#!/usr/bin/perl # # IPFire CGIs # # This code is distributed under the terms of the GPL # # (c) The IPFire Team use strict; # enable only the following on debugging purpose use warnings; use CGI::Carp 'fatalsToBrowser'; require '/var/ipfire/general-functions.pl'; require "${General::swroot}/lang.pl"; require "${General::swroot}/header.pl"; my %sambasettings = (); my %cgisettings = (); my %checked = (); my %netsettings = (); my %ovpnsettings = (); my $message = ""; my $errormessage = ""; my @Logs = qx(ls /var/log/samba/); my $Log =$Lang::tr{'no log selected'}; my $defaultoption= "[Share]\npath = /var/ipfire/samba/share1\ncomment = Share - Public Access\nbrowseable = yes\nwriteable = yes\ncreate mask = 0777\ndirectory mask = 0777\npublic = yes\nforce user = samba"; my $userentry = ""; my @user = (); my @userline = (); my @proto = (); my %selected= () ; my $userfile = "/var/ipfire/samba/private/smbpasswd"; &General::readhash("${General::swroot}/ethernet/settings", \%netsettings); &General::readhash("${General::swroot}/ovpn/settings", \%ovpnsettings); ############################################################################################################################ ############################################# Samba Dienste fr Statusberprfung ########################################## my %servicenames = ('SMB Daemon' => 'smbd','NetBIOS Nameserver' => 'nmbd','Winbind Daemon' => 'winbindd'); &Header::showhttpheaders(); ############################################################################################################################ #################################### Initialisierung von Samba Sharess fr die Verarbeitung ################################ my @Zeilen= (); my @Shares= (); my $shareentry = ""; my $shareconfigentry = ""; my @shareconfigline = (); my $shareoption = ''; my @shares = (); my @shareline = (); my $sharefile = "/var/ipfire/samba/shares"; my $EOF = qx(cat $sharefile | wc -l); my $Status = qx(/usr/local/bin/sambactrl smbstatus); $Status=~s/\n/
/g; @shares = `grep -n '^\\[' $sharefile`; foreach $shareentry (@shares) { @shareline = split( /\:/, $shareentry ); push(@Zeilen,$shareline[0]);push(@Shares,$shareline[1]); } ############################################################################################################################ #################################### Initialisierung von Samba Variablen fr global Settings ############################### $sambasettings{'WORKGRP'} = 'homeip.net'; $sambasettings{'NETBIOSNAME'} = 'IPFire'; $sambasettings{'SRVSTRING'} = 'Samba running on IPFire 2.0'; $sambasettings{'INTERFACES'} = ''; $sambasettings{'SECURITY'} = 'share'; $sambasettings{'OSLEVEL'} = '65'; $sambasettings{'GREEN'} = 'on'; $sambasettings{'BLUE'} = 'off'; $sambasettings{'ORANGE'} = 'off'; $sambasettings{'VPN'} = 'off'; $sambasettings{'WINSSRV'} = ''; $sambasettings{'WINSSUPPORT'} = 'on'; $sambasettings{'REMOTEANNOUNCE'} = ''; $sambasettings{'PASSWORDSYNC'} = 'off'; $sambasettings{'OTHERINTERFACES'} = '127.0.0.1'; $sambasettings{'GUESTACCOUNT'} = 'samba'; $sambasettings{'MAPTOGUEST'} = 'Never'; $sambasettings{'LOGLEVEL'} = '3 passdb:5 auth:5 winbind:2'; ### Values that have to be initialized $sambasettings{'ACTION'} = ''; my $LOGLINES = '50'; ################################################## Samba PDC Variablen ##################################################### $sambasettings{'LOCALMASTER'} = 'off'; $sambasettings{'DOMAINMASTER'} = 'off'; $sambasettings{'PREFERREDMASTER'} = 'off'; my $PDCOPTIONS = `cat ${General::swroot}/samba/pdc`; ############################################################################################################################ &General::readhash("${General::swroot}/samba/settings", \%sambasettings); &Header::getcgihash(\%sambasettings); &Header::openpage('Samba', 1, ''); &Header::openbigbox('100%', 'left', '', $errormessage); ############################################################################################################################ ############################################# Samba Rootskript aufrufe fr SU-Actions ####################################### if ($sambasettings{'ACTION'} eq 'smbuserdisable'){system("/usr/local/bin/sambactrl smbuserdisable $sambasettings{'NAME'}");} if ($sambasettings{'ACTION'} eq 'smbuserenable'){system("/usr/local/bin/sambactrl smbuserenable $sambasettings{'NAME'}");} if ($sambasettings{'ACTION'} eq 'smbuseradd'){system("/usr/local/bin/sambactrl smbuseradd $sambasettings{'USERNAME'} $sambasettings{'PASSWORD'} $sambasettings{'GROUP'} $sambasettings{'SHELL'}");} if ($sambasettings{'ACTION'} eq 'smbpcadd'){system("/usr/local/bin/sambactrl smbpcadd $sambasettings{'PCNAME'} $sambasettings{'GROUP'} $sambasettings{'SHELL'}");} if ($sambasettings{'ACTION'} eq 'smbchangepw'){system("/usr/local/bin/sambactrl smbchangepw $sambasettings{'USERNAME'} $sambasettings{'PASSWORD'}");} if ($sambasettings{'ACTION'} eq 'smbrestart'){system("/usr/local/bin/sambactrl smbrestart");} if ($sambasettings{'ACTION'} eq 'smbstart'){system("/usr/local/bin/sambactrl smbstart");} if ($sambasettings{'ACTION'} eq 'smbstop'){system("/usr/local/bin/sambactrl smbstop");} if ($sambasettings{'ACTION'} eq 'smbreload'){system("/usr/local/bin/sambactrl smbreload");} if ($sambasettings{'ACTION'} eq 'globalresetyes') { system("/usr/local/bin/sambactrl smbglobalreset"); $sambasettings{'WORKGRP'} = 'homeip.net'; $sambasettings{'NETBIOSNAME'} = 'IPFire'; $sambasettings{'SRVSTRING'} = 'Samba running on IPFire 2.0'; $sambasettings{'INTERFACES'} = ''; $sambasettings{'SECURITY'} = 'share'; $sambasettings{'OSLEVEL'} = '65'; $sambasettings{'GREEN'} = 'on'; $sambasettings{'BLUE'} = 'off'; $sambasettings{'ORANGE'} = 'off'; $sambasettings{'VPN'} = 'off'; $sambasettings{'WINSSRV'} = ''; $sambasettings{'WINSSUPPORT'} = 'on'; $sambasettings{'REMOTEANNOUNCE'} = ''; $sambasettings{'PASSWORDSYNC'} = 'off'; $sambasettings{'OTHERINTERFACES'} = '127.0.0.1'; $sambasettings{'GUESTACCOUNT'} = 'samba'; $sambasettings{'MAPTOGUEST'} = 'Never'; $sambasettings{'LOGLEVEL'} = '3 passdb:5 auth:5 winbind:2'; ### Values that have to be initialized $sambasettings{'ACTION'} = ''; $sambasettings{'LOCALMASTER'} = 'off'; $sambasettings{'DOMAINMASTER'} = 'off'; $sambasettings{'PREFERREDMASTER'} = 'off'; $PDCOPTIONS = `cat ${General::swroot}/samba/pdc`; system("/usr/local/bin/sambactrl smbreload"); } # smbsafeconf is directly called by the if clause if ($sambasettings{'ACTION'} eq 'sharesresetyes') { system('/usr/local/bin/sambactrl smbsharesreset'); @Zeilen = (); @Shares = (); $shareentry = ""; @shares = (); @shareline = (); $EOF = qx(cat $sharefile | wc -l); @shares = `grep -n '^\\[' $sharefile`; foreach $shareentry (@shares) { @shareline = split( /\:/, $shareentry ); push(@Zeilen,$shareline[0]);push(@Shares,$shareline[1]); } system("/usr/local/bin/sambactrl smbreload"); } ############################################################################################################################ ################################################ Sicherheitsabfrage für den Reset ########################################## if ($sambasettings{'ACTION'} eq 'globalreset') { print <
$Lang::tr{'resetglobals'}
$Lang::tr{'yes'}
$Lang::tr{'no'}
END ; } if ($sambasettings{'ACTION'} eq 'sharesreset') { print <
