diff -ur -x etc /opt/openfiler.orig/var/www/htdocs/admin/shares_edit.html /opt/openfiler/var/www/htdocs/admin/shares_edit.html --- /opt/openfiler.orig/var/www/htdocs/admin/shares_edit.html 2007-03-04 22:23:29.000000000 +0100 +++ /opt/openfiler/var/www/htdocs/admin/shares_edit.html 2007-09-13 16:03:22.000000000 +0200 @@ -36,7 +36,7 @@ $share_type = ""; $share_description = ""; $share_count = 0; - $share_accesspublic = 0; + $share_accesspublic = "custom"; $share_smb_oplocks = 1; $share_smb_sharename = ""; $groups_access = array(); @@ -132,10 +132,13 @@ } else if ($name == "ACCESS") { - if ($attrs["PUBLIC"] != "yes") - $share_accesspublic = 0; - else - $share_accesspublic = 1; + if ($attrs["TYPE"] == "custom") { + $share_accesspublic = "custom"; + } else if($attrs["TYPE"] == "public") { + $share_accesspublic = "public"; + } else if($attrs["TYPE"] == "controlled") { + $share_accesspublic = "controlled"; + } } else if ($name == "SMB") { @@ -482,10 +485,7 @@ if ($groups_primary != 0) fputs($fp, "\t\n"); - if ($share_accesspublic == 0) - fputs($fp, "\t\n"); - else - fputs($fp, "\t\n"); + fputs($fp, "\t\n"); if ($share_smb_oplocks == 0) fputs($fp, "\t\n"); @@ -602,10 +602,7 @@ if ($groups_primary != 0) fputs($fp, "\t\n"); - if ($share_accesspublic == 0) - fputs($fp, "\t\n"); - else - fputs($fp, "\t\n"); + fputs($fp, "\t\n"); if ($share_smb_oplocks == 0) fputs($fp, "\t\n"); @@ -720,10 +717,7 @@ if ($groups_primary != 0) fputs($fp, "\t\n"); - if ($share_accesspublic == 0) - fputs($fp, "\t\n"); - else - fputs($fp, "\t\n"); + fputs($fp, "\t\n"); if ($share_smb_oplocks == 0) fputs($fp, "\t\n"); @@ -844,10 +838,7 @@ if (isset($shareaccesspublic)) { - if ($shareaccesspublic != "public") - fputs($fp, "\t\n"); - else - fputs($fp, "\t\n"); + fputs($fp, "\t\n"); } if ($share_smb_oplocks == 0) @@ -963,10 +954,7 @@ if ($groups_primary != 0) fputs($fp, "\t\n"); - if ($share_accesspublic == 0) - fputs($fp, "\t\n"); - else - fputs($fp, "\t\n"); + fputs($fp, "\t\n"); if ((isset($smboplocks)) && ($smboplocks == "on")) fputs($fp, "\t\n"); @@ -1109,7 +1097,7 @@ print("

Group access configuration

\n"); - if (($groups_primary == 0) && ($share_accesspublic == 0)) + if (($groups_primary == 0) && ($share_accesspublic == "controlled")) print("

A primary group has not been set yet.
This share will not be enabled until a primary group is set first
or the share has been made a guest share.

\n"); print("

If you want to see groups from network directory servers
here, please configure them in the authentication section.

