control: AddInstallable = ( samba_reload netatalk_reload lprng_reload cups_reload lprng cups ) # # Variables for shares # You can change the paths here and it will be changed both in # the conf file and in the filesystem - But once it is implemented, # it is not wise to change it - the data in the shares doesn't get # moved! # You can change the rights on the shares in the "directories:" # section. # netlogshare = ( /etc/samba/netlogon ) commonsharedir = ( /var/local/filesharing/COMMON ) locsharedir = ( /var/local/filesharing/local ) datashare = ( /var/local/filesharing/COMMON/data ) pgrshare = ( /var/local/filesharing/COMMON/programs ) profshare = ( /var/local/filesharing/COMMON/samba/userprofiles ) printdir = ( /var/spool/samba ) # # Variables for lprng # editfiles: any:: # # Samba configuration stuff. # { /etc/samba/smb.conf # # Global stuff # # Remove share declarations from main smb.conf. It is split # up in the following files: # - smb.conf # - smb-shares-COMMON.conf # - smb-shares-$(site).conf # - smb-printers.conf # # DeleteLinesAfterThisMatching "^\[homes\]$(n)*.*" # ResetSearch "1" # CatchAbort # ResetSearch "1" # # Append the include lines for the files decribed above # AppendIfNoSuchLine "include = smb-shares-COMMON.conf" AppendIfNoSuchLine "include = smb-shares-local.conf" AppendIfNoSuchLine "include = smb-printers.conf" ResetSearch "1" # # workgroup = $(site) # LocateLineMatching "^[;[:blank:]]*workgroup[[:blank:]]*=.*" BeginGroupIfNoLineMatching '^[[:blank:]]*workgroup[[:blank:]]*=[[:blank:]]*$(site)[[:blank:]]*' ReplaceLineWith ' workgroup = $(site)' EndGroup CatchAbort BeginGroupIfNoMatch '^[[:blank:]]*workgroup[[:blank:]]*=[[:blank:]]*$(site)[[:blank:]]*' InsertLine ' workgroup = $(site)' EndGroup # # wins support = yes # LocateLineMatching "^[;[:blank:]]*wins support[[:blank:]]*=.*" BeginGroupIfNoLineMatching "^[[:blank:]]*wins support[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" ReplaceLineWith ' wins support = yes' EndGroup CatchAbort BeginGroupIfNoMatch "^[[:blank:]]*wins support[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" InsertLine ' wins support = yes' EndGroup # # os level = 65 # LocateLineMatching "^[;[:blank:]]*os level[[:blank:]]*=.*" BeginGroupIfNoLineMatching "^[[:blank:]]*os level[[:blank:]]*=[[:blank:]]*65[[:blank:]]*" ReplaceLineWith ' os level = 65' EndGroup CatchAbort BeginGroupIfNoMatch "^[[:blank:]]*os level[[:blank:]]*=[[:blank:]]*65[[:blank:]]*" InsertLine ' os level = 65' EndGroup # # domain master = yes # LocateLineMatching "^[;[:blank:]]*domain master[[:blank:]]*=.*" BeginGroupIfNoLineMatching "^[[:blank:]]*domain master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" ReplaceLineWith ' domain master = yes' EndGroup CatchAbort BeginGroupIfNoMatch "^[[:blank:]]*domain master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" InsertLine ' domain master = yes' EndGroup # # local master = yes # LocateLineMatching "^[;[:blank:]]*local master[[:blank:]]*=.*" BeginGroupIfNoLineMatching "^[[:blank:]]*local master[[:blank:]]*=[[:blank:]]*yes" ReplaceLineWith ' local master = yes' EndGroup CatchAbort BeginGroupIfNoMatch "^[[:blank:]]*local master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" InsertLine ' local master = yes' EndGroup # # logon drive = U: # LocateLineMatching "^[;[:blank:]]*logon drive[[:blank:]]*=.