$Lang::tr{'resetshares'}
$Lang::tr{'yes'}
$Lang::tr{'no'}
END ; } ############################################################################################################################ ########################################### Samba Benutzer oder PC l�chen ################################################# if ($sambasettings{'ACTION'} eq 'userdelete'){system("/usr/local/bin/sambactrl smbuserdelete $sambasettings{'NAME'}");} ############################################################################################################################ ############################################## Samba Share neu anlegen ##################################################### if ($sambasettings{'ACTION'} eq 'smbshareadd') { my $emptyline= ""; open (FILE, ">>${General::swroot}/samba/shares") or die "Can't save the shares settings: $!"; flock (FILE, 2); print FILE <${General::swroot}/samba/shares") or die "Can't delete the share settings: $!"; flock (FILE, 2); print FILE <${General::swroot}/samba/shares") or die "Can't delete the share settings: $!"; flock (FILE, 2); print FILE <${General::swroot}/samba/global") or die "Can't save the global settings: $!"; flock (FILE, 2); print FILE <${General::swroot}/samba/pdc") or die "Can't save the pdc settings: $!"; flock (FILE, 2); print FILE <$errormessage\n"; print " \n"; &Header::closebox(); } ############################################################################################################################ ########################################## Aktivieren von Checkboxen und Dropdowns ######################################### $checked{'WINSSUPPORT'}{'off'} = ''; $checked{'WINSSUPPORT'}{'on'} = ''; $checked{'WINSSUPPORT'}{$sambasettings{'WINSSUPPORT'}} = "checked='checked'"; $checked{'PASSWORDSYNC'}{'off'} = ''; $checked{'PASSWORDSYNC'}{'on'} = ''; $checked{'PASSWORDSYNC'}{$sambasettings{'PASSWORDSYNC'}} = "checked='checked'"; $checked{'LOCALMASTER'}{'off'} = ''; $checked{'LOCALMASTER'}{'on'} = ''; $checked{'LOCALMASTER'}{$sambasettings{'LOCALMASTER'}} = "checked='checked'"; $checked{'DOMAINMASTER'}{'off'} = ''; $checked{'DOMAINMASTER'}{'on'} = ''; $checked{'DOMAINMASTER'}{$sambasettings{'DOMAINMASTER'}} = "checked='checked'"; $checked{'PREFERREDMASTER'}{'off'} = ''; $checked{'PREFERREDMASTER'}{'on'} = ''; $checked{'PREFERREDMASTER'}{$sambasettings{'PREFERREDMASTER'}} = "checked='checked'"; $checked{'GREEN'}{'off'} = ''; $checked{'GREEN'}{'on'} = ''; $checked{'GREEN'}{$sambasettings{'GREEN'}} = "checked='checked'"; $checked{'BLUE'}{'off'} = ''; $checked{'BLUE'}{'on'} = ''; $checked{'BLUE'}{$sambasettings{'BLUE'}} = "checked='checked'"; $checked{'ORANGE'}{'off'} = ''; $checked{'ORANGE'}{'on'} = ''; $checked{'ORANGE'}{$sambasettings{'ORANGE'}} = "checked='checked'"; $checked{'VPN'}{'off'} = ''; $checked{'VPN'}{'on'} = ''; $checked{'VPN'}{$sambasettings{'VPN'}} = "checked='checked'"; $selected{'MAPTOGUEST'}{$sambasettings{'MAPTOGUEST'}} = "selected='selected'"; $selected{'SECURITY'}{$sambasettings{'SECURITY'}} = "selected='selected'"; ############################################################################################################################ ################################### Aufbau der HTML Seite fr globale Sambaeinstellungen ################################### &Header::openbox('100%', 'center', $Lang::tr{'samba'}); print <
END ; if ( $message ne "" ) { print "
$message"; } print <$Lang::tr{'all services'}
END ; my $key = ''; foreach $key (sort keys %servicenames) { print ""; my $shortname = $servicenames{$key}; my $status = &isrunning($shortname); print "$status"; } print <
$key

