blob: fb0ca5c7e7a75b1f40c3d718b75400c796f1ca95 (
plain)
- control:
- AddInstallable = ( samba samba_reload netatalk netatalk_reload lprng lprng_reload cups cups_reload )
-
- #
- # Variables for shares
- # You can change the paths here and it will be changed both in
- # the conf file and in the filesystem - But once it is implemented,
- # it is not wise to change it - the data in the shares doesn't get
- # moved!
- # You can change the rights on the shares in the "directories:"
- # section.
- #
- netlogshare = ( /etc/samba/netlogon )
- commonsharedir = ( /var/local/filesharing/COMMON )
- locsharedir = ( /var/local/filesharing/local )
- datashare = ( /var/local/filesharing/COMMON/documents )
- pgrshare = ( /var/local/filesharing/COMMON/software )
- profshare = ( /var/local/filesharing/COMMON/samba/userprofiles )
- printdir = ( /var/spool/samba )
-
- #
- # Determine if this is a samba server, netatalk server or both, and define
- # classes based on that.
- #
- classes:
- samba = ( `/usr/bin/test -x /usr/sbin/smbd` )
- netatalk = ( `/usr/bin/test -x /usr/sbin/afpd` )
-
- #
- # Determine which print system is in use, and define classes based on that.
- # We only support lprng and cups
- #
- lprng = ( `/usr/bin/test -x /usr/sbin/lpd` )
- cups = ( `/usr/bin/test -x /usr/sbin/cupsd` )
-
- editfiles:
- samba::
- #
- # Samba configuration stuff.
- #
- { /etc/samba/smb.conf
- #
- # Global stuff
- #
- # Remove share declarations from main smb.conf. It is split
- # up in the following files:
- # - smb.conf
- # - smb-shares-COMMON.conf
- # - smb-shares-$(site).conf
- # - smb-printers.conf
- #
- # DeleteLinesAfterThisMatching "^\[homes\]$(n)*.*"
- # ResetSearch "1"
- # CatchAbort
- # ResetSearch "1"
-
- #
- # Append the include lines for the files decribed above
- #
- AppendIfNoSuchLine "include = /etc/samba/smb-shares-COMMON.conf"
- AppendIfNoSuchLine "include = /etc/samba/smb-printers.conf"
- BeginGroupIfFileExists "/etc/local-COMMON/samba/smb-shares-$(site).conf"
- AppendIfNoSuchLine "include = /etc/samba/smb-shares-$(site).conf"
- EndGroup
- ResetSearch "1"
- #
- # workgroup = $(site)
- #
- LocateLineMatching "^[;[:blank:]]*workgroup[[:blank:]]*=.*"
- BeginGroupIfNoLineMatching '^[[:blank:]]*workgroup[[:blank:]]*=[[:blank:]]*$(site)[[:blank:]]*'
- ReplaceLineWith ' workgroup = $(site)'
- EndGroup
- CatchAbort
- BeginGroupIfNoMatch '^[[:blank:]]*workgroup[[:blank:]]*=[[:blank:]]*$(site)[[:blank:]]*'
- InsertLine ' workgroup = $(site)'
- EndGroup
- #
- # wins support = yes
- #
- LocateLineMatching "^[;[:blank:]]*wins support[[:blank:]]*=.*"
- BeginGroupIfNoLineMatching "^[[:blank:]]*wins support[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
- ReplaceLineWith ' wins support = yes'
- EndGroup
- CatchAbort
- BeginGroupIfNoMatch "^[[:blank:]]*wins support[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
- InsertLine ' wins support = yes'
- EndGroup
- #
- # os level = 65
- #
- LocateLineMatching "^[;[:blank:]]*os level[[:blank:]]*=.*"
- BeginGroupIfNoLineMatching "^[[:blank:]]*os level[[:blank:]]*=[[:blank:]]*65[[:blank:]]*"
- ReplaceLineWith ' os level = 65'
- EndGroup
- CatchAbort
- BeginGroupIfNoMatch "^[[:blank:]]*os level[[:blank:]]*=[[:blank:]]*65[[:blank:]]*"
