path: root/net/samba4/files/samba.init

#!/bin/sh /etc/rc.common

START=98
STOP=05
USE_PROCD=1

SAMBA_IFACE=""

config_get_sane() {
	config_get "$@"
	set -- "$(echo "$1" | tr -d '<>[]{};%?=#\n')"
}

smb_header() {
	config_get_sane SAMBA_IFACE "$1" interface "lan"

	# resolve interfaces
	interfaces=$(
		. /lib/functions/network.sh

		for net in $SAMBA_IFACE; do
			network_is_up "$net" || continue
			network_get_device device "$net"
			printf "%s " "${device:-$net}"
		done
	)

	# we dont use netbios anymore as default and wsd/avahi is dns based
	hostname="$(sed 's/\..*//' /proc/sys/kernel/hostname | tr -d '{};%?=#\n')"

	config_get_sane workgroup "$1" workgroup "WORKGROUP"
	config_get_sane description "$1" description "Samba on OpenWrt"
	config_get_sane charset "$1" charset "UTF-8"

	config_get_bool MACOS "$1" macos 0
	config_get_bool DISABLE_NETBIOS "$1" disable_netbios 0
	config_get_bool DISABLE_AD_DC "$1" disable_ad_dc 0
	config_get_bool DISABLE_WINBIND "$1" disable_winbind 0
	config_get_bool DISABLE_ASYNC_IO "$1" disable_async_io 0
	config_get_bool ALLOW_LEGACY_PROTOCOLS "$1" allow_legacy_protocols 0
	config_get_bool ENABLE_EXTRA_TUNING "$1" enable_extra_tuning 0

	mkdir -p /var/etc
	sed -e "s#|NAME|#$hostname#g" \
	    -e "s#|WORKGROUP|#$workgroup#g" \
	    -e "s#|DESCRIPTION|#$description#g" \
	    -e "s#|INTERFACES|#$interfaces#g" \
	    -e "s#|CHARSET|#$charset#g" \
	    /etc/samba/smb.conf.template > /var/etc/smb.conf

	{
		printf "\n######### Dynamic written config options #########\n"

		# extra tuning options by community feedback (kinda try&error)
		if [ "$ENABLE_EXTRA_TUNING" -eq 1 ]; then
			socket_opt="$(grep -i 'socket options' /etc/samba/smb.conf.template | awk -F'=' '{print $2}' | tr -d '\n')"
			[ -n "$socket_opt" ] && printf "\tsocket options =%s SO_KEEPALIVE\n" "$socket_opt" # add keepalive, maybe larger buffer? SO_RCVBUF=65536 SO_SNDBUF=65536

			printf "\tmax xmit = 131072\n" # increase smb1 transmit size
			printf "\tmin receivefile size = 131072\n" # allows zero-copy writes via fs
			printf "\tfake oplocks = Yes\n" # may corrupt files for simultanous writes to the same files by multiple clients, but might also see big speed boost
			printf "\tuse sendfile = Yes\n" # enable sendfile?
		fi

		if [ "$DISABLE_NETBIOS" -eq 1 ] || [ ! -x /usr/sbin/nmbd ]; then
			printf "\tdisable netbios = yes\n"
			# note: samba opens port 139 even if netbios is disabled via option above, so adjust listening ports
			printf "\tsmb ports = 445\n"
		fi

		if [ "$DISABLE_ASYNC_IO" -eq 1 ]; then
			printf "\taio read size = 0\n"
			printf "\taio write size = 0\n"
		fi

		if [ "$ALLOW_LEGACY_PROTOCOLS" -eq 1 ]; then
			logger -p daemon.info -t 'samba4-server' "Legacy Protocols allowed, don't use this option for secure environments!"
			printf "\tserver min protocol = NT1\n"
			printf "\tlanman auth = yes\n"
			printf "\tntlm auth = ntlmv1-permitted\n"
		fi
	} >> /var/etc/smb.conf

	[ -e /etc/samba/smb.conf ] || ln -nsf /var/etc/smb.conf /etc/samba/smb.conf

	if [ ! -L /etc/samba/smb.conf ]; then
		logger -p daemon.warn -t 'samba4-server' "Local custom /etc/samba/smb.conf file detected, all luci/config settings are ignored!"
	fi
}

smb_add_share() {
	config_get_sane name "$1" name
	config_get_sane path "$1" path
	config_get_sane users "$1" users
	config_get_sane create_mask "$1" create_mask
	config_get_sane dir_mask "$1" dir_mask
	config_get_sane browseable "$1" browseable
	config_get_sane read_only "$1" read_only
	config_get_sane writeable "$1" writeable
	config_get_sane guest_ok "$1" guest_ok
	config_get_sane guest_only "$1" guest_only
	config_get_sane inherit_owner "$1" inherit_owner
	config_get_sane vfs_objects "$1" vfs_objects
	config_get_bool timemachine "$1" timemachine 0
	config_get_sane timemachine_maxsize "$1" timemachine_maxsize
	config_get_bool force_root "$1" force_root 0
	config_get_sane write_list "$1" write_list
	config_get_sane read_list "$1" read_list
	
