diff --git a/package/lean/cifsd-tools/Makefile b/package/lean/cifsd-tools/Makefile deleted file mode 100644 index a9a485a16..000000000 --- a/package/lean/cifsd-tools/Makefile +++ /dev/null @@ -1,58 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=cifsd-tools -PKG_RELEASE:=1 - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/cifsd-team/cifsd-tools.git -PKG_SOURCE_DATE:=2019-11-30 -PKG_SOURCE_VERSION:=830cba084ef70dd006a7f9acdf87fd07100754ff - -PKG_MAINTAINER:=Andy Walsh -PKG_LICENSE:=GPL-2.0-or-later -PKG_LICENSE_FILES:=COPYING - -PKG_FIXUP:=autoreconf -PKG_INSTALL:=1 -PKG_BUILD_PARALLEL:=1 -PKG_REMOVE_FILES:=autogen.sh - -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/nls.mk - -define Package/cifsd-tools - SECTION:=net - CATEGORY:=Network - SUBMENU:=Filesystem - TITLE:=Kernel CIFS/SMB server support and userspace tools - URL:=https://github.com/cifsd-team/cifsd-tools - DEPENDS:=+kmod-fs-cifsd +glib2 +libnl-core +libnl-genl -endef - -define Package/cifsd-tools/description - Userspace tools (cifsd, cifsuseradd, cifsshareadd) for the CIFS/SMB kernel fileserver. - The config file location is /etc/cifs/smb.conf -endef - -define Package/cifsd-tools/install - $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libcifsdtools.so* $(1)/usr/lib/ - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{cifsuseradd,cifsshareadd,cifsd} $(1)/usr/sbin/ - $(INSTALL_DIR) $(1)/etc/config $(1)/etc/cifs $(1)/etc/init.d - $(INSTALL_CONF) ./files/cifsd.config $(1)/etc/config/cifsd - $(INSTALL_DATA) ./files/smb.conf.template $(1)/etc/cifs/ - $(INSTALL_BIN) ./files/cifsd.init $(1)/etc/init.d/cifsd - # copy examples until we have a wiki page - $(INSTALL_DATA) ./files/cifsd.config.example $(1)/etc/cifs/ - $(INSTALL_DATA) $(PKG_BUILD_DIR)/Documentation/configuration.txt $(1)/etc/cifs/ -endef - -define Package/cifsd-tools/conffiles -/etc/config/cifsd -/etc/cifs/smb.conf.template -/etc/cifs/smb.conf -/etc/cifs/cifsdpwd.db -endef - -$(eval $(call BuildPackage,cifsd-tools)) diff --git a/package/lean/cifsd-tools/files/cifsd.config b/package/lean/cifsd-tools/files/cifsd.config deleted file mode 100644 index 704782fb2..000000000 --- a/package/lean/cifsd-tools/files/cifsd.config +++ /dev/null @@ -1,14 +0,0 @@ - -config globals - option workgroup 'WORKGROUP' - option description 'OpenWrt' - -config share - option name 'testshare' - option read_only 'no' - option guest_ok 'yes' - option create_mask '0666' - option dir_mask '0777' - option browseable 'yes' - option path '/tmp/tmp' - diff --git a/package/lean/cifsd-tools/files/smb.conf.help b/package/lean/cifsd-tools/files/smb.conf.help deleted file mode 100644 index 23d0c8d37..000000000 --- a/package/lean/cifsd-tools/files/smb.conf.help +++ /dev/null @@ -1,173 +0,0 @@ -;****************************************************************************** -; File to define cifsd configuration parameters which are comparable with -; samba's ones -; -; Supported [global] level parameters list: -; - server string -; This controls what string will show up in browse lists next -; to the machine name -; - workgroup -; This controls what workgroup your server will appear to be -; in when queried by clients -; - netbios name -; This sets the NetBIOS name by which a SMB server is known. -; By default it is the same as the first component of the host's -; DNS name. If a machine is a browse server or logon server this -; name (or the first component of the hosts DNS name) will be -; the name that these services are advertised under. -; - server min protocol -; This setting controls the minimum protocol version that the -; server will allow the client to use. -; - server max protocol -; The value of the parameter (a string) is the highest protocol -; level that will be supported by the server. -; - server signing -; This controls whether the client is allowed or required to use -; SMB1 and SMB2 signing. Possible values are default, auto, -; mandatory and disabled. -; - guest account -; This is a username which will be used for access to services -; which are specified as guest ok. -; - max active sessions -; This option allows the number of simultaneous connections to -; a service to be limited. -; - ipc timeout -; This option specifies the number of seconds server will wait -; for the userspace to reply to heartbeat frames. If user space -; is down for more than `ipc timeout` seconds the server will -; reset itself - close all sessions and all TCP connections. -; - restrict anonymous -; The setting of this parameter determines whether user and -; group list information is returned for an anonymous connection. -; - map to guest -; This parameter can take four different values, which tell cifsd -; what to do with user login requests.