summaryrefslogtreecommitdiffstats
path: root/samba_wizard
diff options
context:
space:
mode:
authorArnaud Desmons <adesmons@mandriva.com>2002-10-23 10:04:57 +0000
committerArnaud Desmons <adesmons@mandriva.com>2002-10-23 10:04:57 +0000
commitd381270aa94a7ed230dfaee421d1f0e3bad42d5f (patch)
tree8d8cdefae6a5a98d861378f6bf5f35e485210746 /samba_wizard
parent742f6a645859e78af7fde1376809988d3752702e (diff)
downloaddrakwizard-d381270aa94a7ed230dfaee421d1f0e3bad42d5f.tar
drakwizard-d381270aa94a7ed230dfaee421d1f0e3bad42d5f.tar.gz
drakwizard-d381270aa94a7ed230dfaee421d1f0e3bad42d5f.tar.bz2
drakwizard-d381270aa94a7ed230dfaee421d1f0e3bad42d5f.tar.xz
drakwizard-d381270aa94a7ed230dfaee421d1f0e3bad42d5f.zip
acces restriction
Diffstat (limited to 'samba_wizard')
-rw-r--r--samba_wizard/samba.wiz90
-rwxr-xr-xsamba_wizard/scripts/Smbconf.pm70
-rw-r--r--samba_wizard/scripts/smb.conf.default1
3 files changed, 134 insertions, 27 deletions
diff --git a/samba_wizard/samba.wiz b/samba_wizard/samba.wiz
index e715a8df..c9432332 100644
--- a/samba_wizard/samba.wiz
+++ b/samba_wizard/samba.wiz
@@ -16,14 +16,24 @@
>
</Variable>
<Variable
+ name="hosts_allow"
+ shellVariable="wiz_hosts_allow"
+ >
+ </Variable>
+ <Variable
+ name="hosts_deny"
+ shellVariable="wiz_hosts_deny"
+ >
+ </Variable>
+ <Variable
name="doFileSharing"
comment="true if we do file sharing, false otherwise"
shellVariable="wiz_do_file_sharing"
>
</Variable>
<Variable
- name="wiz_samba_net"
- shellVariable="wiz_samba_net"
+ name="level"
+ shellVariable="wiz_level"
>
</Variable>
<Variable
@@ -43,12 +53,6 @@
>
</Variable>
<Variable
- name="printer"
- comment="true if samba do printer sharing"
- shellVariable="wiz_printer"
- >
- </Variable>
- <Variable
name="doHomes"
comment="true if samba do printer sharing"
shellVariable="wiz_do_homes"
@@ -139,7 +143,6 @@
>
</Info>
-
<Info
helpText="Samba need to know the Windows Workgroup it will serve."
>
@@ -233,12 +236,23 @@
</Page>
<Page
name="ask_net"
- jumpPage="ask_services"
+ func="chk_level"
executionLevel="NORMAL"
nextFinish="false"
canBack="true"
canCancel="true"
>
+ <Target
+ targetName="ask_services"
+ jumpIndex="1"
+ >
+ </Target>
+
+ <Target
+ targetName="ask_netmask"
+ jumpIndex="2"
+ >
+ </Target>
<Info
helpText="Access control"
>
@@ -246,7 +260,8 @@
<Chooser
name="chooser1"
- variableName="wiz_samba_net"
+ variableName="level"
+ helpText="Access level :"
>
<Option
value="1"
@@ -256,12 +271,63 @@
<Option
value="2"
- description="Local Network - access for local network (recommended)"
+ description="My rules - Ask me allowed and denied hosts"
>
</Option>
</Chooser>
</Page>
+ <Page
+ name="ask_netmask"
+ jumpPage="ask_services"
+ executionLevel="NORMAL"
+ nextFinish="false"
+ canBack="true"
+ canCancel="true"
+ is="level=2"
+ >
+ <Info
+ helpText="Access control"
+ >
+ </Info>
+
+ <Info
+ helpText="* Example 1: allow all IPs in 150.203.*.*; except one\nhosts allow = 150.203. EXCEPT 150.203.6.66"
+ >
+ </Info>
+ <Info
+ helpText="* Example 2: allow hosts that match the given network/netmask\nhosts allow = 150.203.15.0/255.255.255.0"
+ >
+ </Info>
+ <Info
+ helpText="* Example 3: allow a couple of hosts\nhosts allow = lapland, arvidsjaur"
+ >
+ </Info>
+ <Info
+ helpText="* Example 4: allow only hosts in NIS netgroup \qfoonet\q, but deny access from one particular host\nhosts allow = @foonet\nhosts deny = pirate"
+ >
+ </Info>
+ <Info
+ helpText="Note that access still requires suitable user-level passwords."
