1 (edited by dir2cas 2012-02-10 02:15:09)

Topic: Storage Administration Tool

Hello All,

This Topic is an extension to my Samba user administration script. However, since the concept is a little changed, I decided to start a new thread.

Introduction:
In fact this is almost the same bash script but much more functional and featured, so I call it a tool. Its purpose is to simplify and facilitate the user administrations related actions for storage and file services like Samba and FTP.
As we know we have no useradd/adduser, etc on an out of the box OpenWrt install, we should build them in busybox and build the firmware again. Well, it is not much of a hard work, but even then we have to take care for user's directoried, permissions, configurations and so on....

The purpose of the tool (named "storageadm.sh") is to give us the ability to predefine several common services settings and after them control them with a stiil-not restricted flexibility. Here I have included two major storage services:
storageadm.sh:
1) Samba file Server
2) Vsftpd FTP Server

Packages required:
- bash (highly recommended)
- samba3
- vsftpd
- modules and packages needed to get your storage hw running - look here and here

Comments:
My OpenWrt box is currently running a custom build of  Backfire (10.03.1-RC6, r29275) on TP-Link TL-WR1043ND, but the script is designed to be as much universal as possible, so you simply need to edit several self-explanatory variables at the beginning and feel free to use it. In general, variables defined by other variables does not need the be changes, but only the plain text ones. Of course, since it is a simple text, you may feel free to modify and alter it towards your personal needs.
It is currenlt configured for a sample directory structure, that you may see in Samba user administration script. It could be changed anytime.

- The main idea is tha we have a global Samba administrator that is owner of the whole share dir and that every user has its own directory and rw permissions only for it.
- Samba user's dir is also user's FTP directory.
- The script checks if a user exists on the system when trying to add or remove it. When you try to add a user for FTP service the script firstly configures it for Samba, thus creating user's entries and directories and implementing the correct user group and home dir.
- You may change the password of an existing user by running the add (-a for samba) and (-f for FTP) option again.
- When trying to remove an existing user, a warning prompt is displayed.
- FTP configuration is automatically generated by the tool creating a backup of the old configuration. You can also change the vsftpd configuration after that.
- Security options are enabled - the idea is to keep everything simple, flexible and secure.

I hope a web front end coulb be also written (php based) in order to make it a little more friendly to use, in spite that I particularly like the CLI style.

Get it running:
Here is the script itself. The bash package is highly recommended!
Copy -> Paste -> Save as "storageadm.sh" somewhere on your router -> make it executable (chmod +x storageadm.sh) -> run ./storageadm.sh -h for usage notes.

#!/bin/sh
#
# Version v1.8
# Script for Creating new Samba user and configuring parameters.
# Developed by dir2cas <kalin.t.ivanov@gmail.com>
#
# Additional features for vsftpd FTP server is implemented, 
# allowing local samba users to have FTP access to their home directories.
#
# Required packages: samba3, vsftpd
# Recommended packages: bash

#SCRIPTNAME="${0}"
OPTION="$1"
USER="$2"
SCRIPTNAME="storageadm.sh"

################ SCRIPT CONFIGURATION ################ 
#Defining variables:
SAMBA_ADMIN="admin"
SAMBA_GROUP="smbusers"

SAMBA_SHARE_DIR="/mnt/storage/SHARE"
SAMBA_USER_DIR="${SAMBA_SHARE_DIR}/users/${USER}"
#SAMBA_HOME="/var"
SAMBA_HOME_ADMIN="${SAMBA_SHARE_DIR}"
SAMBA_HOME="${SAMBA_USER_DIR}"
SAMBA_SHELL="/bin/false"
SAMBA_GROUP_ID="1001"
SAMBA_USER_ID_START="1001"

FTP_ENABLE="1"                 # Set to "1" to enable the FTP service
VSFTPD_CONF="/etc/vsftpd.conf"
FTP_SECURE_LOGIN_FILE="/etc/vsftpd.users"
FTP_LISTEN_ADDR="192.168.1.1"        # Leave blank to listen on all addresses/interfaces
FTP_LISTEN_PORT="21"            # If in standalone mode, this is the port listen on for incoming FTP connections (default=21)
FTP_BANDWIDTH="8000"             # Maximum data transfer rate in kbps
FTP_BANNER="Welcome to Kanzownet-Sofia FTP service."     # Your FTP server welcome message
FTP_MAX_CLIENTS="15"             # Maximum number of clients that may be connected
FTP_MAX_CONN_IP="2"            # Maximum connections per IP
FTP_MAX_LOGIN_FAILS="3"         # After this many login failures, the session is killed (default=3)
FTP_IDLE_TIMEOUT="120"            # Timeout in seconds - the maximum time a remote client may spend between FTP activity
#######################################################

