dlandon Posted September 7, 2015 Share Posted September 7, 2015 I'm not sure if this is the correct place to post this, but move it if I'm in the wrong place. I am reviving an old V5 recycle bin plugin that was originally done by Influencer. It is basically a webgui for the built in vfs recycle module of samba. I have it working and I use a hidden share named .Recycle.Bin for the deleted files. This should technically end up being a hidden share. Here is the section added to the smb-extra.conf file to specify the vfs recycle operation: #Recycle bin share [RecycleBin] path = /mnt/user/.Recycle.Bin read only = No [global] vfs objects = recycle recycle:repository = /mnt/user/.Recycle.Bin/%S recycle:directory_mode = 0777 recycle:keeptree = Yes recycle:touch = Yes recycle:touch_mtime = Yes recycle:versions = Yes recycle:exclude = *.tmp recycle:exclude_dir = .Recycle.Bin acl allow execute always = yes My concerns are: The .Recycle.Bin share is visible in unRAID as "RecycleBin" when browsing in Windows and not hidden to Windows computers. It should be hidden. Can I control this by any settings? What permissions do the deleted files have and how do we protect a file being deleted by one user being accessible by another user? Is there a way for an administrator to control access to the recycle bin? What I think should be happening: The "RecycleBin" should be hidden. Access to the "RecycleBin" should be controlled by the administrator and/or limited by user. Quote Link to comment
dlandon Posted September 7, 2015 Author Share Posted September 7, 2015 I got my answer on the hiding the share. It is a smb-extra setting: browseable - No Edit: I would honestly think the default operation for the vfs recycle should be a hidden share. Quote Link to comment
dlandon Posted September 7, 2015 Author Share Posted September 7, 2015 I have been able to sort this out for myself by settings in the smb-extra.conf file that give me the control that I want. Quote Link to comment
spants Posted September 7, 2015 Share Posted September 7, 2015 can you post the new config file please Quote Link to comment
dlandon Posted September 7, 2015 Author Share Posted September 7, 2015 I added 'browseable = no' to hide the share. That's all. Quote Link to comment
dlandon Posted September 8, 2015 Author Share Posted September 8, 2015 I also figured out that there is a way to add users. The 'admin users ='. You can then add additional admin users to those allowed to access the recycle bin. User "admin" is always allowed access. Quote Link to comment
limetech Posted September 10, 2015 Share Posted September 10, 2015 It doesn't make sense to limit what users can manipulate files in the samba recycle bin. That is, if a user has write access to the share, why not have access to recycle bin of that share? You are not understanding the concept of 'users' in unRaid. Quote Link to comment
dlandon Posted September 10, 2015 Author Share Posted September 10, 2015 It doesn't make sense to limit what users can manipulate files in the samba recycle bin. I know, but with the global settings I can't figure out how to do a per share recycle bin. I believe a per share recycle bin would have to be set up in samba-shares.conf, which I can't manipulate. That is, if a user has write access to the share, why not have access to recycle bin of that share? Ok. Tell me how to do that in samba-extra.conf. You are not understanding the concept of 'users' in unRaid. I fully understand the concept of 'users' in unRAID. What I don't understand is samba. My OP was to try to sort out how to do a per user recycle bin, security, etc. All I can seem to get is admin access to specified users on a global basis. So if my understanding is so bad, how about you give me the smb-extra.conf settings to do a per share recycle bin? I really don't appreciate the comment that I don't understand the "concept of 'users' in unRAID" when I am trying to reach out and get some help on how to do security and implement the recycle bin. I have invested a lot of time in this effort, at a pretty miserable compensation (like zero) and i get a comment that I don't understand 'users' in unRAID. Really Tom! If my efforts are all that poor, please do a pull from my repository and implement this feature yourself. Quote Link to comment
limetech Posted September 10, 2015 Share Posted September 10, 2015 It doesn't make sense to limit what users can manipulate files in the samba recycle bin. I know, but with the global settings I can't figure out how to do a per share recycle bin. I believe a per share recycle bin would have to be set up in samba-shares.conf, which I can't manipulate. That is, if a user has write access to the share, why not have access to recycle bin of that share? Ok. Tell me how to do that in samba-extra.conf. You are not understanding the concept of 'users' in unRaid. I fully understand the concept of 'users' in unRAID. What I don't understand is samba. My OP was to try to sort out how to do a per user recycle bin, security, etc. All I can seem to get is admin access to specified users on a global basis. So if my understanding is so bad, how about you give me the smb-extra.conf settings to do a per share recycle bin? You didn't ask me to test that for you. I really don't appreciate the comment that I don't understand the "concept of 'users' in unRAID" when I am trying to reach out and get some help on how to do security and implement the recycle bin. I have invested a lot of time in this effort, at a pretty miserable compensation (like zero) and i get a comment that I don't understand 'users' in unRAID. Really Tom! If my efforts are all that