cookbook 'samba', '= 0.12.0'
samba
(35) Versions
0.12.0
-
Follow16
Installs/Configures samba
cookbook 'samba', '= 0.12.0', :supermarket
knife supermarket install samba
knife supermarket download samba
Description
Installs and configures Samba version 3.
Requirements
Assumes Samba version 3.
Should work on Debian-family, Red Hat-family and ArchLinux systems.
Uses Chef Server for data bag to build configuration file shares. Chef Zero should work as long as data bags are set up per Usage below.
Requires a users data bag for the users when the password backend is not LDAP. If using the users
cookbook, this already needs to exist, though a password needs to be specified for Samba.
Limitations
Does not (yet) integrate with LDAP/AD.
Uses plaintext passwords for the user data bag entry to create the SMB users if the password backend is tdbsam or smbpasswd. See below under usage.
Does not modify the Samba daemons to launch (i.e., ArchLinux's /etc/conf.d/samba
SAMBA_DAMONS
).
Samba 4 may work with or without modification.
Attributes
The attributes are used to set up the default values in the smb.conf, and set default locations used in the recipe. Where appropriate, the attributes use the default values in Samba.
-
node["samba"]["workgroup"]
- The SMB workgroup to use, default "SAMBA". -
node["samba"]["interfaces"]
- Interfaces to listen on, default "lo 127.0.0.1". -
node["samba"]["hosts_allow"]
- Allowed hosts/networks, default "127.0.0.0/8". -
node["samba"]["bind_interfaces_only"]
- Limit interfaces to serve SMB, default "no" -
node["samba"]["server_string"]
- Server string value, default "Samba Server". -
node["samba"]["load_printers"]
- Whether to load printers, default "no". -
node["samba"]["passdb_backend"]
- Which password backend to use, default "tdbsam". -
node["samba"]["dns_proxy"]
- Whether to search NetBIOS names through DNS, default "no". -
node["samba"]["security"]
- Samba security mode, default "user". -
node["samba"]["map_to_guest"]
- What Samba should do with logins that don't match Unix users, default "Bad User". -
node["samba"]["socket_options"]
- Socket options, default "TCP_NODELAY
" -
node["samba"]["config"]
- Location of Samba configuration, default "/etc/samba/smb.conf". -
node["samba"]["log_dir"]
- Location of Samba logs, default "/var/log/samba/%m.log". -
node["samba"]["shares_data_bag"]
- the name of the data bag that contains the shares information, default "samba". SeeUsage
below. -
node["samba"]["users_data_bag"]
- the name of the data bag that contains user details, default "users". SeeUsage
below.
Recipes
client
Installs smbclient to provide access to SMB shares.
default
Includes the client recipe by default.
server
Sets up a Samba server. See "Usage" below for more information.
Resources/Providers
This cookbook includes a resource/provider for managing samba users with the smbpasswd program.
samba_user "jtimberman" do
password "plaintextpassword"
action [:create, :enable]
end
For now, this resource can only create, enable or delete the user. It only supports setting the user's initial password. It assumes a password db backend that utilizes the smbpasswd program.
This will not enforce the password to be set to the value specified. Meaning, if the local user changes their password with smbpasswd
, the recipe will not reset it. This may be changed in a future version of this cookbook.
Usage
The samba::default
recipe includes samba::client
, which simply installs smbclient package. Remaining information in this section pertains to samba::server
recipe.
Set attributes as desired in a role, and create a data bag with an item called shares
. The default name for the data bag is samba
but this can be changed by setting node["samba"]["data_bag"]
. Also create a data bag with an item for each user that should have access to samba. The name of the users data bag defaults to users
but can be changed by setting node["samba"]["users_data_bag"]
.
Example data bag item for a single share named export
in the shares
item.
% cat data_bags/samba/shares.json
{
"id": "shares",
"shares": {
"export": {
"comment": "Exported Share",
"path": "/srv/export",
"guest ok": "no",
"printable": "no",
"write list": ["jtimberman"],
"create mask": "0664",
"directory mask": "0775"
}
}
}
Each of the hashes in shares
will be a stanza in the smb.conf.
Example data bag item for a user. Note that the user must exist on the system already. This is the minimal users data bag to set up the smbpasswd
entry. More options are available for those using the users
cookbook, see the readme for that cookbook for more information.
% cat data_bags/users/jtimberman.json
{
"id": "jtimberman",
"smbpasswd": "plaintextpassword"
}
Unfortunately, smbpasswd does not take a hashed password as an argument - the password is echoed and piped to the smbpasswd program. This is a limitation of Samba.
Testing
This cookbook is tested with:
- ChefSpec for pre-convergence tests
- Foodcritic for cookbook lint checking (specific rules are disabled via source comments)
- RuboCop with specific rules disabled
- Test Kitchen for convergence testing per platform
- ServerSpec for post-convergence tests
License and Author
Author:: Joshua Timberman (joshua@opscode.com)
Copyright:: 2010, Opscode, Inc
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Dependent cookbooks
This cookbook has no specified dependencies.
Contingent cookbooks
v0.12.0
- Manage services at end of server recipe
- Move package and service names to attributes
- Select data bags via attributes instead of hardcoded names
- Corrected service name on Debian
- Add map to guest option in smb.conf
- Add test kitchen, chefspec, serverspec, rubocop ignore rules, and foodcritic check
- Cleanup attributes to make them easier to follow per-platform
v0.11.4:
Bug
- [COOK-3144]: Wrong service name in samba cookbook
v0.11.2:
Bug
- [COOK-2978]: samba cookbook has foodcritic errors
v0.11.0:
- [COOK-1719] - Add Scientific / Amazon support to the Samba recipe
v0.10.6:
- [COOK-1363] - user password assignment fails on systems using dash as default shell
v0.10.4:
- Fixes COOK-802, typo in nmbd service name
Collaborator Number Metric
0.12.0 passed this metric
Foodcritic Metric
0.12.0 failed this metric
FC059: LWRP provider does not declare use_inline_resources: /tmp/7381beacff0b0736cdba055b/samba/providers/user.rb:1
FC064: Ensure issues_url is set in metadata: /tmp/7381beacff0b0736cdba055b/samba/metadata.rb:1
FC065: Ensure source_url is set in metadata: /tmp/7381beacff0b0736cdba055b/samba/metadata.rb:1
Run with Foodcritic Version 8.1.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
Foodcritic Metric
0.12.0 passed this metric
License Metric
0.12.0 passed this metric
0.12.0 passed this metric
0.12.0 failed this metric
FC059: LWRP provider does not declare use_inline_resources: /tmp/7381beacff0b0736cdba055b/samba/providers/user.rb:1
FC064: Ensure issues_url is set in metadata: /tmp/7381beacff0b0736cdba055b/samba/metadata.rb:1
FC065: Ensure source_url is set in metadata: /tmp/7381beacff0b0736cdba055b/samba/metadata.rb:1
Run with Foodcritic Version 8.1.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
Foodcritic Metric
0.12.0 passed this metric
License Metric
0.12.0 passed this metric
0.12.0 passed this metric
0.12.0 passed this metric