Update zmb-cups

This commit is contained in:
Thorsten Spille 2024-05-01 17:19:19 +02:00
parent 9fa103d8ae
commit 907093512b
2 changed files with 20 additions and 17 deletions

View File

@ -11,7 +11,7 @@
LXC_TEMPLATE_VERSION="debian-12-standard" LXC_TEMPLATE_VERSION="debian-12-standard"
# Create sharefs mountpoint # Create sharefs mountpoint
LXC_MP="0" LXC_MP="1"
# Create unprivileged container # Create unprivileged container
LXC_UNPRIVILEGED="0" LXC_UNPRIVILEGED="0"

View File

@ -42,7 +42,6 @@ cat > /etc/samba/smb.conf <<EOF
idmap config *:backend = tdb idmap config *:backend = tdb
idmap config *:range = 3000000-4000000 idmap config *:range = 3000000-4000000
idmap config *:schema_mode = rfc2307 idmap config *:schema_mode = rfc2307
username map = /etc/samba/user.map
winbind refresh tickets = Yes winbind refresh tickets = Yes
winbind use default domain = Yes winbind use default domain = Yes
@ -69,17 +68,18 @@ cat > /etc/samba/smb.conf <<EOF
shadow: format = -%Y-%m-%d-%H%M shadow: format = -%Y-%m-%d-%H%M
shadow: snapprefix = ^zfs-auto-snap_\(frequent\)\{0,1\}\(hourly\)\{0,1\}\(daily\)\{0,1\}\(weekly\)\{0,1\}\(monthly\)\{0,1\}\(backup\)\{0,1\}\(manual\)\{0,1\} shadow: snapprefix = ^zfs-auto-snap_\(frequent\)\{0,1\}\(hourly\)\{0,1\}\(daily\)\{0,1\}\(weekly\)\{0,1\}\(monthly\)\{0,1\}\(backup\)\{0,1\}\(manual\)\{0,1\}
shadow: delimiter = -20 shadow: delimiter = -20
printing = CUPS printing = CUPS
rpcd_spoolss:idle_seconds=300 rpcd_spoolss:idle_seconds=300
rpcd_spoolss:num_workers = 10 rpcd_spoolss:num_workers = 10
spoolss: architecture = Windows x64 spoolss: architecture = Windows x64
[printers] [printers]
path = /var/tmp/ path = /${LXC_SHAREFS_MOUNTPOINT}/spool
printable = yes printable = yes
[print$] [print$]
path = /var/lib/samba/printers path = /${LXC_SHAREFS_MOUNTPOINT}/printerdrivers
read only = no read only = no
EOF EOF
@ -93,13 +93,16 @@ echo -e "session optional pam_mkhomedir.so skel=/etc/skel umask=077" >> /
systemctl restart winbind nmbd systemctl restart winbind nmbd
chown -R ${ZMB_ADMIN_USER}:"domain admins" /var/lib/samba/printers mkdir -p /${LXC_SHAREFS_MOUNTPOINT}/{spool,printerdrivers}
chmod -R 2775 /var/lib/samba/printers cp -rv /var/lib/samba/printers/* /${LXC_SHAREFS_MOUNTPOINT}/printerdrivers
setfacl -Rb /var/lib/samba/printers chown -R root:"domain admins" /${LXC_SHAREFS_MOUNTPOINT}/printerdrivers
setfacl -Rm u:${ZMB_ADMIN_USER}:rwx,g:"domain admins":rwx,g:"NT Authority/authenticated users":r--,g:"NT Authority/system":rwx,o::--- /var/lib/samba/printers chmod -R 1777 /${LXC_SHAREFS_MOUNTPOINT}/spool
setfacl -Rdm u:${ZMB_ADMIN_USER}:rwx,g:"domain admins":rwx,g:"NT Authority/authenticated users":r--,g:"NT Authority/system":rwx,o::--- /var/lib/samba/printers chmod -R 2775 /${LXC_SHAREFS_MOUNTPOINT}/printerdrivers
echo -e "${ZMB_ADMIN_PASS}" | net rpc rights grant "${ZMB_DOMAIN}\\Domain Admins" SePrintOperatorPrivilege -U "${ZMB_DOMAIN}\\${ZMB_ADMIN_USER}" setfacl -Rb /${LXC_SHAREFS_MOUNTPOINT}/printerdrivers
echo -e "!root = ${ZMB_DOMAIN}\\administrator ${ZMB_DOMAIN}\\Administrator" > /etc/samba/user.map setfacl -Rm u:${ZMB_ADMIN_USER}:rwx,g:"domain admins":rwx,g:"NT Authority/authenticated users":r-x,o::--- /${LXC_SHAREFS_MOUNTPOINT}/printerdrivers
setfacl -Rdm u:${ZMB_ADMIN_USER}:rwx,g:"domain admins":rwx,g:"NT Authority/authenticated users":r-x,o::--- /${LXC_SHAREFS_MOUNTPOINT}/printerdrivers
echo -e "${ZMB_ADMIN_PASS}" | net rpc rights grant "${ZMB_DOMAIN}\\domain admins" SePrintOperatorPrivilege -U "${ZMB_DOMAIN}\\${ZMB_ADMIN_USER}"
systemctl disable --now cups-browsed.service
cupsctl --remote-admin cupsctl --remote-admin