\n"); @@ -1122,10 +1110,13 @@
- + + + + - +
/> Public guest access /> Custom/manual access control
/> Public guest access
/> Controlled access /> Controlled access
diff -ur -x etc /opt/openfiler.orig/var/www/includes/generate.incl /opt/openfiler/var/www/includes/generate.incl --- /opt/openfiler.orig/var/www/includes/generate.incl 2007-03-12 23:01:12.000000000 +0100 +++ /opt/openfiler/var/www/includes/generate.incl 2007-09-13 17:33:04.000000000 +0200 @@ -366,7 +366,7 @@ global $ac_groups_access, $ac_groups_primary; global $ac_share_accesspublic, $ac_smb_oplocks, $ac_smb_sharename; - $ac_share_accesspublic = 0; + $ac_share_accesspublic = "custom"; $ac_networks_count = 0; $ac_networks_name = array(); $ac_networks_network = array(); @@ -447,10 +447,7 @@ } else if ($ac_name == "ACCESS") { - if ($ac_attrs["PUBLIC"] != "yes") - $ac_share_accesspublic = 0; - else - $ac_share_accesspublic = 1; + $ac_share_accesspublic = $ac_attrs["TYPE"]; } else if ($ac_name == "SMB") { @@ -610,7 +607,7 @@ } } - if (($ac_groups_primary > 0) && ($ac_share_accesspublic == 0)) + if (($ac_groups_primary > 0) && ($ac_share_accesspublic == "controlled")) { if (($ac_chmod) && (($ac_chmod_path == "") || ($ac_chmod_path == ($ac_mountpoint . $ac_file)))) { @@ -917,7 +914,7 @@ fputs($ac_http_fp, "Alias \"" . $ac_mountpoint . $ac_file . "\" \"" . $ac_mountpoint . $ac_file . "\"\n\n"); } } - else if ($ac_share_accesspublic != 0) + else if ($ac_share_accesspublic == "public") { if (($ac_chmod) && (($ac_chmod_path == "") || ($ac_chmod_path == ($ac_mountpoint . $ac_file)))) { @@ -1158,6 +1155,240 @@ fputs($ac_http_fp, "Alias \"" . $ac_mountpoint . $ac_file . "\" \"" . $ac_mountpoint . $ac_file . "\"\n\n"); } } + else + { + $do_samba = 0; + $do_afp = 0; + $do_http = 0; + $http_readonly_networks = false; + $do_ftp = 0; + $ftp_readonly_networks = false; + + $samba_networks = ""; + $samba_readonly_networks = ""; + + /* NFS section */ + + for ($i = 0; $i < count($ac_networks_network); $i++) + { + if (substr($ac_networks_access[$i], 0, 1) != "n") + { + // $do_samba = 1; + if (substr($ac_networks_access[$i], 0, 1) != "n") + fputs($ac_nfsv3_fp, $ac_mountpoint . $ac_file . " " . $ac_networks_network[$i] . "/" . $ac_networks_netmask[$i] . "(" . (((substr($ac_networks_access[$i], 0, 1) == "o") || ($ac_is_snapshot)) ? "ro" : "rw") . "," . ((substr($ac_networks_access[$i], 4, 1) == "y") ? "no_root_squash" : "root_squash") . "," . ((substr($ac_networks_access[$i], 8, 1) == "y") ? "insecure" : "secure") . ",sync)\n"); + } + + if ((substr($ac_networks_access[$i], 1, 1) == "y") || (substr($ac_networks_access[$i], 1, 1) == "o")) + { + $samba_networks .= " " . $ac_networks_network[$i] . "/" . $ac_networks_netmask[$i]; + $do_samba = 1; + + if (substr($ac_networks_access[$i], 1, 1) == "o") + $samba_readonly_networks .