diff options
Diffstat (limited to 'cfengine/cf.services.file')
| -rw-r--r-- | cfengine/cf.services.file | 361 |
1 files changed, 361 insertions, 0 deletions
diff --git a/cfengine/cf.services.file b/cfengine/cf.services.file new file mode 100644 index 0000000..ee3bdac --- /dev/null +++ b/cfengine/cf.services.file @@ -0,0 +1,361 @@ +control: + AddInstallable = ( samba_reload netatalk_reload lprng_reload cups_reload lprng cups ) + + # + # Variables for shares + # You can change the paths here and it will be changed both in + # the conf file and in the filesystem - But once it is implemented, + # it is not wise to change it - the data in the shares doesn't get + # moved! + # You can change the rights on the shares in the "directories:" + # section. + # + netlogshare = ( /etc/samba/netlogon ) + commonsharedir = ( /var/local/filesharing/COMMON ) + locsharedir = ( /var/local/filesharing/local ) + datashare = ( /var/local/filesharing/COMMON/data ) + pgrshare = ( /var/local/filesharing/COMMON/programs ) + profshare = ( /var/local/filesharing/COMMON/samba/userprofiles ) + printdir = ( /var/spool/samba ) + + # + # Variables for lprng + # + +editfiles: + any:: + # + # Samba configuration stuff. + # + { /etc/samba/smb.conf + # + # Global stuff + # + # Remove share declarations from main smb.conf. It is split + # up in the following files: + # - smb.conf + # - smb-shares-COMMON.conf + # - smb-shares-$(site).conf + # - smb-printers.conf + # +# DeleteLinesAfterThisMatching "^\[homes\]$(n)*.*" +# ResetSearch "1" +# CatchAbort +# ResetSearch "1" + + # + # Append the include lines for the files decribed above + # + AppendIfNoSuchLine "include = smb-shares-COMMON.conf" + AppendIfNoSuchLine "include = smb-shares-local.conf" + AppendIfNoSuchLine "include = smb-printers.conf" + ResetSearch "1" + + # + # workgroup = $(site) + # + LocateLineMatching "^[;[:blank:]]*workgroup[[:blank:]]*=.*" + BeginGroupIfNoLineMatching '^[[:blank:]]*workgroup[[:blank:]]*=[[:blank:]]*$(site)[[:blank:]]*' + ReplaceLineWith ' workgroup = $(site)' + EndGroup + CatchAbort + BeginGroupIfNoMatch '^[[:blank:]]*workgroup[[:blank:]]*=[[:blank:]]*$(site)[[:blank:]]*' + InsertLine ' workgroup = $(site)' + EndGroup + + # + # wins support = yes + # + LocateLineMatching "^[;[:blank:]]*wins support[[:blank:]]*=.*" + BeginGroupIfNoLineMatching "^[[:blank:]]*wins support[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" + ReplaceLineWith ' wins support = yes' + EndGroup + CatchAbort + BeginGroupIfNoMatch "^[[:blank:]]*wins support[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" + InsertLine ' wins support = yes' + EndGroup + + # + # os level = 65 + # + LocateLineMatching "^[;[:blank:]]*os level[[:blank:]]*=.*" + BeginGroupIfNoLineMatching "^[[:blank:]]*os level[[:blank:]]*=[[:blank:]]*65[[:blank:]]*" + ReplaceLineWith ' os level = 65' + EndGroup + CatchAbort + BeginGroupIfNoMatch "^[[:blank:]]*os level[[:blank:]]*=[[:blank:]]*65[[:blank:]]*" + InsertLine ' os level = 65' + EndGroup + + # + # domain master = yes + # + LocateLineMatching "^[;[:blank:]]*domain master[[:blank:]]*=.*" + BeginGroupIfNoLineMatching "^[[:blank:]]*domain master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" + ReplaceLineWith ' domain master = yes' + EndGroup + CatchAbort + BeginGroupIfNoMatch "^[[:blank:]]*domain master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" + InsertLine ' domain master = yes' + EndGroup + + # + # local master = yes + # + LocateLineMatching "^[;[:blank:]]*local master[[:blank:]]*=.