Usage() {
# Define the help/warning message:
echo -e "\tUsage: ${SCRIPTNAME} [OPTION] <samba/ftp username>\n\t-a - add user to the File Server (changes password if exists)\n\t-f - add user to vsftpd\n\t-d - remove user from Samba and FTP\n\t-s - display storage services status\n\t-h, --help - show this menu"
}


UserCheck() {
# This function returns "0" if the user is already configured on the system and "1" if it is not
local USER="$1"
user_check=$(grep -e "${USER}" /etc/passwd | grep "${SAMBA_GROUP}" | cut -d: -f1)
if [ "${user_check}" = "${USER}" ]; then     #true(1) - the user exists; false(0) - the user does not exist
    #Exists
    return "0"
else
    #Does NOT exist
    return "1"
fi
}


VsftpdCheck() {
# This function returns "0" if vsftpd is OK and "1" if it is not
if [ "${FTP_ENABLE}" -ne "1" ]; then     
    echo -e "Option ${OPTION} cannot be used\nFTP service option is disabled\nPlease set FTP_ENABLE="1" in the script config section\nbut first verify that vsftpd package is installed -> $ opkg list_installed | grep vsftpd\n"
    return 1
else
    hash vsftpd > /dev/null 2>&1
    if [ $? -ne 0 ]; then
        echo -e "###WARNING###\nvsftpd not found"
        echo -e "Probably it is not installed on the system\nPlease, verify that vsftpd package is installed -> $ opkg list_installed | grep vsftpd and install it"
        logger -t ${SCRIPTNAME} "vsftpd not found, probably it is not installed"
        return 1
    else
        #Check if vsftpd has a configuration file
        if [ ! -f ${VSFTPD_CONF} ]; then
            echo -e "${VSFTPD_CONF}: does not exist as valid file argument\nProbably vsftpd is not installed\n"
            logger -t ${SCRIPTNAME} "${VSFTPD_CONF}: does not exist"
            return 1
        elif [ ! -r ${VSFTPD_CONF} ]; then
            echo -e "${VSFTPD_CONF}: can not be read\n"
            logger -t ${SCRIPTNAME} "${VSFTPD_CONF}: can not be read"
            return 1
        fi    
    fi    
fi

#If all above is passed without any return error code, assuming that vsftpd is OK
return 0
}


StorageStat() {
#Displaying Storage Services status
local VAR
echo -e "\nSAMBA\n---------------------------------------------------\n  USER:GROUP\t\tHOME DIR:"
for VAR in $(cat /etc/samba/smbpasswd | cut -d: -f1); do 
    echo -e "$(echo ${VAR}):$(cat /etc/passwd | grep -e ${VAR} | cut -d: -f5) -->\t$(cat /etc/passwd | grep -e ${VAR} | cut -d: -f6)"
done
echo -e "\n---------------------------------------------------\nSamba Share Folder is --> ${SAMBA_SHARE_DIR}\nSamba Global Administrator is --> ${SAMBA_ADMIN} (uid=$(uid=$(grep -e "${SAMBA_ADMIN}" /etc/passwd | cut -d: -f3); if [ -z ${uid} ]; then uid="N/A"; fi; echo "${uid}"))\nSamba User's group is set to --> ${SAMBA_GROUP} (gid=$(gid=$(grep -e "${SAMBA_GROUP}" /etc/group | cut -d: -f3); if [ -z ${gid} ]; then gid="N/A"; fi; echo "${gid}"))"

