lock:x:54:
sshd:x:74:
pcap:x:77:
+wbpriv:x:88:squid
nobody:x:99:
users:x:100:
snort:x:101:
#etc/rc.d/init.d/vdradmin
#etc/rc.d/init.d/vsftpd
#etc/rc.d/init.d/watchdog
-#etc/rc.d/init.d/winbind
etc/rc.d/init.d/wlanclient
#etc/rc.d/init.d/xinetd
#etc/rc.d/rc0.d
#etc/rc.d/init.d/vdradmin
#etc/rc.d/init.d/vsftpd
#etc/rc.d/init.d/watchdog
-#etc/rc.d/init.d/winbind
etc/rc.d/init.d/wlanclient
#etc/rc.d/init.d/xinetd
#etc/rc.d/rc0.d
--- /dev/null
+#usr/bin/gss-client
+#usr/bin/k5srvutil
+usr/bin/kadmin
+usr/bin/kdestroy
+usr/bin/kinit
+usr/bin/klist
+usr/bin/kpasswd
+#usr/bin/krb5-config
+#usr/bin/ksu
+#usr/bin/kswitch
+#usr/bin/ktutil
+#usr/bin/kvno
+#usr/bin/sclient
+#usr/bin/sim_client
+#usr/bin/uuclient
+#usr/include/gssapi
+#usr/include/gssapi.h
+#usr/include/gssapi/gssapi.h
+#usr/include/gssapi/gssapi_ext.h
+#usr/include/gssapi/gssapi_generic.h
+#usr/include/gssapi/gssapi_krb5.h
+#usr/include/gssapi/mechglue.h
+#usr/include/gssrpc
+#usr/include/gssrpc/auth.h
+#usr/include/gssrpc/auth_gss.h
+#usr/include/gssrpc/auth_gssapi.h
+#usr/include/gssrpc/auth_unix.h
+#usr/include/gssrpc/clnt.h
+#usr/include/gssrpc/netdb.h
+#usr/include/gssrpc/pmap_clnt.h
+#usr/include/gssrpc/pmap_prot.h
+#usr/include/gssrpc/pmap_rmt.h
+#usr/include/gssrpc/rename.h
+#usr/include/gssrpc/rpc.h
+#usr/include/gssrpc/rpc_msg.h
+#usr/include/gssrpc/svc.h
+#usr/include/gssrpc/svc_auth.h
+#usr/include/gssrpc/types.h
+#usr/include/gssrpc/xdr.h
+#usr/include/kadm5
+#usr/include/kadm5/admin.h
+#usr/include/kadm5/chpass_util_strings.h
+#usr/include/kadm5/kadm_err.h
+#usr/include/kdb.h
+#usr/include/krad.h
+#usr/include/krb5
+#usr/include/krb5.h
+#usr/include/krb5/ccselect_plugin.h
+#usr/include/krb5/clpreauth_plugin.h
+#usr/include/krb5/hostrealm_plugin.h
+#usr/include/krb5/kadm5_hook_plugin.h
+#usr/include/krb5/kdcpreauth_plugin.h
+#usr/include/krb5/krb5.h
+#usr/include/krb5/localauth_plugin.h
+#usr/include/krb5/locate_plugin.h
+#usr/include/krb5/plugin.h
+#usr/include/krb5/preauth_plugin.h
+#usr/include/krb5/pwqual_plugin.h
+#usr/include/profile.h
+#usr/include/verto-module.h
+#usr/include/verto.h
+usr/lib/krb5
+usr/lib/krb5/plugins
+usr/lib/krb5/plugins/authdata
+usr/lib/krb5/plugins/kdb
+usr/lib/krb5/plugins/kdb/db2.so
+usr/lib/krb5/plugins/libkrb5
+usr/lib/krb5/plugins/preauth
+usr/lib/krb5/plugins/preauth/otp.so
+usr/lib/krb5/plugins/preauth/pkinit.so
+#usr/lib/libgssapi_krb5.so
+usr/lib/libgssapi_krb5.so.2
+usr/lib/libgssapi_krb5.so.2.2
+#usr/lib/libgssrpc.so
+usr/lib/libgssrpc.so.4
+usr/lib/libgssrpc.so.4.2
+#usr/lib/libk5crypto.so
+usr/lib/libk5crypto.so.3
+usr/lib/libk5crypto.so.3.1
+#usr/lib/libkadm5clnt.so
+#usr/lib/libkadm5clnt_mit.so
+usr/lib/libkadm5clnt_mit.so.9
+usr/lib/libkadm5clnt_mit.so.9.0
+#usr/lib/libkadm5srv.so
+#usr/lib/libkadm5srv_mit.so
+usr/lib/libkadm5srv_mit.so.9
+usr/lib/libkadm5srv_mit.so.9.0
+#usr/lib/libkdb5.so
+usr/lib/libkdb5.so.7
+usr/lib/libkdb5.so.7.0
+#usr/lib/libkrad.so
+usr/lib/libkrad.so.0
+usr/lib/libkrad.so.0.0
+#usr/lib/libkrb5.so
+usr/lib/libkrb5.so.3
+usr/lib/libkrb5.so.3.3
+#usr/lib/libkrb5support.so
+usr/lib/libkrb5support.so.0
+usr/lib/libkrb5support.so.0.1
+#usr/lib/libverto.so
+usr/lib/libverto.so.0
+usr/lib/libverto.so.0.0
+#usr/lib/pkgconfig/gssrpc.pc
+#usr/lib/pkgconfig/kadm-client.pc
+#usr/lib/pkgconfig/kadm-server.pc
+#usr/lib/pkgconfig/kdb.pc
+#usr/lib/pkgconfig/krb5-gssapi.pc
+#usr/lib/pkgconfig/krb5.pc
+#usr/lib/pkgconfig/mit-krb5-gssapi.pc
+#usr/lib/pkgconfig/mit-krb5.pc
+#usr/sbin/gss-server
+#usr/sbin/kadmin.local
+#usr/sbin/kadmind
+#usr/sbin/kdb5_util
+#usr/sbin/kprop
+#usr/sbin/kpropd
+#usr/sbin/kproplog
+#usr/sbin/krb5-send-pr
+#usr/sbin/krb5kdc
+#usr/sbin/sim_server
+#usr/sbin/sserver
+#usr/sbin/uuserver
+#usr/share/examples
+#usr/share/examples/krb5
+#usr/share/examples/krb5/kdc.conf
+#usr/share/examples/krb5/krb5.conf
+#usr/share/examples/krb5/services.append
+#usr/share/gnats
+#usr/share/gnats/mit
+#usr/share/locale/en_US
+#usr/share/locale/en_US/LC_MESSAGES
+#usr/share/locale/en_US/LC_MESSAGES/mit-krb5.mo
+#usr/share/man/cat1
+#usr/share/man/cat5
+#usr/share/man/cat8
+#usr/share/man/man1/k5srvutil.1
+#usr/share/man/man1/kadmin.1
+#usr/share/man/man1/kdestroy.1
+#usr/share/man/man1/kinit.1
+#usr/share/man/man1/klist.1
+#usr/share/man/man1/kpasswd.1
+#usr/share/man/man1/krb5-config.1
+#usr/share/man/man1/krb5-send-pr.1
+#usr/share/man/man1/ksu.1
+#usr/share/man/man1/kswitch.1
+#usr/share/man/man1/ktutil.1
+#usr/share/man/man1/kvno.1
+#usr/share/man/man1/sclient.1
+#usr/share/man/man5/.k5identity.5
+#usr/share/man/man5/.k5login.5
+#usr/share/man/man5/k5identity.5
+#usr/share/man/man5/k5login.5
+#usr/share/man/man5/kadm5.acl.5
+#usr/share/man/man5/kdc.conf.5
+#usr/share/man/man5/krb5.conf.5
+#usr/share/man/man8/kadmin.local.8
+#usr/share/man/man8/kadmind.8
+#usr/share/man/man8/kdb5_ldap_util.8
+#usr/share/man/man8/kdb5_util.8
+#usr/share/man/man8/kprop.8
+#usr/share/man/man8/kpropd.8
+#usr/share/man/man8/kproplog.8
+#usr/share/man/man8/krb5kdc.8
+#usr/share/man/man8/sserver.8
+var/lib/krb5kdc
var/ipfire/samba/smb.conf
var/ipfire/samba/smb.conf.default
var/lib/samba
+var/lib/samba/winbindd_privileged
var/log/samba
var/nmbd
etc/rc.d/init.d/samba
-etc/rc.d/init.d/winbind
srv/web/ipfire/cgi-bin/samba.cgi
srv/web/ipfire/cgi-bin/sambahlp.cgi
var/ipfire/menu.d/EX-samba.menu
WARNING: translation string unused: addon
WARNING: translation string unused: admin user password has been changed
WARNING: translation string unused: administrator user password
+WARNING: translation string unused: adsl settings
WARNING: translation string unused: advproxy LDAP auth
WARNING: translation string unused: advproxy NTLM auth
WARNING: translation string unused: advproxy advanced proxy
WARNING: translation string unused: add-route
WARNING: translation string unused: admin user password has been changed
WARNING: translation string unused: administrator user password
+WARNING: translation string unused: adsl settings
WARNING: translation string unused: advproxy LDAP auth
WARNING: translation string unused: advproxy NTLM auth
WARNING: translation string unused: advproxy advanced proxy
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: Set time on boot
WARNING: untranslated string: addons
+WARNING: untranslated string: administrator password
+WARNING: untranslated string: administrator username
+WARNING: untranslated string: advproxy AUTH method ntlm
+WARNING: untranslated string: advproxy AUTH method ntlm auth
WARNING: untranslated string: advproxy cache-digest
WARNING: untranslated string: advproxy errmsg cache
WARNING: untranslated string: advproxy errmsg invalid upstream proxy
WARNING: untranslated string: advproxy errmsg proxy ports equal
+WARNING: untranslated string: advproxy group access control
+WARNING: untranslated string: advproxy group required
WARNING: untranslated string: advproxy proxy port transparent
WARNING: untranslated string: atm device
WARNING: untranslated string: attention
WARNING: untranslated string: lifetime
WARNING: untranslated string: mac filter
WARNING: untranslated string: maximum
+WARNING: untranslated string: messages
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
WARNING: untranslated string: model
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: samba join a domain