	[ -z "$name" ] || [ -z "$path" ] && return

	{
		printf "\n[$name]\n\tpath = %s\n" "$path"

		if [ "$force_root" -eq 1 ]; then
			printf "\tforce user = root\n"
			printf "\tforce group = root\n"
		fi
		[ -n "$users" ] && printf "\tvalid users = %s\n" "$users"

		[ -n "$create_mask" ] && printf "\tcreate mask = %s\n" "$create_mask"
		[ -n "$dir_mask" ] && printf "\tdirectory mask = %s\n" "$dir_mask"

		[ -n "$browseable" ] && printf "\tbrowseable = %s\n" "$browseable"
		[ -n "$read_only" ] && printf "\tread only = %s\n" "$read_only"
		[ -n "$writeable" ] && printf "\twriteable = %s\n" "$writeable"
		[ -n "$guest_ok" ] && printf "\tguest ok = %s\n" "$guest_ok"
		[ -n "$guest_only" ] && printf "\tguest only = %s\n" "$guest_only"
		[ -n "$inherit_owner" ] && printf "\tinherit owner = %s\n" "$inherit_owner"

		[ -n "$write_list" ] && printf "\twrite list = %s\n" "$write_list"
		[ -n "$read_list" ] && printf "\tread list = %s\n" "$read_list"

		if [ "$MACOS" -eq 1 ]; then
			vfs_objects="catia fruit streams_xattr $vfs_objects"
			printf "\tfruit:encoding = native\n"
			printf "\tfruit:metadata = stream\n"
			printf "\tfruit:veto_appledouble = no\n"
			# avoid mixed shares order for aapl
			if [ "$timemachine" -eq 1 ]; then
				printf "\tfruit:time machine = yes\n"
				[ -n "$timemachine_maxsize" ] && printf "\tfruit:time machine max size = %sG\n" "${timemachine_maxsize}"
			fi
		fi
		
		# always enable io_uring if we can ("should" fail silently via samba module load if no kernel support)
		if [ "$DISABLE_ASYNC_IO" -ne 1 ] && [ -e /usr/lib/samba/vfs/io_uring.so ] ; then
			logger -p daemon.info -t 'samba4-server' "io_uring module found, enabling VFS io_uring. (also needs Kernel 5.4+ Support)"
			# make sure its last in list
			if [ -n "$vfs_objects" ]; then
				vfs_objects="$vfs_objects io_uring"
			else
				vfs_objects="io_uring"
			fi
		fi

		[ -n "$vfs_objects" ] && printf "\tvfs objects = %s\n" "$vfs_objects"
	} >> /var/etc/smb.conf
}

init_config() {
	# Create samba dirs
	[ -d /var/lib/samba ] || mkdir -m 755 -p /var/lib/samba
	[ -d /var/cache/samba ] || mkdir -m 755 -p /var/cache/samba
	[ -d /var/lock ] || mkdir -m 755 -p /var/lock
	[ -d /var/run/samba ] || mkdir -p /var/run/samba
	[ -d /var/log/samba ] || mkdir -p /var/log/samba
	chmod 0755 /var/lock
	chmod 0755 /var/lib/samba
	chmod 0755 /var/cache/samba

	config_load samba4
	config_foreach smb_header samba
	config_foreach smb_add_share sambashare
}

service_triggers() {
	# PROCD_RELOAD_DELAY=1000

	procd_add_reload_trigger "dhcp" "system" "samba4"

	for i in $SAMBA_IFACE; do
		procd_add_reload_interface_trigger "$i"
	done
}

start_service() {
	init_config
	
	if [ ! -e /etc/samba/smb.conf ]; then
		logger -p daemon.error -t 'samba4-server' "missing config /etc/samba/smb.conf!"
		exit 1
	fi

	config_get_sane nice_value extra samba_nice 0

	# start main AD-DC daemon, will spawn (smbd,nmbd,winbindd) as needed/configured.
	if [ "$DISABLE_AD_DC" -ne 1 ] && [ -x /usr/sbin/samba ]; then
		procd_open_instance
		procd_set_param command /usr/sbin/samba -F
		procd_set_param nice "$nice_value"
		procd_set_param respawn
		procd_set_param file /etc/samba/smb.conf
		procd_set_param limits nofile=16384
		procd_close_instance
	else
		# start fileserver daemon
		procd_open_instance
		procd_set_param command /usr/sbin/smbd -F
		procd_set_param nice "$nice_value"
		procd_set_param respawn
		procd_set_param file /etc/samba/smb.conf
		procd_set_param limits nofile=16384
		procd_close_instance

		# start netbios daemon
		if [ "$DISABLE_NETBIOS" -ne 1 ] && [ -x /usr/sbin/nmbd ]; then
			procd_open_instance
			procd_set_param command /usr/sbin/nmbd -F
			procd_set_param nice "$nice_value"
			procd_set_param respawn
			procd_set_param file /etc/samba/smb.conf
			procd_close_instance
		fi
		# start winbind daemon
		if [ "$DISABLE_WINBIND" -ne 1 ] && [ -x /usr/sbin/winbindd ]; then
			procd_open_instance
			procd_set_param command /usr/sbin/winbindd -F
			procd_set_param nice "$nice_value"
			procd_set_param respawn
			procd_set_param file /etc/samba/smb.conf
			procd_close_instance
		fi
	fi
}