= " " . $ac_networks_network[$i] . "/" . $ac_networks_netmask[$i]; + } + + if (substr($ac_networks_access[$i], 3, 1) == "y") + $do_afp = 1; + + if (substr($ac_networks_access[$i], 5, 1) != " ") + $do_http = 1; + + if (substr($ac_networks_access[$i], 5, 1) == "o") + $http_readonly_networks = true; + + if (substr($ac_networks_access[$i], 9, 1) != " ") + $do_ftp = 1; + + if (substr($ac_networks_access[$i], 9, 1) == "o") + $ftp_readonly_networks = true; + } + + /* SMB section */ + + if ($do_samba != 0) + { + fputs($ac_smb_fp, "[" . $ac_dir_description_temp . "]\n"); + fputs($ac_smb_fp, "\tcomment = " . $ac_dir_description . "\n"); + fputs($ac_smb_fp, "\tpath = " . $ac_mountpoint . $ac_file . "\n"); + + if (!$ac_is_snapshot) + { + fputs($ac_smb_fp, "\tread only = no\n"); + fputs($ac_smb_fp, "\twriteable = yes\n"); + } + else + { + fputs($ac_smb_fp, "\tread only = yes\n"); + fputs($ac_smb_fp, "\twriteable = no\n"); + } + + if ($ac_smb_oplocks == 0) + { + fputs($ac_smb_fp, "\toplocks = no\n"); + fputs($ac_smb_fp, "\tlevel2 oplocks = no\n"); + } + else + { + fputs($ac_smb_fp, "\toplocks = yes\n"); + fputs($ac_smb_fp, "\tlevel2 oplocks = yes\n"); + } + + // fputs($ac_smb_fp, "\t; valid users = \n"); + fputs($ac_smb_fp, "\tshare modes = yes\n"); + fputs($ac_smb_fp, "\tveto oplock files = /*.mdb/*.MDB/*.dbf/*.DBF/\n"); + fputs($ac_smb_fp, "\tcreate mode = 0770\n"); + fputs($ac_smb_fp, "\tdirectory mode = 2770\n"); + fputs($ac_smb_fp, "\tprintable = no\n"); + fputs($ac_smb_fp, "\tbrowseable = yes\n"); + // fputs($ac_smb_fp, "\tpublic = no\n"); + fputs($ac_smb_fp, "\tguest ok = no\n"); + fputs($ac_smb_fp, "\thosts allow =" . $samba_networks . "\n"); + fputs($ac_smb_fp, "\thosts readonly allow =" . $samba_readonly_networks . "\n"); + + if (!$ac_is_snapshot) + { + + /* First clean up any existing @GMT-timestamp entries */ + + $ac_snap_handle = opendir($ac_mountpoint . $ac_file); + + while ($ac_snap_file = readdir($ac_snap_handle)) + if ((strlen($ac_snap_file) > 5) && (substr($ac_snap_file, 0, "5") == "@GMT-")) + exec("/usr/bin/sudo /bin/rm -f " . escapeshellarg($ac_mountpoint . $ac_file . "/" . $ac_snap_file)); + + closedir($ac_snap_handle); + + $use_shadow_copy = FALSE; + + for ($ac_si = 0; $ac_si < count($ac_snapshots_id); $ac_si++) + { + if (($ac_snapshots_vgname[$ac_si] == $ac_vg) && ($ac_snapshots_lvname[$ac_si] == $ac_lv) && ($ac_snapshots_shared[$ac_si] == "yes")) + { + $ac_snap_mountpoint = "/mnt/snapshots/" . $ac_snapshots_vgname[$ac_si] . "/" . $ac_snapshots_lvname[$ac_si] . "/" . $ac_snapshots_id[$ac_si] . "/"; + $ac_snap_timestamp = date("Y.m.d-H.i.s", strtotime($ac_snapshots_timestamp[$ac_si])); + + if (is_dir($ac_snap_mountpoint)) + { + exec("/usr/bin/sudo /bin/ln -s " . escapeshellarg($ac_snap_mountpoint . $ac_share_path . $ac_file) . " " . escapeshellarg($ac_mountpoint . $ac_file . "/@GMT-" . $ac_snap_timestamp)); + $use_shadow_copy = TRUE; + } + } + + } + + if ($use_shadow_copy) + fputs($ac_smb_fp, "\tvfs