+WARNING: untranslated string: samba join domain
WARNING: untranslated string: server restart
WARNING: untranslated string: show dh
WARNING: untranslated string: show tls-auth key
WARNING: untranslated string: Number of Countries for the pie chart
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: addons
+WARNING: untranslated string: administrator password
+WARNING: untranslated string: administrator username
+WARNING: untranslated string: advproxy AUTH method ntlm
+WARNING: untranslated string: advproxy AUTH method ntlm auth
WARNING: untranslated string: advproxy cache-digest
WARNING: untranslated string: advproxy errmsg cache
WARNING: untranslated string: advproxy errmsg invalid upstream proxy
WARNING: untranslated string: advproxy errmsg proxy ports equal
+WARNING: untranslated string: advproxy group access control
+WARNING: untranslated string: advproxy group required
WARNING: untranslated string: advproxy proxy port transparent
WARNING: untranslated string: atm device
WARNING: untranslated string: attention
WARNING: untranslated string: lifetime
WARNING: untranslated string: mac filter
WARNING: untranslated string: maximum
+WARNING: untranslated string: messages
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
WARNING: untranslated string: model
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: samba join a domain
+WARNING: untranslated string: samba join domain
WARNING: untranslated string: server restart
WARNING: untranslated string: show dh
WARNING: untranslated string: show tls-auth key
WARNING: untranslated string: MTU settings
WARNING: untranslated string: Number of Countries for the pie chart
WARNING: untranslated string: Scan for Songs
+WARNING: untranslated string: administrator password
+WARNING: untranslated string: administrator username
+WARNING: untranslated string: advproxy AUTH method ntlm
+WARNING: untranslated string: advproxy AUTH method ntlm auth
+WARNING: untranslated string: advproxy group access control
+WARNING: untranslated string: advproxy group required
WARNING: untranslated string: atm device
WARNING: untranslated string: bytes
WARNING: untranslated string: capabilities
WARNING: untranslated string: generate dh key
WARNING: untranslated string: imei
WARNING: untranslated string: imsi
+WARNING: untranslated string: messages
WARNING: untranslated string: model
WARNING: untranslated string: modem hardware details
WARNING: untranslated string: modem information
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: samba join a domain
+WARNING: untranslated string: samba join domain
WARNING: untranslated string: show dh
WARNING: untranslated string: show tls-auth key
WARNING: untranslated string: software version
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: Set time on boot
WARNING: untranslated string: addons
+WARNING: untranslated string: administrator password
+WARNING: untranslated string: administrator username
+WARNING: untranslated string: advproxy AUTH method ntlm
+WARNING: untranslated string: advproxy AUTH method ntlm auth
WARNING: untranslated string: advproxy cache-digest
WARNING: untranslated string: advproxy errmsg cache
WARNING: untranslated string: advproxy errmsg invalid upstream proxy
WARNING: untranslated string: advproxy errmsg proxy ports equal
+WARNING: untranslated string: advproxy group access control
+WARNING: untranslated string: advproxy group required
WARNING: untranslated string: advproxy proxy port transparent
WARNING: untranslated string: atm device
WARNING: untranslated string: attention
WARNING: untranslated string: lifetime
WARNING: untranslated string: mac filter
WARNING: untranslated string: maximum
+WARNING: untranslated string: messages
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
WARNING: untranslated string: model
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: samba join a domain
+WARNING: untranslated string: samba join domain
WARNING: untranslated string: server restart
WARNING: untranslated string: show dh
WARNING: untranslated string: show tls-auth key
WARNING: untranslated string: Number of Countries for the pie chart
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: addons
+WARNING: untranslated string: administrator password
+WARNING: untranslated string: administrator username
+WARNING: untranslated string: advproxy AUTH method ntlm
+WARNING: untranslated string: advproxy AUTH method ntlm auth
WARNING: untranslated string: advproxy cache-digest
WARNING: untranslated string: advproxy errmsg cache
WARNING: untranslated string: advproxy errmsg invalid upstream proxy
WARNING: untranslated string: advproxy errmsg proxy ports equal
+WARNING: untranslated string: advproxy group access control
+WARNING: untranslated string: advproxy group required
WARNING: untranslated string: advproxy proxy port transparent
WARNING: untranslated string: atm device
WARNING: untranslated string: attention
WARNING: untranslated string: lifetime
WARNING: untranslated string: mac filter
WARNING: untranslated string: maximum
+WARNING: untranslated string: messages
WARNING: untranslated string: minimum
WARNING: untranslated string: minute
WARNING: untranslated string: model
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: samba join a domain
+WARNING: untranslated string: samba join domain
WARNING: untranslated string: server restart
WARNING: untranslated string: show dh
WARNING: untranslated string: show tls-auth key
WARNING: untranslated string: MTU settings
WARNING: untranslated string: Number of Countries for the pie chart
WARNING: untranslated string: Scan for Songs
+WARNING: untranslated string: administrator password
+WARNING: untranslated string: administrator username
+WARNING: untranslated string: advproxy AUTH method ntlm
+WARNING: untranslated string: advproxy AUTH method ntlm auth
+WARNING: untranslated string: advproxy group access control
+WARNING: untranslated string: advproxy group required
WARNING: untranslated string: bytes
WARNING: untranslated string: capabilities
WARNING: untranslated string: default
WARNING: untranslated string: generate dh key
WARNING: untranslated string: imei
WARNING: untranslated string: imsi
+WARNING: untranslated string: messages
WARNING: untranslated string: model
WARNING: untranslated string: modem hardware details
WARNING: untranslated string: modem information
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: samba join a domain
+WARNING: untranslated string: samba join domain
WARNING: untranslated string: show dh
WARNING: untranslated string: show tls-auth key
WARNING: untranslated string: software version
# Checking cgi-bin translations for language: fr #
############################################################################
< addon
+< administrator password
+< administrator username
+< adsl settings
+< advproxy AUTH method ntlm
+< advproxy AUTH method ntlm auth
< advproxy cache-digest
< advproxy errmsg cache
< advproxy errmsg invalid upstream proxy
< advproxy errmsg proxy ports equal
+< advproxy group access control
+< advproxy group required
< advproxy proxy port transparent
< age second
< age seconds
< maximum
< MB read
< MB written
+< messages
< minimum
< minute
< model
< qos enter bandwidths
