Browse Source

cifsd: add new package (kernel/cifsd and net/cifsd-tools)

* adds cifs/smb kernel server module (cifsd)
* adds userspace tools (cifsd, cifsadmin)
* has UCI support (compatible with samba configs)

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
lilik-openwrt-22.03
Andy Walsh 6 years ago
parent
commit
6dae6d5166
7 changed files with 447 additions and 0 deletions
  1. +53
    -0
      kernel/cifsd/Makefile
  2. +58
    -0
      net/cifsd-tools/Makefile
  3. +2
    -0
      net/cifsd-tools/files/cifsd.config
  4. +11
    -0
      net/cifsd-tools/files/cifsd.config.example
  5. +154
    -0
      net/cifsd-tools/files/cifsd.init
  6. +160
    -0
      net/cifsd-tools/files/smb.conf.help
  7. +9
    -0
      net/cifsd-tools/files/smb.conf.template

+ 53
- 0
kernel/cifsd/Makefile View File

@ -0,0 +1,53 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=cifsd
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/cifsd-team/cifsd.git
PKG_SOURCE_DATE:=2019-07-12
PKG_SOURCE_VERSION:=f2cfe8cb40493a5f77144543bc486bfdb8aa61e2
PKG_MIRROR_HASH:=fd6a3bec5953fa30b87a6e12e2c6666844ad66096afa7de421689f5769626a36
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
PKG_LICENSE_FILES:=COPYING
include $(INCLUDE_DIR)/kernel.mk
include $(INCLUDE_DIR)/package.mk
define KernelPackage/fs-cifsd
SUBMENU:=Filesystems
TITLE:=CIFS/SMB kernel server support
URL:=https://github.com/cifsd-team/cifsd
FILES:=$(PKG_BUILD_DIR)/cifsd.ko
DEPENDS:= \
+kmod-nls-base \
+kmod-nls-utf8 \
+kmod-crypto-md4 \
+kmod-crypto-md5 \
+kmod-crypto-hmac \
+kmod-crypto-ecb \
+kmod-crypto-des \
+kmod-crypto-sha256 \
+kmod-crypto-cmac \
+kmod-crypto-sha512 \
+kmod-crypto-aead \
+kmod-crypto-ccm
endef
define KernelPackage/fs-cifsd/description
Kernel module for a CIFS/SMBv2,3 fileserver.
endef
# broken atm (needs CONFIG_KEYS=y)
#EXTRA_CFLAGS+=-DCONFIG_CIFSD_ACL
define Build/Compile
$(KERNEL_MAKE) SUBDIRS="$(PKG_BUILD_DIR)" \
EXTRA_CFLAGS="$(EXTRA_CFLAGS)" \
CONFIG_CIFS_SERVER=m \
modules
endef
$(eval $(call KernelPackage,fs-cifsd))

+ 58
- 0
net/cifsd-tools/Makefile View File

@ -0,0 +1,58 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=cifsd-tools
PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/cifsd-team/cifsd-tools.git
PKG_SOURCE_DATE:=2019-07-05
PKG_SOURCE_VERSION:=539fa21a8dd427a8ca2dc13c9a5a1c975be96d3c
PKG_MIRROR_HASH:=8c1b22d9926112a7e8ec94a3f731639a3789bef1aeb447f0bd7c41a1884e4dc5
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_LICENSE:=GPL-2.0-or-later
PKG_LICENSE_FILES:=COPYING
PKG_INSTALL:=1
PKG_FIXUP:=autoreconf
PKG_REMOVE_FILES:=autogen.sh aclocal.m4
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
define Package/cifsd-tools
SECTION:=net
CATEGORY:=Network
SUBMENU:=Filesystem
TITLE:=Kernel CIFS/SMB server support and userspace tools
URL:=https://github.com/cifsd-team/cifsd-tools
DEPENDS:=+kmod-fs-cifsd +glib2 +libnl-core +libnl-genl
endef
define Package/cifsd-tools/description
Userspace tools (cifsd, cifsadmin) for the CIFS/SMB kernel fileserver.
The config file location is /etc/cifs/smb.conf
endef
define Package/cifsd-tools/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libcifsdtools.so* $(1)/usr/lib/
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{cifsadmin,cifsd} $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/config $(1)/etc/cifs $(1)/etc/init.d
$(INSTALL_CONF) ./files/cifsd.config $(1)/etc/config/cifsd
$(INSTALL_DATA) ./files/smb.conf.template $(1)/etc/cifs/
$(INSTALL_BIN) ./files/cifsd.init $(1)/etc/init.d/cifsd
# copy examples until we have a wiki page
$(INSTALL_DATA) ./files/cifsd.config.example $(1)/etc/cifs/
$(INSTALL_DATA) ./files/smb.conf.help $(1)/etc/cifs/
endef
define Package/cifsd-tools/conffiles
/etc/config/cifsd
/etc/cifs/smb.conf.template
/etc/cifs/smb.conf
/etc/cifs/cifsdpwd.db
endef
$(eval $(call BuildPackage,cifsd-tools))

