Hi Michael, On 16/01/2024 11:30, daniel.weismueller(a)ipfire.org wrote: > Hi there. > > I've installed and testetd the latest / modified version of the wsdd > addon on two machines. > Nearly everything works as exspected. Also my Winodws PCs see the IPFIRE > as a menber of the workgroup and could browse and use the samba shares. > If you use the firewall option "Drop all Microsoft ports > 135,137,138,139,445,1025" the clients in the blue network see the IPFIRE > but aren't able to browse or connect to the shares. > > I've recogniced only one thing that don't work like I exspected. > > - If you stop or restart samba the wsdd addon won't stop or restart, too. > > > I think it would be better if the wssd stop too because if you change > the workgroup and start the samba again the wsdd won't recognice it. To make a patch to support this I need to have the wsdd patches that you created merged into next. Then I can work on having samba trigger the start and stop of wsdd so that it does not run independently but is synchronised with samba. Regards, Adolf. > > - > Daniel > > > Am 12. Januar 2024 um 16:09 schrieb "Adolf Belka" > >: > > > > Hi Michael, > > > On 12/01/2024 14:40, Michael Tremer wrote: > > Hello, > > On 12 Jan 2024, at 11:14, Adolf Belka > wrote: > > Hi Daniel, > > > On 11/01/2024 17:11, daniel.weismueller(a)ipfire.org > wrote: > > > Hi Adolf. > > We have looked at your work. First of all, thank you very much. > > Your scripts seems to work fine. I will start tomorrow to test > them in whole. However we have made a few changes. > > In particular, we have adapted the code to the existing code in > IPFire. > > Please take look at Michaels wsdd branch. > > https://git.ipfire.org/?p=people/ms/ipfire-2.x.git;a=shortlog;h=refs/heads/wsdd > > > That looks very good. I clearly still have a bit to learn > about how to code in a more tidy manner. > > > It worked… I was just in the swing of it :) > > I also see that Michael fixed the pid fault in the > loadproc/statusproc/killproc while I just created a workaround > solution for the wsdd initscript alone. > > loadproc/statusproc/killproc are really difficult to handle. > They are supposed to be LSB-conformant functions, but I believe > that it never really happened that they because universally used > and compatible between distributions. Now with systemd, there is > no more need… > > And it is also because of systemd that daemons behave > differently now - actually not even like daemons whatsoever any > more. They used to fork themselves into the background which > made all the PID processing necessary, because the init script > could not know the PID of the process forked in the background. > Now, they don’t do this any more because without the fork, > things are easier for systemd to manage. > > The new -b switch that was added some while ago is already > helping us to launch such new processes into the background, but > we don’t have PID files any more. And since scripts don’t work > with statusproc/killproc, I thought it might be a good idea to > add this to loadproc as I am expecting us to need this more > often in the future. > > And while I was thinking about the problem, I figured it would > be easier to send a patch for those few lines instead of > explaining it in words - which probably would have been a little > bit longer. > > The only noteworthy thing is that there was a potential security > issue in passing around the shell arguments as strings because > the workgroup variable could have been almost anything. I am not > sure what validation samba would do, but I thought it would be > best not to rely on that. A two words (with a space) workgroup > would have caused wsdd not to start, because it would have seen > a command line like “—-workgroup ABC DEF” with ABC being > interpreted as the workgroup and DEF being some garbage that > wsdd would not understand. The trick with the array is that it > would pass the arguments like this “—-workgroup ‘ABC DEF’” which > prevents that “DEF” would be interpreted as an extra parameter. > > So, everything is fine :) Especially after I added the “restart” > command :) > > I did have a look at the code in the functions file but > struggled to understand it enough to be able to figure out what > was giving the problem I was experiencing. > > Which functions? > > > The /src/initscripts/system/functions file from the git repo that > has the loadproc, statusproc and killproc functions in it. > > > Regards, > > > Adolf. > > > I am glad that has been sorted and the initscript tidied up in > line with IPFire coding style. > > That is why we are all working together... > > Will try and remember that in future. > > If not, we are here to help :) > > -Michael > > Regards, > > Adolf. > > > - > > Daniel > > Am 10. Januar 2024 um 14:30 schrieb "Adolf Belka" > > .belka%40ipfire.org%3E>>: > > - lfs and toorfile created for wsdd > > - wsdd added to make.sh script > > - created install/update/uninstall scripts for wsdd that create an > > unpriveleged user and > > group. > > - initscript created for wsdd. As wsdd is a python3 script, when it > > is run as a daemon the > > pidof command does not find any pid for wsdd. So a directory/file > > for a pid file was > > created. This is then passed to the loadproc and killproc commands. > > After the loadproc > > command has been created the pid is extracted from the ps aux > > command and put into the > > pid file. This then works when running the killproc command for it > > to know what to go > > and stop. The statusproc command does not have the ability to feed > > in the pid from a > > pid file and so it fails to find a running wsdd as it uses the pidof > > command. Code was > > added to the status section of the initscript to check if the pid > > file exists and if so > > to print the same command as used with the statusproc command, and > > also the same > > wording if the pid file does not exist because wsdd is not running. > > - info from the ethernet/settings file is used to identify if only > > green0 is available or > > if blue0 is also used and based on this the appropriate interface > > commands are added to > > the wsdd command. > > - wsdd is also set up to run in a chroot > > - Has been tested on my vm testbed, initially by editing the files > > on the vm clone. After > > everything confiremd to be working, the build was successfully > > carried out and the > > .ipfire package was copied to a new vm clone installed and shown to > > perform as expected. > > This test only confirms that wsdd is correctly installed and > > started. Shutsdown and > > restarts on reboot successfully. Confirmed from the ps aux info that > > wsdd has been > > started with the correct options. Thge testing can not evaluate if > > wsdd enables windows > > systems newer than version 7 top be able to detect the samba shares > > as I have no > > windows systems. > > Fixes: Bug13445 > > Tested-by: Adolf Belka > > > Signed-off-by: Adolf Belka > > > --- > > config/rootfiles/packages/wsdd | 2 + > > lfs/wsdd | 89 ++++++++++++++++++++++++++++++++++ > > make.sh | 1 + > > src/initscripts/packages/wsdd | 63 ++++++++++++++++++++++++ > > src/paks/wsdd/install.sh | 40 +++++++++++++++ > > src/paks/wsdd/uninstall.sh | 30 ++++++++++++ > > src/paks/wsdd/update.sh | 27 +++++++++++ > > 7 files changed, 252 insertions(+) > > create mode 100644 config/rootfiles/packages/wsdd > > create mode 100644 lfs/wsdd > > create mode 100644 src/initscripts/packages/wsdd > > create mode 100644 src/paks/wsdd/install.sh > > create mode 100644 src/paks/wsdd/uninstall.sh > > create mode 100644 src/paks/wsdd/update.sh > > diff --git a/config/rootfiles/packages/wsdd > > b/config/rootfiles/packages/wsdd > > new file mode 100644 > > index 000000000..ce225043a > > --- /dev/null > > +++ b/config/rootfiles/packages/wsdd > > @@ -0,0 +1,2 @@ > > +etc/rc.d/init.d/wsdd > > +usr/bin/wsdd > > diff --git a/lfs/wsdd b/lfs/wsdd > > new file mode 100644 > > index 000000000..aa65e47ef > > --- /dev/null > > +++ b/lfs/wsdd > > @@ -0,0 +1,89 @@ > > +############################################################################### > > +# # > > +# IPFire.org - A linux based firewall # > > +# Copyright (C) 2007-2024 IPFire Team > # > > +# # > > +# This program is free software: you can redistribute it and/or > > modify # > > +# it under the terms of the GNU General Public License as published > > by # > > +# the Free Software Foundation, either version 3 of the > License, or # > > +# (at your option) any later version. # > > +# # > > +# This program is distributed in the hope that it will be useful, # > > +# but WITHOUT ANY WARRANTY; without even the implied warranty of # > > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # > > +# GNU General Public License for more details. # > > +# # > > +# You should have received a copy of the GNU General Public > License # > > +# along with this program. If not, see > > > > > >>. # > > +# # > > +############################################################################### > > + > > +############################################################################### > > +# Definitions > > +############################################################################### > > + > > +include Config > > + > > +VER = 0.7.1 > > +SUMMARY = A Web Service Discovery host daemon. > > + > > +THISAPP = wsdd-$(VER) > > +DL_FILE = $(THISAPP).tar.gz > > +DL_FROM = $(URL_IPFIRE) > > +DIR_APP = $(DIR_SRC)/$(THISAPP) > > +TARGET = $(DIR_INFO)/$(THISAPP) > > +PROG = wsdd > > +PAK_VER = 1 > > + > > +DEPS = > > + > > +SERVICES = wsdd > > + > > +############################################################################### > > +# Top-level Rules > > +############################################################################### > > + > > +objects = $(DL_FILE) > > + > > +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > + > > +$(DL_FILE)_BLAKE2 = > > ce43022c3bd9f7ff1fd7169ac0d5ab6b2ff78d35c221c05b2e20908a5772d563ab2aca571d4e6ae48a55d19d4adcb9cde60f720ae47af8ee950198224fcfdb26 > > + > > +install : $(TARGET) > > + > > +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) > > + > > +download :$(patsubst %,$(DIR_DL)/%,$(objects)) > > + > > +b2 : $(subst %,%_BLAKE2,$(objects)) > > + > > +dist: > > + @$(PAK) > > + > > +############################################################################### > > +# Downloading, checking, b2sum > > +############################################################################### > > + > > +$(patsubst %,$(DIR_CHK)/%,$(objects)) : > > + @$(CHECK) > > + > > +$(patsubst %,$(DIR_DL)/%,$(objects)) : > > + @$(LOAD) > > + > > +$(subst %,%_BLAKE2,$(objects)) : > > + @$(B2SUM) > > + > > +############################################################################### > > +# Installation Details > > +############################################################################### > > + > > +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) > > + @$(PREBUILD) > > + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf > $(DIR_DL)/$(DL_FILE) > > + cd $(DIR_APP) && cp src/wsdd.py /usr/bin/wsdd > > + > > + #install initscripts > > + $(call INSTALL_INITSCRIPTS,$(SERVICES)) > > + > > + @rm -rf $(DIR_APP) > > + @$(POSTBUILD) > > diff --git a/make.sh b/make.sh > > index 06e09c9a3..5af3dedc3 100755 > > --- a/make.sh > > +++ b/make.sh > > @@ -1699,6 +1699,7 @@ buildipfire() { > > lfsmake2 perl-MIME-Base32 > > lfsmake2 perl-URI-Encode > > lfsmake2 rsnapshot > > + lfsmake2 wsdd > > # Kernelbuild ... current we have no platform that need > > # multi kernel builds so KCFG is empty > > diff --git a/src/initscripts/packages/wsdd > > b/src/initscripts/packages/wsdd > > new file mode 100644 > > index 000000000..c5207f872 > > --- /dev/null > > +++ b/src/initscripts/packages/wsdd > > @@ -0,0 +1,63 @@ > > +#!/bin/sh > > +############################################################################### > > +# # > > +# IPFire.org - A linux based firewall # > > +# Copyright (C) 2007-2024 IPFire Team > # > > +# # > > +# This program is free software: you can redistribute it and/or > > modify # > > +# it under the terms of the GNU General Public License as published > > by # > > +# the Free Software Foundation, either version 3 of the > License, or # > > +# (at your option) any later version. # > > +# # > > +# This program is distributed in the hope that it will be useful, # > > +# but WITHOUT ANY WARRANTY; without even the implied warranty of # > > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # > > +# GNU General Public License for more details. # > > +# # > > +# You should have received a copy of the GNU General Public > License # > > +# along with this program. If not, see > > > > > >>. # > > +# # > > +############################################################################### > > + > > +. /etc/sysconfig/rc > > +. $rc_functions > > + > > +eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) > > + > > +# Create chroot directory for wsdd > > +mkdir -p /var/run/wsdd > > + > > +INTERFACES="-i ${GREEN_DEV}" > > + if [ -n "${BLUE_DEV}" ]; then > > + INTERFACES="${INTERFACES} -i ${BLUE_DEV}" > > + fi > > +WSDD_WORKGROUP="-w $(/usr/bin/testparm -s --parameter-name > > workgroup 2>/dev/null)" > > +WSDD_USER="-u wsdd:wsdd" > > +WSDD_CHROOT="-c /var/run/wsdd" > > + > > +case "$1" in > > + start) > > + boot_mesg "Starting wsdd daemon..." > > + loadproc -b /usr/bin/wsdd -4 ${WSDD_USER} ${INTERFACES} > > ${WSDD_WORKGROUP} ${WSDD_CHROOT} > > + sleep 1 > > + echo $(ps aux | grep "/usr/bin/wsdd" | grep -v grep | awk '{print > > $2}') > /var/run/wsdd/pid > > + ;; > > + stop) > > + boot_mesg "Stopping wsdd daemon..." > > + killproc -p /var/run/wsdd/pid /usr/bin/wsdd > > + ;; > > + status) > > + WSDD_PID=$(ps aux | grep "/usr/bin/wsdd" | grep -v grep | awk > > '{print $2}') > > + if [ -n "${WSDD_PID}" ]; then > > + echo -e "\\033[1;36m /usr/bin/wsdd is running with Process"\ > > + "ID(s) $WSDD_PID.\\033[0;39m" > > + else > > + echo -e "\\033[1;36m /usr/bin/wsdd is not running.\\033[0;39m" > > + fi > > + ;; > > + *) > > + echo "Usage: $0 (start|stop|status)" > > + exit 1 > > + ;; > > +esac > > + > > diff --git a/src/paks/wsdd/install.sh b/src/paks/wsdd/install.sh > > new file mode 100644 > > index 000000000..181b84eb9 > > --- /dev/null > > +++ b/src/paks/wsdd/install.sh > > @@ -0,0 +1,40 @@ > > +#!