END ; if (&Header::blue_used()) { print < END ; } if (&Header::orange_used()) { print < END ; } print < END ; if ($sambasettings{'WINSSUPPORT'} eq 'off') {print"";} print < END ; if ($sambasettings{'SECURITY'} eq 'user') { print < END ; } if ($sambasettings{'SECURITY'} eq 'user' && $sambasettings{'DOMAINMASTER'} eq 'on') { print < END ; } print <
$Lang::tr{'basic options'}
$Lang::tr{'workgroup'}
$Lang::tr{'netbios name'}
$Lang::tr{'server string'}
$Lang::tr{'log level'}
$Lang::tr{'interfaces'}on / off | OpenVpn - $ovpnsettings{'DDEVICE'}
on / off | $Lang::tr{'green'} - $netsettings{'GREEN_DEV'}
on / off | $Lang::tr{'wireless'} - $netsettings{'BLUE_DEV'}
on / off | $Lang::tr{'dmz'} - $netsettings{'ORANGE_DEV'}
$Lang::tr{'more'}

$Lang::tr{'security options'}
$Lang::tr{'security'}
$Lang::tr{'map to guest'}
$Lang::tr{'unix password sync'}on / off

$Lang::tr{'network options'}
$Lang::tr{'os level'}
$Lang::tr{'remote announce'}
$Lang::tr{'wins server'}
$Lang::tr{'wins support'}on / off
$Lang::tr{'local master'}on / off
$Lang::tr{'domain master'}on / off
$Lang::tr{'prefered master'}on / off

$Lang::tr{'pdc options'}
END ; if ($sambasettings{'ACTION'} eq 'globalcaption') { print <
$Lang::tr{'caption'}
$Lang::tr{'save settings'}
$Lang::tr{'restore settings'}
END ; } &Header::closebox(); ############################################################################################################################ ########################################## Benutzerverwaltung fr Usersecurity ############################################# if ($sambasettings{'SECURITY'} eq 'user') { if ($sambasettings{'DOMAINMASTER'} eq 'off') { &Header::openbox('100%', 'center', $Lang::tr{'accounting user nonpdc'}); } else { &Header::openbox('100%', 'center', $Lang::tr{'accounting user pdc'}); } print <
END ; if ($sambasettings{'DOMAINMASTER'} eq 'off') { print ""; } else { print ""; } print ""; system('/usr/local/bin/sambactrl readsmbpasswd'); open(FILE, "; close(FILE); system('/usr/local/bin/sambactrl locksmbpasswd'); foreach $userentry (sort @user) { @userline = split( /\:/, $userentry ); print " END ; } else { print < END ; } if ($userline[0] =~ /\$/) { print ""; } else { print <
END ; } if ($sambasettings{'DOMAINMASTER'} eq 'on' && $userline[0] =~ /\$/) { print <
 END ; } else { print <
END ; } } print <
$Lang::tr{'accounting'}
$Lang::tr{'username'}$Lang::tr{'password'}$Lang::tr{'type'}$Lang::tr{'status'}$Lang::tr{'options'}
$userline[0]"; if ($userline[4] =~ /N/) { print "$Lang::tr{'not set'}"; } else { print "$Lang::tr{'set'}"; } if ($sambasettings{'DOMAINMASTER'} eq 'off') { print ""; } else { if ($userline[0] =~ /\$/) { print "$Lang::tr{'interfaces'}"; } else { print "$Lang::tr{'user'}"; } } if ($userline[4] =~ /D/) { print <
END ; if ($sambasettings{'DOMAINMASTER'} eq 'on') { print <
END ; } print <
END ; if ($sambasettings{'ACTION'} eq 'usercaption') { print <
$Lang::tr{'caption'}
$Lang::tr{'add user'}
$Lang::tr{'add pc'}
$Lang::tr{'delete user'}
$Lang::tr{'delete pc'}
$Lang::tr{'activate user'}
$Lang::tr{'deactivate user'}
$Lang::tr{'change passwords'}
$Lang::tr{'save config'}
END ; } if ($sambasettings{'ACTION'} eq 'userchangepw') { my $username = "$sambasettings{'NAME'}"; my $password = 'samba'; print <
$Lang::tr{'change passwords'}
$Lang::tr{'username'}
$Lang::tr{'password'}
END ; } if ($sambasettings{'ACTION'} eq 'useradd') { my $username = "user"; my $password = "samba"; chomp $username; $username=~s/\s//g; chomp $password; $password=~s/\s//g; print <
$Lang::tr{'add user'}
$Lang::tr{'username'}
$Lang::tr{'password'}
$Lang::tr{'unix group'}
$Lang::tr{'unix shell'}
END ; } if ($sambasettings{'ACTION'} eq 'pcadd') { my $pcname = "client\$"; chomp $pcname; $pcname=~s/\s//g; print <
$Lang::tr{'pc add'}
$Lang::tr{'client'}
$Lang::tr{'unix group'}
$Lang::tr{'unix shell'}
END ; } &Header::closebox(); } ############################################################################################################################ ############################################### Verwalten von Freigaben #################################################### &Header::openbox('100%', 'center', $Lang::tr{'shares'}); print <
END ; foreach $shareentry (sort @Shares) { print < END ; } print <
$Lang::tr{'manage shares'}
$Lang::tr{'sharename'}$Lang::tr{'options'}
$shareentry
END ; if ($sambasettings{'ACTION'} eq 'sharecaption') { print <
$Lang::tr{'caption'}
$Lang::tr{'add share'}
$Lang::tr{'edit share'}
$Lang::tr{'save config'}
$Lang::tr{'reset shares'}
$Lang::tr{'delete share'}
END ; } if ($sambasettings{'ACTION'} eq 'shareadd' || $sambasettings{'ACTION'} eq 'optioncaption' ) { print <
$Lang::tr{'add share'}
$Lang::tr{'show share options'}