+ 2
- 0
net/cifsd-tools/files/cifsd.config View File

@ -0,0 +1,2 @@
config globals
option 'description' 'Cifsd on OpenWrt'

+ 11
- 0
net/cifsd-tools/files/cifsd.config.example View File

@ -0,0 +1,11 @@
config globals
option 'description' 'Cifsd on OpenWrt'
config share
option name 'testshare'
option path '/tmp'
option guest_ok 'yes'
option create_mask '0666'
option dir_mask '0777'
option writeable 'yes'
option force_root '1'

+ 154
- 0
net/cifsd-tools/files/cifsd.init View File

@ -0,0 +1,154 @@
#!/bin/sh /etc/rc.common
START=98
USE_PROCD=1
CIFSD_IFACE=""
smb_header()
{
config_get CIFSD_IFACE $1 interface "lan"
# resolve interfaces
local interfaces=$(
. /lib/functions/network.sh
local net
for net in $CIFSD_IFACE; do
local device
network_is_up $net || continue
network_get_device device "$net"
echo -n "${device:-$net} "
done
)
local workgroup description
local hostname="$(cat /proc/sys/kernel/hostname)"
config_get workgroup $1 workgroup "WORKGROUP"
config_get description $1 description "Cifsd on OpenWrt"
sed -e "s#|NAME|#$hostname#g" \
-e "s#|WORKGROUP|#$workgroup#g" \
-e "s#|DESCRIPTION|#$description#g" \
-e "s#|INTERFACES|#$interfaces#g" \
/etc/cifs/smb.conf.template > /var/etc/cifs/smb.conf
[ -e /etc/cifs/smb.conf ] || ln -nsf /var/etc/cifs/smb.conf /etc/cifs/smb.conf
if [ ! -L /etc/cifs/smb.conf ]; then
logger -t 'cifsd' "Local custom /etc/cifs/smb.conf file detected, all UCI/Luci config settings are ignored!"
fi
}
smb_add_share()
{
local name
local path
local comment
local users
local create_mask
local dir_mask
local browseable
local read_only
local writeable
local guest_ok
local force_root
local write_list
local read_list
local hide_dot_files
local veto_files
config_get name $1 name
config_get path $1 path
config_get comment $1 comment
config_get users $1 users
config_get create_mask $1 create_mask
config_get dir_mask $1 dir_mask
config_get browseable $1 browseable
config_get read_only $1 read_only
config_get writeable $1 writeable
config_get guest_ok $1 guest_ok
config_get_bool force_root $1 force_root 0
config_get write_list $1 write_list
config_get read_list $1 read_list
config_get_bool hide_dot_files $1 hide_dot_files 0
config_get veto_files $1 veto_files
[ -z "$name" -o -z "$path" ] && return