(bad user -; - bind interfaces only -; This global parameter allows the cifsd admin to limit what -; interfaces on a machine will serve SMB requests. -; - interfaces -; This option allows you to override the default network -; interfaces list that cifsd will use for browsing. The option -; takes only list of interface name. -; - deadtime -; The value of the parameter (a decimal integer) represents -; the number of minutes of inactivity before a connection is -; considered dead, and it is disconnected. The deadtime only -; takes effect if the number of open files is zero. -; - root directory -; Sets up a root (base) directory for all shares. In some -; sense it's equal to chroot(). When this option set all shares' -; paths become relative to root directory, IOW the file name -; lookup resolves '/root directory/share path/file path' path. -; -; Supported [share] level parameters list: -; - comment -; comment string to associate with the new share -; - path -; This parameter specifies a directory to which the user of the -; service is to be given access. -; - guest ok -; If this parameter is yes for a service, then no password is -; required to connect to the service. -; - read only -; If this parameter is yes, then users of a service may not -; create or modify files in the service's directory. -; - browseable -; This controls whether this share is seen in the list of -; available shares in a net view and in the browse list. -; - write ok -; - writeable -; Inverted synonym for read only. -; - store dos attributes -; If this parameter is set cifsd attempts to first read DOS -; attributes (SYSTEM, HIDDEN, ARCHIVE or READ-ONLY) from a -; filesystem extended attribute, before mapping DOS attributes -; to UNIX permission bits (such as occurs with map hidden and -; map readonly). -; - oplocks -; This boolean option tells cifsd whether to issue oplocks -; (opportunistic locks) to file open requests on this share. -; - create mask -; When a file is created, the necessary permissions are calculated -; according to the mapping from DOS modes to UNIX permissions, and -; the resulting UNIX mode is then bit-wise 'AND'ed with this -; parameter. -; - directory mask -; This parameter is the octal modes which are used when converting -; DOS modes to UNIX modes when creating UNIX directories. -; - force group -; This specifies a UNIX group name that will be assigned as -; the default primary group for all users connecting to this -; service. -; - force user -; This specifies a UNIX user name that will be assigned as -; the default user for all users connecting to this service. -; - hide dot files -; This is a boolean parameter that controls whether files starting -; with a dot appear as hidden files. -; - hosts allow -; This parameter is a comma, space, or tab delimited set of hosts -; which are permitted to access a service -; - hosts deny -; The opposite of allow hosts - hosts listed here are NOT -; permitted access to services unless the specific services have -; their own lists to override this one. Where the lists conflict, -; the allow list takes precedence. -; - valid users -; This is a list of users that should be allowed to login to this -; service -; - invalid users -; This is a list of users that should not be allowed to login to -; this service. -; - read list -; This is a list of users that are given read-only access to -; a service. -; - write list -; This is a list of users that are given read-write access to -; a service. -; - max connections -; This option allows the number of simultaneous connections to -; a service to be limited. -; - veto files -; This is a list of files and directories that are neither visible -; nor accessible. -; -; Veto any files containing the word Security, -; any ending in .tmp, and any directory containing the -; word root. -; veto files = /*Security*/*.tmp/*root*/ -; -; Veto the Apple specific files that a NetAtalk server -; creates. -; veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ -; - inherit owner -; The ownership for new files and directories should be controlled -; by the ownership of the parent directory. -; Valid options are yes or no. -; - inherit smack -; This parameter can be used to ensure that if smack label exist -; on parent directories. -; Valid options are yes or no. -; - force create mode -; This parameter specifies a set of UNIX mode bit permissions -; that will always be set on a file created by cifsd. -; - force directory mode -; This parameter specifies a set of UNIX mode bit permissions -; that will always be set on a directory created by cifsd. -; -; Rules to update this file: -; - Every [share] definition should start on new line -; - Every parameter should be indented with single tab -; - There should be single spaces around equal (eg: " = ") -; - Multiple parameters should be separated with comma -; eg: "invalid users = usr1,usr2,usr3" -; -; Make sure to configure the server after making changes to this file. -;****************************************************************************** - -[global] - netbios name = CIFSD - -[homes] - comment = content server share - path = /tmp diff --git a/package/lean/cifsd/Makefile b/package/lean/cifsd/Makefile deleted file mode 100644 index e7b9478b4..000000000 --- a/package/lean/cifsd/Makefile +++ /dev/null @@ -1,52 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=cifsd -PKG_RELEASE:=1 - -PKG_SOURCE_PROTO:=git -PKG_SOURCE_URL:=https://github.com/cifsd-team/cifsd.git -PKG_SOURCE_DATE:=2019-11-30 -PKG_SOURCE_VERSION:=973e0cce8995e79008fdb4b23c0752f4c051ebb6 - -PKG_MAINTAINER:=Andy Walsh -PKG_LICENSE:=GPL-2.0-or-later -PKG_LICENSE_FILES:=COPYING - -include $(INCLUDE_DIR)/kernel.mk -include $(INCLUDE_DIR)/package.mk - -define KernelPackage/fs-cifsd - SUBMENU:=Filesystems - TITLE:=CIFS/SMB kernel server support - URL:=https://github.com/cifsd-team/cifsd - FILES:=$(PKG_BUILD_DIR)/cifsd.ko - DEPENDS:= \ - +kmod-nls-base \ - +kmod-nls-utf8 \ - +kmod-crypto-md4 \ - +kmod-crypto-md5 \ - +kmod-crypto-hmac \ - +kmod-crypto-ecb \ - +kmod-crypto-des \ - +kmod-crypto-sha256 \ - +kmod-crypto-cmac \ - +kmod-crypto-sha512 \ - +kmod-crypto-aead \ - +kmod-crypto-ccm -endef - -define KernelPackage/fs-cifsd/description - Kernel module for a CIFS/SMBv2,3 fileserver. -endef - -# broken atm (needs CONFIG_KEYS=y) -#EXTRA_CFLAGS+=-DCONFIG_CIFSD_ACL - -define Build/Compile - $(KERNEL_MAKE) SUBDIRS="$(PKG_BUILD_DIR)" \ - EXTRA_CFLAGS="$(EXTRA_CFLAGS)" \ - CONFIG_CIFS_SERVER=m \ - modules -endef - -$(eval $(call KernelPackage,fs-cifsd)) diff --git a/package/lean/ksmbd-tools/Makefile b/package/lean/ksmbd-tools/Makefile new file mode 100644 index 000000000..e7a677e4b --- /dev/null +++ b/package/lean/ksmbd-tools/Makefile @@ -0,0 +1,139 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=ksmbd-tools +PKG_VERSION:=3.2.1 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://github.com/cifsd-team/cifsd-tools/archive/$(PKG_VERSION)/ +PKG_HASH:=acb4d97cbb0b22ad42ed1536bdd2c28af2a3c698664c058da59a644d5e6df599 + +PKG_MAINTAINER:=Andy Walsh +PKG_LICENSE:=GPL-2.0-or-later +PKG_LICENSE_FILES:=COPYING + +PKG_FIXUP:=autoreconf +PKG_REMOVE_FILES:=autogen.sh +PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 + +PKG_BUILD_DEPENDS:=glib2 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/nls.mk + +TAR_OPTIONS+= --strip-components 1 +TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS) + +define Package/ksmbd-tools/Default + SECTION:=net + CATEGORY:=Network + SUBMENU:=Filesystem + TITLE:=Kernel SMB + URL:=https://github.com/cifsd-team/cifsd-tools + DEPENDS:= $(ICONV_DEPENDS) $(INTL_DEPENDS) +endef + +define Package/ksmbd-tools/Default/description + Userspace tools to manage the SMB kernel fileserver (ksmbd.ko). + The config file location is /etc/ksmbd/smb.conf +endef + +define Package/ksmbd-server + $(call Package/ksmbd-tools/Default) + TITLE+= server + DEPENDS+= +kmod-fs-ksmbd +libnl-core +libnl-genl +endef + +define Package/ksmbd-server/description + installs: ksmbd.mountd + + This provides the basic fileserver service and is the minimum needed to serve 'guest only' file shares or use a existing user database file ksmbdpwd.db. +endef + +define Package/ksmbd-server/config + select PACKAGE_wsdd2 +endef + +define Package/ksmbd-utils + $(call Package/ksmbd-tools/Default) + TITLE+= user management-util +endef + +define Package/ksmbd-utils/description + installs: ksmbd.adduser (ksmbd.addshare) + + Tool needed to create the ksmbdpwd.db, to manage per user share passwords. + NOTE: Not needed for 'guest only' shares. +endef + +define Package/ksmbd-utils/config + config KSMBD_UTILS_SHAREADD + bool "Add ksmbd.addshare util" + depends on PACKAGE_ksmbd-utils + help + Add the ksmbd.addshare tool, to