Samba supports a mechanism called connection scripts , by which commands can be executed on the server as clients connect to a share or later disconnect from it. By using configuration file variables along with some custom programming, you can create connection scripts that perform a wide range of functions. As a simple example, here is a "quick and dirty" way to monitor connections to shares on the Samba server in real time. First, the value of the preexec parameter is set as follows : [global] preexec = /bin/echo %u at %m connected to //%L/%S on %T >>/tmp/smblog This causes information about the user and the connection to be written to the file /tmp/smblog whenever any client connects to any share. To watch clients connect, run the following command: $ tail -f /tmp/smblog jay at maya connected to //toltec/data on 2002/11/21 21:21:15 david at apache connected to //toltec/techs on 2002/11/21 21:21:57 sally at seminole connected to //toltec/payroll on 2002/11/21 21:22:16 martha at dine connected to //toltec/profiles on 2002/11/21 21:23:38 martha at dine connected to //toltec/netlogon on 2002/11/21 21:23:39 martha at dine connected to //toltec/martha on 2002/11/21 21:23:40 aaron at huastec connected to //toltec/netlogon on 2002/11/21 21:24:19 aaron at huastec connected to //toltec/aaron on 2002/11/21 21:24:20 With the -f option, the tail command monitors /tmp/smblog and prints additional output as new data is appended to the file. Every time a new connection is made, an additional line is printed, showing the output of the preexec command. Notice the lines resulting from connections by user martha and aaron . User martha logged on to the domain from a Windows NT client, which accessed the [profiles] share to download her profile, then the [netlogon] share to read the logon script, and then her home directory (because her logon script contains a net use H : /home command) to connect her home directory to drive letter H. The connections from aaron are similar, except that he connected from a Windows 98 system, which does not use the [profiles] share. (See Chapter 4 for more information about domain logons .) A more advanced use of connection scripts is to monitor the contents of users' home directories and/or other shared directories and perform checks ensuring that local administrative policies are followed. Checked items might include the following:
To handle this kind of task, a shell script or other program would be written to perform the checks and take appropriate actions, such as removing offending files. The root preexec parameter would be used to run the command as the root user, using configuration file variables to pass arguments. For example: [homes] root preexec = admin_checks %S root preexec close = yes In this example, a specially written administrative checking program ( admin_checks ) is used to monitor users' home directories on the Samba server. The %S variable is used to pass the name of the home directory to the script. The root preexec close parameter has been set to yes so that if admin_checks detects a serious violation of local policy, it can exit with a nonzero status, and the client is prevented from connecting. 8.6.1 Connection Script OptionsTable 8-7 introduces some of the configuration options provided for setting up users. Table 8-7. Connection script options
8.6.1.1 root preexecThis option specifies as its value a Unix command to be run as the root user before any connection to a share is completed. You should use this option specifically for performing actions that require root privilege. To ensure security, users should never be able to modify the target of the root preexec command. In addition, unless you explicitly redirect it, any information the command sends to standard output will be discarded. If you intend to use any preexec or postexec script, you should ensure that it will run correctly before having Samba invoke it. 8.6.1.2 root preexec closeSometimes you might want the share to disconnect if the root preexec script fails, giving the client an error rather than allowing it to connect. For example, if you are using root preexec to mount a CD-ROM or filesystem, it would make no sense to connect the client to it in the event that the mount fails. If you specify root preexec close = yes , the share will fail to connect if the root preexec script returns a nonzero exit status. 8.6.1.3 preexecSometimes just called exec , this option defines an ordinary unprivileged command run by Samba as the user specified by the variable %u . For example, a common use of this option is to perform logging, such as the following: [homes] preexec = echo "%u connected from %m (%I)\" >>/tmp/.log You must redirect the standard output of the command if you want to use it. Otherwise, it is discarded. This warning also applies to the command's standard error output. If you intend to use a preexec script, you should ensure that it will run correctly before having Samba invoke it. 8.6.1.4 preexec closeThis is similar to root preexec close , except that it goes with the preexec option. By setting preexec close = yes , a preexec script that returns nonzero will cause the share to disconnect immediately. 8.6.1.5 postexecOnce the user disconnects from the share, the command specified with postexec is run as the user on the Samba server to do any necessary cleanup. This option is essentially the same as the preexec option. Again, remember that the command is run as the user represented by %u , and any information sent to standard output will be ignored. 8.6.1.6 root postexecFollowing the postexec option, the root postexec command is run, if one has been specified. Again, this option specifies as its value a Unix command to be run as the root user before disconnecting from a share. You should use this option specifically for performing actions that require root privilege. |