< random number generator daemon
< red1
+< samba join a domain
+< samba join domain
< server restart
< show dh
< snat new source ip address
# Checking cgi-bin translations for language: es #
############################################################################
< addon
+< administrator password
+< administrator username
+< adsl settings
+< advproxy AUTH method ntlm
+< advproxy AUTH method ntlm auth
< advproxy cache-digest
< advproxy errmsg cache
< advproxy errmsg invalid upstream proxy
< advproxy errmsg proxy ports equal
+< advproxy group access control
+< advproxy group required
< advproxy proxy port transparent
< age second
< age seconds
< maximum
< MB read
< MB written
+< messages
< minimum
< minute
< model
< qos enter bandwidths
< random number generator daemon
< red1
+< samba join a domain
+< samba join domain
< server restart
< Set time on boot
< show dh
# Checking cgi-bin translations for language: pl #
############################################################################
< addon
+< administrator password
+< administrator username
+< adsl settings
+< advproxy AUTH method ntlm
+< advproxy AUTH method ntlm auth
< advproxy cache-digest
< advproxy errmsg cache
< advproxy errmsg invalid upstream proxy
< advproxy errmsg proxy ports equal
+< advproxy group access control
+< advproxy group required
< advproxy proxy port transparent
< age second
< age seconds
< maximum
< MB read
< MB written
+< messages
< minimum
< minute
< model
< qos enter bandwidths
< random number generator daemon
< red1
+< samba join a domain
+< samba join domain
< server restart
< show dh
< snat new source ip address
############################################################################
< Add a route
< addon
+< administrator password
+< administrator username
+< adsl settings
+< advproxy AUTH method ntlm
+< advproxy AUTH method ntlm auth
< advproxy cache-digest
< advproxy errmsg cache
< advproxy errmsg invalid upstream proxy
< advproxy errmsg proxy ports equal
+< advproxy group access control
+< advproxy group required
< advproxy proxy port transparent
< age second
< age seconds
< maximum
< MB read
< MB written
+< messages
< minimum
< minute
< model
< qos enter bandwidths
< random number generator daemon
< red1
+< samba join a domain
+< samba join domain
< server restart
< show dh
< snat new source ip address
unless (-e $browserdb) { system("touch $browserdb"); }
unless (-e $mimetypes) { system("touch $mimetypes"); }
+my $HAVE_NTLM_AUTH = (-e "/usr/bin/ntlm_auth");
+
open FILE, $browserdb;
@useragentlist = sort { reverse(substr(reverse(substr($a,index($a,',')+1)),index(reverse(substr($a,index($a,','))),',')+1)) cmp reverse(substr(reverse(substr($b,index($b,',')+1)),index(reverse(substr($b,index($b,','))),',')+1))} grep !/(^$)|(^\s*#)/,<FILE>;
close(FILE);
$proxysettings{'LDAP_BINDDN_USER'} = '';
$proxysettings{'LDAP_BINDDN_PASS'} = '';
$proxysettings{'LDAP_GROUP'} = '';
+$proxysettings{'NTLM_AUTH_GROUP'} = '';
$proxysettings{'NTLM_DOMAIN'} = '';
$proxysettings{'NTLM_PDC'} = '';
$proxysettings{'NTLM_BDC'} = '';
$checked{'AUTH_METHOD'}{'ident'} = '';
$checked{'AUTH_METHOD'}{'ldap'} = '';
$checked{'AUTH_METHOD'}{'ntlm'} = '';
+$checked{'AUTH_METHOD'}{'ntlm-auth'} = '';
$checked{'AUTH_METHOD'}{'radius'} = '';
$checked{'AUTH_METHOD'}{$proxysettings{'AUTH_METHOD'}} = "checked='checked'";
END
;
-print <<END
+my $auth_columns = 5;
+if ($HAVE_NTLM_AUTH) {
+ $auth_columns++;
+}
+my $auth_column_width = 100 / $auth_columns;
+
+print <<END;
<table width='100%'>
<tr>
- <td colspan='5'><b>$Lang::tr{'advproxy AUTH method'}</b></td>
+ <td colspan='$auth_columns'><b>$Lang::tr{'advproxy AUTH method'}</b></td>
</tr>
<tr>
- <td width='16%' class='base'><input type='radio' name='AUTH_METHOD' value='none' $checked{'AUTH_METHOD'}{'none'} />$Lang::tr{'advproxy AUTH method none'}</td>
- <td width='16%' class='base'><input type='radio' name='AUTH_METHOD' value='ncsa' $checked{'AUTH_METHOD'}{'ncsa'} />$Lang::tr{'advproxy AUTH method ncsa'}</td>
- <td width='16%' class='base'><input type='radio' name='AUTH_METHOD' value='ident' $checked{'AUTH_METHOD'}{'ident'} />$Lang::tr{'advproxy AUTH method ident'}</td>
- <td width='16%' class='base'><input type='radio' name='AUTH_METHOD' value='ldap' $checked{'AUTH_METHOD'}{'ldap'} />$Lang::tr{'advproxy AUTH method ldap'}</td>
- <td width='16%' class='base'><input type='radio' name='AUTH_METHOD' value='ntlm' $checked{'AUTH_METHOD'}{'ntlm'} />$Lang::tr{'advproxy AUTH method ntlm'}</td>
- <td width='16%' class='base'><input type='radio' name='AUTH_METHOD' value='radius' $checked{'AUTH_METHOD'}{'radius'} />$Lang::tr{'advproxy AUTH method radius'}</td>
+ <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='none' $checked{'AUTH_METHOD'}{'none'} />$Lang::tr{'advproxy AUTH method none'}</td>
+ <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ncsa' $checked{'AUTH_METHOD'}{'ncsa'} />$Lang::tr{'advproxy AUTH method ncsa'}</td>
+ <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ident' $checked{'AUTH_METHOD'}{'ident'} />$Lang::tr{'advproxy AUTH method ident'}</td>
+ <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ldap' $checked{'AUTH_METHOD'}{'ldap'} />$Lang::tr{'advproxy AUTH method ldap'}</td>
+ <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ntlm' $checked{'AUTH_METHOD'}{'ntlm'} />$Lang::tr{'advproxy AUTH method ntlm'}</td>
+END
+
+if ($HAVE_NTLM_AUTH) {
+ print <<END;
+ <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='ntlm-auth' $checked{'AUTH_METHOD'}{'ntlm-auth'} />$Lang::tr{'advproxy AUTH method ntlm auth'}</td>
+END
+}
+
+print <<END
+ <td width='$auth_column_width%' class='base'><input type='radio' name='AUTH_METHOD' value='radius' $checked{'AUTH_METHOD'}{'radius'} />$Lang::tr{'advproxy AUTH method radius'}</td>
</tr>
</table>
END
END
; }
+# ===================================================================
+# NTLM-AUTH settings
+# ===================================================================
+
+if ($proxysettings{'AUTH_METHOD'} eq 'ntlm-auth') {
+ print <<END;
+ <hr size ='1'>
+ <table width='100%'>
+ <tr>
+ <td colspan='4'><b>$Lang::tr{'advproxy group access control'}</b></td>
+ </tr>
+ <tr>
+ <td width='20%' class='base'>$Lang::tr{'advproxy group required'}: <img src='/blob.gif' alt='*' /></td>
+ <td width='40%'><input type='text' name='NTLM_AUTH_GROUP' value='$proxysettings{'NTLM_AUTH_GROUP'}' size='37' /></td>
+ <td> </td>
+ <td> </td>
+ </tr>
+ </table>
+END
+}
+
# ===================================================================
# LDAP auth settings
# ===================================================================
print FILE <<END
cache_effective_user squid
-cache_effective_group squid
umask 022
pid_filename /var/run/squid.pid
}
}
+ if ($proxysettings{'AUTH_METHOD'} eq 'ntlm-auth')
+ {
+ print FILE "auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp";
+ if ($proxysettings{'NTLM_AUTH_GROUP'}) {
+ my $ntlm_auth_group = $proxysettings{'NTLM_AUTH_GROUP'};
+ $ntlm_auth_group =~ s/\\/\+/;
+
+ print FILE " --require-membership-of=\"$ntlm_auth_group\"";
+ }
+ print FILE "\n";
+
+ print FILE "auth_param ntlm children $proxysettings{'AUTH_CHILDREN'}\n";
+ }
+
if ($proxysettings{'AUTH_METHOD'} eq 'radius')
{