directly manipulate the /etc/ksmbd/smb.conf. + default n +endef + +define Package/ksmbd-avahi-service + $(call Package/ksmbd-tools/Default) + TITLE+= (Avahi service) + DEPENDS:= +avahi-daemon +endef + +define Package/ksmbd-avahi-service/description + installs: smb.service + + This package contains the service definition for announcing the + Ksmbd (smb/445) Daemon service via mDNS/DNS-SD. +endef + +CONFIGURE_ARGS += \ + --disable-shared \ + --enable-static + +CONFIGURE_VARS += GLIB_LIBS="$(STAGING_DIR)/usr/lib/libglib-2.0.a" + +TARGET_CFLAGS += -ffunction-sections -fdata-sections -flto +TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed -liconv $(if $(INTL_FULL),-lintl) + +define Package/ksmbd-server/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ksmbd.mountd $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/etc/config $(1)/etc/ksmbd $(1)/etc/init.d + $(INSTALL_CONF) ./files/ksmbd.config $(1)/etc/config/ksmbd + $(INSTALL_DATA) ./files/smb.conf.template $(1)/etc/ksmbd/ + $(INSTALL_BIN) ./files/ksmbd.init $(1)/etc/init.d/ksmbd + # copy examples until we have a wiki page + $(INSTALL_DATA) ./files/ksmbd.config.example $(1)/etc/ksmbd/ + $(INSTALL_DATA) $(PKG_BUILD_DIR)/Documentation/configuration.txt $(1)/etc/ksmbd/ +endef + +define Package/ksmbd-utils/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ksmbd.adduser $(1)/usr/sbin/ +ifeq ($(CONFIG_KSMBD_UTILS_SHAREADD),y) + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ksmbd.addshare $(1)/usr/sbin/ +endif +endef + +define Package/ksmbd-avahi-service/install + $(INSTALL_DIR) $(1)/etc/avahi/services + $(INSTALL_DATA) ./files/smb.service $(1)/etc/avahi/services/ +endef + +define Package/ksmbd-server/conffiles +/etc/config/ksmbd +/etc/ksmbd/smb.conf.template +/etc/ksmbd/smb.conf +/etc/ksmbd/ksmbdpwd.db +endef + +define Package/ksmbd-avahi-service/conffiles +/etc/avahi/services/smb.service +endef + +$(eval $(call BuildPackage,ksmbd-server)) +$(eval $(call BuildPackage,ksmbd-utils)) +$(eval $(call BuildPackage,ksmbd-avahi-service)) diff --git a/package/lean/ksmbd-tools/files/ksmbd.config b/package/lean/ksmbd-tools/files/ksmbd.config new file mode 100644 index 000000000..52c65185c --- /dev/null +++ b/package/lean/ksmbd-tools/files/ksmbd.config @@ -0,0 +1,3 @@ +config globals + option 'workgroup' 'WORKGROUP' + option 'description' 'Ksmbd on OpenWrt' diff --git a/package/lean/cifsd-tools/files/cifsd.config.example b/package/lean/ksmbd-tools/files/ksmbd.config.example similarity index 82% rename from package/lean/cifsd-tools/files/cifsd.config.example rename to package/lean/ksmbd-tools/files/ksmbd.config.example index dfe08adc6..9a457e03b 100644 --- a/package/lean/cifsd-tools/files/cifsd.config.example +++ b/package/lean/ksmbd-tools/files/ksmbd.config.example @@ -1,5 +1,5 @@ config globals - option 'description' 'Cifsd on OpenWrt' + option 'description' 'Ksmbd on OpenWrt' config share option name 'testshare' diff --git a/package/lean/cifsd-tools/files/cifsd.init b/package/lean/ksmbd-tools/files/ksmbd.init similarity index 53% rename from package/lean/cifsd-tools/files/cifsd.init rename to package/lean/ksmbd-tools/files/ksmbd.init index 41a6a749f..5eb347085 100644 --- a/package/lean/cifsd-tools/files/cifsd.init +++ b/package/lean/ksmbd-tools/files/ksmbd.init @@ -1,12 +1,13 @@ #!/bin/sh /etc/rc.common START=98 +USE_PROCD=1 -CIFSD_IFACE="" +SMBD_IFACE="" smb_header() { - config_get CIFSD_IFACE $1 interface "lan" + config_get SMBD_IFACE $1 interface "lan" # resolve interfaces local interfaces @@ -14,7 +15,7 @@ smb_header() . /lib/functions/network.sh local net - for net in $CIFSD_IFACE; do + for net in $SMBD_IFACE; do local device network_is_up $net || continue network_get_device device "$net" @@ -26,19 +27,30 @@ smb_header() local hostname hostname="$(cat /proc/sys/kernel/hostname)" - config_get workgroup $1 workgroup "WORKGROUP" - config_get description $1 description "Cifsd on OpenWrt" + config_get workgroup $1 workgroup "WORKGROUP" + config_get description $1 description "Ksmbd on OpenWrt" + config_get_bool ALLOW_LEGACY_PROTOCOLS $1 allow_legacy_protocols 0 sed -e "s#|NAME|#$hostname#g" \ -e "s#|WORKGROUP|#$workgroup#g" \ -e "s#|DESCRIPTION|#$description#g" \ -e "s#|INTERFACES|#$interfaces#g" \ - /etc/cifs/smb.conf.template > /var/etc/cifs/smb.conf + /etc/ksmbd/smb.conf.template > /var/etc/ksmbd/smb.conf + + { + printf "\n######### Dynamic written config options #########\n" - [ -e /etc/cifs/smb.conf ] || ln -nsf /var/etc/cifs/smb.conf /etc/cifs/smb.conf + if [ "$ALLOW_LEGACY_PROTOCOLS" -eq 1 ]; then + logger -p daemon.info -t 'ksmbd' "Legacy Protocols allowed, don't use this option for secure environments!" + printf "\tserver min protocol = NT1\n" + printf "\tserver signing = disabled\n" + fi + } >> /var/etc/ksmbd/smb.conf - if [ ! -L /etc/cifs/smb.conf ]; then - logger -t 'cifsd' "Local custom /etc/cifs/smb.conf file detected, all UCI/Luci config settings are ignored!" + [ -e /etc/ksmbd/smb.conf ] || ln -nsf /var/etc/ksmbd/smb.conf /etc/ksmbd/smb.conf + + if [ ! -L /etc/ksmbd/smb.conf ]; then + logger -p daemon.warn -t 'ksmbd' "Local custom /etc/ksmbd/smb.conf file detected, all UCI/Luci config settings are ignored!" fi } @@ -112,79 +124,84 @@ smb_add_share() [ -n "$hide_dot_files" ] && printf "\thide dot files = %s\n" "$hide_dot_files" [ -n "$veto_files" ] && printf "\tveto files = %s\n" "$veto_files" - } >> /var/etc/cifs/smb.conf + } >> /var/etc/ksmbd/smb.conf } init_config() { - mkdir -p /var/etc/cifs + mkdir -p /var/etc/ksmbd - config_load cifsd - # allow copy&paste from samba UCI configs (we dont have a cifsd wiki yet) + config_load ksmbd config_foreach smb_header globals - config_foreach smb_header samba config_foreach smb_add_share share - config_foreach smb_add_share sambashare } +service_triggers() +{ + # PROCD_RELOAD_DELAY=1000 -start() + procd_add_reload_trigger "dhcp" "system" "ksmbd" + + local i + for i in $SMBD_IFACE; do + procd_add_reload_interface_trigger $i + done +} + +kill_server() +{ + if [ -e /sys/module/ksmbd ]; then + if [ -e /sys/class/ksmbd-control/kill_server ]; then + logger -p daemon.info -t 'ksmbd' "triggering kill_server" + echo hard > /sys/class/ksmbd-control/kill_server + fi + fi +} + +start_service() { init_config - if [ ! -e /etc/cifs/smb.conf ]; then - logger -t 'cifsd' "missing config /etc/cifs/smb.conf, needs to-be created manually!" + if [ ! -e /etc/ksmbd/smb.conf ]; then + logger -p daemon.error -t 'ksmbd' "missing config /etc/ksmbd/smb.conf!" exit 1 fi - - if [ -e /sys/module/cifsd ]; then - if [ -e /sys/class/cifsd-control/kill_server ]; then - # upstream "BUG": ensure changes in smb.conf are reflected on a running kernel-server - echo hard > /sys/class/cifsd-control/kill_server - # we need a extra timeout for the reset - sleep 5 - fi - fi - modprobe cifsd 2> /dev/null - if [ ! -e /sys/module/cifsd ]; then - logger -t 'cifsd' "modprobe of cifsd module failed, can\'t start cifsd!" + # NOTE: We don't do a soft-reload via signal, since [global] smb.conf setting changes will be ignored, so always reset hard. + kill_server + + [ ! -e /sys/module/ksmbd ] && modprobe ksmbd 2> /dev/null + if [ ! -e /sys/module/ksmbd ]; then + logger -p daemon.error -t 'ksmbd' "modprobe of ksmbd module failed, can\'t start ksmbd!" exit 1 fi - logger -t 'cifsd' "Starting CIFS/SMB userspace service." - /usr/sbin/cifsd --config /var/etc/cifs/smb.conf --n --s > /dev/null 2>&1 - + logger -p daemon.notice -t 'ksmbd' "Starting Ksmbd userspace service." + procd_open_instance + procd_add_mdns "smb" "tcp" "445" + procd_set_param command /usr/sbin/ksmbd.mountd --n + procd_set_param file /etc/ksmbd/smb.conf + procd_set_param limits nofile=16384 + procd_close_instance } -stop() +stop_service() { - logger -t 'cifsd' "Stopping CIFSD userspace service." - killall cifsd > /dev/null 2>&1 + logger -p daemon.notice -t 'ksmbd' "Stopping Ksmbd userspace service." + killall ksmbd.mountd > /dev/null 2>&1 - [ -e /sys/module/cifsd ] && rmmod cifsd > /dev/null 2>&1 - # With open smb connections rmmod is not possible, without waiting for the long 'ipc timeout', so we use 'kill_server'! - if [ -e /sys/module/cifsd ]; then - logger -t 'cifsd' "triggering kill_server" - if [ -e /sys/class/cifsd-control/kill_server ]; then - echo hard > /sys/class/cifsd-control/kill_server - # we need a extra timeout for the reset - sleep 5 - fi - fi + [ -e /sys/module/ksmbd ] && rmmod ksmbd > /dev/null 2>&1 + # kill server if we cant rmmod + [ -e /sys/module/ksmbd ] && kill_server # next try - [ -e /sys/module/cifsd ] && rmmod cifsd > /dev/null 2>&1 - # check again - if [ -e /sys/module/cifsd ]; then - # wait more... - sleep 3 - fi - # last try - [ -e /sys/module/cifsd ] && rmmod cifsd > /dev/null 2>&1 + [ -e /sys/module/ksmbd ] && rmmod ksmbd > /dev/null 2>&1 - if [ -e /sys/module/cifsd ]; then - logger -t 'cifsd' "module still loaded after 8s timeout" + if [ -e /sys/module/ksmbd ]; then + logger -p daemon.error -t 'ksmbd' "module still loaded after kill_server?" fi - [ -f /tmp/cifsd.lock ] && rm /tmp/cifsd.lock + [ -f /tmp/ksmbd.lock ] && rm /tmp/ksmbd.lock } +# reload_service() { + # restart "$@" +# } diff --git a/package/lean/cifsd-tools/files/smb.conf.template b/package/lean/ksmbd-tools/files/smb.conf.template similarity index 63% rename from package/lean/cifsd-tools/files/smb.conf.template rename to package/lean/ksmbd-tools/files/smb.conf.template index 2da98b16e..4cb7be3c0 100644 --- a/package/lean/cifsd-tools/files/smb.conf.template +++ b/package/lean/ksmbd-tools/files/smb.conf.template @@ -7,3 +7,8 @@ ipc timeout = 20 deadtime = 15 map to guest = Bad User + smb2 max read = 64K + smb2 max write = 64K + smb2 max trans = 64K + cache read buffers = no + cache trans buffers = no diff --git a/package/lean/ksmbd-tools/files/smb.service b/package/lean/ksmbd-tools/files/smb.service new file mode 100644 index 000000000..24e643036 --- /dev/null +++ b/package/lean/ksmbd-tools/files/smb.service @@ -0,0 +1,9 @@ + + + + %h + + _smb._tcp + 445 + + diff --git a/package/lean/ksmbd/Makefile b/package/lean/ksmbd/Makefile new file mode 100644 index 000000000..6a00b9ccc --- /dev/null +++ b/package/lean/ksmbd/Makefile @@ -0,0 +1,70 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=ksmbd +PKG_VERSION:=3.1.3 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://github.com/cifsd-team/cifsd/archive/$(PKG_VERSION)/ +PKG_HASH:=c3c4531d3806117218d23e0552edfe883f978a00b7293180dd2919694102fcb9 + +PKG_MAINTAINER:=Andy Walsh +PKG_LICENSE:=GPL-2.0-or-later +PKG_LICENSE_FILES:=COPYING + +include $(INCLUDE_DIR)/kernel.mk +include $(INCLUDE_DIR)/package.mk + +TAR_OPTIONS+= --strip-components 1 +TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS) + +define KernelPackage/fs-ksmbd + SUBMENU:=Filesystems + TITLE:=SMB kernel server support + URL:=https://github.com/cifsd-team/cifsd + FILES:=$(PKG_BUILD_DIR)/ksmbd.ko + DEPENDS:= \ + +kmod-nls-base \ + +kmod-nls-utf8 \ + +kmod-crypto-md4 \ + +kmod-crypto-md5 \ + +kmod-crypto-hmac \ + +kmod-crypto-arc4 \ + +kmod-crypto-ecb \ + +kmod-crypto-des \ + +kmod-crypto-sha256 \ + +kmod-crypto-cmac \ + +kmod-crypto-sha512 \ + +kmod-crypto-aead \ + +kmod-crypto-ccm \ + +kmod-crypto-gcm +endef + +define KernelPackage/fs-ksmbd/description + Ksmbd is an In-kernel SMBv(1)2/3 fileserver. + It's an implementation of the SMB protocol in kernel space for sharing files and IPC services over network. +endef + +define KernelPackage/fs-ksmbd/config +config KSMBD_SMB_INSECURE_SERVER + bool "Support for insecure SMB1/CIFS and SMB2.0 protocols" + depends on PACKAGE_kmod-fs-ksmbd + help + This enables deprecated insecure protocols dialects: SMB1/CIFS and SMB2.0. + default y +endef + +ifeq ($(CONFIG_KSMBD_SMB_INSECURE_SERVER),y) +PKG_EXTRA_KCONFIG:=CONFIG_SMB_INSECURE_SERVER=y +EXTRA_CFLAGS += -DCONFIG_SMB_INSECURE_SERVER=1 +endif + +define Build/Compile + $(KERNEL_MAKE) SUBDIRS="$(PKG_BUILD_DIR)" \ + EXTRA_CFLAGS="$(EXTRA_CFLAGS)" \ + $(PKG_EXTRA_KCONFIG) \ + CONFIG_SMB_SERVER=m \ + modules +endef + +$(eval $(call KernelPackage,fs-ksmbd)) diff --git a/package/lean/ksmbd/patches/01-keep_kmod_metadata.patch b/package/lean/ksmbd/patches/01-keep_kmod_metadata.patch new file mode 100644 index 000000000..9fc547f2a --- /dev/null +++ b/package/lean/ksmbd/patches/01-keep_kmod_metadata.patch @@ -0,0 +1,10 @@ +--- a/glob.h 2019-12-08 ++++ b/glob.h 2019-12-08 +@@ -7,6 +7,8 @@ + #ifndef __KSMBD_GLOB_H + #define __KSMBD_GLOB_H + ++#undef CONFIG_MODULE_STRIPPED ++ + #include + #include diff --git a/package/lean/luci-app-cifsd/Makefile b/package/lean/luci-app-cifsd/Makefile index f04d828cb..119ed542e 100644 --- a/package/lean/luci-app-cifsd/Makefile +++ b/package/lean/luci-app-cifsd/Makefile @@ -3,11 +3,11 @@ include $(TOPDIR)/rules.mk LUCI_TITLE:=Network Shares - CIFSD CIFS/SMB kernel fileserver -LUCI_DEPENDS:=+cifsd-tools +LUCI_DEPENDS:=+ksmbd-server LUCI_PKGARCH:=all PKG_NAME:=luci-app-cifsd PKG_VERSION:=1 -PKG_RELEASE:=5 +PKG_RELEASE:=6 include $(TOPDIR)/feeds/luci/luci.mk diff --git a/package/lean/luci-app-cifsd/luasrc/controller/cifsd.lua b/package/lean/luci-app-cifsd/luasrc/controller/cifsd.lua index d9eaacabd..7719be274 100644 --- a/package/lean/luci-app-cifsd/luasrc/controller/cifsd.lua +++ b/package/lean/luci-app-cifsd/luasrc/controller/cifsd.lua @@ -3,7 +3,7 @@ module("luci.controller.cifsd", package.seeall) function index() - if not nixio.fs.access("/etc/config/cifsd") then + if not nixio.fs.access("/etc/config/ksmbd") then return end diff --git a/package/lean/luci-app-cifsd/luasrc/model/cbi/cifsd.lua