#Check for vsftpd secure login file:
if [ ! -f ${FTP_SECURE_LOGIN_FILE} ]; then
    #echo -e "${FTP_SECURE_LOGIN_FILE}: does not exist yet\ncreating...\n"
    logger -t ${SCRIPTNAME} "${FTP_SECURE_LOGIN_FILE}: does not exist, probably no users are configured for FTP"
    echo -e "\nFTP (vsftpd)\n---------------------------------------------------\n  USER:GROUP\t\tFTP DIR:"
    echo -e "STILL NO FTP ENABLED USERS"
    if [ -z "$(grep -e "${SCRIPTNAME}" ${VSFTPD_CONF})" ]; then 
        echo -e "\n---------------------------------------------------\nSTILL NO FTP CONFIGURATION"
    else
        echo -e "\n---------------------------------------------------\nFTP Server Bandwidth Limit is --> ${FTP_BANDWIDTH}kbps ($(( (${FTP_BANDWIDTH} / 8) * 1024 )))Bytes/s\nFTP Server is listening on --> ${FTP_LISTEN_ADDR}\nFTP Server is currently available on port --> ${FTP_LISTEN_PORT}\nFTP Server Maximum Simultaneous Clients --> ${FTP_MAX_CLIENTS}\n"
    fi
else 
    echo -e "\nFTP (vsftpd)\n---------------------------------------------------\n  USER:GROUP\t\tFTP DIR:"
    for VAR in $(cat ${FTP_SECURE_LOGIN_FILE} | awk '{print $1}'); do 
        echo -e "$(echo ${VAR}):$(cat /etc/passwd | grep -e ${VAR} | cut -d: -f5) -->\t$(cat /etc/passwd | grep -e ${VAR} | cut -d: -f6)"
    done
    if [ -z ${FTP_LISTEN_ADDR} ]; then FTP_LISTEN_ADDR="All Interfaces"; fi
    echo -e "\n---------------------------------------------------\nFTP Server Bandwidth Limit is --> ${FTP_BANDWIDTH}kbps ($(( (${FTP_BANDWIDTH} / 8) * 1024 )))Bytes/s\nFTP Server is listening on --> ${FTP_LISTEN_ADDR}\nFTP Server is currently available on port --> ${FTP_LISTEN_PORT}\nFTP Server Maximum Simultaneous Clients --> ${FTP_MAX_CLIENTS}\n"
fi
}


SambaPassword() {
#Configuring the Samba passwd for the specified user
echo -ne "Please, enter SMB password for the new user ${USER}:\n"
read password
clear
sleep 1
${SAMBA_PASSWD} ${USER} ${password}
/etc/init.d/samba restart >&- 2>&-
echo -e "\tSamba password set\n" 

unset password
sleep 1
}


AddUser() {

if [ ! -d "${SAMBA_SHARE_DIR}" ]; then
    #echo "Directory does not exist"
    echo "Creating directory"
    mkdir -p ${SAMBA_SHARE_DIR}
    #Setting the permission for the main share directory
    chown -R ${SAMBA_ADMIN}:${SAMBA_GROUP} ${SAMBA_SHARE_DIR}
    chmod -R u=rwx,g=rx,o= ${SAMBA_SHARE_DIR}
fi

# Creating the user entries:
SAMBA_ADMIN_ENTRY="${SAMBA_ADMIN}:*:${SAMBA_USER_ID_START}:${SAMBA_GROUP_ID}:${SAMBA_GROUP}:${SAMBA_HOME_ADMIN}:${SAMBA_SHELL}"
SAMBA_GROUP_ENTRY="${SAMBA_GROUP}:x:${SAMBA_GROUP_ID}:"

#Creating the new Samba group if it does not exist
grep -e "${SAMBA_GROUP_ENTRY}" /etc/group >/dev/null || echo "${SAMBA_GROUP_ENTRY}" >> /etc/group

#Creating the Samba administrator account if it does not exist
#grep -e "${SAMBA_ADMIN_ENTRY}" /etc/passwd >/dev/null || echo "${SAMBA_ADMIN_ENTRY}" >> /etc/passwd
UserCheck ${SAMBA_ADMIN}
if [ $? -eq 1 ]; then     # 1 will be returned by UserCheck function showing that the admin is not set on the system
    #Create the Samba administrator (smbadmin user), because it does not exist
    echo -e "Creating the Samba global administrator\n"
    echo "${SAMBA_ADMIN_ENTRY}" >> /etc/passwd
    echo -ne "Please, enter password for the Samba global administrator ${SAMBA_ADMIN}:\n"
    read password
    clear
    sleep 1
    ${SAMBA_PASSWD} ${SAMBA_ADMIN} ${password}
    unset password 
    #Setting the permission for the main share directory
    chown -R ${SAMBA_ADMIN}:${SAMBA_GROUP} ${SAMBA_SHARE_DIR}
    chmod -R u=rwx,g=rx,o= ${SAMBA_SHARE_DIR}
fi

#Check if the user is already a valid Samba user
UserCheck ${USER}
if [ $? -eq 0 ]; then
    echo -e "###WARNING###\nUser ${USER} is already present as valid Samba user"
    echo -e "\nOnly Samba password change will be executed"
    sleep 1
    # Call the function to set the new samba user password
    SambaPassword
    exit 0
fi