- InsertLine ' os level = 65'
- EndGroup
- #
- # domain master = yes
- #
- LocateLineMatching "^[;[:blank:]]*domain master[[:blank:]]*=.*"
- BeginGroupIfNoLineMatching "^[[:blank:]]*domain master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
- ReplaceLineWith ' domain master = yes'
- EndGroup
- CatchAbort
- BeginGroupIfNoMatch "^[[:blank:]]*domain master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
- InsertLine ' domain master = yes'
- EndGroup
- #
- # local master = yes
- #
- LocateLineMatching "^[;[:blank:]]*local master[[:blank:]]*=.*"
- BeginGroupIfNoLineMatching "^[[:blank:]]*local master[[:blank:]]*=[[:blank:]]*yes"
- ReplaceLineWith ' local master = yes'
- EndGroup
- CatchAbort
- BeginGroupIfNoMatch "^[[:blank:]]*local master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
- InsertLine ' local master = yes'
- EndGroup
- #
- # logon drive = U:
- #
- LocateLineMatching "^[;[:blank:]]*logon drive[[:blank:]]*=.*"
- BeginGroupIfNoLineMatching "^[[:blank:]]*logon drive[[:blank:]]*=[[:blank:]]*U:[[:blank:]]*"
- ReplaceLineWith ' logon drive = U:'
- EndGroup
- CatchAbort
- BeginGroupIfNoMatch "^[[:blank:]]*logon drive[[:blank:]]*=[[:blank:]]*U:[[:blank:]]*"
- InsertLine ' logon drive = U:'
- EndGroup
-
- #
- # logon script = common.bat
- #
- LocateLineMatching "^[;[:blank:]]*logon script[[:blank:]]*=.*"
- BeginGroupIfNoLineMatching "^[[:blank:]]*logon script[[:blank:]]*=[[:blank:]]*common.bat[[:blank:]]*"
- ReplaceLineWith ' logon script = common.bat'
- EndGroup
- CatchAbort
- BeginGroupIfNoMatch "^[[:blank:]]*logon script[[:blank:]]*=[[:blank:]]*common.bat[[:blank:]]*"
- InsertLine ' logon script = common.bat'
- EndGroup
- #
- # domain logons = yes
- #
- LocateLineMatching "^[;[:blank:]]*domain logons[[:blank:]]*=.*"
- BeginGroupIfNoLineMatching "^[[:blank:]]*domain logons[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
- ReplaceLineWith ' domain logons = yes'
- EndGroup
- CatchAbort
- BeginGroupIfNoMatch "^[[:blank:]]*domain logons[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
- InsertLine ' domain logons = yes'
- EndGroup
- #
- # logon path = \\%N\USERPROFILES\%U
- #
- LocateLineMatching "^[;[:blank:]]*logon path[[:blank:]]*=.*"
- BeginGroupIfNoLineMatching "^[[:blank:]]*logon path[[:blank:]]*=[[:blank:]]*[\\][\\]%N[\\]USERPROFILES[\\]%U[[:blank:]]*"
- ReplaceLineWith ' logon path = \\%N\USERPROFILES\%U'
- EndGroup
- CatchAbort
- BeginGroupIfNoMatch "^[[:blank:]]*logon path[[:blank:]]*=[[:blank:]]*[\\][\\]%N[\\]USERPROFILES[\\]%U[[:blank:]]*"
- InsertLine ' logon path = \\%N\USERPROFILES\%U'
- EndGroup
- #
- # preferred master = yes
- #
- LocateLineMatching "^[;[:blank:]]*preferred master[[:blank:]]*=.*"
- BeginGroupIfNoLineMatching "^[[:blank:]]*preferred master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
- ReplaceLineWith ' preferred master = yes'
- EndGroup
- CatchAbort
- BeginGroupIfNoMatch "^[[:blank:]]*preferred master[[:blank:]]*=[[:blank:]]*yes[[:blank:]]*"
- InsertLine ' preferred master = yes'
- EndGroup
- DefineClasses "samba_reload"
- }
- { /etc/samba/smb-shares-COMMON.conf
- #
- # This file contains all the shares common to all installations.
