rgroup'>$rgroup_select</select>";
>
> //Write List
> $wgroup_select = '';
>
> foreach ($groups as $group) {
> $selected = ($group === $share['ShareWGroup']) ? "selected" : '';
> $wgroup_select .= "<option value='" . $group . "' $selected>" . GROUP_LANG_GROUP . ' - ' . $group . "</option>\n";
> }
>
> foreach ($users as $group) {
> $selected = ($group === $share['ShareWGroup']) ? "selected" : '';
> $wgroup_select .= "<option value='" . $group . "' $selected>" . GROUP_LANG_USER . ' - ' . $group . "</option>\n";
> }
>
> if (empty($groups))
> $wgroup_select = WEB_LANG_GROUP_REQUIRED . " - " . WebUrlJump("groups.php", LOCALE_LANG_CONFIGURE);
> else
> $wgroup_select = "<select name='wgroup'>$wgroup_select</select>";
>
585a648,655
> <td class='mytablesubheader' nowrap>" . WEB_LANG_READ_LIST . "</td>
> <td>$rgroup_select</td>
> </tr>
> <tr>
> <td class='mytablesubheader' nowrap>" . WEB_LANG_WRITE_LIST . "</td>
> <td>$wgroup_select</td>
> </tr>
> <tr>
|
and the diff for Flexshare.class.php
| Code: |
165a166,167
> const REGEX_SHARE_RGROUP = '^[[:space:]]*ShareRGroup[[:space:]]*=[[:space:]]*(.*$)';
> const REGEX_SHARE_WGROUP = '^[[:space:]]*ShareWGroup[[:space:]]*=[[:space:]]*(.*$)';
268a271,274
> } elseif (eregi(self::REGEX_SHARE_RGROUP, $line, $match)) {
> $share['RGroup'] = $match[1];
> } elseif (eregi(self::REGEX_SHARE_WGROUP, $line, $match)) {
> $share['WGroup'] = $match[1];
307a314,315
> * @param string $rgroup read list of the flexshare
> * @param string $wgroup write list of the flexshare
314c322
< function AddShare($name, $description, $group, $internal = false)
---
> function AddShare($name, $description, $group, $rgroup, $wgroup, $internal = false)
329a338,343
> if (! $this->IsValidGroup($rgroup))
> throw new ValidationException(FLEXSHARE_LANG_ERRMSG_INVALID_READ_LIST);
>
> if (! $this->IsValidGroup($wgroup))
> throw new ValidationException(FLEXSHARE_LANG_ERRMSG_INVALID_WRITE_LIST);
>
378a393,394
> " ShareRGroup=$rgroup\n" .
> " ShareWGroup=$wgroup\n" .
1717a1734,1755
>
> // Add Read list
> $group = new Group($share['ShareRGroup']);
>
> if ($group->Exists()) {
> $linestoadd .= "\tread list = @\"%D" . '\\' . trim($share["ShareRGroup"]) . "\"\n";
> } else {
> $user = new User($share['ShareRGroup']);
> if ($user->Exists())
> $linestoadd .= "\tread list = \"%D" . '\\' . trim($share["ShareRGroup"]) . "\"\n";
> }
>
> // Add Write list
> $group = new Group($share['ShareWGroup']);
>
> if ($group->Exists()) {
> $linestoadd .= "\twrite list = @\"%D" . '\\' . trim($share["ShareWGroup"]) . "\"\n";
> } else {
> $user = new User($share['ShareWGroup']);
> if ($user->Exists())
> $linestoadd .= "\twrite list = \"%D" . '\\' . trim($share["ShareWGroup"]) . "\"\n";
> }
2100a2139,2192
> * Sets a flexshare's read list.
> *
> * @param string $name flexshare name
> * @param string $group flexshare group owner
> * @returns void
> * @throws ValidationException, EngineException
> */
>
> function SetRGroup($name, $group)
> {
> if (COMMON_DEBUG_MODE)
> self::Log(COMMON_DEBUG, 'called', __METHOD__, __LINE__);
>
> if (! $this->IsValidGroup($group))
> throw new ValidationException(FLEXSHARE_LANG_ERRMSG_INVALID_GROUP);
>
> if ($this->GetParameter($name, 'ShareRGroup') == $group)
> return;
>
> $this->SetParameter($name, 'ShareRGroup', $group);
> $enabled = 0;
> if ($this->GetParameter($name, 'ShareEnabled'))
> $enabled = (int)$this->GetParameter($name, 'ShareEnabled');
> $this->ToggleShare($name, $enabled, true);
> }
>
> /**
> * Sets a flexshare's write list.
> *
> * @param string $name flexshare name
> * @param string $group flexshare group owner
> * @returns void
> * @throws ValidationException, EngineException
> */
>
> function SetWGroup($name, $group)
> {
> if (COMMON_DEBUG_MODE)
> self::Log(COMMON_DEBUG, 'called', __METHOD__, __LINE__);
>
> if (! $this->IsValidGroup($group))
> throw new ValidationException(FLEXSHARE_LANG_ERRMSG_INVALID_GROUP);
>
> if ($this->GetParameter($name, 'ShareWGroup') == $group)
> return;
>
> $this->SetParameter($name, 'ShareWGroup', $group);
> $enabled = 0;
> if ($this->GetParameter($name, 'ShareEnabled'))
> $enabled = (int)$this->GetParameter($name, 'ShareEnabled');
> $this->ToggleShare($name, $enabled, true);
> }
>
> /**
|
|
|
|
|
Last Edit: 2011/08/17 06:16 By newreal.
|
|
|
Re: Flexshare: add samba read list and write list 1 Year, 9 Months ago
|
|
Eric, thanks for that it looks great!