print FILE "auth_param basic program $authdir/basic_radius_auth -h $proxysettings{'RADIUS_SERVER'} -p $proxysettings{'RADIUS_PORT'} ";
############################################################################################################################
############################################# Samba Dienste fr Statusberprfung ##########################################
-my %servicenames = ('SMB Daemon' => 'smbd','NetBIOS Nameserver' => 'nmbd');
-#my %servicenames = ('SMB Daemon' => 'smbd','NetBIOS Nameserver' => 'nmbd','Winbind Daemon' => 'winbindd');
+my %servicenames = ('SMB Daemon' => 'smbd', 'NetBIOS Nameserver' => 'nmbd', 'Winbind Daemon' => 'winbindd');
&Header::showhttpheaders();
refreshpage();
}
+if ($sambasettings{'ACTION'} eq 'join') {
+ $message .= &joindomain($sambasettings{'USERNAME'}, $sambasettings{'PASSWORD'});
+}
+
############################################################################################################################
################################################ Sicherheitsabfrage für den Reset ##########################################
netbios name = $sambasettings{'NETBIOSNAME'}
server string = $sambasettings{'SRVSTRING'}
workgroup = $sambasettings{'WORKGRP'}
+realm = $mainsettings{'DOMAINNAME'}
passdb backend = smbpasswd
wide links = $sambasettings{'WIDELINKS'}
wins support = $sambasettings{'WINSSUPPORT'}
wins server = $sambasettings{'WINSSRV'}
+winbind separator = +
+winbind uid = 10000-20000
+winbind gid = 10000-20000
+winbind use default domain = yes
+
log file = /var/log/samba/samba-log.%m
-lock directory = /var/lock/samba
pid directory = /var/run/
log level = $sambasettings{'LOGLEVEL'}
syslog = $sambasettings{'SYSLOGLEVEL'}
&Header::closebox();
}
+if ($message) {
+ $message = &Header::cleanhtml($message);
+ $message =~ s/\n/<br>/g;
+
+ &Header::openbox('100%', 'left', $Lang::tr{'messages'});
+ print "$message\n";
+ &Header::closebox();
+}
+
############################################################################################################################
########################################## Aktivieren von Checkboxen und Dropdowns #########################################
print <<END
<br />
<table width='95%' cellspacing='0'>
-END
-;
-if ( $message ne "" )
- {
- print "<tr><td colspan='3' align='left'><font color='red'>$message</font>";
- }
-
-print <<END
<tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'all services'}</b></td></tr>
</table><table width='95%' cellspacing='0'>
END
&Header::closebox();
}
+if ($sambasettings{'SECURITY'} eq "ADS") {
+ &Header::openbox('100%', 'center', $Lang::tr{'samba join a domain'});
+
+ my $AD_DOMAINNAME = uc($mainsettings{'DOMAINNAME'});
+
+ print <<END;
+ <form method="POST" action="$ENV{'SCRIPT_NAME'}">
+ <input type="hidden" name="ACTION" value="join">
+
+ <table width="95%">
+ <tbody>
+ <tr>
+ <td width="40%">
+ $Lang::tr{'domain'}
+ </td>
+ <td>
+ $AD_DOMAINNAME
+ </td>
+ </tr>
+ <tr>
+ <td width="40%">
+ $Lang::tr{'administrator username'}
+ </td>
+ <td>
+ <input type="text" name="USERNAME" size="30">
+ </td>
+ </tr>
+ <tr>
+ <td width="40%">
+ $Lang::tr{'administrator password'}
+ </td>
+ <td>
+ <input type="password" name="PASSWORD" size="30">
+ </td>
+ </tr>
+ <tr>
+ <td></td>
+ <td>
+ <input type="submit" value="$Lang::tr{'samba join domain'}">
+ </td>
+ </tr>
+ </tbody>
+ </table>
+ </form>
+END
+
+ &Header::closebox();
+}
+
############################################################################################################################
############################################### Verwalten von Freigaben ####################################################
}
return $status;
}
+
+sub joindomain {
+ my $username = shift;
+ my $password = shift;
+
+ my @options = ("/usr/local/bin/sambactrl", "join", $username, $password);
+ my $output = qx(@options);
+
+ return $output;
+}
'addon' => 'Addons',
'admin user password has been changed' => 'Passwort für Benutzer admin wurde geändert.',
'admin users' => 'Liste der Benutzer mit Super User Rechten',
+'administrator password' => 'Administrator-Passwort',
'administrator user password' => 'Passwort für Benutzer "admin":',
+'administrator username' => 'Administrator-Benutzername',
+'adsl settings' => 'ADSL-Einstellungen',
'advanced' => 'Erweitert',
'advanced server' => 'Erweiterte Server-Optionen',
'advproxy AUTH always required' => 'Authentifizierung für uneingeschränkte Quelladressen erforderlich',
'advproxy AUTH method ldap' => 'LDAP',
'advproxy AUTH method ncsa' => 'Lokal',
'advproxy AUTH method none' => 'Keine',
-'advproxy AUTH method ntlm' => 'Windows',
+'advproxy AUTH method ntlm' => 'Windows NT4-Domäne',
+'advproxy AUTH method ntlm auth' => 'Windows Active Directory',
'advproxy AUTH method radius' => 'RADIUS',
'advproxy AUTH no auth' => 'Domains ohne Authentifizierung (eine pro Zeile)',
'advproxy AUTH number of auth processes' => 'Anzahl der Authentifizierungsprozesse',
'advproxy fake useragent' => 'Gefälschter Useragent für externe Web-Sites',
'advproxy friday' => 'Fre',
'advproxy from' => 'Von',
+'advproxy group access control' => 'Gruppenbasierte Zugriffskontrolle',
+'advproxy group required' => 'Erforderliche Gruppe',
'advproxy hdd cache size' => 'Cachegröße auf der Festplatte (MB)',
'advproxy invalid num of children' => 'Ungültige Anzahl der Filter-Prozesse',
'advproxy log enabled' => 'Protokoll aktiviert',
'memory' => 'Speicher',
'memory information' => 'Speicherinformationen',
'memory usage per' => 'Speichernutzung pro',
+'messages' => 'Meldungen',
'messages logging' => 'Logeinstellungen für /var/log/messages',
'method' => 'Methode:',
'min costs' => 'Minimale Kosten',
'running' => 'LÄUFT',
'safe removal of umounted device' => 'Sie können gefahrlos das abgemeldete Gerät entfernen',
'samba' => 'Samba',
+'samba join a domain' => 'Einer Domäne beitreten',
+'samba join domain' => 'Domäne beitreten',
'samba status' => 'Samba Status',
'saturday' => 'Samstag',
'save' => 'Speichern',
'addons' => 'Addons',
'admin user password has been changed' => 'Admin user password has been changed.',
'admin users' => 'User with superuser rights',
+'administrator password' => 'Administrator password',
'administrator user password' => 'Admin user password:',
+'administrator username' => 'Administrator username',
+'adsl settings' => 'ADSL settings',
'advanced' => 'Advanced',
'advanced server' => 'Advanced server options',
'advproxy AUTH always required' => 'Require authentication for unrestricted source addresses',
'advproxy AUTH method ldap' => 'LDAP',
'advproxy AUTH method ncsa' => 'Local',
'advproxy AUTH method none' => 'None',
-'advproxy AUTH method ntlm' => 'Windows',
+'advproxy AUTH method ntlm' => 'Windows NT4 Domain',
+'advproxy AUTH method ntlm auth' => 'Windows Active Directory',
'advproxy AUTH method radius' => 'RADIUS',
'advproxy AUTH no auth' => 'Domains without authentication (one per line)',
'advproxy AUTH number of auth processes' => 'Number of authentication processes',
'advproxy fake useragent' => 'Fake useragent submitted to external sites',
'advproxy friday' => 'Fri',
'advproxy from' => 'From',
+'advproxy group access control' => 'Group based access control',
+'advproxy group required' => 'Required group',
'advproxy hdd cache size' => 'Harddisk cache size (MB)',