objects = shadow_copy\n"); + } + + fputs($ac_smb_fp, "\n"); + } + + /* AFP section + + if ($do_afp != 0) + fputs($ac_afp_fp, $ac_mountpoint . $ac_file . " \"" . $ac_dir_description . "\"\n"); + + */ + + + /* Begin FTP section */ + + if ($do_ftp == 0) + { + fputs($ac_ftp_conf_fp, "\n"); + fputs($ac_ftp_conf_fp, " DenyAll\n"); + fputs($ac_ftp_conf_fp, "\n\n"); + } + + else + { + fputs($ac_ftp_conf_fp, "\n"); + + if ($ftp_readonly_networks) + { + fputs($ac_ftp_conf_fp, "\t\n"); + for ($i = 0; $i < count($ac_networks_network); $i++) + { + if (substr($ac_networks_access[$i], 9, 1) == "o") + fputs($ac_ftp_conf_fp, "\t\tAllow from " . $ac_networks_network[$i] . "" . convert_netmask($ac_networks_netmask[$i]) . "\n"); + } + fputs($ac_ftp_conf_fp, "\t\n"); + } + + fputs($ac_ftp_conf_fp, "\t\n"); + for ($i = 0; $i < count($ac_networks_network); $i++) + { + if (substr($ac_networks_access[$i], 9, 1) == "y") + fputs($ac_ftp_conf_fp, "\t\tAllow from " . $ac_networks_network[$i] . "" . convert_netmask($ac_networks_netmask[$i]) . "\n"); + } + fputs($ac_ftp_conf_fp, "\t\n\n"); + + fputs($ac_ftp_conf_fp, "\n"); + } + + /* End FTP Section*/ + + /* HTTP / FTP section */ + + if ($do_http == 0) + { + fputs($ac_http_fp, "\n"); + fputs($ac_http_fp, "\tOrder Allow,Deny\n"); + fputs($ac_http_fp, "\tDeny from all\n\n"); + fputs($ac_http_fp, "\n\n"); + + } + else + { + fputs($ac_http_fp, "\n"); + fputs($ac_http_fp, "\tOptions +Indexes\n"); + fputs($ac_http_fp, "\tAllowOverride None\n"); + fputs($ac_http_fp, "\tAuthType Basic\n"); + fputs($ac_http_fp, "\tAuthName \"" . $ac_dir_description . "\"\n\n"); + + fputs($ac_http_fp, "\tAuthPAM_Enabled on\n"); + fputs($ac_http_fp, "\tAuthPAM_FallThrough on\n\n"); + + if ($ac_http_group_readonlys) + { + fputs($ac_http_fp, "\t\n"); + fputs($ac_http_fp, $http_rstr_ro); + fputs($ac_http_fp, "\t\n\n"); + } + + fputs($ac_http_fp, $http_rstr_rw . "\n"); + + fputs($ac_http_fp, "\tOrder Allow,Deny\n"); + fputs($ac_http_fp, "\t# Deny from all\n\n"); + + if ($http_readonly_networks) + { + fputs($ac_http_fp, "\t\n"); + + for ($i = 0; $i < count($ac_networks_network); $i++) + { + if (substr($ac_networks_access[$i], 5, 1) == "o") + fputs($ac_http_fp, "\t\tAllow from " . $ac_networks_network[$i] . "/" . $ac_networks_netmask[$i] . "\n"); + } + + fputs($ac_http_fp, "\t\n\n"); + } + + fputs($ac_http_fp, "\t\n"); + for ($i = 0; $i < count($ac_networks_network); $i++) + if (substr($ac_networks_access[$i], 5, 1) == "y") + fputs($ac_http_fp, "\tAllow from " . $ac_networks_network[$i] . "/" . $ac_networks_netmask[$i] . "\n"); + fputs($ac_http_fp, "\t\n\n"); + + + fputs($ac_http_fp, "\n"); + fputs($ac_http_fp, "\n"); + + + + fputs($ac_http_fp, "Alias \"" . $ac_mountpoint . $ac_file . "\" \"" . $ac_mountpoint . $ac_file . "\"\n\n"); + } + } } if ($ac_dir_type == "closed") Only in /opt/openfiler/var/www/includes: .generate.incl.swp