#Creating the new Samba username and user on the server itself if it does not exist
#Status message:
echo -e "\nConfiguring user ${USER}...\n"

SAMBA_USER_ID=$(grep -e "${SAMBA_GROUP}" /etc/passwd | tail -n1 | cut -d: -f3)
let "SAMBA_USER_ID += 1"
SAMBA_USER_ENTRY="${USER}:*:${SAMBA_USER_ID}:${SAMBA_GROUP_ID}:${SAMBA_GROUP}:${SAMBA_HOME}:${SAMBA_SHELL}"
grep -e "${SAMBA_USER_ENTRY}" /etc/passwd >/dev/null || echo "${SAMBA_USER_ENTRY}" >> /etc/passwd

#Configuring the new user directory
mkdir -p ${SAMBA_USER_DIR}
mkdir -p ${SAMBA_USER_DIR}/Private
touch ${SAMBA_USER_DIR}/.profile
chown -R ${USER}:${SAMBA_GROUP} ${SAMBA_USER_DIR}

#Set the user permissions
chmod -R u=rwx,g=rx,o= ${SAMBA_USER_DIR}

#Prohibit access to the particular user's private folder
chmod u=rwx,go= ${SAMBA_USER_DIR}/Private
#chmod -R u=rw,go= ${SAMBA_USER_DIR}/Private/

sleep 3
# Call the function to set the new samba user password
SambaPassword

}


VsftpdAdd() {
# This function might add a Samba user to the vsftpd and grand access to the user's home dir

#Check if FTP service is enabled and if vsftpd is present on the system
VsftpdCheck
if [ $? -eq 1 ]; then
    #vsftpd error detected, exiting
    exit 1
fi

#Check if the new user is already a valid Samba user
UserCheck ${USER}
if [ $? -eq 1 ]; then
    echo -e "###WARNING###\nUser ${USER} is NOT a valid Samba user"
    echo -e "\nWe are going to configure it for Samba first"
    sleep 1
    AddUser
    echo -e "\nSamba configuration done, proceeding to FTP service"
fi

#Check for vsftpd secure login file:
if [ ! -f ${FTP_SECURE_LOGIN_FILE} ]; then
    echo -e "${FTP_SECURE_LOGIN_FILE}: does not exist yet\ncreating...\n"
    logger -t ${SCRIPTNAME} "${FTP_SECURE_LOGIN_FILE}: does not exist, creating..."
    touch ${FTP_SECURE_LOGIN_FILE}
    chmod u=rw,go= ${FTP_SECURE_LOGIN_FILE}
fi

#Checking if vsftpd has already been configured
sleep 1
vsftpd_check=$(grep -e "${SCRIPTNAME}" ${VSFTPD_CONF})
if [ -z "${vsftpd_check}" ]; then     # -n the argument is non empty, -z the argument is empty
    # Backing up the if there is some old configuration first
    cp ${VSFTPD_CONF} ${VSFTPD_CONF}.backup > /dev/null 2>&1
    # Evaluate the FTP server bandwidth in Byte/s to be ready for the config file
    FTP_BANDWIDTH_BYTES=$(( (${FTP_BANDWIDTH} / 8) * 1024 ))
    # Writing the FTP server configuration (vsftpd)
    echo -e "# ${VSFTPD_CONF} -- a config file for vsftpd\n###generated by ${SCRIPTNAME}\nbackground=YES\nlisten=YES\nlisten_address=${FTP_LISTEN_ADDR}\nlisten_port=${FTP_LISTEN_PORT}\nanonymous_enable=NO\nlocal_enable=YES\nwrite_enable=YES\n#chroot_list_enable=YES\n#chroot_list_file=${FTP_SECURE_LOGIN_FILE}\nchroot_local_user=YES\nuserlist_enable=YES\nuserlist_file=${FTP_SECURE_LOGIN_FILE}\nuserlist_deny=NO\nlocal_umask=027\ncheck_shell=NO\nftpd_banner=${FTP_BANNER}\nlocal_max_rate=${FTP_BANDWIDTH_BYTES} # Maximum data transfer rate in bytes per second\nmax_clients=${FTP_MAX_CLIENTS}         # Maximum number of clients that may be connected\nmax_per_ip=${FTP_MAX_CONN_IP}           # Maximum connections per IP\nmax_login_fails=${FTP_MAX_LOGIN_FAILS}\nidle_session_timeout=${FTP_IDLE_TIMEOUT}\nuse_localtime=YES\nsession_support=NO" > ${VSFTPD_CONF}
fi