b/package/lean/luci-app-cifsd/luasrc/model/cbi/cifsd.lua index 333900dfd..218b2e689 100644 --- a/package/lean/luci-app-cifsd/luasrc/model/cbi/cifsd.lua +++ b/package/lean/luci-app-cifsd/luasrc/model/cbi/cifsd.lua @@ -1,6 +1,6 @@ -- Licensed to the public under the Apache License 2.0. -m = Map("cifsd", translate("Network Shares (CIFSD)")) +m = Map("ksmbd", translate("Network Shares (CIFSD)")) s = m:section(TypedSection, "globals", translate("CIFSD is an opensource In-kernel SMB1/2/3 server")) s.anonymous = true @@ -8,28 +8,26 @@ s.anonymous = true s:tab("general", translate("General Settings")) s:tab("template", translate("Edit Template")) +s:taboption("general", Value, "description", translate("Description")) o = s:taboption("general", Value, "workgroup", translate("Workgroup")) o.placeholder = 'WORKGROUP' -s:taboption("general", Value, "description", translate("Description")) - - tmpl = s:taboption("template", Value, "_tmpl", translate("Edit the template that is used for generating the cifsd configuration."), - translate("This is the content of the file '/etc/cifs/smb.conf.template' from which your cifsd configuration will be generated. \ + translate("This is the content of the file '/etc/ksmbd/smb.conf.template' from which your cifsd configuration will be generated. \ Values enclosed by pipe symbols ('|') should not be changed. They get their values from the 'General Settings' tab.")) tmpl.template = "cbi/tvalue" tmpl.rows = 20 function tmpl.cfgvalue(self, section) - return nixio.fs.readfile("/etc/cifs/smb.conf.template") + return nixio.fs.readfile("/etc/ksmbd/smb.conf.template") end function tmpl.write(self, section, value) value = value:gsub("\r\n?", "\n") - nixio.fs.writefile("//etc/cifs/smb.conf.template", value) + nixio.fs.writefile("/etc/ksmbd/smb.conf.template", value) end @@ -83,5 +81,4 @@ dm.rmempty = true dm.size = 4 dm.default = "0777" - return m diff --git a/package/lean/luci-app-cifsd/po/zh-cn/cifsd.po b/package/lean/luci-app-cifsd/po/zh-cn/cifsd.po index 3b469f13c..e552e418a 100644 --- a/package/lean/luci-app-cifsd/po/zh-cn/cifsd.po +++ b/package/lean/luci-app-cifsd/po/zh-cn/cifsd.po @@ -97,12 +97,12 @@ msgstr "共享目录" #: applications/luci-app-cifsd/htdocs/luci-static/resources/view/cifsd.js:35 msgid "" -"This is the content of the file '/etc/cifs/smb.conf.template' from which " +"This is the content of the file '/etc/ksmbd/smb.conf.template' from which " "your cifsd configuration will be generated. Values enclosed by pipe symbols " "('|') should not be changed. They get their values from the 'General " "Settings' tab." msgstr "" -"这是将从其上生成 cifsd 配置的文件“/etc/cifs/smb.conf.template”的内容。由管道" +"这是将从其上生成 cifsd 配置的文件“/etc/ksmbd/smb.conf.template”的内容。由管道" "符(“|”)包围的值不应更改。它们将从“常规设置”标签中获取其值。" #: applications/luci-app-cifsd/htdocs/luci-static/resources/view/cifsd.js:27 diff --git a/package/lean/luci-app-cifsd/root/etc/uci-defaults/cifsd b/package/lean/luci-app-cifsd/root/etc/uci-defaults/cifsd index 806aae9fa..286053d81 100644 --- a/package/lean/luci-app-cifsd/root/etc/uci-defaults/cifsd +++ b/package/lean/luci-app-cifsd/root/etc/uci-defaults/cifsd @@ -1,9 +1,9 @@ #!/bin/sh uci -q batch <<-EOF >/dev/null - delete ucitrack.@cifsd[-1] - add ucitrack cifsd - set ucitrack.@cifsd[-1].init=cifsd + delete ucitrack.@ksmbd[-1] + add ucitrack ksmbd + set ucitrack.@ksmbd[-1].init=ksmbd commit ucitrack EOF diff --git a/package/lean/v2ray/Makefile b/package/lean/v2ray/Makefile index aaa46875f..c1bd33f4d 100644 --- a/package/lean/v2ray/Makefile +++ b/package/lean/v2ray/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=v2ray PKG_VERSION:=4.22.1 -PKG_RELEASE:=6 +PKG_RELEASE:=8 PKG_BUILD_DIR:=$(BUILD_DIR)/v2ray-core-$(PKG_VERSION) PKG_SOURCE:=v2ray-core-$(PKG_VERSION).tar.gz @@ -61,7 +61,7 @@ GO_PKG:=v2ray.com/core GO_PKG_LDFLAGS:=-s -w GO_PKG_LDFLAGS_X:= \ v2ray.com/core.version=$(PKG_VERSION) \ - v2ray.com/core.build=R$(PKG_RELEASE) \ + v2ray.com/core.build=Lean \ v2ray.com/core.codename=OpenWrt include $(INCLUDE_DIR)/package.mk diff --git a/package/lean/wsdd2/Makefile b/package/lean/wsdd2/Makefile index 9b921dae9..222c792e6 100644 --- a/package/lean/wsdd2/Makefile +++ b/package/lean/wsdd2/Makefile @@ -1,13 +1,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wsdd2 -PKG_RELEASE:=3 +PKG_RELEASE:=5 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/Andy2244/wsdd2.git -PKG_SOURCE_DATE:=2018-07-24 -PKG_SOURCE_VERSION:=2c31ba3b720af81848c47dff7ad7c6c30c0c0f50 -PKG_MIRROR_HASH:=eb903a870d99c6001996dbfc22c15e1020278c45ed2441ceb61bc5395f417afa +PKG_SOURCE_DATE:=2019-12-15 +PKG_SOURCE_VERSION:=8bcc0c1a42767ba518977a7104fe934f5d89ef31 +PKG_MIRROR_HASH:=4eace9130b7e1ddbc5b965fa51286532d3ee2ee14bcd2e116840c7d6d48ad9bc PKG_MAINTAINER:=Andy Walsh PKG_LICENSE:=GPL-3.0-only diff --git a/package/lean/wsdd2/files/wsdd2.init b/package/lean/wsdd2/files/wsdd2.init index 29272f942..24595e0f3 100644 --- a/package/lean/wsdd2/files/wsdd2.init +++ b/package/lean/wsdd2/files/wsdd2.init @@ -3,15 +3,84 @@ START=99 USE_PROCD=1 +SMB_CONF="" +BIND_IF_PARM="" +NB_PARM="" +WG_PARM="" +BI_PARM="" + start_service() { - procd_open_instance - procd_set_param command /usr/bin/wsdd2 -w + + . /lib/functions/network.sh + + if [ -e /etc/ksmbd/smb.conf ] && [ -e /etc/init.d/ksmbd ] && /etc/init.d/ksmbd running; then + SMB_CONF="/etc/ksmbd/smb.conf" + fi + + if [ -e /etc/samba/smb.conf ]; then + if [ -e /etc/init.d/samba4 ] && /etc/init.d/samba4 running; then + SMB_CONF="/etc/samba/smb.conf" + elif [ -e /etc/init.d/samba ] && /etc/init.d/samba running; then + SMB_CONF="/etc/samba/smb.conf" + fi + fi + + if [ -z "$SMB_CONF" ]; then + logger -p daemon.error -t 'wsdd2' "samba36/4 or ksmbd is not running, can't start wsdd2!" + exit 1 + fi + + local nb_name + nb_name="$(grep -i 'netbios name' $SMB_CONF | awk -F'=' '{print $2}' | tr -d ' \n')" + if [ -n "$nb_name" ]; then + NB_PARM="-N $nb_name" + else + local hostname + hostname="$(cat /proc/sys/kernel/hostname)" + NB_PARM="-N $hostname" + fi + + local wg_name + wg_name="$(grep -i 'workgroup' $SMB_CONF | awk -F'=' '{print $2}' | tr -d ' \n')" + if [ -n "$wg_name" ]; then + WG_PARM="-G $wg_name" + else + WG_PARM="-G WORKGROUP" + fi + + # resolve lan interface (BUG: No multi-interface binds atm) + local ifname + if network_get_device ifname lan; then + BIND_IF_PARM="-i $ifname" + fi + + local board_vendor + local board_model + local board_sku + + if [ -e /tmp/sysinfo/board_name ]; then + board_vendor="$(cat /tmp/sysinfo/board_name | awk -F',' '{print $1}' | tr ' ' '_' | tr -d ' \n')" + board_sku="$(cat /tmp/sysinfo/board_name | awk -F',' '{print $2}' | tr ' ' '_' | tr -d ' \n')" + fi + if [ -e /tmp/sysinfo/model ]; then + board_model="$(cat /tmp/sysinfo/model | tr ' ' '_' | tr -d ' \n')" + fi + if [ -n "$board_vendor" ] && [ -n "$board_model" ]; then + if [ -n "$board_sku" ]; then + BI_PARM="-b vendor:$board_vendor,model:$board_model,sku:$board_sku" + else + BI_PARM="-b vendor:$board_vendor,model:$board_model" + fi + fi + + procd_open_instance + procd_set_param command /usr/bin/wsdd2 -w $BIND_IF_PARM $NB_PARM $WG_PARM $BI_PARM procd_set_param respawn - procd_set_param file /var/etc/smb.conf + procd_set_param file $SMB_CONF procd_close_instance } service_triggers() { - PROCD_RELOAD_DELAY=3000 - procd_add_reload_trigger "dhcp" "system" "samba4" + PROCD_RELOAD_DELAY=1000 + procd_add_reload_trigger "dhcp" "system" "samba" "samba4" "ksmbd" } diff --git a/package/lean/wsdd2/patches/001-add_uuid_boot_id.patch b/package/lean/wsdd2/patches/001-add_uuid_boot_id.patch deleted file mode 100644 index 0c59365a1..000000000 --- a/package/lean/wsdd2/patches/001-add_uuid_boot_id.patch +++ /dev/null @@ -1,25 +0,0 @@ ---- a/wsd.c 2018-07-24 -+++ b/wsd.c 2018-09-10 -@@ -96,13 +96,19 @@ static void uuid_endpoint(char *uuid, si - { - FILE *fp = fopen("/etc/machine-id", "r"); - int c, i = 0; -+ -+ if (!fp) { -+ fp = fopen("/proc/sys/kernel/random/boot_id", "r"); -+ } - -- if (!fp) -+ if (!fp) { -+ DEBUG(0, W, "Can't open required '/etc/machine-id' or '/proc/sys/kernel/random/boot_id'"); - return; -+ } - - while (i < 36 && (c = getc(fp)) != EOF && -- (isdigit(c) || (islower(c) && isxdigit(c)))) { -- if (i == 8 || i == 13 || i == 18 || i == 23) -+ ((c == '-') || isdigit(c) || (islower(c) && isxdigit(c)))) { -+ if ((c != '-') && (i == 8 || i == 13 || i == 18 || i == 23)) - uuid[i++] = '-'; - uuid[i++] = c; - } diff --git a/tools/upx/Makefile b/tools/upx/Makefile index 39ddae033..127acd0da 100644 --- a/tools/upx/Makefile +++ b/tools/upx/Makefile @@ -7,11 +7,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=upx -PKG_VERSION:=3.96 +PKG_VERSION:=3.95 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-src.tar.xz PKG_SOURCE_URL:=https://github.com/upx/upx/releases/download/v$(PKG_VERSION) -PKG_HASH:=47774df5c958f2868ef550fb258b97c73272cb1f44fe776b798e393465993714 +PKG_HASH:=3b0f55468d285c760fcf5ea865a070b27696393002712054c69ff40d8f7f5592 HOST_BUILD_DIR:=$(BUILD_DIR_HOST)/$(PKG_NAME)-$(PKG_VERSION)-src