As a suggestion could you provide the changes as a unified diff so that users can just apply the patch?
For example:-
| Code: |
diff -uNrp /var/webconfig/htdocs/admin/flexshare.php /var/webconfig/htdocs/admin/flexshare.php.NEW > flexshare.php.diff
diff -uNrp /var/webconfig/api/Flexshare.class.php /var/webconfig/api/Flexshare.class.php.NEW > Flexshare.class.php.diff
|
People can then apply the patches by running
| Code: |
cd /var/webconfig/htdocs/admin/
patch < /var/tmp/flexshare.php.diff
cd /var/webconfig/api/
patch < /var/tmp/Flexshare.class.php.diff
|
|
|
|
|
Last Edit: 2011/08/17 08:01 By timb80.
|
|
|
Re:Flexshare: add samba read list and write list 1 Year, 9 Months ago
|
|
|
|
|
|
|
|
|
|
Re:Flexshare: add samba read list and write list 1 Year, 9 Months ago
|
|
|
Hi Eric,
This is great- Thanks!
Is there a way to make this modification allow multiple selections in the drop down menus so that one can select multiple individual users or groups per Read and Write list?
Possibly even a No-Access List to block a specific user / group.
Something like that will make the Flexshare system much better.
|
|
Ryan
Senior Boarder
Posts: 42
|
|
Last Edit: 2011/08/17 13:17 By zwankie.
|
|
|
Re:Flexshare: add samba read list and write list 1 Year, 9 Months ago
|
|
|
On ClearOS 5.2 (Updated) we get some errors when trying to Enable or Delete a new Flexsshare after this modification:
Group name not set.
Flexshare invalid
Anyone with this problem?
Some advice?
|
|
Ryan
Senior Boarder
Posts: 42
|
|
|
|
|
Re:Flexshare: add samba read list and write list 1 Year, 9 Months ago
|
|
|
could you provide a copy of th lines in /var/log/messages ?
Only the ones for flexshare* and group*
Tx
|
|
|
|
|
|
|
Re:Flexshare: add samba read list and write list 1 Year, 9 Months ago
|
|
|
Hi Eric,
/var/log/messages shows nothing for flexshare or group at all.
|
|
Ryan
Senior Boarder
Posts: 42
|
|
|
|
|
Re:Flexshare: add samba read list and write list 1 Year, 9 Months ago
|
|
|
SERVER-smbd shows:
[2011/08/18 12:10:49.300591, 1] smbd/server.c:240(cleanup_timeout_fn)
Cleaning up brl and lock database after unclean shutdown
[2011/08/18 12:11:13.553633, 1] smbd/server.c:267(remove_child_pid)
Scheduled cleanup of brl and lock database after unclean shutdown
[2011/08/18 12:11:33.553982, 1] smbd/server.c:240(cleanup_timeout_fn)
Cleaning up brl and lock database after unclean shutdown
[2011/08/18 12:49:39.403537, 1] smbd/server.c:267(remove_child_pid)
Scheduled cleanup of brl and lock database after unclean shutdown
[2011/08/18 12:49:59.403822, 1] smbd/server.c:240(cleanup_timeout_fn)
Cleaning up brl and lock database after unclean shutdown
[2011/08/18 13:17:25.887980, 1] smbd/server.c:267(remove_child_pid)
Scheduled cleanup of brl and lock database after unclean shutdown
[2011/08/18 13:17:45.887978, 1] smbd/server.c:240(cleanup_timeout_fn)
Cleaning up brl and lock database after unclean shutdown
[2011/08/18 14:23:19.897366, 1] param/loadparm.c:6890(service_ok)
NOTE: Service profiles is flagged unavailable.
[2011/08/18 14:24:39.103747, 1] param/loadparm.c:6890(service_ok)
NOTE: Service profiles is flagged unavailable.
|
|
Ryan
Senior Boarder
Posts: 42
|
|
|
|
|
Re:Flexshare: add samba read list and write list 1 Year, 9 Months ago
|
|
ok
check your /etc/flexshare.conf
I copy one share of mine as a sample
| Code: |
<Share compta>
FileEnabled=1
FilePermission=4
FilePublicAccess=
FileRecycleBin=1
FileAuditLog=0
FileBrowseable=1
FileModified=1312979680
FileComment=Flexshare - Comptabilite
ShareDescription=Comptabilite
ShareGroup=comptables
ShareRGroup=comptables
ShareWGroup=comptables
ShareCreated=1312903354
ShareModified=1312903354
ShareEnabled=1
ShareDir=/var/flexshare/shares/compta
ShareInternal=
</Share>
|
Please, check if you have
| Code: |
ShareRGroup=xxxxxx
ShareWGroup=xxxxxx
|
in you share definition. |
|
|
|
|
|
|
Re:Flexshare: add samba read list and write list 1 Year, 9 Months ago
|
|
|
This is what I have for the new share just created.
<Share test>
FileEnabled=0
FilePermission=4
FilePublicAccess=
FileRecycleBin=1
FileAuditLog=0
FileBrowseable=1
FileModified=1313670785
FileComment=Flexshare - Test
ShareDescription=Test
ShareGroup=allusers
ShareRGroup=charles.xxxx
ShareWGroup=lizelle.xxxxx
ShareCreated=1313668822
ShareModified=1313668822
ShareEnabled=1
ShareDir=/var/flexshare/shares/test
ShareInternal=
</Share>
|
|
Ryan
Senior Boarder
Posts: 42
|
|
Last Edit: 2011/08/18 09:08 By zwankie.
|
|
|