echo -ne "Please, enter FTP password for the new user ${USER}:\n"
passwd ${USER}

#Check if the last command is successfull
while [ $? -eq 1 ]
do
    echo -ne "\nIncorrect! Try again"
    echo -ne "\nPlease, enter FTP password for the new user ${USER}:\n"
    passwd ${USER}    
done

sleep 1
#Configure the new user for FTP secure login:
grep -e "${USER}" ${FTP_SECURE_LOGIN_FILE} >/dev/null || echo "${USER}" >> ${FTP_SECURE_LOGIN_FILE}
sleep 1
# Remove the pseudo copy of /etc/passwd
rm -f /etc/passwd- > /dev/null 2>&1
# Restart the FTP service
/etc/init.d/vsftpd stop >&- 2>&-
sleep 1
/etc/init.d/vsftpd start >&- 2>&-
echo -e "FTP password set\n"

echo Finished
sleep 1

}


DelUser() {
#This function might remove all of the user files and directories as well as the user from the server itself for both Samba and FTP (if both are configured)

#First check if the new user is already a valid Samba user
UserCheck ${USER}
if [ $? -eq 1 ]; then
    echo -e "###WARNING###\nUser ${USER} is NOT a valid Samba user"
    echo -e "\nProbably it does not exist on the system yet"
    exit 1
fi

# Check if the user data should be deleted and warn that all data would be removed
echo -e "\n### WARNING ###\nThis will remove all user data on the system for the user ${USER}\nincluding its files on the storage disk\n"
while :
do
    echo -e "Proceed? (yes/no)"
    read answer
    
    case "${answer}" in
        [Yy]* )
            echo -e "\nThe user and its data will be deleted"
            unset answer
            break
           ;;
        [Nn]* )
            echo -e "\nRefused\n"
            unset answer
            exit 0
           ;;
        * )
            echo -e "\nWrong answer, try again\n"
            unset answer
           ;;
    esac
done        

sleep 1
rm -R -f ${SAMBA_USER_DIR}
#Status message:
echo -e "Removing user ${USER}...\n"
sleep 1
#sed -i '/'"${USER}"'/ d' /etc/samba/smbpasswd
${SAMBA_PASSWD} -del ${USER} >&- 2>&-
sed -i '/'"${USER}"'/ d' /etc/passwd > /dev/null 2>&1
sed -i '/'"${USER}"'/ d' ${FTP_SECURE_LOGIN_FILE} > /dev/null 2>&1
rm -f /etc/passwd- > /dev/null 2>&1
sleep 1
# Services restart
/etc/init.d/samba restart >&- 2>&-
/etc/init.d/vsftpd stop >&- 2>&-
sleep 1
/etc/init.d/vsftpd start >&- 2>&-

echo Finished
sleep 1

exit 0
}


#################################################################################################
#MAIN
OPTION="$1"
USER="$2"

#Initialize script parameters and usage
if [ "$#" -ne "2" ] || [ "${OPTION}" = "-h" ] || [ "${OPTION}" = "--help" ] || [ "${OPTION}" = "help" ]; then
    if [ "${OPTION}" != "-s" ]; then
        Usage
        exit 0
    fi
fi

################# SCRIPT INTERNAL CHECK ###############
# Commands
SAMBA_PASSWD="$(which smbpasswd)"

# Check if needed commands and tools are present on the system:
if [ ! -x ${SAMBA_PASSWD} ]; then
    echo -e "${SCRIPTNAME} Error: Samba is probably not present\nPlease verify that samba3 package is installed\n"
    exit 1
fi
#######################################################

case ${OPTION} in
     "-a" )
        AddUser
        exit 0
       ;;
     "-f" )
        VsftpdAdd
        exit 0
           ;;
     "-d" )
        DelUser
           ;;
     "-s" )
        StorageStat | more
        exit 0
           ;;
     * )
        echo -e "<${OPTION}> is invalid script option\n"
        Usage
        exit 0
           ;;
esac

Updated to v1.4
- optimised script source
- added check for user presnece on the system
- stability improvements

Updated to v1.5
- added several FTP (vsftpd) options to be predefined

Updated to v1.6
- added support for the default /bin/sh Busybox shell (no more bash is required, but optional)
- optimised script source

Updated to v1.7
- added smbpasswd binary path check and correct usage
- script code arrangement

Updated to v1.8
- added new option: samba and ftp services status display (-s option), see tool help
- possibility to enable/disable ftp service functions of the tool from the script config section (in case you do not need ftp functionalities)
- internal check for proper ftp service usage and configuration
- optimised script source

Regards,
dir2cas

Re: Storage Administration Tool

Thanx for this extension!