+ >
+ </Info>
+ <Freetext
+ variableName="hosts_allow"
+ helpText="Allow hosts:"
+ editable="true"
+ fillfunc="get_allow_host"
+ refresh="true"
+ >
+ </Freetext>
+ <Freetext
+ variableName="hosts_deny"
+ helpText="Deny hosts:"
+ editable="true"
+ fillfunc="get_deny_host"
+ refresh="true"
+ >
+ </Freetext>
+ </Page>
<Page
helpURL="file:/usr/share/doc/mandrake/${LANG}/ref.html/wiz-samba.html"
name="ask_services"
diff --git a/samba_wizard/scripts/Smbconf.pm b/samba_wizard/scripts/Smbconf.pm
index 4f2ab90d..ed065f55 100755
--- a/samba_wizard/scripts/Smbconf.pm
+++ b/samba_wizard/scripts/Smbconf.pm
@@ -78,6 +78,7 @@ sub write_conf {
else {
print FH $_;
}
+ print "$_\n";
}
}
@@ -142,6 +143,7 @@ sub chg_var {
$self->{conf}->{$menu}{$var}{value} = $str;
}
+# all or selected printers
sub printer_sharing {
my $self = shift;
my $printer;
@@ -237,6 +239,38 @@ sub get_home_sharing {
1;
}
+sub get_netmask {
+ "192.168.100.1/255.255.255.0";
+}
+
+sub get_allow_host {
+ $old->{conf}->{global}{"hosts allow"}{value};
+}
+
+sub get_deny_host {
+ $old->{conf}->{global}{"hosts deny"}{value};
+}
+
+sub chk_level {
+# if ($ENV{wiz_level} == 2) {
+# $ENV{wiz_allow_allow} = "toto";
+# $ENV{wiz_allow_allow} = "toto";
+# }
+# else {
+# $ENV{wiz_hosts_deny} = "tata";
+# $ENV{wiz_hosts_deny} = "tata";
+# }
+# if ($ENV{wiz_level} == 3) {
+# $ENV{wiz_allow_allow} = "toto";
+# $ENV{wiz_allow_allow} = "toto";
+# }
+# else {
+# $ENV{wiz_hosts_deny} = "tata";
+# $ENV{wiz_hosts_deny} = "tata";
+# }
+ $ENV{wiz_level};
+}
+
# remember one variable cannot be commented and not in the same file.
sub do_it {
my $file = "__WIZ_HOME__/samba_wizard/scripts/smb.conf.default";
@@ -244,23 +278,11 @@ sub do_it {
my $conf = read_conf($file);
$conf->chg_var("global", "security", "share");
$conf->chg_var("global", "workgroup", $ENV{wiz_workgroup});
+ print "$ENV{wiz_workgroup}\n";
$conf->chg_var("global", "server string", $ENV{wiz_banner});
$conf->chg_var("public", "write list", $ENV{wiz_write_list}) if $ENV{wiz_do_file_sharing};
$conf->chg_var("public", "read list", $ENV{wiz_read_list}) if $ENV{wiz_do_file_sharing};
my $ip = $o->get_from_known_dev("IP");
- if ($ENV{wiz_do_printer_sharing}) {
- standalone->explanations("Enabling printer sharing");
- $conf->printer_sharing();
- }
- else {
- standalone->explanations("Disabling printer sharing");
- foreach $printer (keys (%::bool)) {
- if (!int($::bool{$printer})) {
- $conf->comment_menu("$printer", ";");
- }
- }
- $conf->comment_menu("printers", ";");
- }
if ($ENV{wiz_do_file_sharing}) {
standalone->explanations("Enabling $ENV{wiz_dir} samba file sharing");
$conf->comment_menu("public", "");
@@ -276,10 +298,28 @@ sub do_it {
else {
standalone->explanations("Disabling samba homes sharing");
$conf->comment_menu("homes", ";");
- }
- $conf->chg_var("global", "hosts allow", $ip);
+ }
+ standalone->explanations("Samba deny $ENV{wiz_hosts_deny}");
+ standalone->explanations("Samba allow $ENV{wiz_hosts_allow}");
+ $conf->chg_var("global", "hosts deny", $ENV{wiz_hosts_deny});
+ $conf->comment_var("global", "hosts deny", "");
+ $conf->chg_var("global", "hosts allow", $ENV{wiz_hosts_allow});
+ $conf->comment_var("global", "hosts allow", "");
$conf->chg_var("global", "security", "share");
$conf->chg_var("public", "path", $ENV{wiz_dir}) if $ENV{wiz_dir};
+ if ($ENV{wiz_do_printer_sharing}) {
+ standalone->explanations("Enabling printer sharing");
+ $conf->printer_sharing();
+ }
+ else {
+ standalone->explanations("Disabling printer sharing");
+ foreach $printer (keys (%::bool)) {
+ if (!int($::bool{$printer})) {
+ $conf->comment_menu("$printer", ";");
+ }
+ }
+ $conf->comment_menu("printers", ";");
+ }
$conf->write_conf("/etc/samba/smb.conf");
system("/etc/rc.d/init.d/smb restart");
10;
diff --git a/samba_wizard/scripts/smb.conf.default b/samba_wizard/scripts/smb.conf.default
index a6012972..1e714025 100644
--- a/samba_wizard/scripts/smb.conf.default
+++ b/samba_wizard/scripts/smb.conf.default
@@ -67,6 +67,7 @@
# the smb.conf man page. Do not enable this if (tcp/ip) name resolution does
# not work for all the hosts in your network.
; hosts allow = 192.168.1. 192.168.2. 127.
+; hosts deny = all
# Uncomment this if you want a guest account, you must add this to /etc/passwd
# otherwise the user "nobody" is used