echo -e "\n[$name]\n\tpath = $path" >> /var/etc/cifs/smb.conf
[ -n "$comment" ] && echo -e "\tcomment = $comment" >> /var/etc/cifs/smb.conf
if [ "$force_root" -eq 1 ]; then
echo -e "\tforce user = root" >> /var/etc/cifs/smb.conf
echo -e "\tforce group = root" >> /var/etc/cifs/smb.conf
else
[ -n "$users" ] && echo -e "\tvalid users = $users" >> /var/etc/cifs/smb.conf
fi
[ -n "$create_mask" ] && echo -e "\tcreate mask = $create_mask" >> /var/etc/cifs/smb.conf
[ -n "$dir_mask" ] && echo -e "\tdirectory mask = $dir_mask" >> /var/etc/cifs/smb.conf
[ -n "$browseable" ] && echo -e "\tbrowseable = $browseable" >> /var/etc/cifs/smb.conf
[ -n "$read_only" ] && echo -e "\tread only = $read_only" >> /var/etc/cifs/smb.conf
[ -n "$writeable" ] && echo -e "\twriteable = $writeable" >> /var/etc/cifs/smb.conf
[ -n "$guest_ok" ] && echo -e "\tguest ok = $guest_ok" >> /var/etc/cifs/smb.conf
[ -n "$write_list" ] && echo -e "\twrite list = $write_list" >> /var/etc/cifs/smb.conf
[ -n "$read_list" ] && echo -e "\tread list = $read_list" >> /var/etc/cifs/smb.conf
[ "$hide_dot_files" -eq 1 ] && echo -e "\thide dot files = yes" >> /var/etc/cifs/smb.conf
[ -n "$veto_files" ] && echo -e "\tveto files = $veto_files" >> /var/etc/cifs/smb.conf
}
init_config()
{
mkdir -p /var/etc/cifs
config_load cifsd
# allow copy&paste from samba UCI configs (we dont have a cifsd wiki yet)
config_foreach smb_header globals
config_foreach smb_header samba
config_foreach smb_add_share share
config_foreach smb_add_share sambashare
}
service_triggers()
{
PROCD_RELOAD_DELAY=2000
procd_add_reload_trigger "dhcp" "system" "cifsd"
local i
for i in $CIFSD_IFACE; do
procd_add_reload_interface_trigger $i
done
}
start_service()
{
init_config
if [ ! -e /etc/cifs/smb.conf ]; then
logger -t 'cifsd' "missing config /etc/cifs/smb.conf, needs to-be created manually!"
exit 1
fi
[ -f /tmp/cifsd.lock ] && rm /tmp/cifsd.lock
# try remove again before start
if (lsmod | grep cifsd &>/dev/null); then
rmmod cifsd &>/dev/null
fi
modprobe cifsd 2>/dev/null
if ! (lsmod | grep cifsd &>/dev/null); then
logger -t 'cifsd' "modprobe of cifsd module failed, cant start cifsd!"
exit 1
fi
logger -t 'cifsd' "Starting CIFS/SMB userspace service."
procd_open_instance
procd_set_param command /usr/sbin/cifsd --n
procd_close_instance
}

