samba36: fix autoshare CVE

package/network/services/samba36/Makefile

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=samba
 PKG_VERSION:=4.0.26
-PKG_RELEASE:=8
+PKG_RELEASE:=9
 
 PKG_SOURCE_URL:=https://ftp.samba.org/pub/samba/stable/
 PKG_SOURCE:=samba-$(PKG_VERSION).tar.gz

package/network/services/samba36/files/smb.auto

@@ -1,11 +1,12 @@
 #!/bin/sh
+
 #
-#   D-Team Technology Co.,Ltd. ShenZhen
-#   作者:Vic
-# 
+#  D-Team Technology Co.,Ltd. ShenZhen
+#  作者:Vic
 #
 # 警告:对着屏幕的哥们,我们允许你使用此脚本，但不允许你抹去作者的信息,请保留这段话。
 #
+
 . /lib/functions.sh
 . /lib/functions/service.sh
 
@@ -13,24 +14,24 @@ global=0
 config_file="/etc/config/samba"
 
 wait_for_init() {
-    for i in `seq 30`
-    do
-        [ -e /tmp/procd.done ] || {
-            sleep 1; continue;
-        }
-        return
-    done
+	for i in `seq 30`
+	do
+		[ -e /tmp/procd.done ] || {
+		sleep 1; continue;
+		}
+		return
+	done
 }
 
 smb_handle() {
-        config_get path $1 path
-        if [  "$path" = "$2" ] ;then
-                global=1
-        fi
+	config_get path $1 path
+	if [  "$path" = "$2" ] ;then
+		global=1
+	fi
 }
 
 chk_en() {
-	config_get_bool autoshare $1 autoshare 0
+	config_get_bool autoshare $1 autoshare 1
 	[ $autoshare -eq 0 ] && exit
 }
 
@@ -42,47 +43,49 @@ device=`basename $DEVPATH`
 case "$ACTION" in
 	add)
 
-        case "$device" in
-                sd*) ;;
-                md*) ;;
-                hd*);;     
-                mmcblk*);;  
-                *) return;;
-        esac   
+	case "$device" in
+		sd*);;
+		md*);;
+		hd*);;
+		mmcblk*);;
+		*) return;;
+	esac
 
-        path="/dev/$device"
+	path="/dev/$device"
 
-        wait_for_init
+	wait_for_init
 
-        cat /proc/mounts | while read j
-        do
-                str=${j%% *}
-                if [ "$str" == $path ];then
-                        strr=${j#* }
-                        target=${strr%% *}
-                        global=0
-                        config_foreach smb_handle sambashare $target
-						name=${target#*/mnt/}
+	cat /proc/mounts | grep -v '/boot\|/opt|p1' | while read j
+	do
+		str=${j%% *}
+		if [ "$str" == $path ];then
+			strr=${j#* }
+			target=${strr%% *}
+			global=0
+			config_foreach smb_handle sambashare $target
+			name=${target#*/mnt/}
 
-                        if [ $global -eq 0 ] ;then
-                                echo -e "\n\nconfig sambashare" >> $config_file
-                                echo -e "\toption auto '1'" >> $config_file
-                                echo -e "\toption name '$name'" >> $config_file
-                                echo -e "\toption path '$target'" >> $config_file
-                                echo -e "\toption read_only 'no'" >> $config_file
-                                echo -e "\toption guest_ok 'yes'" >> $config_file
-								echo -e "\toption device '$device'" >> $config_file
+			if [ $global -eq 0 ] ;then
+				echo -e "\n\nconfig sambashare" >> $config_file
+				echo -e "\toption auto '1'" >> $config_file
+				echo -e "\toption name '$name'" >> $config_file
+				echo -e "\toption path '$target'" >> $config_file
+				echo -e "\toption read_only 'no'" >> $config_file
+				echo -e "\toption guest_ok 'yes'" >> $config_file
+				echo -e "\toption create_mask '0666'" >> $config_file
+				echo -e "\toption dir_mask '0777'" >> $config_file
+				echo -e "\toption device '$device'" >> $config_file
 				/etc/init.d/samba reload
 				return
-                        fi
-                fi
-        done
+			fi
+		fi
+	done
 	;;
+
 	remove)
 		i=0
 		while true
 		do
-
 			dev=`uci get samba.@sambashare[$i].device`
 			[ $? -ne 0 ] && break
 
@@ -90,7 +93,6 @@ case "$ACTION" in
 				auto=`uci get samba.@sambashare[$i].auto`
 				[ $auto = "1" ] && {
 					mount_dir=`uci get samba.@sambashare[$i].name`
-					rm -rf /mnt/$device /mnt/$mount_dir
 					uci delete samba.@sambashare[$i]
 					uci commit
 					/etc/init.d/samba reload