END ; } if ($sambasettings{'ACTION'} eq 'sharechange' || $sambasettings{'ACTION'} eq 'optioncaption2' ) { my $sharename = "$sambasettings{'NAME'}"; chomp $sharename; $sharename=~s/\s//g; for(my $i = 0; $i <= $#Shares; $i++) { chomp $Shares[$i]; $Shares[$i]=~s/\s//g; if ( "$Shares[$i]" eq "$sharename" ) { my $Zeilenbegin = $Zeilen[$i+1]-2; my $Zeilenende = $Zeilen[$i+1]-$Zeilen[$i]; if ( $Zeilen[$i] eq $Zeilen[$#Shares] ) {$Zeilenende = $EOF-$Zeilen[$#Shares]+1;$Zeilenbegin = $EOF-$Zeilen[$#Shares]; $shareoption = qx(tail -$Zeilenende $sharefile | head -$Zeilenbegin);} else {$shareoption = qx(head -$Zeilenbegin $sharefile | tail -$Zeilenende);} } } print <
$Lang::tr{'edit share'}
$Lang::tr{'show share options'}

END ; } if ($sambasettings{'ACTION'} eq 'optioncaption' || $sambasettings{'ACTION'} eq 'optioncaption2') { print <
$Lang::tr{'caption'}
$Lang::tr{'options'}$Lang::tr{'meaning'} / $Lang::tr{'exampel'}
comment$Lang::tr{'comment'}
comment = $Lang::tr{'my new share'}

path$Lang::tr{'path to directory'}
path = /tmp

writeable$Lang::tr{'directory writeable'}
writeable = yes

browseablesichtbar in Verzeichnisliste
browsable = yes

userBesitzer der Freigabe
user = samba

valid usersListe der Zugriffsberechtigten
valid users = samba, user1

write list$Lang::tr{'visible in browselist'}
write list = samba

hosts allow$Lang::tr{'host allow'}
hosts allow = localhost 192.168.1.1 192.168.2.0/24

hosts deny$Lang::tr{'host deny'}
hosts deny = 192.168.1.2 192.168.3.0/24

read list$Lang::tr{'read list'}
read list = user1

admin users$Lang::tr{'admin users'}
admin users = user1

invalid users$Lang::tr{'invalid users'}
invalid users = user2

force user$Lang::tr{'force user'}
force user = samba

directory mask$Lang::tr{'directory mask'}
directory mask = 0777

create maskU$Lang::tr{'create mask'}
create mask = 0777

guest ok$Lang::tr{'guest ok'}
guest ok = yes
END ; } &Header::closebox(); ############################################################################################################################ ############################################### Anzeige des Sambastatus #################################################### &Header::openbox('100%', 'center', 'Status'); print <
$Lang::tr{'samba status'}
$Status
END ; &Header::closebox(); ############################################################################################################################ ############################################### Anzeige des Sambastatus #################################################### if ($sambasettings{'ACTION'} eq 'showlog') { $Log = qx(tail -n $LOGLINES /var/log/samba/$sambasettings{'LOG'}); $Log=~s/\n/
/g; } &Header::openbox('100%', 'center', $Lang::tr{'log'}); print <
$Lang::tr{'log view'}

$Lang::tr{'show last x lines'}

$Log

$sambasettings{'LOG'}
END ; &Header::closebox(); &Header::closebigbox(); &Header::closepage(); ############################################################################################################################ ############################################ Subfunktion fr Sambadienste ################################################### sub isrunning { my $cmd = $_[0]; my $status = "$Lang::tr{'stopped'}"; my $pid = ''; my $testcmd = ''; my $exename; $cmd =~ /(^[a-z]+)/; $exename = $1; if (open(FILE, "/var/run/${cmd}.pid")) { $pid = ; chomp $pid; close FILE; if (open(FILE, "/proc/${pid}/status")) { while () { if (/^Name:\W+(.*)/) { $testcmd = $1; } } close FILE; if ($testcmd =~ /$exename/) { $status = "$Lang::tr{'running'}"; } } } return $status; }