3 (edited by dir2cas 2012-01-13 12:37:26)

Re: Storage Administration Tool

The first post would be edited accordingly, upon any changes and improvements of the tool. wink

Regards,
dir2cas

Re: Storage Administration Tool

dir2cas wrote:

- bash (highly recommended)

The default shell in OpenWrt is sh from Busybox. You should make your script compatible for sh.

Re: Storage Administration Tool

I made the script compatible with sh by removing the word "function" where it occurs.  I successfully ran the script to create a user for samba and vsftp.  I did /etc/init.d/vsftpd restart

Now I have a very newbie question.  How do I access a directory on the drive via ftp?  I'm trying from windows Vista.  I open windows explorer, and on the command line put "ftp://192.168.2.93/"  I get "windows cannot access the folder".  I'm clearly getting the system as set up by the script, because I get the banner which I set up in the script: "Welcome to Omnibus FTP service".  I'm not getting a prompt to enter my username and password.

/etc/vsftpd.conf and /etc/vsftpd.users appear to be set up reasonably.  There are directories for the two users I set up under \home. 

This is on a WR1043, trunk as of today.  I ask because I am ignorant of how to go about establishing a connection.

In a related question, how do I designate which directory on my usb drive is pointed to by the ftp connection for a user?

6 (edited by dir2cas 2012-01-06 19:14:33)

Re: Storage Administration Tool

lizby wrote:

I made the script compatible with sh by removing the word "function" where it occurs.  I successfully ran the script to create a user for samba and vsftp.  I did /etc/init.d/vsftpd restart

Now I have a very newbie question.  How do I access a directory on the drive via ftp?  I'm trying from windows Vista.  I open windows explorer, and on the command line put "ftp://192.168.2.93/"  I get "windows cannot access the folder".  I'm clearly getting the system as set up by the script, because I get the banner which I set up in the script: "Welcome to Omnibus FTP service".  I'm not getting a prompt to enter my username and password.

/etc/vsftpd.conf and /etc/vsftpd.users appear to be set up reasonably.  There are directories for the two users I set up under \home. 

This is on a WR1043, trunk as of today.  I ask because I am ignorant of how to go about establishing a connection.

In a related question, how do I designate which directory on my usb drive is pointed to by the ftp connection for a user?

Hi, indeed the script should be compatible with /bin/sh by removing the function keyword recognised by bash, I know that. I simply put bash on every openwrt image I use and did not tested fully the script functionality without bash. It is possible some constructions do not work correctly, that's why I did not spacify that.
Well, thanks for the remark now, I am going to test it fully with each of the options under the default sh and will update it in the new version.

In order to access the ftp server on your router, you may use an ftp client (CLI: $ftp - win/linux, or GUI like fileZila - windows). You can also access the ftp server via the web browser. After pointing to ftp://192.168.2.93 or ftp://192.168.2.93:port_num if you have changed the default port of the server, you have to be prompted for user and password input, that's all,

Regarding the last question - I have setup the user's home directory to be the one accessible by the particular ftp user. So, the home directory is set to be the user's share direcotry that is created by samba. That is the reason why the script does not allow you to create a new user for FTP without creating it first on the samba server. The purpose is for security - each user is jailed in its user's directory on the samba server (t.e its home directory) and is not allowed to touch any other stuff on the system.
Look at the variables at the beginning:
SAMBA_SHARE_DIR="/mnt/storage/SHARE"
SAMBA_USER_DIR="${SAMBA_SHARE_DIR}/users/${USER}"
...
SAMBA_HOME="${SAMBA_USER_DIR}"

this says that if your user is "peter" his home directory (also seen in /etc/passwd) will be:
/mnt/storage/SHARE/users/peter
So, it is recommended to mount your usb storage under, for expample $SAMBA_SHARE_DIR or on a higher directory level, it depends also on your samba share configuration.
My storage is mounted under /mnt/storage and I am running two samba shares over it that are also over two different disk partitions - the first one serves the whole /mnt/storage/, the other one is mounted /mnt/storage/SHARE/users. This prevents the users from eating up the whole storage. You may find this in the link that I gave in my first post pointing to the other thread I have created for this script before,

Well, we told that peter's home dir would be /mnt/storage/SHARE/users/peter.
This is the direcotry that will be accessed after logging in the FTP server with peter's credentials. This is also the directory where peter has rw access. However the whole SHARE dir is accessible by the user under samba, only user's home directory is accessible under the FTP service. Security purpose

We may also change the user to have access to the whole SHARE under the ftp service, but if you think it is needed, we have to change the configuration of the whole ftp server.

