Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cleanup of various scripts #148

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Cleanup of various scripts #148

wants to merge 4 commits into from

Conversation

jnoordsij
Copy link
Contributor

When looking into #147 and wondering whether or not the smbd-only tag would be suitable for our usecase, I noticed that when using this variant I was faced with various Avahi-related warnings when booting this image, making me wonder whether or not I had it properly configured. However, it seems like they are caused by a combination of:

  • AVAHI_DISABLE not being set in the images (this was missing from generate-variants.sh
  • some entrypoint logic not being disabled when AVAHI_DISABLE is set

I figured this was caused by some mismatching between logic in build.sh and generate-variants.sh. Therefore I've opted to merge the scripts, using an argument-keyword-detection system in generate-variants.sh to distinguish "generate" and "generate+build" mode. Furthermore, I've opted to disable some additional logic in the entrypoint script by checking for AVAHI_DISABLE.

Finally, I ran into some issues with generate-variants becoming slower on repeated runs, due to nested tar'ing of the variants directory, which I removed by using .dockerignore as ignore-file and adding some additional files/folders to it.

For reference, the warnings can be reproduced with e.g.: docker run --rm ghcr.io/servercontainers/samba:smbd-only-a3.20.3-s4.19.9-r0 /bin/sh -c "echo 'debug done'":

################################################################################

Welcome to the ghcr.io/servercontainers/samba

################################################################################

You'll find this container sourcecode here:

    https://github.com/ServerContainers/samba

The container repository will be updated regularly.

################################################################################


mkdir: can't create directory '/var/run/samba': File exists
>> CONTAINER: starting initialisation
cp: can't create '/etc/avahi/services/samba.service': No such file or directory
>> SAMBA CONFIG: no $SAMBA_CONF_LOG_LEVEL set, using '1'
>> SAMBA CONFIG: no $SAMBA_CONF_WORKGROUP set, using 'WORKGROUP'
>> SAMBA CONFIG: no $SAMBA_CONF_SERVER_STRING set, using 'Samba Server'
>> SAMBA CONFIG: no $SAMBA_CONF_MAP_TO_GUEST set, using 'Bad User'
sed: /etc/avahi/services/samba.service: No such file or directory
  >> AVAHI: zeroconf model: TimeCapsule
/container/scripts/entrypoint.sh: line 173: can't create /etc/avahi/services/samba.service: nonexistent directory
>> ZEROCONF: samba.service file
############################### START ####################################
cat: can't open '/etc/avahi/services/samba.service': No such file or directory
################################ END #####################################
>> EXTERNAL AVAHI: found external avahi, now maintaining avahi service file 'samba.service'
>> EXTERNAL AVAHI: internal avahi gets disabled
cp: can't stat '/etc/avahi/services/samba.service': No such file or directory
>> EXTERNAL AVAHI: list of services
chmod: /external/avahi/samba.service: No such file or directory
ls: /external/avahi/*.service: No such file or directory

>> SAMBA: check smb.conf file using 'testparm -s'
############################### START ####################################
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Weak crypto is allowed by GnuTLS (e.g. NTLM as a compatibility fallback)

Server role: ROLE_STANDALONE

# Global parameters
[global]
        dns proxy = No
        load printers = No
        log file = /dev/stdout
        map to guest = Bad User
        obey pam restrictions = Yes
        passdb backend = smbpasswd
        printcap name = /dev/null
        security = USER
        server role = standalone server
        server string = Samba Server
        smb1 unix extensions = No
        fruit:aapl = yes
        fruit:model = TimeCapsule
        idmap config * : backend = tdb
        acl allow execute always = Yes
        mangled names = no
        vfs objects = catia fruit streams_xattr
        wide links = Yes
############################### END ####################################


>> SAMBA: print whole smb.conf
############################### START ####################################
[global]
   server role = standalone server
   log file = /dev/stdout
   dns proxy = no

   # password stuff
   passdb backend = smbpasswd

   obey pam restrictions = yes
   security = user
   printcap name = /dev/null
   load printers = no
   dns proxy = no
   wide links = yes
   follow symlinks = yes
   unix extensions = no
   acl allow execute always = yes

