CUPS printers.conf persistence

/var/lib/samba/printerdrivers permissions /var/lib/samba/share_info.tdb permissions
2022-12-19 22:01:26 +01:00
parent 409c084d44
commit 96b480ee29
6 changed files with 38 additions and 2 deletions
--- a/4
+++ b/4
@@ -17,7 +17,8 @@ ENV ADMIN_PASSWORD_SECRET=samba-admin-password \
    WINBIND_USE_DEFAULT_DOMAIN=yes \
    WORKGROUP=AD

-COPY entrypoint.sh /entrypoint.sh
+COPY *.sh /
+COPY crontab /etc

 RUN apt-get -y update && \
    DEBIAN_FRONTEND=noninteractive apt-get -yqq --no-install-recommends install \
@@ -44,6 +45,7 @@ RUN apt-get -y update && \
 	rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \
 	\
 	chmod +x /entrypoint.sh && \
+	chmod +x /persistCups.sh && \
 	sed -E -i "s:^(passwd\:\s*files\s*)$:\1 winbind:" /etc/nsswitch.conf && \
 	sed -E -i "s:^(group\:\s*files\s*)$:\1 winbind:" /etc/nsswitch.conf && \
 	pam-auth-update --package && \
--- a/10
+++ b/10
@@ -0,0 +1,10 @@
+SHELL=/bin/bash
+# Example of job definition:
+# .---------------- minute (0 - 59)
+# |  .------------- hour (0 - 23)
+# |  |  .---------- day of month (1 - 31)
+# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
+# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
+# |  |  |  |  |
+# *  *  *  *  * user-name command to be executed
+*/10 * * * * root /persistCups.sh
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -72,8 +72,19 @@ if [ ! -f /var/lib/samba/private/secrets.tdb ]; then
  mkdir -p /var/lib/samba/printerdrivers
  net ads join --no-dns-updates -U"$ADMIN_ACCOUNT"%"$ADMIN_PASSWORD"

+  /etc/init.d/winbind start
+  /etc/init.d/smbd start
+
+  # Allow adding printer drivers for Domain Admins
+  setfacl -R -m g:Domain\ Admins:rwx /var/lib/samba/printerdrivers
+
  # Shares are not visible otherwise
-  #chmod 666 /var/lib/samba/share_info.tdb
+  sleep 5
+  smbclient -L 127.0.0.1 -P
+  chmod 666 /var/lib/samba/share_info.tdb
+
+  /etc/init.d/winbind stop
+  /etc/init.d/smbd stop
 fi

 # CUPS persistence and permissions
--- a/persistCups.sh
+++ b/persistCups.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+if [ ! -L /etc/cups/printers.conf ] && [ /etc/cups/printers.conf -nt /etc/cups-persist/printers.conf ]; then
+        cp -f /etc/cups/printers.conf /etc/cups-persist/printers.conf
+        rm -f /etc/cups/printers.conf
+        ln -s /etc/cups-persist/printers.conf /etc/cups/printers.conf
+fi
--- a/smb.conf.j2
+++ b/smb.conf.j2
@@ -28,6 +28,7 @@
 	winbind refresh tickets = Yes
 	winbind use default domain = {{ WINBIND_USE_DEFAULT_DOMAIN }}
 	winbind expand groups = 4
+	apply group policies = yes
 	guest account = guest

 	# disable usershares creating, when set empty no error log messages.
--- a/supervisord.conf
+++ b/supervisord.conf
@@ -30,3 +30,8 @@ redirect_stderr=true
 [program:cups]
 command=/usr/sbin/cupsd -f
 redirect_stderr=true
+
+[program:cron]
+command=/usr/sbin/cron -f
+redirect_stderr=true
+