7 (edited by lizby 2012-01-06 20:45:30)

Re: Storage Administration Tool

Thank you for your explanation--I'm connected now.

Why I'm connected now and was not before remains something of a mystery to me.  I tried your suggestion in a web browser: ftp://192.168.2.93  That again failed and didn't prompt me for username and password.

I then tried Filezilla and connected with no problem.  I went back to the browser and refreshed with no success.  I then tried (in the browser) ftp://username@192.168.2.93.  It replaced that with the plain address I had tried originally, ftp://192.168.2.93, but asked me for username and password, and connected when I provided those.

So I went back to windows explorer and again tried ftp://192.168.2.93 and that failed with the message from the script.  I tried ftp://username@192.168.2.93 (with a valid username), and it again stripped out "username" and prompted me for username and password, and connected successfully when I provided those. 

Note:  ftp://username:pw@192.168.2.93 in windows explorer does connect you directly (and strips out username:pw in the address line).

Thanks very much for your script.  It certainly appears to have set up everything properly for ftp.  I will try samba, but it may be several days before I get to that.

Re: Storage Administration Tool

Thanks for the feedback.
The new version is updated in the first post - support for /bin/sh confirmed and tested.

Regards,
dir2cas

Re: Storage Administration Tool

Thanks for the update.

On my first pass, I didn't pay attention to the samba part, because I only wanted ftp. In backing up and rerunning, I notice that the samba passwords were not set up because /bin/smbpasswd doesn't exist.  The program isn't on my system anywhere else, either.  /etc/samba/smbpasswd exists, but only as an empty file. 

Where does the executable smbpasswd come from?  I did "opkg install samba3"--what else do I need?

Re: Storage Administration Tool

lizby wrote:

Thanks for the update.

On my first pass, I didn't pay attention to the samba part, because I only wanted ftp. In backing up and rerunning, I notice that the samba passwords were not set up because /bin/smbpasswd doesn't exist.  The program isn't on my system anywhere else, either.  /etc/samba/smbpasswd exists, but only as an empty file. 

Where does the executable smbpasswd come from?  I did "opkg install samba3"--what else do I need?

samba3 is enough - in the beginning of each of my scripts I put the packages that are required - taka a look at it.

root@Core-Sf:~# which smbpasswd
/bin/smbpasswd
root@Core-Sf:~# opkg list_installed | grep samba
samba3 - 3.0.24-8

Re: Storage Administration Tool

Ah:

# which smbpasswd
/usr/sbin/smbpasswd

Don't know why I didn't locate it when I did a "find".  Updated now and reran. 

The first time I did it I had not had my hard drive mounted on /mnt.  After deleting the users and mounting on /mnt, I reran.

This time I get errors of this sort:

chown: /mnt/storage/SHARE/users/user99/Private: Operation not permitted
chown: /mnt/storage/SHARE/users/user99/Private: Operation not permitted
chown: /mnt/storage/SHARE/users/user99/.profile: Operation not permitted
chown: /mnt/storage/SHARE/users/user99: Operation not permitted
chown: /mnt/storage/SHARE/users/user99: Operation not permitted

I get the same thing if I enter the chown command directly (as I understand it):

root@tp93:~# chown -R user99:smbusers /mnt/storage/SHARE/users/user99

Any ideas?  This is all new to me.

(I do have ftp access for retrieval, but not for storage.  Permission on the user99 directory is drwxr-xr-x.)

Re: Storage Administration Tool

Hello, smbpasswd issue should be fixed in the new version (1.7, see the first post).

All the permission settings are correctly applied, I have done several checks and tests. Please, check if you have your usb storage partitions correctly mounted. Also, in order to set permissions and ownership properly, you cannot use (v)fat (msdos), ntfs file systems.