- # We check if the proper sections are there and add them if they
- # isn't. We don't check the file line for line.
- #
- AutoCreate
-
- #
- # [netlogon]
- #
- BeginGroupIfNoLineMatching "^\[netlogon\]"
- Append '[netlogon]'
- Append ' comment = Network logon'
- Append ' path = $(netlogshare)'
- Append ' browsable = no'
- Append ' writeable = no'
- Append ' share modes = no'
- EndGroup
- #
- # [userprofiles]
- #
- BeginGroupIfNoLineMatching "^\[userprofiles\]"
- Append '[userprofiles]'
- Append ' path = $(profshare)'
- Append ' force user = %u'
- Append ' writable = yes'
- Append ' browsable = no'
- Append ' root preexec = /bin/mkdir $(profshare)/%U \'
- Append ' /bin/chown %U $(profshare)/%U \'
- Append ' /bin/chmod 700 $(profshare)/%U'
- EndGroup
- #
- # [homes]
- #
- BeginGroupIfNoLineMatching "^\[homes\]"
- Append '[homes]'
- Append ' path = /home/%u/shared'
- Append ' browsable = no'
- Append ' root preexec = /bin/mkdir /home/%u/shared \'
- Append ' /bin/chown %U /home/%u/shared \'
- Append ' /bin/chmod 644 /home/%u/shared'
- EndGroup
- #
- # [programmer]
- #
- BeginGroupIfNoLineMatching "^\[software\]"
- Append '[software]'
- Append ' path = $(pgrshare)'
- Append ' comment = Fælles software'
- Append ' browsable = yes'
- Append ' guest ok = yes'
- Append ' writeable = yes'
- EndGroup
- #
- # [dokumenter]
- #
- BeginGroupIfNoLineMatching "^\[dokumenter\]"
- Append '[dokumenter]'
- Append ' path = $(datashare)'
- Append ' comment = Fælles dokumenter'
- Append ' browsable = yes'
- Append ' guest ok = no'
- Append ' writeable = yes'
- EndGroup
- DefineClasses "samba_reload"
- }
- #
- # Local shares special for the site.
- # In this file you can define special shares that you need
- #
- { /etc/samba/smb-shares-$(site).conf
- #
- # We don't make this file dynamically, but instead we copy the contents
- # of a master file, but only if it's newer than the one installed.
- #
- BeginGroupIfFileIsNewer "/etc/local-COMMON/samba/smb-shares-$(site).conf"
- EmptyEntireFilePlease
- InsertFile "/etc/local-COMMON/samba/smb-shares-$(site).conf"
- Append "; Edited by cfengine $(date)"
- EndGroup
- DefineClasses "samba_reload"
- }
- { /etc/samba/smb-printers.conf
- #
- # This file contains all the printers defined in the Linux printing
- # system. There shouldn't be any need for setting up additional
- # printer entries. Manage the printers through the Linux print
- # system you have installed - cups or lprng.
- # We check if the proper sections are there and add them if they
- # isn't. We don't check the file line for line.
- #
- AutoCreate
-
- #
- # [printers]
- #
- BeginGroupIfNoLineMatching "^\[printers\]"
- Append '[printers]'
- Append ' comment = %S printer'
- Append ' path = $(printdir)'
- Append ' print command = /usr/bin/lpr -h %s'
- Append ' lprm command = /usr/bin/lprm -P%S %j'
- Append ' public = yes'
- Append ' printable = yes'
- EndGroup
- }
- #
- # Batch file for mounting shares automatically
- #
- { /etc/samba/netlogon/common.bat
- #
- # We don't make this file dynamically, but instead we copy the contents
- # of a master file, but only if it's newer than the one installed.