'advproxy invalid num of children' => 'Invalid number of filter processes',
'advproxy log enabled' => 'Log enabled',
'memory' => 'Memory',
'memory information' => 'Memory information',
'memory usage per' => 'Memory Usage per',
+'messages' => 'Messages',
'messages logging' => 'Logsettings for /var/log/messages',
'method' => 'Method:',
'min costs' => 'Minimum costs',
'running' => 'RUNNING',
'safe removal of umounted device' => 'You can safely remove the unmounted device',
'samba' => 'Samba',
+'samba join a domain' => 'Join a domain',
+'samba join domain' => 'Join domain',
'samba status' => 'Samba Status',
'saturday' => 'Saturday',
'save' => 'Save',
'advproxy AUTH method ldap' => 'LDAP',
'advproxy AUTH method ncsa' => 'Local',
'advproxy AUTH method none' => 'Ninguno',
-'advproxy AUTH method ntlm' => 'Windows',
'advproxy AUTH method radius' => 'RADIUS',
'advproxy AUTH no auth' => 'Dominios sin autenticación (uno por línea)',
'advproxy AUTH number of auth processes' => 'Número de proceso de autenticación',
'advproxy AUTH method ldap' => 'LDAP',
'advproxy AUTH method ncsa' => 'Local',
'advproxy AUTH method none' => 'Rien',
-'advproxy AUTH method ntlm' => 'Windows',
'advproxy AUTH method radius' => 'RADIUS',
'advproxy AUTH no auth' => 'Domaines sans authentification (un par ligne)',
'advproxy AUTH number of auth processes' => 'Nombre de processus d\'authentification',
'advproxy AUTH method ldap' => 'LDAP',
'advproxy AUTH method ncsa' => 'Lokaal',
'advproxy AUTH method none' => 'Geen',
-'advproxy AUTH method ntlm' => 'Windows',
'advproxy AUTH method radius' => 'RADIUS',
'advproxy AUTH no auth' => 'Domeinen zonder authenticatie (een per regel)',
'advproxy AUTH number of auth processes' => 'Aantal authenticatieprocessen',
'advproxy AUTH method ldap' => 'LDAP',
'advproxy AUTH method ncsa' => 'Local',
'advproxy AUTH method none' => 'None',
-'advproxy AUTH method ntlm' => 'Windows',
'advproxy AUTH method radius' => 'RADIUS',
'advproxy AUTH no auth' => 'Domeny bez autoryzacji (jedna w linii)',
'advproxy AUTH number of auth processes' => 'Liczba procesów autoryzujących',
'advproxy AUTH method ldap' => 'LDAP',
'advproxy AUTH method ncsa' => 'Локальный',
'advproxy AUTH method none' => 'Нет',
-'advproxy AUTH method ntlm' => 'Windows',
'advproxy AUTH method radius' => 'RADIUS',
'advproxy AUTH no auth' => 'Домен без аутентификации (один на строчку)',
'advproxy AUTH number of auth processes' => 'Кол-во процессов аутентификации',
'advproxy AUTH method ldap' => 'LDAP',
'advproxy AUTH method ncsa' => 'Yerel',
'advproxy AUTH method none' => 'Yok',
-'advproxy AUTH method ntlm' => 'Windows',
'advproxy AUTH method radius' => 'RADIUS',
'advproxy AUTH no auth' => 'Kimlik doğrulaması olmayan hedefler (her satırda bir tane)',
'advproxy AUTH number of auth processes' => 'Kimlik doğrulama işlemlerinin sayısı',
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 1.12.1
+
+THISAPP = krb5-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)/src
+TARGET = $(DIR_INFO)/$(THISAPP)
+PROG = krb5
+PAK_VER = 1
+
+DEPS = ""
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 4a631b3474d3e44773f1ecda96f04400
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+dist:
+ @$(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && patch -Np2 < $(DIR_SRC)/src/patches/mitkrb-1.12.1-db2_fix-1.patch
+
+ cd $(DIR_APP) && sed -e "s@python2.5/Python.h@& python2.7/Python.h@g" \
+ -e "s@-lpython2.5]@&,\n AC_CHECK_LIB(python2.7,main,[PYTHON_LIB=-lpython2.7])@g" \
+ -i configure.in
+ cd $(DIR_APP) && autoconf
+
+ cd $(DIR_APP) && ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --localstatedir=/var/lib \
+ --with-system-et \
+ --with-system-ss \
+ --enable-dns-for-realm \
+ CPPFLAGS="-I/usr/include/et"
+
+ cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
+ cd $(DIR_APP) && make $(EXTRA_INSTALL) install
+
+ for LIB in gssapi_krb5 gssrpc k5crypto kadm5clnt kadm5srv \
+ kdb5 kdb_ldap krad krb5 krb5support verto; do \
+ chmod -f -v 755 "/usr/lib/lib$$LIB.so"; \
+ done
+
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
PROG = samba
PAK_VER = 58
-DEPS = "cups"
+DEPS = "cups krb5"
###############################################################################
# Top-level Rules
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP)/source3 && ./configure \
- --prefix=/usr \
- --libdir=/usr/lib/ \
- --sysconfdir=/var/ipfire \
- --localstatedir=/var \
- --with-piddir=/var/run \
- --with-fhs \
- --with-winbind \
- --disable-swat \
- --enable-cups \
- --with-syslog
+ --prefix=/usr \
+ --libdir=/usr/lib/ \
+ --sysconfdir=/var/ipfire \
+ --localstatedir=/var \
+ --with-cachedir=/var/lib/samba \
+ --with-lockdir=/var/lib/samba \
+ --with-piddir=/var/run \
+ --with-ads \
+ --with-acl-support \
+ --with-libsmbclient \
+ --with-libsmbsharemodes \
+ --with-sendfile-support \
+ --without-smbwrapper \
+ --with-mmap \
+ --with-fhs \
+ --with-vfs \
+ --with-winbind \
+ --disable-swat \
+ --enable-cups \
+ --disable-avahi \
+ --with-syslog
cd $(DIR_APP)/source3 && make proto && make all $(MAKETUNING) $(EXTRA_MAKE)
cd $(DIR_APP)/source3 && make install
cd $(DIR_APP)/source3 && chmod -v 644 /usr/include/libsmbclient.h
cat /var/ipfire/samba/global /var/ipfire/samba/shares > /var/ipfire/samba/smb.conf
-mkdir -p /var/log/samba
install -v -m 644 $(DIR_SRC)/config/backup/includes/samba /var/ipfire/backup/addons/includes/samba
+
+ -mkdir -p 750 /var/lib/samba/winbindd_privileged
+ chgrp wbpriv /var/lib/samba/winbindd_privileged
+
@rm -rf $(DIR_APP)
@$(POSTBUILD)
ipfiremake foomatic
ipfiremake hplip
ipfiremake cifs-utils
+ ipfiremake krb5
ipfiremake samba
ipfiremake sudo
ipfiremake mc
# Based on sysklogd script from LFS-3.1 and earlier.
# Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org
-#$LastChangedBy: bdubbs $
-#$Date: 2005-08-01 14:29:19 -0500 (Mon, 01 Aug 2005) $
-
. /etc/sysconfig/rc
. $rc_functions
+function fix_permissions() {
+ local lockdir="/var/lib/samba/winbindd_privileged"
+
+ chmod 750 "${lockdir}"
+ chgrp wbpriv "${lockdir}"
+}
+
case "$1" in
start)
+ fix_permissions
+
boot_mesg "Starting nmbd..."
loadproc /usr/sbin/nmbd -D
boot_mesg "Starting smbd..."
loadproc /usr/sbin/smbd -D
+
+ boot_mesg "Starting winbind..."
+ loadproc /usr/sbin/winbindd
;;
stop)
boot_mesg "Stopping nmbd..."
killproc -p /var/run/nmbd.pid /usr/sbin/nmbd
+
+ boot_mesg "Stopping winbind..."
+ killproc -p /var/run/winbindd.pid /usr/sbin/winbindd
;;
reload)
boot_mesg "Reloading nmbd..."
reloadproc /usr/sbin/nmbd
+
+ boot_mesg "Reloading winbind..."
+ reloadproc /usr/sbin/winbindd
;;
restart)
status)
statusproc /usr/sbin/nmbd
statusproc /usr/sbin/smbd
+ statusproc /usr/sbin/winbindd
;;
*)
+++ /dev/null
-#!/bin/bash
-# Begin $rc_base/init.d/winbind
-
-# Based on sysklogd script from LFS-3.1 and earlier.
-# Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org
-
-#$LastChangedBy: bdubbs $
-#$Date: 2005-08-01 14:29:19 -0500 (Mon, 01 Aug 2005) $
-
-. /etc/sysconfig/rc
-. $rc_functions
-
-PIDFILE="/var/run/winbindd.pid"
-KILLDELAY="10"
-
-case "$1" in
-
- start)
- boot_mesg "Starting winbind..."
- loadproc /usr/sbin/winbindd
- ;;
-
- stop)
- boot_mesg "Stopping winbind..."
- killproc -p ${PIDFILE} /usr/sbin/winbind
- ;;
-
- reload)
- boot_mesg "Reloading winbind..."
