diff options
author | Arnaud Desmons <adesmons@mandriva.com> | 2002-10-23 10:04:57 +0000 |
---|---|---|
committer | Arnaud Desmons <adesmons@mandriva.com> | 2002-10-23 10:04:57 +0000 |
commit | d381270aa94a7ed230dfaee421d1f0e3bad42d5f (patch) | |
tree | 8d8cdefae6a5a98d861378f6bf5f35e485210746 /samba_wizard | |
parent | 742f6a645859e78af7fde1376809988d3752702e (diff) | |
download | drakwizard-d381270aa94a7ed230dfaee421d1f0e3bad42d5f.tar drakwizard-d381270aa94a7ed230dfaee421d1f0e3bad42d5f.tar.gz drakwizard-d381270aa94a7ed230dfaee421d1f0e3bad42d5f.tar.bz2 drakwizard-d381270aa94a7ed230dfaee421d1f0e3bad42d5f.tar.xz drakwizard-d381270aa94a7ed230dfaee421d1f0e3bad42d5f.zip |
acces restriction
Diffstat (limited to 'samba_wizard')
-rw-r--r-- | samba_wizard/samba.wiz | 90 | ||||
-rwxr-xr-x | samba_wizard/scripts/Smbconf.pm | 70 | ||||
-rw-r--r-- | samba_wizard/scripts/smb.conf.default | 1 |
3 files changed, 134 insertions, 27 deletions
diff --git a/samba_wizard/samba.wiz b/samba_wizard/samba.wiz index e715a8df..c9432332 100644 --- a/samba_wizard/samba.wiz +++ b/samba_wizard/samba.wiz @@ -16,14 +16,24 @@ > </Variable> <Variable + name="hosts_allow" + shellVariable="wiz_hosts_allow" + > + </Variable> + <Variable + name="hosts_deny" + shellVariable="wiz_hosts_deny" + > + </Variable> + <Variable name="doFileSharing" comment="true if we do file sharing, false otherwise" shellVariable="wiz_do_file_sharing" > </Variable> <Variable - name="wiz_samba_net" - shellVariable="wiz_samba_net" + name="level" + shellVariable="wiz_level" > </Variable> <Variable @@ -43,12 +53,6 @@ > </Variable> <Variable - name="printer" - comment="true if samba do printer sharing" - shellVariable="wiz_printer" - > - </Variable> - <Variable name="doHomes" comment="true if samba do printer sharing" shellVariable="wiz_do_homes" @@ -139,7 +143,6 @@ > </Info> - <Info helpText="Samba need to know the Windows Workgroup it will serve." > @@ -233,12 +236,23 @@ </Page> <Page name="ask_net" - jumpPage="ask_services" + func="chk_level" executionLevel="NORMAL" nextFinish="false" canBack="true" canCancel="true" > + <Target + targetName="ask_services" + jumpIndex="1" + > + </Target> + + <Target + targetName="ask_netmask" + jumpIndex="2" + > + </Target> <Info helpText="Access control" > @@ -246,7 +260,8 @@ <Chooser name="chooser1" - variableName="wiz_samba_net" + variableName="level" + helpText="Access level :" > <Option value="1" @@ -256,12 +271,63 @@ <Option value="2" - description="Local Network - access for local network (recommended)" + description="My rules - Ask me allowed and denied hosts" > </Option> </Chooser> </Page> + <Page + name="ask_netmask" + jumpPage="ask_services" + executionLevel="NORMAL" + nextFinish="false" + canBack="true" + canCancel="true" + is="level=2" + > + <Info + helpText="Access control" + > + </Info> + + <Info + helpText="* Example 1: allow all IPs in 150.203.*.*; except one\nhosts allow = 150.203. EXCEPT 150.203.6.66" + > + </Info> + <Info + helpText="* Example 2: allow hosts that match the given network/netmask\nhosts allow = 150.203.15.0/255.255.255.0" + > + </Info> + <Info + helpText="* Example 3: allow a couple of hosts\nhosts allow = lapland, arvidsjaur" + > + </Info> + <Info + helpText="* Example 4: allow only hosts in NIS netgroup \qfoonet\q, but deny access from one particular host\nhosts allow = @foonet\nhosts deny = pirate" + > + </Info> + <Info + helpText="Note that access still requires suitable user-level passwords." + > + </Info> + <Freetext + variableName="hosts_allow" + helpText="Allow hosts:" + editable="true" + fillfunc="get_allow_host" + refresh="true" + > + </Freetext> + <Freetext + variableName="hosts_deny" + helpText="Deny hosts:" + editable="true" + fillfunc="get_deny_host" + refresh="true" + > + </Freetext> + </Page> <Page helpURL="file:/usr/share/doc/mandrake/${LANG}/ref.html/wiz-samba.html" name="ask_services" diff --git a/samba_wizard/scripts/Smbconf.pm b/samba_wizard/scripts/Smbconf.pm index 4f2ab90d..ed065f55 100755 --- a/samba_wizard/scripts/Smbconf.pm +++ b/samba_wizard/scripts/Smbconf.pm @@ -78,6 +78,7 @@ sub write_conf { else { print FH $_; } + print "$_\n"; } } @@ -142,6 +143,7 @@ sub chg_var { $self->{conf}->{$menu}{$var}{value} = $str; } +# all or selected printers sub printer_sharing { my $self = shift; my $printer; @@ -237,6 +239,38 @@ sub get_home_sharing { 1; } +sub get_netmask { + "192.168.100.1/255.255.255.0"; +} + +sub get_allow_host { + $old->{conf}->{global}{"hosts allow"}{value}; +} + +sub get_deny_host { + $old->{conf}->{global}{"hosts deny"}{value}; +} + +sub chk_level { +# if ($ENV{wiz_level} == 2) { +# $ENV{wiz_allow_allow} = "toto"; +# $ENV{wiz_allow_allow} = "toto"; +# } +# else { +# $ENV{wiz_hosts_deny} = "tata"; +# $ENV{wiz_hosts_deny} = "tata"; +# } +# if ($ENV{wiz_level} == 3) { +# $ENV{wiz_allow_allow} = "toto"; +# $ENV{wiz_allow_allow} = "toto"; +# } +# else { +# $ENV{wiz_hosts_deny} = "tata"; +# $ENV{wiz_hosts_deny} = "tata"; +# } + $ENV{wiz_level}; +} + # remember one variable cannot be commented and not in the same file. sub do_it { my $file = "__WIZ_HOME__/samba_wizard/scripts/smb.conf.default"; @@ -244,23 +278,11 @@ sub do_it { my $conf = read_conf($file); $conf->chg_var("global", "security", "share"); $conf->chg_var("global", "workgroup", $ENV{wiz_workgroup}); + print "$ENV{wiz_workgroup}\n"; $conf->chg_var("global", "server string", $ENV{wiz_banner}); $conf->chg_var("public", "write list", $ENV{wiz_write_list}) if $ENV{wiz_do_file_sharing}; $conf->chg_var("public", "read list", $ENV{wiz_read_list}) if $ENV{wiz_do_file_sharing}; my $ip = $o->get_from_known_dev("IP"); - if ($ENV{wiz_do_printer_sharing}) { - standalone->explanations("Enabling printer sharing"); - $conf->printer_sharing(); - } - else { - standalone->explanations("Disabling printer sharing"); - foreach $printer (keys (%::bool)) { - if (!int($::bool{$printer})) { - $conf->comment_menu("$printer", ";"); - } - } - $conf->comment_menu("printers", ";"); - } if ($ENV{wiz_do_file_sharing}) { standalone->explanations("Enabling $ENV{wiz_dir} samba file sharing"); $conf->comment_menu("public", ""); @@ -276,10 +298,28 @@ sub do_it { else { standalone->explanations("Disabling samba homes sharing"); $conf->comment_menu("homes", ";"); - } - $conf->chg_var("global", "hosts allow", $ip); + } + standalone->explanations("Samba deny $ENV{wiz_hosts_deny}"); + standalone->explanations("Samba allow $ENV{wiz_hosts_allow}"); + $conf->chg_var("global", "hosts deny", $ENV{wiz_hosts_deny}); + $conf->comment_var("global", "hosts deny", ""); + $conf->chg_var("global", "hosts allow", $ENV{wiz_hosts_allow}); + $conf->comment_var("global", "hosts allow", ""); $conf->chg_var("global", "security", "share"); $conf->chg_var("public", "path", $ENV{wiz_dir}) if $ENV{wiz_dir}; + if ($ENV{wiz_do_printer_sharing}) { + standalone->explanations("Enabling printer sharing"); + $conf->printer_sharing(); + } + else { + standalone->explanations("Disabling printer sharing"); + foreach $printer (keys (%::bool)) { + if (!int($::bool{$printer})) { + $conf->comment_menu("$printer", ";"); + } + } + $conf->comment_menu("printers", ";"); + } $conf->write_conf("/etc/samba/smb.conf"); system("/etc/rc.d/init.d/smb restart"); 10; diff --git a/samba_wizard/scripts/smb.conf.default b/samba_wizard/scripts/smb.conf.default index a6012972..1e714025 100644 --- a/samba_wizard/scripts/smb.conf.default +++ b/samba_wizard/scripts/smb.conf.default @@ -67,6 +67,7 @@ # the smb.conf man page. Do not enable this if (tcp/ip) name resolution does # not work for all the hosts in your network. ; hosts allow = 192.168.1. 192.168.2. 127. +; hosts deny = all # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used |