Guest User

samba on ubuntu 14.04 with glusterfs

a guest
May 31st, 2015
59
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. set -e # stop on error
  3.  
  4. aptitude update
  5. aptitude upgrade -y
  6. aptitude install -y samba samba-client krb5-user winbind libpam-mount cifs-utils xfsprogs glusterfs-server glusterfs-client acl
  7.  
  8. service smbd    stop
  9. service nmbd    stop
  10. service winbind stop
  11.  
  12. default="SAMDOM";
  13. read -p "Enter workgroup [$default]: " workgroup;
  14. [ -z "$workgroup" ] && workgroup=$default;
  15.  
  16. default="$workgroup.EXAMPLE.COM";
  17. read -p "Enter realm [$default]: " realm ;
  18. [ -z "$realm" ] && realm=$default;
  19.  
  20. default="DC01.$realm";
  21. read -p "Enter name of domain controller [$default]:" dc;
  22. [ -z "$dc" ] && dc=$default;
  23.  
  24.  
  25. tdir=$(mktemp -d)
  26.  
  27. echo "Updating config files (samba, krb5 and nsswitch)"
  28. mv -v /etc/samba/smb.conf /etc/samba/smb.conf.org
  29. echo "[global]
  30. workgroup = $workgroup
  31. security = ADS
  32. realm = $realm
  33. encrypt passwords = yes
  34. template shell = /bin/bash
  35.  
  36. idmap config *:backend = rid
  37. idmap config *:range = 10000-20000
  38.  
  39. winbind use default domain = yes
  40. winbind enum users = yes
  41. winbind enum groups = yes
  42.  
  43. vfs objects = acl_xattr
  44. map acl inherit = Yes
  45. store dos attributes = Yes
  46.  
  47. [test]
  48.    path = $tdir/samba/test
  49.    read only = no
  50.  
  51. " > /etc/samba/smb.conf
  52.  
  53. mv -v /etc/krb5.conf /etc/krb5.conf.org
  54. echo "
  55. [libdefaults]
  56.     default_realm = $realm
  57.     dns_lookup_realm = false
  58.     dns_lookup_kdc = true
  59. " > /etc/krb5.conf
  60.  
  61. perl -p -i.org -e 's/compat/compat winbind/g' /etc/nsswitch.conf
  62.  
  63. service smbd    restart
  64. service nmbd    restart
  65. service winbind restart
  66.  
  67. net ads join -U administrator
  68.  
  69. service smbd    restart
  70. service nmbd    restart
  71. service winbind restart
  72.  
  73. echo -n "Enter $workgroup\\administrator password: "
  74. if net rpc rights list accounts -U"$workgroup\\administrator" | grep SeDiskOperatorPrivilege > /dev/null ; then
  75.     echo "Admin rights okay"
  76. else
  77.     echo "Ensure that Admin has SeDiskOperatorPrivilege. Try following command"
  78.     echo "net rpc rights grant '$workgroup\\Domain Admins' SeDiskOperatorPrivilege -U'$workgroup\\administrator' -I $dc"
  79.     exit 1;
  80. fi
  81.  
  82. # TEST 1 (should work)
  83. echo "*** TEST 01 (working as expected) ***"
  84. echo
  85.  
  86. echo "Creating temporary disk with xfs"
  87. umount $tdir > /dev/null || true
  88. dd if=/dev/zero of=./gluster.img bs=1 count=0 seek=512M # create sparse file
  89. yes | mkfs.xfs -f gluster.img
  90. mount -o loop gluster.img $tdir
  91.  
  92. echo "Creating samba folder and setting permissions (xfs)"
  93. mkdir -p $tdir/samba/test
  94. chown -R "$workgroup\\Administrator":"$workgroup\\Domain Users" $tdir/samba/test
  95. chmod -R 0777 $tdir/samba/test
  96. setfacl -m "g:domain admins:rwx" $tdir/samba/test
  97.  
  98. service smbd    restart
  99. service nmbd    restart
  100. service winbind restart
  101.  
  102. echo "Try to change folder permissions with windows client. Expected bahavior: Everything works."
  103. read -p "Press Enter when done "
  104.  
  105. # TEST 2 (fails)
  106. echo "*** TEST 02 (failing unexpected) ***"
  107. echo
  108.  
  109. echo "Setting up glusterfs"
  110. mkdir -p $tdir/{vol1,vol2} || true
  111. if gluster volume info | grep test ; then
  112.     echo "Gluster volume 'test' exists, skipping creation"
  113. else
  114.     yes | gluster volume create test replica 2 $(hostname):$tdir/vol1 $(hostname):$tdir/vol2
  115.     gluster volume start test
  116.     gluster volume info
  117. fi
  118. mount -t glusterfs -o acl $(hostname):/test $tdir/samba
  119.  
  120. echo "Creating samba folder and setting permissions (glusterfs)"
  121. mkdir -p $tdir/samba/test
  122. chown -R "$workgroup\\Administrator":"$workgroup\\Domain Users" $tdir/samba/test
  123. chmod -R 0777 $tdir/samba/test
  124. setfacl -m "g:domain admins:rwx" $tdir/samba/test
  125.  
  126. service smbd    restart
  127. service nmbd    restart
  128. service winbind restart
  129.  
  130. echo "Try to change folder permissions with windows client. Expected bahavior: An error occurred while applying security information ..."
  131. read -p "Press Enter when done "
  132.  
  133. echo "Folders and files created:"
  134. echo "$tdir"
  135. echo "gluster.img"
  136. echo "gluster volume test"
RAW Paste Data