- reloadproc /usr/sbin/winbindd
- ;;
-
- restart)
- $0 stop
- sleep 1
- $0 start
- ;;
-
- status)
- statusproc /usr/sbin/winbindd
- ;;
-
- *)
- echo "Usage: $0 {start|stop|reload|restart|status}"
- exit 1
- ;;
-
-esac
-
-# End $rc_base/init.d/winbind
char command[BUFFER_SIZE];
-int main(int argc, char *argv[])
-{
+int main(int argc, char *argv[]) {
+ if (!(initsetuid()))
+ exit(1);
-if (!(initsetuid()))
-exit(1);
+ // Check what command is asked
+ if (argc == 1) {
+ fprintf (stderr, "Missing smbctrl command!\n");
+ return 1;
-// Check what command is asked
-if (argc==1)
-{
-fprintf (stderr, "Missing smbctrl command!\n");
-return 1;
-}
-else if (strcmp(argv[1], "smbuserdisable")==0)
-{
-snprintf(command, BUFFER_SIZE-1, "/usr/bin/smbpasswd -d %s >/dev/null", argv[2]);
-safe_system(command);
-return 0;
-}
-else if (strcmp(argv[1], "smbuserenable")==0)
-{
-snprintf(command, BUFFER_SIZE-1, "/usr/bin/smbpasswd -e %s >/dev/null", argv[2]);
-safe_system(command);
-return 0;
-}
-else if (strcmp(argv[1], "smbuserdelete")==0)
-{
-snprintf(command, BUFFER_SIZE-1, "/usr/bin/smbpasswd -x %s >/dev/null", argv[2]);
-safe_system(command);
-snprintf(command, BUFFER_SIZE-1, "/usr/sbin/userdel %s >/dev/null", argv[2]);
-safe_system(command);
-return 0;
-}
-else if (strcmp(argv[1], "smbsafeconf")==0)
-{
-safe_system("/bin/cat /var/ipfire/samba/global /var/ipfire/samba/shares > /var/ipfire/samba/smb.conf");
-return 0;
-}
-else if (strcmp(argv[1], "smbsafeconfcups")==0)
-{
-safe_system("/bin/cat /var/ipfire/samba/global /var/ipfire/samba/shares /var/ipfire/samba/printer > /var/ipfire/samba/smb.conf");
-return 0;
-}
-else if (strcmp(argv[1], "smbsafeconfpdc")==0)
-{
-safe_system("/bin/cat /var/ipfire/samba/global /var/ipfire/samba/pdc /var/ipfire/samba/shares > /var/ipfire/samba/smb.conf");
-return 0;
-}
-else if (strcmp(argv[1], "smbsafeconfpdccups")==0)
-{
-safe_system("/bin/cat /var/ipfire/samba/global /var/ipfire/samba/pdc /var/ipfire/samba/shares /var/ipfire/samba/printer > /var/ipfire/samba/smb.conf");
-return 0;
-}
-else if (strcmp(argv[1], "smbglobalreset")==0)
-{
-safe_system("/bin/cat /var/ipfire/samba/default.global /var/ipfire/samba/shares > /var/ipfire/samba/smb.conf");
-safe_system("/bin/cat /var/ipfire/samba/default.settings > /var/ipfire/samba/settings");
-safe_system("/bin/cat /var/ipfire/samba/default.global > /var/ipfire/samba/global");
-safe_system("/bin/cat /var/ipfire/samba/default.pdc > /var/ipfire/samba/pdc");
-return 0;
-}
-else if (strcmp(argv[1], "smbsharesreset")==0)
-{
-safe_system("/bin/cat /var/ipfire/samba/global /var/ipfire/samba/default.shares > /var/ipfire/samba/smb.conf");
-safe_system("/bin/cat /var/ipfire/samba/default.shares > /var/ipfire/samba/shares");
-return 0;
-}
-else if (strcmp(argv[1], "smbprinterreset")==0)
-{
-safe_system("/bin/cat /var/ipfire/samba/global /var/ipfire/samba/shares /var/default.printer > /var/ipfire/samba/smb.conf");
-safe_system("/bin/cat /var/ipfire/samba/default.printer > /var/ipfire/samba/printer");
-return 0;
-}
-else if (strcmp(argv[1], "smbstop")==0)
-{
-safe_system("/etc/rc.d/init.d/samba stop >/dev/null");
-safe_system("/usr/local/bin/sambactrl disable");
-return 0;
-}
-else if (strcmp(argv[1], "smbstart")==0)
-{
-safe_system("/etc/rc.d/init.d/samba start >/dev/null");
-safe_system("/usr/local/bin/sambactrl enable");
-return 0;
-}
-else if (strcmp(argv[1], "smbrestart")==0)
-{
-safe_system("/etc/rc.d/init.d/samba restart >/dev/null");
-return 0;
-}
-else if (strcmp(argv[1], "smbreload")==0)
-{
-safe_system("/etc/rc.d/init.d/samba reload >/dev/null");
-return 0;
-}
-else if (strcmp(argv[1], "smbstatus")==0)
-{
-snprintf(command, BUFFER_SIZE-1, "/usr/bin/smbstatus 2>/dev/null");
-safe_system(command);
-return 0;
-}
-else if (strcmp(argv[1], "smbuseradd")==0)
-{
-snprintf(command, BUFFER_SIZE-1, "/usr/sbin/groupadd sambauser >/dev/null");
-safe_system(command);
-snprintf(command, BUFFER_SIZE-1, "/usr/sbin/useradd -c 'Samba User' -m -g %s -s %s %s >/dev/null", argv[4], argv[5], argv[2]);
-safe_system(command);
-snprintf(command, BUFFER_SIZE-1, "echo %s:%s | chpasswd", argv[2], argv[3]);
-safe_system(command);
-snprintf(command, BUFFER_SIZE-1, "/usr/bin/printf '%s\n%s\n' | /usr/bin/smbpasswd -as %s >/dev/null", argv[3], argv[3], argv[2]);
-safe_system(command);
-return 0;
-}
-else if (strcmp(argv[1], "smbpcadd")==0)
-{
-snprintf(command, BUFFER_SIZE-1, "/usr/sbin/groupadd sambawks >/dev/null");
-safe_system(command);
-snprintf(command, BUFFER_SIZE-1, "/usr/sbin/useradd -c 'Samba Workstation' -g %s -s %s %s >/dev/null", argv[3], argv[4], argv[2]);
-safe_system(command);
-snprintf(command, BUFFER_SIZE-1, "/usr/bin/smbpasswd -a -m %s >/dev/null", argv[2]);
-safe_system(command);
-return 0;
-}
-else if (strcmp(argv[1], "smbchangepw")==0)
-{
-snprintf(command, BUFFER_SIZE-1, "echo %s:%s | chpasswd", argv[2], argv[3]);
-safe_system(command);
-snprintf(command, BUFFER_SIZE-1, "/usr/bin/printf '%s\n%s\n' | /usr/bin/smbpasswd -as %s >/dev/null", argv[3], argv[3], argv[2]);
-safe_system(command);
-return 0;
-}
-else if (strcmp(argv[1], "readsmbpasswd")==0)
-{
-safe_system("/bin/chown root:nobody /var/ipfire/samba/private >/dev/null");
-safe_system("/bin/chown root:nobody /var/ipfire/samba/private/smbpasswd >/dev/null");
-safe_system("/bin/chmod 640 /var/ipfire/samba/private/smbpasswd >/dev/null");
-safe_system("/bin/chmod 650 /var/ipfire/samba/private >/dev/null");
-return 0;
-}
-else if (strcmp(argv[1], "locksmbpasswd")==0)
-{
-safe_system("/bin/chown root:root /var/ipfire/samba/private >/dev/null");
-safe_system("/bin/chown root:root /var/ipfire/samba/private/smbpasswd >/dev/null");
-safe_system("/bin/chmod 600 /var/ipfire/samba/private/smbpasswd >/dev/null");
-safe_system("/bin/chmod 600 /var/ipfire/samba/private >/dev/null");
-return 0;
-}
-else if (strcmp(argv[1], "enable")==0)
-{
-safe_system("touch /var/ipfire/samba/enable");
-safe_system("ln -snf /etc/rc.d/init.d/samba /etc/rc.d/rc3.d/S45samba");
-safe_system("ln -snf /etc/rc.d/init.d/samba /etc/rc.d/rc0.d/K48samba");
-safe_system("ln -snf /etc/rc.d/init.d/samba /etc/rc.d/rc6.d/K48samba");
-return 0;
-}
-else if (strcmp(argv[1], "disable")==0)
-{
-safe_system("unlink /var/ipfire/samba/enable");
-safe_system("rm -rf /etc/rc.d/rc*.d/*samba");
-return 0;
-}
-return 0;
+ } else if (strcmp(argv[1], "smbuserdisable") == 0) {