/bin/bash > > +############################################################################ > > +# # > > +# This file is part of the IPFire Firewall. # > > +# # > > +# IPFire is free software; you can redistribute it and/or modify # > > +# it under the terms of the GNU General Public License as published > > by # > > +# the Free Software Foundation; either version 2 of the > License, or # > > +# (at your option) any later version. # > > +# # > > +# IPFire is distributed in the hope that it will be useful, # > > +# but WITHOUT ANY WARRANTY; without even the implied warranty of # > > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # > > +# GNU General Public License for more details. # > > +# # > > +# You should have received a copy of the GNU General Public > License # > > +# along with IPFire; if not, write to the Free Software # > > +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA > > 02111-1307 USA # > > +# # > > +# Copyright (C) 2007 IPFire-Team >. # > > +# # > > +############################################################################ > > +# > > +. /opt/pakfire/lib/functions.sh > > + > > +# If the wsdd user does not exist yet, then create it and add to > > wsdd group. > > +if ! getent user wsdd >/dev/null; then > > + useradd -r -U -d / -s /bin/false -c "wsdd user" wsdd > > + usermod -a -G wsdd wsdd > > +fi > > + > > +extract_files > > +restore_backup ${NAME} > > + > > +# Create startlinks > > +ln -sf ../init.d/wsdd /etc/rc.d/rc0.d/K35wsdd > > +ln -sf ../init.d/wsdd /etc/rc.d/rc3.d/S65wsdd > > +ln -sf ../init.d/wsdd /etc/rc.d/rc6.d/K35wsdd > > +start_service ${NAME} > > +exit 0 > > diff --git a/src/paks/wsdd/uninstall.sh b/src/paks/wsdd/uninstall.sh > > new file mode 100644 > > index 000000000..4c52ee281 > > --- /dev/null > > +++ b/src/paks/wsdd/uninstall.sh > > @@ -0,0 +1,30 @@ > > +#!/bin/bash > > +############################################################################ > > +# # > > +# This file is part of the IPFire Firewall. # > > +# # > > +# IPFire is free software; you can redistribute it and/or modify # > > +# it under the terms of the GNU General Public License as published > > by # > > +# the Free Software Foundation; either version 2 of the > License, or # > > +# (at your option) any later version. # > > +# # > > +# IPFire is distributed in the hope that it will be useful, # > > +# but WITHOUT ANY WARRANTY; without even the implied warranty of # > > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # > > +# GNU General Public License for more details. # > > +# # > > +# You should have received a copy of the GNU General Public > License # > > +# along with IPFire; if not, write to the Free Software # > > +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA > > 02111-1307 USA # > > +# # > > +# Copyright (C) 2007 IPFire-Team >. # > > +# # > > +############################################################################ > > +# > > +. /opt/pakfire/lib/functions.sh > > +stop_service ${NAME} > > +make_backup ${NAME} > > +remove_files > > +# Remove all start links. > > +rm -rf /etc/rc.d/rc*.d/*wsdd > > +exit 0 > > diff --git a/src/paks/wsdd/update.sh b/src/paks/wsdd/update.sh > > new file mode 100644 > > index 000000000..99776659c > > --- /dev/null > > +++ b/src/paks/wsdd/update.sh > > @@ -0,0 +1,27 @@ > > +#!/bin/bash > > +############################################################################ > > +# # > > +# This file is part of the IPFire Firewall. # > > +# # > > +# IPFire is free software; you can redistribute it and/or modify # > > +# it under the terms of the GNU General Public License as published > > by # > > +# the Free Software Foundation; either version 2 of the > License, or # > > +# (at your option) any later version. # > > +# # > > +# IPFire is distributed in the hope that it will be useful, # > > +# but WITHOUT ANY WARRANTY; without even the implied warranty of # > > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # > > +# GNU General Public License for more details. # > > +# # > > +# You should have received a copy of the GNU General Public > License # > > +# along with IPFire; if not, write to the Free Software # > > +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA > > 02111-1307 USA # > > +# # > > +# Copyright (C) 2007-2020 IPFire-Team >. # > > +# # > > +############################################################################ > > +# > > +. /opt/pakfire/lib/functions.sh > > +extract_backup_includes > > +./uninstall.sh > > +./install.sh > > -- 2.43.0 > > -- >> Sent from my laptop > > > -- Sent from my laptop > > -- Sent from my laptop