commit 988c598106cf71a10401a7cd6ea36bcb30212768 · pyrox.dev/nixpkgs

nixos/doc/manual/release-notes/rl-2411.section.md

···

       335
       335
        
       

     

       336
       336
        
       - The `replay-sorcery` package and module was removed as it unmaintained upstream. Consider using `gpu-screen-recorder` or `obs-studio` instead.

     

       337
       337
        
       

     

       338
       338
       +
       - To follow [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md) a few options of `samba` have been moved from `extraConfig` to the new freeform option `settings` and renamed, e.g.:

     

       339
       339
       +
         - `services.samba.invalidUsers` to `services.samba.settings.global."invalid users"`

     

       340
       340
       +
         - `services.samba.securityType` to `services.samba.settings.global."security type"`

     

       341
       341
       +
         - `services.samba.shares` to `services.samba.settings`

     

       342
       342
       +
         - `services.samba.enableWinbindd` to `services.samba.winbindd.enable`

     

       343
       343
       +
         - `services.samba.enableNmbd` to `services.samba.nmbd.enable`

     

       344
       344
       +
       

     

       338
       345
        
       - `zx` was updated to v8, which introduces several breaking changes.

     

       339
       346
        
         See the [v8 changelog](https://github.com/google/zx/releases/tag/8.0.0) for more information.

     

       340
       347

+37 -76

nixos/modules/services/network-filesystems/samba.nix

···

       3
       3
        
       with lib;

     

       4
       4
        
       

     

       5
       5
        
       let

     

       6
       6
       -
       

     

       7
       7
       -
         smbToString = x: if builtins.typeOf x == "bool"

     

       8
       8
       -
                          then boolToString x

     

       9
       9
       -
                          else toString x;

     

       10
       10
       -
       

     

       11
       6
        
         cfg = config.services.samba;

     

       7
       7
       +
       

     

       8
       8
       +
         settingsFormat = pkgs.formats.ini { };

     

       9
       9
       +
         configFile = settingsFormat.generate "smb.conf" cfg.settings;

     

       12
       10
        
       

     

       13
       11
        
         samba = cfg.package;

     

       14
       14
       -
       

     

       15
       15
       -
         shareConfig = name:

     

       16
       16
       -
           let share = getAttr name cfg.shares; in

     

       17
       17
       -
           "[${name}]\n " + (smbToString (

     

       18
       18
       -
              map

     

       19
       19
       -
                (key: "${key} = ${smbToString (getAttr key share)}\n")

     

       20
       20
       -
                (attrNames share)

     

       21
       21
       -
           ));

     

       22
       22
       -
       

     

       23
       23
       -
         configFile = pkgs.writeText "smb.conf"

     

       24
       24
       -
           (if cfg.configText != null then cfg.configText else

     

       25
       25
       -
           ''

     

       26
       26
       -
             [global]

     

       27
       27
       -
             security = ${cfg.securityType}

     

       28
       28
       -
             passwd program = /run/wrappers/bin/passwd %u

     

       29
       29
       -
             invalid users = ${smbToString cfg.invalidUsers}

     

       30
       30
       -
       

     

       31
       31
       -
             ${cfg.extraConfig}

     

       32
       32
       -
       

     

       33
       33
       -
             ${smbToString (map shareConfig (attrNames cfg.shares))}

     

       34
       34
       -
           '');

     

       35
       12
        
       

     

       36
       13
        
         # This may include nss_ldap, needed for samba if it has to use ldap.

     

       37
       14
        
         nssModulesPath = config.system.nssModules.path;

     
···

       68
       45
        
         imports = [

     

       69
       46
        
           (mkRemovedOptionModule [ "services" "samba" "defaultShare" ] "")

     

       70
       47
        
           (mkRemovedOptionModule [ "services" "samba" "syncPasswordsByPam" ] "This option has been removed by upstream, see https://bugzilla.samba.org/show_bug.cgi?id=10669#c10")

     

       48
       48
       +
       

     

       49
       49
       +
           (lib.mkRemovedOptionModule [ "services" "samba" "configText" ] ''

     

       50
       50
       +
             Use services.samba.settings instead.

     

       51
       51
       +
       

     

       52
       52
       +
             This is part of the general move to use structured settings instead of raw

     

       53
       53
       +
             text for config as introduced by RFC0042:

     

       54
       54
       +
             https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md

     

       55
       55
       +
           '')

     

       56
       56
       +
           (lib.mkRemovedOptionModule [ "services" "samba" "extraConfig" ] "Use services.samba.settings instead.")