*" + BeginGroupIfNoLineMatching "^[[:blank:]]*local master[[:blank:]]*=[[:blank:]]*yes" + ReplaceLineWith ' local master = yes' + EndGroup + CatchAbort + BeginGroupIfNoMatch "^[[:blank:]]*local master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" + InsertLine ' local master = yes' + EndGroup + + # + # logon drive = U: + # + LocateLineMatching "^[;[:blank:]]*logon drive[[:blank:]]*=.*" + BeginGroupIfNoLineMatching "^[[:blank:]]*logon drive[[:blank:]]*=[[:blank:]]*U:[[:blank:]]*" + ReplaceLineWith ' logon drive = U:' + EndGroup + CatchAbort + BeginGroupIfNoMatch "^[[:blank:]]*logon drive[[:blank:]]*=[[:blank:]]*U:[[:blank:]]*" + InsertLine ' logon drive = U:' + EndGroup + + # + # logon script = common.bat + # + LocateLineMatching "^[;[:blank:]]*logon script[[:blank:]]*=.*" + BeginGroupIfNoLineMatching "^[[:blank:]]*logon script[[:blank:]]*=[[:blank:]]*common.bat[[:blank:]]*" + ReplaceLineWith ' logon script = common.bat' + EndGroup + CatchAbort + BeginGroupIfNoMatch "^[[:blank:]]*logon script[[:blank:]]*=[[:blank:]]*common.bat[[:blank:]]*" + InsertLine ' logon script = common.bat' + EndGroup + + # + # domain logons = yes + # + LocateLineMatching "^[;[:blank:]]*domain logons[[:blank:]]*=.*" + BeginGroupIfNoLineMatching "^[[:blank:]]*domain logons[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" + ReplaceLineWith ' domain logons = yes' + EndGroup + CatchAbort + BeginGroupIfNoMatch "^[[:blank:]]*domain logons[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" + InsertLine ' domain logons = yes' + EndGroup + + # + # logon path = \\%N\USERPROFILES\%U + # + LocateLineMatching "^[;[:blank:]]*logon path[[:blank:]]*=.*" + BeginGroupIfNoLineMatching "^[[:blank:]]*logon path[[:blank:]]*=[[:blank:]]*[\\][\\]%N[\\]USERPROFILES[\\]%U[[:blank:]]*" + ReplaceLineWith ' logon path = \\%N\USERPROFILES\%U' + EndGroup + CatchAbort + BeginGroupIfNoMatch "^[[:blank:]]*logon path[[:blank:]]*=[[:blank:]]*[\\][\\]%N[\\]USERPROFILES[\\]%U[[:blank:]]*" + InsertLine ' logon path = \\%N\USERPROFILES\%U' + EndGroup + + # + # preferred master = yes + # + LocateLineMatching "^[;[:blank:]]*preferred master[[:blank:]]*=.*" + BeginGroupIfNoLineMatching "^[[:blank:]]*preferred master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" + ReplaceLineWith ' preferred master = yes' + EndGroup + CatchAbort + BeginGroupIfNoMatch "^[[:blank:]]*preferred master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" + InsertLine ' preferred master = yes' + EndGroup + DefineClasses "samba_reload" + } + samba_reload:: + { /etc/samba/smb.conf + LocateLineMatching "^; EDITED BY CFENGINE .*" + ReplaceAll '; EDITED BY CFENGINE .*$' With '; EDITED BY CFENGINE $(date)' + CatchAbort + BeginGroupIfNoMatch "^; EDITED BY CFENGINE .*" + Append '; EDITED BY CFENGINE $(date)' + EndGroup + } + any:: + { /etc/samba/smb-shares-COMMON.conf + # + # This file contains all the shares common to all installations. + # We check if the proper sections are there and add them if they + # isn't. We don't check the file line for line. + # + AutoCreate + + # + # [netlogon] + # + BeginGroupIfNoLineMatching "^\[netlogon\]" + Append '[netlogon]' + Append ' comment = Network logon' + Append ' path = $(netlogshare)' + Append ' browsable = no' + Append ' writeable = no' + Append ' share modes = no' + EndGroup + # + # [userprofiles] + # + BeginGroupIfNoLineMatching "^\[userprofiles\]" + Append '[userprofiles]' + Append ' path = $(profshare)' + Append ' force user = %u' + Append ' writable = yes' + Append ' browsable = no' + Append ' root preexec = /bin/mkdir $(profshare)/%U \' + Append ' /bin/chown %U $(profshare)/%U \' + Append ' /bin/chmod 700 $(profshare)/%U' + EndGroup + # + # [homes] + # + BeginGroupIfNoLineMatching "^\[homes\]" + Append '[homes]' + Append ' path = /home/%u/shared' + Append ' browsable = no' + Append ' root preexec = /bin/mkdir /home/%u/shared \' + Append ' /bin/chown %U /home/%u/shared \' + Append ' /bin/chmod 644 /home/%u/shared' + EndGroup + # + # [programmer] + # + BeginGroupIfNoLineMatching "^\[programmer\]" + Append '[programmer]' + Append ' path = $(pgrshare)' + Append ' comment = Programmer' + Append ' browsable = yes' + Append ' guest ok = yes' + Append ' writeable = yes' + EndGroup + # + # [dokumenter] + # + BeginGroupIfNoLineMatching "^\[dokumenter\]" + Append '[dokumenter]' + Append ' path = $(datashare)' + Append ' comment = Fælles dokumenter' + Append ' browsable = yes' + Append ' guest ok = no' + Append ' writeable = yes' + EndGroup + DefineClasses "samba_reload" + } + samba_reload:: + { /etc/samba/smb-shares-COMMON.conf + LocateLineMatching "^; EDITED BY CFENGINE .*" + ReplaceAll '; EDITED BY CFENGINE .*$' With '; EDITED BY CFENGINE $(date)' + CatchAbort + BeginGroupIfNoMatch "^; EDITED BY CFENGINE .*" + Append '; EDITED BY CFENGINE $(date)' + EndGroup + } + any:: + # + # Local shares special for the site + # + { /etc/samba/smb-shares-$(site).conf + # + # We don't make this file dynamically, but instead we copy the contents + # of a master file, but only if it's newer than the one installed. + # + BeginGroupIfFileIsNewer "/etc/local-$(host).$(domain)/samba/smb-shares-$(site).conf" + EmptyEntireFilePlease + InsertFile "/etc/local-$(host).$(domain)/samba/smb-shares-$(site).conf" + Append "# Edited by cfengine $(date)" + EndGroup + DefineClasses "lprng_reload" + } + any:: + # + # Printer configuration stuff + # + { /etc/printcap + # + # We don't make the printcap dynamically, but instead we copy the contents + # of a master file, but only if it's newer than the one installed. + # + BeginGroupIfFileIsNewer "/etc/local-$(host).$(domain)/printcap" + EmptyEntireFilePlease + InsertFile "/etc/local-$(host).$(domain)/printcap" + Append "# Edited by cfengine $(date)" + EndGroup + DefineClasses "lprng_reload" + } + any:: + { /etc/samba/smb-printers.conf + # + # This file contains all the printers defined in the Linux printing + # system. There shouldn't be any need for setting up additional + # printer entries. Manage the printers through the Linux print + # system. + # We check if the proper sections are there and add them if they + # isn't. We don't check the file line for line. + # + AutoCreate + + # + # [printers] + # + BeginGroupIfNoLineMatching "^\[printers\]" + Append '[printers]' + Append ' comment = %S printer' + Append ' path = $(printdir)' + Append ' print command = /usr/bin/lpr -h %s' + Append ' lprm command = /usr/bin/lprm -P%S %j' + Append ' public = yes' + Append ' printable = yes' + EndGroup + } + samba_reload:: + { /etc/samba/smb-printers.conf + LocateLineMatching "^; EDITED BY CFENGINE .*" + ReplaceAll '; EDITED BY CFENGINE .*$' With '; EDITED BY CFENGINE $(date)' + CatchAbort + BeginGroupIfNoMatch "^; EDITED BY CFENGINE .*" + Append '; EDITED BY CFENGINE $(date)' + EndGroup + } + +directories: + $(netlogshare) + mode=755 + owner=root + group=root + $(commonsharedir) + mode=755 + owner=root + group=root + $(pgrshare) + mode=775 + owner=root + group=users + $(datashare) + mode=775 + owner=root + group=users + $(profshare) + mode=775 + owner=root + group=users + +processes: + "smb" restart "/etc/init.d/samba restart" + +shellcommands: + samba_reload:: + "/etc/init.d/samba force-reload" + netatalk_reload:: + "/etc/init.d/netatalk force-reload" + lprng_reload:: + "/etc/init.d/lprng force-reload" + cups_reload:: + "/etc/init.d/cups force-reload" |