From 96b480ee29165bb40791275009a22222b24629fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roman=20Van=C3=AD=C4=8Dek?= Date: Mon, 19 Dec 2022 22:01:26 +0100 Subject: [PATCH] CUPS printers.conf persistence /var/lib/samba/printerdrivers permissions /var/lib/samba/share_info.tdb permissions --- Dockerfile | 4 +++- crontab | 10 ++++++++++ entrypoint.sh | 13 ++++++++++++- persistCups.sh | 7 +++++++ smb.conf.j2 | 1 + supervisord.conf | 5 +++++ 6 files changed, 38 insertions(+), 2 deletions(-) create mode 100644 crontab create mode 100644 persistCups.sh diff --git a/Dockerfile b/Dockerfile index db9163c..3d3a91b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,7 +17,8 @@ ENV ADMIN_PASSWORD_SECRET=samba-admin-password \ WINBIND_USE_DEFAULT_DOMAIN=yes \ WORKGROUP=AD -COPY entrypoint.sh /entrypoint.sh +COPY *.sh / +COPY crontab /etc RUN apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -yqq --no-install-recommends install \ @@ -44,6 +45,7 @@ RUN apt-get -y update && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \ \ chmod +x /entrypoint.sh && \ + chmod +x /persistCups.sh && \ sed -E -i "s:^(passwd\:\s*files\s*)$:\1 winbind:" /etc/nsswitch.conf && \ sed -E -i "s:^(group\:\s*files\s*)$:\1 winbind:" /etc/nsswitch.conf && \ pam-auth-update --package && \ diff --git a/crontab b/crontab new file mode 100644 index 0000000..9e610ac --- /dev/null +++ b/crontab @@ -0,0 +1,10 @@ +SHELL=/bin/bash +# Example of job definition: +# .---------------- minute (0 - 59) +# | .------------- hour (0 - 23) +# | | .---------- day of month (1 - 31) +# | | | .------- month (1 - 12) OR jan,feb,mar,apr ... +# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat +# | | | | | +# * * * * * user-name command to be executed +*/10 * * * * root /persistCups.sh \ No newline at end of file diff --git a/entrypoint.sh b/entrypoint.sh index 26704a3..8f19610 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -72,8 +72,19 @@ if [ ! -f /var/lib/samba/private/secrets.tdb ]; then mkdir -p /var/lib/samba/printerdrivers net ads join --no-dns-updates -U"$ADMIN_ACCOUNT"%"$ADMIN_PASSWORD" + /etc/init.d/winbind start + /etc/init.d/smbd start + + # Allow adding printer drivers for Domain Admins + setfacl -R -m g:Domain\ Admins:rwx /var/lib/samba/printerdrivers + # Shares are not visible otherwise - #chmod 666 /var/lib/samba/share_info.tdb + sleep 5 + smbclient -L 127.0.0.1 -P + chmod 666 /var/lib/samba/share_info.tdb + + /etc/init.d/winbind stop + /etc/init.d/smbd stop fi # CUPS persistence and permissions diff --git a/persistCups.sh b/persistCups.sh new file mode 100644 index 0000000..5a4dc10 --- /dev/null +++ b/persistCups.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +if [ ! -L /etc/cups/printers.conf ] && [ /etc/cups/printers.conf -nt /etc/cups-persist/printers.conf ]; then + cp -f /etc/cups/printers.conf /etc/cups-persist/printers.conf + rm -f /etc/cups/printers.conf + ln -s /etc/cups-persist/printers.conf /etc/cups/printers.conf +fi \ No newline at end of file diff --git a/smb.conf.j2 b/smb.conf.j2 index c219d55..9e222d3 100644 --- a/smb.conf.j2 +++ b/smb.conf.j2 @@ -28,6 +28,7 @@ winbind refresh tickets = Yes winbind use default domain = {{ WINBIND_USE_DEFAULT_DOMAIN }} winbind expand groups = 4 + apply group policies = yes guest account = guest # disable usershares creating, when set empty no error log messages. diff --git a/supervisord.conf b/supervisord.conf index e6bf469..99b7147 100644 --- a/supervisord.conf +++ b/supervisord.conf @@ -30,3 +30,8 @@ redirect_stderr=true [program:cups] command=/usr/sbin/cupsd -f redirect_stderr=true + +[program:cron] +command=/usr/sbin/cron -f +redirect_stderr=true +