     

       57
       57
       +
           (lib.mkRenamedOptionModule [ "services" "samba" "invalidUsers" ] [ "services" "samba" "settings" "global" "invalid users" ])

     

       58
       58
       +
           (lib.mkRenamedOptionModule [ "services" "samba" "securityType" ] [ "services" "samba" "settings" "global" "security type" ])

     

       59
       59
       +
           (lib.mkRenamedOptionModule [ "services" "samba" "shares" ] [ "services" "samba" "settings" ])

     

       60
       60
       +
       

     

       71
       61
        
         ];

     

       72
       62
        
       

     

       73
       63
        
         ###### interface

     
···

       125
       115
        
               example = "samba4Full";

     

       126
       116
        
             };

     

       127
       117
        
       

     

       128
       128
       -
             invalidUsers = mkOption {

     

       129
       129
       -
               type = types.listOf types.str;

     

       130
       130
       -
               default = [ "root" ];

     

       131
       131
       -
               description = ''

     

       132
       132
       -
                 List of users who are denied to login via Samba.

     

       133
       133
       -
               '';

     

       134
       134
       -
             };

     

       135
       135
       -
       

     

       136
       136
       -
             extraConfig = mkOption {

     

       137
       137
       -
               type = types.lines;

     

       138
       138
       -
               default = "";

     

       139
       139
       -
               description = ''

     

       140
       140
       -
                 Additional global section and extra section lines go in here.

     

       141
       141
       -
               '';

     

       142
       142
       -
               example = ''

     

       143
       143
       -
                 guest account = nobody

     

       144
       144
       -
                 map to guest = bad user

     

       145
       145
       -
               '';

     

       146
       146
       -
             };

     

       147
       147
       -
       

     

       148
       148
       -
             configText = mkOption {

     

       149
       149
       -
               type = types.nullOr types.lines;

     

       150
       150
       -
               default = null;

     

       151
       151
       -
               description = ''

     

       152
       152
       -
                 Verbatim contents of smb.conf. If null (default), use the

     

       153
       153
       -
                 autogenerated file from NixOS instead.

     

       154
       154
       -
               '';

     

       155
       155
       -
             };

     

       156
       156
       -
       

     

       157
       157
       -
             securityType = mkOption {

     

       158
       158
       -
               type = types.enum [ "auto" "user" "domain" "ads" ];

     

       159
       159
       -
               default = "user";

     

       160
       160
       -
               description = "Samba security type";

     

       161
       161
       -
             };

     

       162
       162
       -
       

     

       163
       118
        
             nsswins = mkOption {

     

       164
       119
        
               default = false;

     

       165
       120
        
               type = types.bool;

     
···

       170
       125
        
               '';

     

       171
       126
        
             };

     

       172
       127
        
       

     

       173
       173
       -
             shares = mkOption {

     

       128
       128
       +
             settings = lib.mkOption {

     

       129
       129
       +
               type = lib.types.submodule { freeformType = settingsFormat.type; };

     

       174
       130
        
               default = {};

     

       131
       131
       +
               example = {

     

       132
       132
       +
                 "global" = {

     

       133
       133
       +
                   "security" = "user";

     

       134
       134
       +
                   "passwd program" = "/run/wrappers/bin/passwd %u";

     

       135
       135
       +
                   "invalid users" = "root";

     

       136
       136
       +
                 };

     

       137
       137
       +
                 "public" = {

     

       138
       138
       +
                   "path" = "/srv/public";

     

       139
       139
       +
                   "read only" = "yes";

     

       140
       140
       +
                   "browseable" = "yes";

     

       141
       141
       +
                   "guest ok" = "yes";

     

       142
       142
       +
                   "comment" = "Public samba share.";

     

       143
       143
       +
                 };

     

       144
       144
       +
               };

     

       175
       145
        
               description = ''

     

       176
       176
       -
                 A set describing shared resources.

     

       177
       177
       -
                 See {command}`man smb.conf` for options.

     

       178
       178
       -
               '';

     

       179
       179
       -
               type = types.attrsOf (types.attrsOf types.unspecified);

     

       180
       180
       -
               example = literalExpression ''

     

       181
       181
       -
                 { public =

     

       182
       182
       -
                   { path = "/srv/public";

     

       183
       183
       -
                     "read only" = true;

     

       184
       184
       -
                     browseable = "yes";

     

       185
       185
       -
                     "guest ok" = "yes";

     

       186
       186
       -
                     comment = "Public samba share.";

     

       187
       187
       -
                   };

     

       188
       188
       -
                 }

     

       146
       146
       +
                 Configuration file for the Samba suite in ini format.

