[Samba] Upgrading Samba 3 to Samba 4 - Domain Controller unreachable
Sonic
sonicsmith at gmail.com
Sat Apr 2 21:11:05 UTC 2016
On Sat, Apr 2, 2016 at 4:05 PM, Rowland penny <rpenny at samba.org> wrote:
> I compile Samba myself and I use init files, I would rather have them than
> the bloat systemd comes with. They are not complex if you understand bash
> and are a lot easier to understand than all that systemd comes with.
At first I felt the same way but the service files are starting to
seem simpler. Yes, the shell scripts are quite readable but also a bit
unwieldly when compared to the systemd service files. After working
with them for a while, I'd rather edit the service files.
Compare...
My systemd service files (nmbd, smbd, ad)
39 lines including white space
=============================
=============================
[Unit]
Description=Samba SMB/CIFS server
After=network.target nmbd.service
[Service]
Type=forking
PIDFile=/usr/local/samba/var/run/smbd.pid
LimitNOFILE=16384
ExecStart=/usr/local/samba/sbin/smbd -D
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
=============================
[Unit]
Description=Samba NetBIOS name server
After=network.target
[Service]
Type=forking
PIDFile=/usr/local/samba/var/run/nmbd.pid
ExecStart=/usr/local/samba/sbin/nmbd -D
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
=============================
[Unit]
Description=Samba AD server
After=network.target
[Service]
Type=forking
PIDFile=/usr/local/samba/var/run/samba.pid
LimitNOFILE=16384
EnvironmentFile=-/usr/local/samba/etc/conf.d/samba
ExecStart=/usr/local/samba/sbin/samba $SAMBAOPTIONS
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
=============================
=============================
Now Debian's init scripts (samba, samba-ad-dc, nmbd, smbd)
almost 250 lines including white space
=============================
=============================
#!/bin/sh
### BEGIN INIT INFO
# Provides: samba
# Required-Start:
# Required-Stop:
# Default-Start:
# Default-Stop:
# Short-Description: ensure Samba daemons are started (nmbd and smbd)
### END INIT INFO
set -e
# start nmbd, smbd and samba-ad-dc unconditionally
# the init scripts themselves check if they are needed or not
case $1 in
start)
/etc/init.d/nmbd start
/etc/init.d/smbd start
/etc/init.d/samba-ad-dc start
;;
stop)
/etc/init.d/samba-ad-dc stop
/etc/init.d/smbd stop
/etc/init.d/nmbd stop
;;
reload)
/etc/init.d/smbd reload
;;
restart|force-reload)
/etc/init.d/nmbd "$1"
/etc/init.d/smbd "$1"
/etc/init.d/samba-ad-dc "$1"
;;
status)
status=0
NMBD_DISABLED=`testparm -s --parameter-name='disable
netbios' 2>/dev/null || true`
SERVER_ROLE=`samba-tool testparm
--parameter-name="server role" 2>/dev/null | tail -1 || true`
if [ "$SERVER_ROLE" != "active directory domain
controller" ]; then
if [ "$NMBD_DISABLED" != "Yes" ]; then
/etc/init.d/nmbd status || status=$?
fi
/etc/init.d/smbd status || status=$?
else
/etc/init.d/samba-ad-dc status || status=$?
fi
exit $status
;;
*)
echo "Usage: /etc/init.d/samba
{start|stop|reload|restart|force-reload|status}"
exit 1
;;
esac
=============================
#! /bin/sh
### BEGIN INIT INFO
# Provides: samba-ad-dc
# Required-Start: $network $local_fs $remote_fs
# Required-Stop: $network $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start Samba daemons for the AD DC
### END INIT INFO
#
# Start/stops the Samba daemon (samba).
# Adapted from the Samba 3 packages.
#
PIDDIR=/var/run/samba
SAMBAPID=$PIDDIR/samba.pid
# clear conflicting settings from the environment
unset TMPDIR
# See if the daemon and the config file are there
test -x /usr/sbin/samba -a -r /etc/samba/smb.conf || exit 0
. /lib/lsb/init-functions
case "$1" in
start)
SERVER_ROLE=`samba-tool testparm
--parameter-name="server role" 2>/dev/null | tail -1`
if [ "$SERVER_ROLE" != "active directory domain
controller" ]; then
exit 0
fi
if init_is_upstart; then
exit 1
fi
# CVE-2013-4475
KEYFILE=/var/lib/samba/private/tls/key.pem
if [ -e $KEYFILE ]
then
KEYPERMS=`stat -c %a $KEYFILE`
if [ "$KEYPERMS" != "600" ]
then
echo "wrong permission
on $KEYFILE, must be 600"
echo "samba will not
start (CVE-2013-4475)"
echo "Removing all tls
.pem files will cause an auto-regeneration with the correct
permissions."
exit 1
fi
fi
log_daemon_msg "Starting Samba AD DC daemon" "samba"
# Make sure we have our PIDDIR, even if it's on a tmpfs
install -o root -g root -m 755 -d $PIDDIR
if ! start-stop-daemon --start --quiet --oknodo --exec
/usr/sbin/samba -- -D; then
log_end_msg 1
exit 1
fi
log_end_msg 0
;;
stop)
if init_is_upstart; then
exit 0
fi
log_daemon_msg "Stopping Samba AD DC daemon" "samba"
start-stop-daemon --stop --quiet --pidfile $SAMBAPID
# Wait a little and remove stale PID file
sleep 1
if [ -f $SAMBAPID ] && ! ps h `cat $SAMBAPID` > /dev/null
then
# Stale PID file (samba was succesfully stopped),
# remove it (should be removed by samba itself IMHO.)
rm -f $SAMBAPID
fi
log_end_msg 0
;;
restart|force-reload)
if init_is_upstart; then
exit 1
fi
$0 stop
sleep 1
$0 start
;;
status)
status_of_proc -p $SAMBAPID /usr/sbin/samba samba
exit $?