   # MacOS Compatibility options
   vfs objects = catia fruit streams_xattr

   # Special configuration for Apple's Time Machine
   fruit:model = TimeCapsule
   fruit:aapl = yes

   # fix filenames with special chars (should be default)
   mangled names = no
   dos charset = CP850
   unix charset = UTF-8

   # Docker Envs global config options
   log level = 1
   workgroup = WORKGROUP
   server string = Samba Server
   map to guest = Bad User

############################### END ####################################

>> CMD: exec docker CMD
/bin/sh -c echo 'debug done'
debug done

After this MR the output is as follows:

################################################################################

Welcome to the ghcr.io/servercontainers/samba

################################################################################

You'll find this container sourcecode here:

    https://github.com/ServerContainers/samba

The container repository will be updated regularly.

################################################################################


mkdir: can't create directory '/var/run/samba': File exists
>> CONTAINER: starting initialisation
>> SAMBA CONFIG: no $SAMBA_CONF_LOG_LEVEL set, using '1'
>> SAMBA CONFIG: no $SAMBA_CONF_WORKGROUP set, using 'WORKGROUP'
>> SAMBA CONFIG: no $SAMBA_CONF_SERVER_STRING set, using 'Samba Server'
>> SAMBA CONFIG: no $SAMBA_CONF_MAP_TO_GUEST set, using 'Bad User'
>> AVAHI - DISABLED
>> WSDD2 - DISABLED

>> SAMBA: check smb.conf file using 'testparm -s'
############################### START ####################################
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Weak crypto is allowed by GnuTLS (e.g. NTLM as a compatibility fallback)

Server role: ROLE_STANDALONE

# Global parameters
[global]
        dns proxy = No
        load printers = No
        log file = /dev/stdout
        map to guest = Bad User
        obey pam restrictions = Yes
        passdb backend = smbpasswd
        printcap name = /dev/null
        security = USER
        server role = standalone server
        server string = Samba Server
        smb1 unix extensions = No
        fruit:aapl = yes
        fruit:model = TimeCapsule
        idmap config * : backend = tdb
        acl allow execute always = Yes
        mangled names = no
        vfs objects = catia fruit streams_xattr
        wide links = Yes
############################### END ####################################


>> SAMBA: print whole smb.conf
############################### START ####################################
[global]
   server role = standalone server
   log file = /dev/stdout
   dns proxy = no

   # password stuff
   passdb backend = smbpasswd

   obey pam restrictions = yes
   security = user
   printcap name = /dev/null
   load printers = no
   dns proxy = no
   wide links = yes
   follow symlinks = yes
   unix extensions = no
   acl allow execute always = yes

   # MacOS Compatibility options
   vfs objects = catia fruit streams_xattr

   # Special configuration for Apple's Time Machine
   fruit:model = TimeCapsule
   fruit:aapl = yes

   # fix filenames with special chars (should be default)
   mangled names = no
   dos charset = CP850
   unix charset = UTF-8

   # Docker Envs global config options
   log level = 1
   workgroup = WORKGROUP
   server string = Samba Server
   map to guest = Bad User

############################### END ####################################

>> CMD: exec docker CMD
/bin/sh -c echo 'debug done'
debug done

@jnoordsij
Copy link
Contributor Author

I've not been able yet to extensively test all variants, but I think they should mostly be behaving the same. But probably merging this together with the (indirect) Alpine 3.21 bump is probably preferable to ensure any breakages coincide with a new Alpine version, so people are less likely to be surprised by the impact.

@MarvAmBass
Copy link
Member

Hi there, thanks for your work - I need to check this before I merge - to many users and it might break something.

@jnoordsij
Copy link
Contributor Author

I fully understand, make sure to check it thoroughly! I think it should function equivalently and only supppress some error messages, but there's definitely chance of me having missed something.

Note I've deliberately used separate commits which might help in reviewing some changes individually.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jnoordsij @MarvAmBass