     

       147
       147
       +
                 This file is located in /etc/samba/smb.conf

     

       148
       148
       +
       

     

       149
       149
       +
                 Refer to <https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html>

     

       150
       150
       +
                 for all available options.

     

       189
       151
        
               '';

     

       190
       152
        
             };

     

       191
       191
       -
       

     

       192
       153
        
           };

     

       193
       154
        
       

     

       194
       155
        
         };

+34 -31

nixos/tests/samba.nix

···

       1
       1
       -
       import ./make-test-python.nix ({ pkgs, ... }:

     

       2
       2
       -
       

     

       3
       3
       -
       {

     

       1
       1
       +
       import ./make-test-python.nix ({ pkgs, ... }: {

     

       4
       2
        
         name = "samba";

     

       5
       3
        
       

     

       6
       4
        
         meta.maintainers = [ ];

     

       7
       5
        
       

     

       8
       8
       -
         nodes =

     

       9
       9
       -
           { client =

     

       10
       10
       -
               { pkgs, ... }:

     

       11
       11
       -
               { virtualisation.fileSystems =

     

       12
       12
       -
                   { "/public" = {

     

       13
       13
       -
                       fsType = "cifs";

     

       14
       14
       -
                       device = "//server/public";

     

       15
       15
       -
                       options = [ "guest" ];

     

       16
       16
       -
                     };

     

       17
       17
       -
                   };

     

       6
       6
       +
         nodes = {

     

       7
       7
       +
           client =

     

       8
       8
       +
             { ... }:

     

       9
       9
       +
             {

     

       10
       10
       +
               virtualisation.fileSystems = {

     

       11
       11
       +
                 "/public" = {

     

       12
       12
       +
                   fsType = "cifs";

     

       13
       13
       +
                   device = "//server/public";

     

       14
       14
       +
                   options = [ "guest" ];

     

       15
       15
       +
                 };

     

       18
       16
        
               };

     

       17
       17
       +
             };

     

       19
       18
        
       

     

       20
       20
       -
             server =

     

       21
       21
       -
               { ... }:

     

       22
       22
       -
               { services.samba.enable = true;

     

       23
       23
       -
                 services.samba.openFirewall = true;

     

       24
       24
       -
                 services.samba.shares.public =

     

       25
       25
       -
                   { path = "/public";

     

       19
       19
       +
           server =

     

       20
       20
       +
             { ... }:

     

       21
       21
       +
             {

     

       22
       22
       +
               services.samba = {

     

       23
       23
       +
                 enable = true;

     

       24
       24
       +
                 openFirewall = true;

     

       25
       25
       +
                 settings = {

     

       26
       26
       +
                   "public" = {

     

       27
       27
       +
                     "path" = "/public";

     

       26
       28
        
                     "read only" = true;

     

       27
       27
       -
                     browseable = "yes";

     

       29
       29
       +
                     "browseable" = "yes";

     

       28
       30
        
                     "guest ok" = "yes";

     

       29
       29
       -
                     comment = "Public samba share.";

     

       31
       31
       +
                     "comment" = "Public samba share.";

     

       30
       32
        
                   };

     

       33
       33
       +
                 };

     

       31
       34
        
               };

     

       32
       32
       -
           };

     

       35
       35
       +
             };

     

       36
       36
       +
         };

     

       33
       37
        
       

     

       34
       38
        
         # client# [    4.542997] mount[777]: sh: systemd-ask-password: command not found

     

       35
       39
        
       

     

       36
       36
       -
         testScript =

     

       37
       37
       -
           ''

     

       38
       38
       -
             server.start()

     

       39
       39
       -
             server.wait_for_unit("samba.target")

     

       40
       40
       -
             server.succeed("mkdir -p /public; echo bar > /public/foo")

     

       40
       40
       +
         testScript = ''

     

       41
       41
       +
           server.start()

     

       42
       42
       +
           server.wait_for_unit("samba.target")

     

       43
       43
       +
           server.succeed("mkdir -p /public; echo bar > /public/foo")

     

       41
       44
        
       

     

       42
       42
       -
             client.start()

     

       43
       43
       -
             client.wait_for_unit("remote-fs.target")

     

       44
       44
       -
             client.succeed("[[ $(cat /public/foo) = bar ]]")

     

       45
       45
       -
           '';

     

       45
       45
       +
           client.start()

     

       46
       46
       +
           client.wait_for_unit("remote-fs.target")

     

       47
       47
       +
           client.succeed("[[ $(cat /public/foo) = bar ]]")

     

       48
       48
       +
         '';

     

       46
       49
        
       })