- #
- BeginGroupIfFileIsNewer "/etc/local-COMMON/samba/netlogon/common.bat"
- AutoCreate
- EmptyEntireFilePlease
- InsertFile "/etc/local-COMMON/samba/netlogon/common.bat"
- Append "rem Edited by cfengine $(date)"
- EndGroup
- DefineClasses "samba_reload"
- }
- lprng::
- { /etc/samba/smb.conf
- #
- # printing = lprng
- #
- ResetSearch "1"
- LocateLineMatching "^[;[:blank:]]*printing[[:blank:]]*=.*"
- BeginGroupIfNoLineMatching '^[[:blank:]]*printing[[:blank:]]*=[[:blank:]]*lprng[[:blank:]]*'
- ReplaceLineWith ' printing = lprng'
- EndGroup
- CatchAbort
- BeginGroupIfNoMatch '^[[:blank:]]*printing[[:blank:]]*=[[:blank:]]*lprng[[:blank:]]*'
- InsertLine ' printing = lprng'
- EndGroup
- DefineClasses "samba_reload"
- }
- #
- # Printer configuration stuff
- #
- { /etc/printcap
- #
- # We don't make the printcap dynamically, but instead we copy the contents
- # of a master file, but only if it's newer than the one installed.
- #
- BeginGroupIfFileIsNewer "/etc/local-COMMON/printcap.$(site)"
- EmptyEntireFilePlease
- InsertFile "/etc/local-COMMON/printcap.$(site)"
- Append "# Edited by cfengine $(date)"
- EndGroup
- DefineClasses "lprng_reload"
- }
- samba_reload::
- { /etc/samba/smb.conf
- LocateLineMatching "^; EDITED BY CFENGINE .*"
- ReplaceAll '; EDITED BY CFENGINE .*$' With '; EDITED BY CFENGINE $(date)'
- CatchAbort
- BeginGroupIfNoMatch "^; EDITED BY CFENGINE .*"
- Append '; EDITED BY CFENGINE $(date)'
- EndGroup
- }
- { /etc/samba/smb-shares-COMMON.conf
- LocateLineMatching "^; EDITED BY CFENGINE .*"
- ReplaceAll '; EDITED BY CFENGINE .*$' With '; EDITED BY CFENGINE $(date)'
- CatchAbort
- BeginGroupIfNoMatch "^; EDITED BY CFENGINE .*"
- Append '; EDITED BY CFENGINE $(date)'
- EndGroup
- }
- { /etc/samba/smb-shares-$(site).conf
- LocateLineMatching "^; EDITED BY CFENGINE .*"
- ReplaceAll '; EDITED BY CFENGINE .*$' With '; EDITED BY CFENGINE $(date)'
- CatchAbort
- BeginGroupIfNoMatch "^; EDITED BY CFENGINE .*"
- Append '; EDITED BY CFENGINE $(date)'
- EndGroup
- }
- { /etc/samba/smb-printers.conf
- LocateLineMatching "^; EDITED BY CFENGINE .*"
- ReplaceAll '; EDITED BY CFENGINE .*$' With '; EDITED BY CFENGINE $(date)'
- CatchAbort
- BeginGroupIfNoMatch "^; EDITED BY CFENGINE .*"
- Append '; EDITED BY CFENGINE $(date)'
- EndGroup
- }
- directories:
- any::
- $(commonsharedir)
- mode=755
- owner=root
- group=root
- $(locsharedir)
- mode=775
- owner=root
- group=root
- $(pgrshare)
- mode=775
- owner=root
- group=users
- $(datashare)
- mode=775
- owner=root
- group=users
- samba::
- $(netlogshare)
- mode=755
- owner=root
- group=root
- $(profshare)
- mode=775
- owner=root
- group=users
- processes:
- "smb" restart "/etc/init.d/samba restart"
- shellcommands:
- samba_reload::
- "/etc/init.d/samba force-reload"
- netatalk_reload::
- "/etc/init.d/netatalk force-reload"
- lprng_reload::
- "/etc/init.d/lprng force-reload"
- cups_reload::
- "/etc/init.d/cups force-reload"
|