*" BeginGroupIfNoLineMatching "^[[:blank:]]*logon drive[[:blank:]]*=[[:blank:]]*U:[[:blank:]]*" ReplaceLineWith ' logon drive = U:' EndGroup CatchAbort BeginGroupIfNoMatch "^[[:blank:]]*logon drive[[:blank:]]*=[[:blank:]]*U:[[:blank:]]*" InsertLine ' logon drive = U:' EndGroup # # logon script = common.bat # LocateLineMatching "^[;[:blank:]]*logon script[[:blank:]]*=.*" BeginGroupIfNoLineMatching "^[[:blank:]]*logon script[[:blank:]]*=[[:blank:]]*common.bat[[:blank:]]*" ReplaceLineWith ' logon script = common.bat' EndGroup CatchAbort BeginGroupIfNoMatch "^[[:blank:]]*logon script[[:blank:]]*=[[:blank:]]*common.bat[[:blank:]]*" InsertLine ' logon script = common.bat' EndGroup # # domain logons = yes # LocateLineMatching "^[;[:blank:]]*domain logons[[:blank:]]*=.*" BeginGroupIfNoLineMatching "^[[:blank:]]*domain logons[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" ReplaceLineWith ' domain logons = yes' EndGroup CatchAbort BeginGroupIfNoMatch "^[[:blank:]]*domain logons[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" InsertLine ' domain logons = yes' EndGroup # # logon path = \\%N\USERPROFILES\%U # LocateLineMatching "^[;[:blank:]]*logon path[[:blank:]]*=.*" BeginGroupIfNoLineMatching "^[[:blank:]]*logon path[[:blank:]]*=[[:blank:]]*[\\][\\]%N[\\]USERPROFILES[\\]%U[[:blank:]]*" ReplaceLineWith ' logon path = \\%N\USERPROFILES\%U' EndGroup CatchAbort BeginGroupIfNoMatch "^[[:blank:]]*logon path[[:blank:]]*=[[:blank:]]*[\\][\\]%N[\\]USERPROFILES[\\]%U[[:blank:]]*" InsertLine ' logon path = \\%N\USERPROFILES\%U' EndGroup # # preferred master = yes # LocateLineMatching "^[;[:blank:]]*preferred master[[:blank:]]*=.*" BeginGroupIfNoLineMatching "^[[:blank:]]*preferred master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" ReplaceLineWith ' preferred master = yes' EndGroup CatchAbort BeginGroupIfNoMatch "^[[:blank:]]*preferred master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*" InsertLine ' preferred master = yes' EndGroup DefineClasses "samba_reload" } samba_reload:: { /etc/samba/smb.conf LocateLineMatching "^; EDITED BY CFENGINE .*" ReplaceAll '; EDITED BY CFENGINE .*$' With '; EDITED BY CFENGINE $(date)' CatchAbort BeginGroupIfNoMatch "^; EDITED BY CFENGINE .*" Append '; EDITED BY CFENGINE $(date)' EndGroup } any:: { /etc/samba/smb-shares-COMMON.conf # # This file contains all the shares common to all installations. # We check if the proper sections are there and add them if they # isn't. We don't check the file line for line. # AutoCreate # # [netlogon] # BeginGroupIfNoLineMatching "^\[netlogon\]" Append '[netlogon]' Append ' comment = Network logon' Append ' path = $(netlogshare)' Append ' browsable = no' Append ' writeable = no' Append ' share modes = no' EndGroup # # [userprofiles] # BeginGroupIfNoLineMatching "^\[userprofiles\]" Append '[userprofiles]' Append ' path = $(profshare)' Append ' force user = %u' Append ' writable = yes' Append ' browsable = no' Append ' root preexec = /bin/mkdir $(profshare)/%U \' Append ' /bin/chown %U $(profshare)/%U \' Append ' /bin/chmod 700 $(profshare)/%U' EndGroup # # [homes] # BeginGroupIfNoLineMatching "^\[homes\]" Append '[homes]' Append ' path = /home/%u/shared' Append ' browsable = no' Append ' root preexec = /bin/mkdir /home/%u/shared \' Append ' /bin/chown %U /home/%u/shared \' Append ' /bin/chmod 644 /home/%u/shared' EndGroup # # [programmer] # BeginGroupIfNoLineMatching "^\[programmer\]" Append '[programmer]' Append ' path = $(pgrshare)' Append ' comment = Programmer' Append ' browsable = yes' Append ' guest ok = yes' Append ' writeable = yes' EndGroup # # [dokumenter] # BeginGroupIfNoLineMatching "^\[dokumenter\]" Append '[dokumenter]' Append ' path = $(datashare)' Append ' comment = Fælles dokumenter' Append ' browsable = yes' Append ' guest ok = no' Append ' writeable = yes' EndGroup DefineClasses "samba_reload" } samba_reload:: { /etc/samba/smb-shares-COMMON.conf LocateLineMatching "^; EDITED BY CFENGINE .*" ReplaceAll '; EDITED BY CFENGINE .*$' With '; EDITED BY CFENGINE $(date)' CatchAbort BeginGroupIfNoMatch "^; EDITED BY CFENGINE .*" Append '; EDITED BY CFENGINE $(date)' EndGroup } any:: # # Local shares special for the site # { /etc/samba/smb-shares-$(site).conf # # We don't make this file dynamically, but instead we copy the contents # of a master file, but only if it's newer than the one installed. # BeginGroupIfFileIsNewer "/etc/local-$(host).$(domain)/samba/smb-shares-$(site).conf" EmptyEntireFilePlease InsertFile "/etc/local-$(host).$(domain)/samba/smb-shares-$(site).conf" Append "# Edited by cfengine $(date)" EndGroup DefineClasses "lprng_reload" } any:: # # Printer configuration stuff # { /etc/printcap # # We don't make the printcap dynamically, but instead we copy the contents # of a master file, but only if it's newer than the one installed. # BeginGroupIfFileIsNewer "/etc/local-$(host).$(domain)/printcap" EmptyEntireFilePlease InsertFile "/etc/local-$(host).$(domain)/printcap" Append "# Edited by cfengine $(date)" EndGroup DefineClasses "lprng_reload" } any:: { /etc/samba/smb-printers.conf # # This file contains all the printers defined in the Linux printing # system. There shouldn't be any need for setting up additional # printer entries. Manage the printers through the Linux print # system. # We check if the proper sections are there and add them if they # isn't. We don't check the file line for line. # AutoCreate # # [printers] # BeginGroupIfNoLineMatching "^\[printers\]" Append '[printers]' Append ' comment = %S printer' Append ' path = $(printdir)' Append ' print command = /usr/bin/lpr -h %s' Append ' lprm command = /usr/bin/lprm -P%S %j' Append ' public = yes' Append ' printable = yes' EndGroup } samba_reload:: { /etc/samba/smb-printers.conf LocateLineMatching "^; EDITED BY CFENGINE .*" ReplaceAll '; EDITED BY CFENGINE .*$' With '; EDITED BY CFENGINE $(date)' CatchAbort BeginGroupIfNoMatch "^; EDITED BY CFENGINE .*" Append '; EDITED BY CFENGINE $(date)' EndGroup } directories: $(netlogshare) mode=755 owner=root group=root $(commonsharedir) mode=755 owner=root group=root $(pgrshare) mode=775 owner=root group=users $(datashare) mode=775 owner=root group=users $(profshare) mode=775 owner=root group=users processes: "smb" restart "/etc/init.d/samba restart" shellcommands: samba_reload:: "/etc/init.d/samba force-reload" netatalk_reload:: "/etc/init.d/netatalk force-reload" lprng_reload:: "/etc/init.d/lprng force-reload" cups_reload:: "/etc/init.d/cups force-reload"