poor, please do a pull from my repository and implement this feature yourself. Look man, no disrespect intended, and I take no offence at your attempt to 'strike back'. Getting back to the subject you asked about: I thought you could add per-share sections in smb-extra.conf and it would augment the list of vars for that share later included by smb-shares.conf. In doing some simple tests that appears to not be the case. So I was wrong about that assumption and I don't mind admitting I'm wrong, nothing personal. Another approach would be to hook into the 'svcs_restarted' event and use sed or something to augment the var list for specific shares that are enabled for having a recycle bin. If that proves to be pain-in-the-neck, how about I do something like this: for each share add an "include /boot/config/shares/<share-name>.conf" line. This way you can change whatever you want on a per-share basis. Quote Link to comment
bonienl Posted September 10, 2015 Share Posted September 10, 2015 What if you add another reference to an include file in /etc/samba/samba.conf, similar to what is done for user and disk shares (smb-shares.conf)? This would allow the plugin to build its own conf file with specific settings for each share. Quote Link to comment
limetech Posted September 10, 2015 Share Posted September 10, 2015 The /etc/samba/smb.conf file today looks like this: [global] # configurable identification include = /etc/samba/smb-names.conf # log stuff only to syslog log level = 0 syslog = 0 syslog only = Yes # we don't do printers show add printer wizard = No disable spoolss = Yes load printers = No printing = bsd printcap name = /dev/null # misc. invalid users = root unix extensions = No wide links = Yes use sendfile = Yes aio read size = 0 aio write size = 0 # ease upgrades from Samba 3.6 acl allow execute always = Yes # hook for user-defined samba config include = /boot/config/smb-extra.conf # auto-configured shares include = /etc/samba/smb-shares.conf I could change to this: [global] # configurable identification include = /etc/samba/smb-names.conf # log stuff only to syslog log level = 0 syslog = 0 syslog only = Yes # we don't do printers show add printer wizard = No disable spoolss = Yes load printers = No printing = bsd printcap name = /dev/null # misc. invalid users = root unix extensions = No wide links = Yes use sendfile = Yes aio read size = 0 aio write size = 0 # ease upgrades from Samba 3.6 acl allow execute always = Yes # hook for user-defined global samba config include = /boot/config/smb-extra.conf # auto-configured shares include = /etc/samba/smb-shares.conf # hook for user-defined per-share samba config include = /boot/config/smb-extra2.conf I believe it *does* work to have extra [share-name] parameters in there at that point. [i'm actually out of the office today and it's not easy for me to test this, but someone could set this up exactly as above and test.] Quote Link to comment
dlandon Posted September 10, 2015 Author Share Posted September 10, 2015 I appreciate the responses, but I have found an incredibly simple answer that looks like it will do a per share recycle bin. I am basically faking out vfs recycle to do that for me in smb-extra.conf. Adding a per share to the smb-extra.conf does not work. It overwrites the other share settings. Messing with smb.conf is not what I consider a good approach. I don't want to walk through each share and apply settings. I rather prefer the global approach. Tom, I am not one to start flaming. I learned a long time ago that it is best to stop a discussion when it gets to that point, but telling me I don't understand unRAID 'users' is not conducive to this discussion when the issue is not my understanding of 'users', but samba. And, yes it rather pissed me off. Enough said. You should probably delete this thread or I will. There is nothing of value here. Quote Link to comment
limetech Posted September 10, 2015 Share Posted September 10, 2015 I appreciate the responses, but I have found an incredibly simple answer that looks like it will do a per share recycle bin. I am basically faking out vfs recycle to do that for me in smb-extra.conf. I'd like to see what you have in mind. Adding a per share to the smb-extra.conf does not work. It overwrites the other share settings. As I indicated above. Messing with smb.conf is not what I consider a good approach. I don't want to walk through each share and apply settings. I rather prefer the global approach. That's what I meant above by "pain-in-the-neck" which is why I proposed a per-share include file or another single include file that gets read after share config is set. Figuring out the best approach is the point of this discussion and this board. It's not good enough to hack a solution that simply "works" - it should also work "well". Tom, I am not one to start flaming. Then why did you start? and why continue this? Get over it. I learned a long time ago that it is best to stop a discussion when it gets to that point, but telling me I don't understand unRAID 'users' is not conducive to this discussion when the issue is not my understanding of 'users', but samba. And, yes it rather pissed me off. Enough said. Whatever man. If that kind of thing gets under your skin, how do you expect to hash out design decisions? Look I appreciate all your contributions, but this particular board is for developers to discuss code and code design. You have to expect there will be misunderstandings. You should probably delete this thread or I will. There is nothing of value here. You are free to delete your posts any time. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.