+ snprintf(command, BUFFER_SIZE-1, "/usr/bin/smbpasswd -d %s >/dev/null", argv[2]);
+ safe_system(command);
+
+ } else if (strcmp(argv[1], "smbuserenable") == 0) {
+ snprintf(command, BUFFER_SIZE-1, "/usr/bin/smbpasswd -e %s >/dev/null", argv[2]);
+ safe_system(command);
+
+ } else if (strcmp(argv[1], "smbuserdelete") == 0) {
+ snprintf(command, BUFFER_SIZE-1, "/usr/bin/smbpasswd -x %s >/dev/null", argv[2]);
+ safe_system(command);
+
+ snprintf(command, BUFFER_SIZE-1, "/usr/sbin/userdel %s >/dev/null", argv[2]);
+ safe_system(command);
+
+ } else if (strcmp(argv[1], "smbsafeconf") == 0) {
+ safe_system("/bin/cat /var/ipfire/samba/global /var/ipfire/samba/shares > /var/ipfire/samba/smb.conf");
+
+ } else if (strcmp(argv[1], "smbsafeconfcups") == 0) {
+ safe_system("/bin/cat /var/ipfire/samba/global /var/ipfire/samba/shares /var/ipfire/samba/printer > /var/ipfire/samba/smb.conf");
+
+ } else if (strcmp(argv[1], "smbsafeconfpdc") == 0) {
+ safe_system("/bin/cat /var/ipfire/samba/global /var/ipfire/samba/pdc /var/ipfire/samba/shares > /var/ipfire/samba/smb.conf");
+
+ } else if (strcmp(argv[1], "smbsafeconfpdccups") == 0) {
+ safe_system("/bin/cat /var/ipfire/samba/global /var/ipfire/samba/pdc /var/ipfire/samba/shares /var/ipfire/samba/printer > /var/ipfire/samba/smb.conf");
+
+ } else if (strcmp(argv[1], "smbglobalreset") == 0) {
+ safe_system("/bin/cat /var/ipfire/samba/default.global /var/ipfire/samba/shares > /var/ipfire/samba/smb.conf");
+ safe_system("/bin/cat /var/ipfire/samba/default.settings > /var/ipfire/samba/settings");
+ safe_system("/bin/cat /var/ipfire/samba/default.global > /var/ipfire/samba/global");
+ safe_system("/bin/cat /var/ipfire/samba/default.pdc > /var/ipfire/samba/pdc");
+
+ } else if (strcmp(argv[1], "smbsharesreset") == 0) {
+ safe_system("/bin/cat /var/ipfire/samba/global /var/ipfire/samba/default.shares > /var/ipfire/samba/smb.conf");
+ safe_system("/bin/cat /var/ipfire/samba/default.shares > /var/ipfire/samba/shares");
+
+ } else if (strcmp(argv[1], "smbprinterreset") == 0) {
+ safe_system("/bin/cat /var/ipfire/samba/global /var/ipfire/samba/shares /var/default.printer > /var/ipfire/samba/smb.conf");
+ safe_system("/bin/cat /var/ipfire/samba/default.printer > /var/ipfire/samba/printer");
+
+ } else if (strcmp(argv[1], "smbstop") == 0) {
+ safe_system("/etc/rc.d/init.d/samba stop >/dev/null");
+ safe_system("/usr/local/bin/sambactrl disable");
+
+ } else if (strcmp(argv[1], "smbstart") == 0) {
+ safe_system("/etc/rc.d/init.d/samba start >/dev/null");
+ safe_system("/usr/local/bin/sambactrl enable");
+
+ } else if (strcmp(argv[1], "smbrestart") == 0) {
+ safe_system("/etc/rc.d/init.d/samba restart >/dev/null");
+
+ } else if (strcmp(argv[1], "smbreload") == 0) {
+ safe_system("/etc/rc.d/init.d/samba reload >/dev/null");
+
+ } else if (strcmp(argv[1], "smbstatus") == 0) {
+ snprintf(command, BUFFER_SIZE-1, "/usr/bin/smbstatus 2>/dev/null");
+ safe_system(command);
+
+ } else if (strcmp(argv[1], "smbuseradd") == 0) {
+ snprintf(command, BUFFER_SIZE-1, "/usr/sbin/groupadd sambauser >/dev/null");
+ safe_system(command);
+
+ snprintf(command, BUFFER_SIZE-1, "/usr/sbin/useradd -c 'Samba User' -m -g %s -s %s %s >/dev/null", argv[4], argv[5], argv[2]);
+ safe_system(command);
+
+ snprintf(command, BUFFER_SIZE-1, "echo %s:%s | chpasswd", argv[2], argv[3]);
+ safe_system(command);
+
+ snprintf(command, BUFFER_SIZE-1, "/usr/bin/printf '%s\n%s\n' | /usr/bin/smbpasswd -as %s >/dev/null", argv[3], argv[3], argv[2]);
+ safe_system(command);
+
+ } else if (strcmp(argv[1], "smbpcadd") == 0) {
+ snprintf(command, BUFFER_SIZE-1, "/usr/sbin/groupadd sambawks >/dev/null");
+ safe_system(command);
+
+ snprintf(command, BUFFER_SIZE-1, "/usr/sbin/useradd -c 'Samba Workstation' -g %s -s %s %s >/dev/null", argv[3], argv[4], argv[2]);
+ safe_system(command);
+
+ snprintf(command, BUFFER_SIZE-1, "/usr/bin/smbpasswd -a -m %s >/dev/null", argv[2]);
+ safe_system(command);
+
+ } else if (strcmp(argv[1], "smbchangepw") == 0) {
+ snprintf(command, BUFFER_SIZE-1, "echo %s:%s | chpasswd", argv[2], argv[3]);
+ safe_system(command);
+
+ snprintf(command, BUFFER_SIZE-1, "/usr/bin/printf '%s\n%s\n' | /usr/bin/smbpasswd -as %s >/dev/null", argv[3], argv[3], argv[2]);
+ safe_system(command);
+
+ } else if (strcmp(argv[1], "readsmbpasswd") == 0) {
+ safe_system("/bin/chown root:nobody /var/ipfire/samba/private >/dev/null");
+ safe_system("/bin/chown root:nobody /var/ipfire/samba/private/smbpasswd >/dev/null");
+ safe_system("/bin/chmod 640 /var/ipfire/samba/private/smbpasswd >/dev/null");
+ safe_system("/bin/chmod 650 /var/ipfire/samba/private >/dev/null");
+
+ } else if (strcmp(argv[1], "locksmbpasswd") == 0) {
+ safe_system("/bin/chown root:root /var/ipfire/samba/private >/dev/null");
+ safe_system("/bin/chown root:root /var/ipfire/samba/private/smbpasswd >/dev/null");
+ safe_system("/bin/chmod 600 /var/ipfire/samba/private/smbpasswd >/dev/null");
+ safe_system("/bin/chmod 600 /var/ipfire/samba/private >/dev/null");
+
+ } else if (strcmp(argv[1], "enable") == 0) {
+ safe_system("touch /var/ipfire/samba/enable");
+ safe_system("ln -snf /etc/rc.d/init.d/samba /etc/rc.d/rc3.d/S45samba");
+ safe_system("ln -snf /etc/rc.d/init.d/samba /etc/rc.d/rc0.d/K48samba");
+ safe_system("ln -snf /etc/rc.d/init.d/samba /etc/rc.d/rc6.d/K48samba");
+
+ } else if (strcmp(argv[1], "disable") == 0) {
+ safe_system("unlink /var/ipfire/samba/enable");
+ safe_system("rm -rf /etc/rc.d/rc*.d/*samba");
+
+ } else if (strcmp(argv[1], "join") == 0) {
+ if (argc == 4) {
+ snprintf(command, BUFFER_SIZE - 1, "/usr/bin/net join -U \"%s%%%s\"",
+ argv[2], argv[3]);
+ return safe_system(command);
+ } else {
+ fprintf(stderr, "Wrong number of arguments. Need username and password.\n");
+ return 1;
+ }
+ }
+
+ return 0;
}
############################################################################
#
. /opt/pakfire/lib/functions.sh
+
+# If the wbpriv group does not exist yet, then create it and put squid
+# into it.
+if ! getent group wbpriv >/dev/null; then
+ groupadd -g 88 wbpriv
+ usermod -a -G wbpriv squid
+fi
+
extract_files
restore_backup ${NAME}
/usr/local/bin/sambactrl smbstart
#
. /opt/pakfire/lib/functions.sh
./uninstall.sh
+
+# If the wbpriv group does not exist yet, then create it and put squid
+# into it.
