-
Notifications
You must be signed in to change notification settings - Fork 1
/
share-root-in-samba.sh
executable file
·154 lines (128 loc) · 3.48 KB
/
share-root-in-samba.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
#!/bin/bash
set -eu
show_help()
{
echo \
"Starts a samba service to share the root directory AS root.
WARNING: This gives root access over samba! Only use for debugging a VM that will be destroyed afterwards!
If you really want to do this, call the script again with -y
Usage: $(basename $0) -y"
}
#####################################################################
SCRIPT_HOME=$(dirname "$(readlink -f "${BASH_SOURCE[0]}")")
source $SCRIPT_HOME/common.sh "$0"
configure_avahi()
{
sed -i 's/\(rlimit-nproc\)/#\1/g' /etc/avahi/avahi-daemon.conf
sed -i 's/#enable-dbus=yes/enable-dbus=no/g' /etc/avahi/avahi-daemon.conf
sed -i 's/need dbus/use dbus/g' /etc/init.d/avahi-daemon
rm -f /etc/avahi/services/ssh.service /etc/avahi/services/sftp-ssh.service
printf "%s" '<?xml version="1.0" standalone="no"?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">%h</name>
<service>
<type>_smb._tcp</type>
<port>445</port>
</service>
</service-group>
' | tee /etc/avahi/services/samba.service >/dev/null
}
configure_samba()
{
netbios_name=$(hostname)
share_path=/
share_name=root
writable=true
smbconf="/etc/samba/smb.conf"
printf "%s" "[global]
# Identification
netbios name = $netbios_name
workgroup = WORKGROUP
server string = Samba Server Version %v
# Network
name resolve order = bcast host lmhosts wins
# Protocol
server role = standalone server
disable netbios = no
wins support = yes
dns proxy = yes
domain master = yes
local master = yes
preferred master = yes
os level = 31
# Security
security = user
map to guest = Bad User
guest ok = yes
guest only = yes
guest account = root
# Needed by some Windows installs
server signing = auto
# Printing
load printers = No
printing = bsd
printcap name = /dev/null
disable spoolss = Yes
# Files
directory mask = 0755
force create mode = 0644
force directory mode = 0755
case sensitive = True
default case = lower
preserve case = yes
short preserve case = yes
# Performance
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072
read raw = yes
write raw = yes
server signing = no
strict locking = no
min receivefile size = 16384
use sendfile = Yes
aio read size = 16384
aio write size = 16384
# Logging
syslog = 0
max log size = 100
" | tee $smbconf >/dev/null
echo "Mounting path $share_path as $share_name (writable=$writable)"
echo "" >> $smbconf
echo "[$share_name]" >> $smbconf
echo " path = $share_path" >> $smbconf
echo " writable = $writable" >> $smbconf
echo " browsable = yes" >> $smbconf
echo " guest ok = yes" >> $smbconf
}
usage()
{
show_help 1>&2
exit 1
}
#####################################################################
assert_is_root
REALLY_INSTALL=false
while getopts "?y" o; do
case "$o" in
\?)
show_help
exit 0
;;
y)
REALLY_INSTALL=true
;;
*)
usage
;;
esac
done
shift $((OPTIND-1))
if [ "$REALLY_INSTALL" != "true" ]; then
usage
fi
apt update
install_packages samba avahi-daemon
configure_avahi
configure_samba
echo "Samba server is now giving guest access to / via \"\\\\$(hostname)\\root\" USING ROOT PRIVILEGES!"
echo "NEVER USE THIS IN AN INSECURE ENVIRONMENT!"