;;
*)
echo "Usage: /etc/init.d/samba-ad-dc
{start|stop|restart|force-reload|status}"
exit 1
;;
esac
exit 0
=============================
#!/bin/sh
### BEGIN INIT INFO
# Provides: nmbd
# Required-Start: $network $local_fs $remote_fs
# Required-Stop: $network $local_fs $remote_fs
# X-Start-Before: smbd
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start Samba NetBIOS nameserver (nmbd)
### END INIT INFO
PIDDIR=/var/run/samba
NMBDPID=$PIDDIR/nmbd.pid
# clear conflicting settings from the environment
unset TMPDIR
# See if the daemons are there
test -x /usr/sbin/nmbd || exit 0
. /lib/lsb/init-functions
case $1 in
start)
if init_is_upstart; then
exit 1
fi
SERVER_ROLE=`samba-tool testparm
--parameter-name="server role" 2>/dev/null | tail -1`
if [ "$SERVER_ROLE" = "active directory domain
controller" ]; then
exit 0
fi
if [ -n `which testparm` ]
then
NMBD_DISABLED=`testparm -s
--parameter-name='disable netbios' 2>/dev/null`
fi
if [ "$NMBD_DISABLED" != Yes ]; then
log_daemon_msg "Starting NetBIOS name server" nmbd
# Make sure we have our PIDDIR, even if it's on a tmpfs
install -o root -g root -m 755 -d $PIDDIR
if ! start-stop-daemon --start --quiet
--oknodo --exec /usr/sbin/nmbd -- -D
then
log_end_msg 1
exit 1
fi
log_end_msg 0
fi
;;
stop)
if init_is_upstart; then
exit 0
fi
log_daemon_msg "Stopping NetBIOS name server" nmbd
start-stop-daemon --stop --quiet --pidfile $NMBDPID
# Wait a little and remove stale PID file
sleep 1
if [ -f $NMBDPID ] && ! ps h `cat $NMBDPID` > /dev/null
then
# Stale PID file (nmbd was succesfully stopped),
# remove it (should be removed by nmbd itself IMHO.)
rm -f $NMBDPID
fi
log_end_msg 0
;;
restart|force-reload)
if init_is_upstart; then
exit 1
fi
$0 stop
sleep 1
$0 start
;;
status)
status_of_proc -p $NMBDPID /usr/sbin/nmbd nmbd
exit $?
;;
*)
echo "Usage: /etc/init.d/nmbd
{start|stop|restart|force-reload|status}"
exit 1
;;
esac
exit 0
=============================
#!/bin/sh
### BEGIN INIT INFO
# Provides: smbd
# Required-Start: $network $local_fs $remote_fs
# Required-Stop: $network $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Should-Start: slapd cups
# Should-Stop: slapd cups
# Short-Description: start Samba SMB/CIFS daemon (smbd)
### END INIT INFO
PIDDIR=/var/run/samba
SMBDPID=$PIDDIR/smbd.pid
# clear conflicting settings from the environment
unset TMPDIR
# See if the daemons are there
test -x /usr/sbin/smbd || exit 0
. /lib/lsb/init-functions
case $1 in
start)
if init_is_upstart; then
exit 1
fi
SERVER_ROLE=`samba-tool testparm
--parameter-name="server role" 2>/dev/null | tail -1`
if [ "$SERVER_ROLE" = "active directory domain
controller" ]; then
exit 0
fi
log_daemon_msg "Starting SMB/CIFS daemon" smbd
# Make sure we have our PIDDIR, even if it's on a tmpfs
install -o root -g root -m 755 -d $PIDDIR
if ! start-stop-daemon --start --quiet --oknodo --exec
/usr/sbin/smbd -- -D; then
log_end_msg 1
exit 1
fi
log_end_msg 0
;;
stop)
if init_is_upstart; then
exit 0
fi
log_daemon_msg "Stopping SMB/CIFS daemon" smbd
start-stop-daemon --stop --quiet --pidfile $SMBDPID
# Wait a little and remove stale PID file
sleep 1
if [ -f $SMBDPID ] && ! ps h `cat $SMBDPID` > /dev/null
then
# Stale PID file, remove it (should be removed by
# smbd itself IMHO).
rm -f $SMBDPID
fi
log_end_msg 0
;;
reload)
log_daemon_msg "Reloading /etc/samba/smb.conf" smbd
start-stop-daemon --stop --quiet --signal HUP --pidfile $SMBDPID
log_end_msg 0
;;
restart|force-reload)
if init_is_upstart; then
exit 1
fi
$0 stop
sleep 1
$0 start
;;
status)
status_of_proc -p $SMBDPID /usr/sbin/smbd smbd
exit $?
;;
*)
echo "Usage: /etc/init.d/smbd
{start|stop|reload|restart|force-reload|status}"
exit 1
;;
esac
exit 0
=============================
=============================
More information about the samba
mailing list