+if ! getent group wbpriv >/dev/null; then
+ groupadd -g 88 wbpriv
+ usermod -a -G wbpriv squid
+fi
+
extract_files
restore_backup ${NAME}
echo "passdb backend = smbpasswd" >> /var/ipfire/samba/smb.conf
--- /dev/null
+Submitted By: Pierre Labastie <pierre dot labastie at eamil dot fr>
+Date: 2014-03-04
+Initial Package Version: 1.12.1
+Upstream Status: In upstream GIT
+Origin: Upstream
+Description: Fixes http://krbdev.mit.edu/rt/Ticket/Display.html?id=7860
+
+--- a/src/plugins/kdb/db2/libdb2/mpool/mpool.c
++++ b/src/plugins/kdb/db2/libdb2/mpool/mpool.c
+@@ -81,9 +81,9 @@ mpool_open(key, fd, pagesize, maxcache)
+ /* Allocate and initialize the MPOOL cookie. */
+ if ((mp = (MPOOL *)calloc(1, sizeof(MPOOL))) == NULL)
+ return (NULL);
+- CIRCLEQ_INIT(&mp->lqh);
++ TAILQ_INIT(&mp->lqh);
+ for (entry = 0; entry < HASHSIZE; ++entry)
+- CIRCLEQ_INIT(&mp->hqh[entry]);
++ TAILQ_INIT(&mp->hqh[entry]);
+ mp->maxcache = maxcache;
+ mp->npages = sb.st_size / pagesize;
+ mp->pagesize = pagesize;
+@@ -143,8 +143,8 @@ mpool_new(mp, pgnoaddr, flags)
+ bp->flags = MPOOL_PINNED | MPOOL_INUSE;
+
+ head = &mp->hqh[HASHKEY(bp->pgno)];
+- CIRCLEQ_INSERT_HEAD(head, bp, hq);
+- CIRCLEQ_INSERT_TAIL(&mp->lqh, bp, q);
++ TAILQ_INSERT_HEAD(head, bp, hq);
++ TAILQ_INSERT_TAIL(&mp->lqh, bp, q);
+ return (bp->page);
+ }
+
+@@ -168,8 +168,8 @@ mpool_delete(mp, page)
+
+ /* Remove from the hash and lru queues. */
+ head = &mp->hqh[HASHKEY(bp->pgno)];
+- CIRCLEQ_REMOVE(head, bp, hq);
+- CIRCLEQ_REMOVE(&mp->lqh, bp, q);
++ TAILQ_REMOVE(head, bp, hq);
++ TAILQ_REMOVE(&mp->lqh, bp, q);
+
+ free(bp);
+ return (RET_SUCCESS);
+@@ -208,10 +208,10 @@ mpool_get(mp, pgno, flags)
+ * of the lru chain.
+ */
+ head = &mp->hqh[HASHKEY(bp->pgno)];
+- CIRCLEQ_REMOVE(head, bp, hq);
+- CIRCLEQ_INSERT_HEAD(head, bp, hq);
+- CIRCLEQ_REMOVE(&mp->lqh, bp, q);
+- CIRCLEQ_INSERT_TAIL(&mp->lqh, bp, q);
++ TAILQ_REMOVE(head, bp, hq);
++ TAILQ_INSERT_HEAD(head, bp, hq);
++ TAILQ_REMOVE(&mp->lqh, bp, q);
++ TAILQ_INSERT_TAIL(&mp->lqh, bp, q);
+
+ /* Return a pinned page. */
+ bp->flags |= MPOOL_PINNED;
+@@ -261,8 +261,8 @@ mpool_get(mp, pgno, flags)
+ * of the lru chain.
+ */
+ head = &mp->hqh[HASHKEY(bp->pgno)];
+- CIRCLEQ_INSERT_HEAD(head, bp, hq);
+- CIRCLEQ_INSERT_TAIL(&mp->lqh, bp, q);
++ TAILQ_INSERT_HEAD(head, bp, hq);
++ TAILQ_INSERT_TAIL(&mp->lqh, bp, q);
+
+ /* Run through the user's filter. */
+ if (mp->pgin != NULL)
+@@ -311,8 +311,8 @@ mpool_close(mp)
+ BKT *bp;
+
+ /* Free up any space allocated to the lru pages. */
+- while ((bp = mp->lqh.cqh_first) != (void *)&mp->lqh) {
+- CIRCLEQ_REMOVE(&mp->lqh, mp->lqh.cqh_first, q);
++ while ((bp = mp->lqh.tqh_first) != NULL) {
++ TAILQ_REMOVE(&mp->lqh, mp->lqh.tqh_first, q);
+ free(bp);
+ }
+
+@@ -332,8 +332,7 @@ mpool_sync(mp)
+ BKT *bp;
+
+ /* Walk the lru chain, flushing any dirty pages to disk. */
+- for (bp = mp->lqh.cqh_first;
+- bp != (void *)&mp->lqh; bp = bp->q.cqe_next)
++ for (bp = mp->lqh.tqh_first; bp != NULL; bp = bp->q.tqe_next)
+ if (bp->flags & MPOOL_DIRTY &&
+ mpool_write(mp, bp) == RET_ERROR)
+ return (RET_ERROR);
+@@ -363,8 +362,7 @@ mpool_bkt(mp)
+ * off any lists. If we don't find anything we grow the cache anyway.
+ * The cache never shrinks.
+ */
+- for (bp = mp->lqh.cqh_first;
+- bp != (void *)&mp->lqh; bp = bp->q.cqe_next)
++ for (bp = mp->lqh.tqh_first; bp != NULL; bp = bp->q.tqe_next)
+ if (!(bp->flags & MPOOL_PINNED)) {
+ /* Flush if dirty. */
+ if (bp->flags & MPOOL_DIRTY &&
+@@ -375,8 +373,8 @@ mpool_bkt(mp)
+ #endif
+ /* Remove from the hash and lru queues. */
+ head = &mp->hqh[HASHKEY(bp->pgno)];
+- CIRCLEQ_REMOVE(head, bp, hq);
+- CIRCLEQ_REMOVE(&mp->lqh, bp, q);
++ TAILQ_REMOVE(head, bp, hq);
++ TAILQ_REMOVE(&mp->lqh, bp, q);
+ #if defined(DEBUG) && !defined(DEBUG_IDX0SPLIT)
+ { void *spage;
+ spage = bp->page;
+@@ -450,7 +448,7 @@ mpool_look(mp, pgno)
+ BKT *bp;
+
+ head = &mp->hqh[HASHKEY(pgno)];
+- for (bp = head->cqh_first; bp != (void *)head; bp = bp->hq.cqe_next)
++ for (bp = head->tqh_first; bp != NULL; bp = bp->hq.tqe_next)
+ if ((bp->pgno == pgno) && (bp->flags & MPOOL_INUSE)) {
+ #ifdef STATISTICS
+ ++mp->cachehit;
+@@ -494,8 +492,7 @@ mpool_stat(mp)
+
+ sep = "";
+ cnt = 0;
+- for (bp = mp->lqh.cqh_first;
+- bp != (void *)&mp->lqh; bp = bp->q.cqe_next) {
++ for (bp = mp->lqh.tqh_first; bp != NULL; bp = bp->q.tqe_next) {
+ (void)fprintf(stderr, "%s%d", sep, bp->pgno);
+ if (bp->flags & MPOOL_DIRTY)
+ (void)fprintf(stderr, "d");
+
+--- a/src/plugins/kdb/db2/libdb2/mpool/mpool.h
++++ b/src/plugins/kdb/db2/libdb2/mpool/mpool.h
+@@ -47,8 +47,8 @@
+
+ /* The BKT structures are the elements of the queues. */
+ typedef struct _bkt {
+- CIRCLEQ_ENTRY(_bkt) hq; /* hash queue */
+- CIRCLEQ_ENTRY(_bkt) q; /* lru queue */
++ TAILQ_ENTRY(_bkt) hq; /* hash queue */
++ TAILQ_ENTRY(_bkt) q; /* lru queue */
+ void *page; /* page */
+ db_pgno_t pgno; /* page number */
+
+@@ -59,9 +59,9 @@ typedef struct _bkt {
+ } BKT;
+
+ typedef struct MPOOL {
+- CIRCLEQ_HEAD(_lqh, _bkt) lqh; /* lru queue head */
++ TAILQ_HEAD(_lqh, _bkt) lqh; /* lru queue head */
+ /* hash queue array */
+- CIRCLEQ_HEAD(_hqh, _bkt) hqh[HASHSIZE];
++ TAILQ_HEAD(_hqh, _bkt) hqh[HASHSIZE];
+ db_pgno_t curcache; /* current number of cached pages */
+ db_pgno_t maxcache; /* max number of cached pages */
+ db_pgno_t npages; /* number of pages in the file */
+
+--- a/src/plugins/kdb/db2/libdb2/test/run.test
++++ b/src/plugins/kdb/db2/libdb2/test/run.test
+@@ -71,10 +71,11 @@ main()
+ }
+
+ getnwords() {
+- # Delete blank lines because the db code appears not to
+- # like empty keys. On Debian Linux, $DICT appears to contain
+- # some non-ASCII characters, and "rev" chokes on them.
+- sed -e '/^$/d' < $DICT | cat -v | sed -e ${1}q
++ # Delete blank lines because the db code appears not to like
++ # empty keys. Omit lines with non-alphanumeric characters to
++ # avoid shell metacharacters and non-ASCII characters which
++ # could cause 'rev' to choke.
++ LC_ALL=C sed -e '/^$/d' -e '/[^A-Za-z]/d' < $DICT | sed -e ${1}q
+ }
+
+ # Take the first hundred entries in the dictionary, and make them