+ 160
- 0
net/cifsd-tools/files/smb.conf.help View File

@ -0,0 +1,160 @@
;******************************************************************************
; File to define cifsd configuration parameters which are comparable with
; samba's ones
;
; Supported [global] level parameters list:
; - server string
; This controls what string will show up in browse lists next
; to the machine name
; - workgroup
; This controls what workgroup your server will appear to be
; in when queried by clients
; - netbios name
; This sets the NetBIOS name by which a SMB server is known.
; By default it is the same as the first component of the host's
; DNS name. If a machine is a browse server or logon server this
; name (or the first component of the hosts DNS name) will be
; the name that these services are advertised under.
; - server min protocol
; This setting controls the minimum protocol version that the
; server will allow the client to use.
; - server max protocol
; The value of the parameter (a string) is the highest protocol
; level that will be supported by the server.
; - server signing
; This controls whether the client is allowed or required to use
; SMB1 and SMB2 signing. Possible values are default, auto,
; mandatory and disabled.
; - guest account
; This is a username which will be used for access to services
; which are specified as guest ok.
; - max active sessions
; This option allows the number of simultaneous connections to
; a service to be limited.
; - ipc timeout
; This option specifies the number of seconds server will wait
; for the userspace to reply to heartbeat frames. If user space
; is down for more than `ipc timeout` seconds the server will
; reset itself - close all sessions and all TCP connections.
; - restrict anonymous
; The setting of this parameter determines whether user and
; group list information is returned for an anonymous connection.
; - map to guest
; This parameter can take four different values, which tell cifsd
; what to do with user login requests.(bad user
; - bind interfaces only
; This global parameter allows the cifsd admin to limit what
; interfaces on a machine will serve SMB requests.
; - interfaces
; This option allows you to override the default network
; interfaces list that cifsd will use for browsing. The option
; takes only list of interface name.
; - deadtime
; The value of the parameter (a decimal integer) represents
; the number of minutes of inactivity before a connection is
; considered dead, and it is disconnected. The deadtime only
; takes effect if the number of open files is zero.
;
; Supported [share] level parameters list:
; - comment
; comment string to associate with the new share
; - path
; This parameter specifies a directory to which the user of the
; service is to be given access.
; - guest ok
; If this parameter is yes for a service, then no password is
; required to connect to the service.
; - read only
; If this parameter is yes, then users of a service may not
; create or modify files in the service's directory.
; - browseable
; This controls whether this share is seen in the list of
; available shares in a net view and in the browse list.
; - write ok
; - writeable
; Inverted synonym for read only.
; - store dos attributes
; If this parameter is set cifsd attempts to first read DOS
; attributes (SYSTEM, HIDDEN, ARCHIVE or READ-ONLY) from a
; filesystem extended attribute, before mapping DOS attributes
; to UNIX permission bits (such as occurs with map hidden and
; map readonly).
; - oplocks
; This boolean option tells cifsd whether to issue oplocks
; (opportunistic locks) to file open requests on this share.
; - create mask
; When a file is created, the necessary permissions are calculated
; according to the mapping from DOS modes to UNIX permissions, and
; the resulting UNIX mode is then bit-wise 'AND'ed with this
; parameter.
; - directory mask
; This parameter is the octal modes which are used when converting
; DOS modes to UNIX modes when creating UNIX directories.
; - force group
; This specifies a UNIX group name that will be assigned as
; the default primary group for all users connecting to this
; service.
; - force user
; This specifies a UNIX user name that will be assigned as
; the default user for all users connecting to this service.
; - hide dot files
; This is a boolean parameter that controls whether files starting
; with a dot appear as hidden files.
; - hosts allow
; This parameter is a comma, space, or tab delimited set of hosts
; which are permitted to access a service
; - hosts deny
; The opposite of allow hosts - hosts listed here are NOT
; permitted access to services unless the specific services have
; their own lists to override this one. Where the lists conflict,
; the allow list takes precedence.
; - valid users
; This is a list of users that should be allowed to login to this
; service
; - invalid users
; This is a list of users that should not be allowed to login to
; this service.
; - read list
; This is a list of users that are given read-only access to
; a service.
; - write list
; This is a list of users that are given read-write access to
; a service.
; - max connections
; This option allows the number of simultaneous connections to
; a service to be limited.
; - veto files
; This is a list of files and directories that are neither visible
; nor accessible.
;
; Veto any files containing the word Security,
; any ending in .tmp, and any directory containing the
; word root.
; veto files = /*Security*/*.tmp/*root*/
;
; Veto the Apple specific files that a NetAtalk server
; creates.
; veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
;
;
; Rules to update this file:
; - Every [share] definition should start on new line
; - Every parameter should be indented with single tab
; - There should be single spaces around equal (eg: " = ")
; - Multiple parameters should be separated with comma
; eg: "invalid users = usr1,usr2,usr3"
;
; Make sure to configure the server after making changes to this file.
;******************************************************************************
[global]
server string = CIFSD on OpenWrt
netbios name = CIFSD
map to guest = Bad User
[share]
comment = content server share
path = /mnt
guest ok = yes
create mask = 0777
directory mask = 0777

+ 9
- 0
net/cifsd-tools/files/smb.conf.template View File

@ -0,0 +1,9 @@
[global]
netbios name = |NAME|
server string = |DESCRIPTION|
workgroup = |WORKGROUP|
interfaces = |INTERFACES|
bind interfaces only = yes
ipc timeout = 8
deadtime = 15
map to guest = Bad User

Loading…
Cancel
Save