And last, take a look at the following comands output:

root@Core-Sf:~# cat /etc/fstab
/dev/sda1    /overlay    ext4    rw,sync    0    0
/dev/sda5    /mnt/storage    ext4    rw,sync    0    0
/dev/sda6    /mnt/storage/SHARE/users    ext4    rw,sync    0    0
/dev/sda2    none    swap    sw    0    0
root@Core-Sf:~# ls -alh /mnt/storage/SHARE/users/
drwxr-x---    3 smbadmin smbusers     4.0K Jan 13 13:56 .
drwxr-x---    4 smbadmin smbusers     4.0K Nov  6 23:56 ..
drwxr-x---    4 share    smbusers     4.0K Dec 28 18:51 share
root@Core-Sf:~# ls -alh /mnt/storage/SHARE/users/share/
drwxr-x---    4 share    smbusers     4.0K Dec 28 18:51 .
drwxr-x---    3 smbadmin smbusers     4.0K Jan 13 13:56 ..
-rwxr-x---    1 share    smbusers        0 Jan  8 18:37 .profile
drwx------    2 share    smbusers     4.0K Dec 28 18:35 Private
drwxr-x---    2 share    smbusers     4.0K Dec 28 18:51 folder
-rwxr-x---    1 share    smbusers    78.5K Dec 28 18:51 graph.png
-rwxr-x---    1 share    smbusers    81.6K Dec 28 18:51 graph_download.png
root@Core-Sf:~# cat /etc/vsftpd.users 
share
root@Core-Sf:~# cat /etc/samba/smbpasswd
..........................

Re: Storage Administration Tool

Hmmm, no joy here.

I deleted the samba and ftp users, and the directories on the hard drive, excepting several not the in /storage path.  I then did "storageadm.sh -a user99" and "storageadm.sh -f user99".  I again got the "Operation not permitted" message from chown.

"cat /etc/fstab" give me "cat: can't open '/etc/fstab': No such file or directory"

root@tp93:~# ls -l /etc/fstab
lrwxrwxrwx    1 root     root            10 Jan  1 11:39 /etc/fstab -> /tmp/fstab

root@tp93:~# ls -alh /mnt/storage/SHARE/users/
drwxr-xr-x    3 root     root       32.0K Jan 14 20:52 .
drwxr-xr-x    3 root     root       32.0K Jan 14 20:30 ..
drwxr-xr-x    3 root     root       32.0K Jan 14 20:52 user99

root@tp93:~# ls -alh /mnt/storage/SHARE/users/user99
drwxr-xr-x    3 root     root       32.0K Jan 14 20:52 .
drwxr-xr-x    3 root     root       32.0K Jan 14 20:52 ..
-rwxr-xr-x    1 root     root           0 Jan 14 20:52 .profile
drwxr-xr-x    2 root     root       32.0K Jan 14 20:52 Private

root@tp93:~# cat /etc/vsftpd.users
user99

Everything is owned by root.

Any ideas?

Re: Storage Administration Tool

All this stuff is pointing that your external storage is not mounted correctly or it is not mounted at all.
Check your storage configuration in /etc/config/fstab.
Showing us   df -h  and mount -v will be also helpful.

Re: Storage Administration Tool

I just added some new featured of my tool - see the changelog (first post) (version 1.8).
Regards,
dir2cas

Re: Storage Administration Tool

I had been explicitely mounting my drive.  I followed the wiki to modify /etc/config/fstab so that the drive now mounts automatically on booting.  I'm still getting the "chown" error messages.  Can this be because I am using a vfat drive?

~# df -h
Filesystem                Size      Used Available Use% Mounted on
rootfs                    5.5M      5.2M    284.0K  95% /
/dev/root                 1.5M      1.5M         0 100% /rom
tmpfs                    14.4M    196.0K     14.2M   1% /tmp
tmpfs                   512.0K         0    512.0K   0% /dev
/dev/mtdblock3            5.5M      5.2M    284.0K  95% /overlay
overlayfs:/overlay        5.5M      5.2M    284.0K  95% /
/dev/sda1               465.6G     24.5G    441.1G   5% /mnt
mount -v
rootfs on / type rootfs (rw)
/dev/root on /rom type squashfs (ro,relatime)
proc on /proc type proc (rw,noatime)
sysfs on /sys type sysfs (rw,noatime)
tmpfs on /tmp type tmpfs (rw,nosuid,nodev,noatime,size=14720k)
tmpfs on /dev type tmpfs (rw,noatime,size=512k,mode=755)
devpts on /dev/pts type devpts (rw,noatime,mode=600)
/dev/mtdblock3 on /overlay type jffs2 (rw,noatime)
overlayfs:/overlay on / type overlayfs (rw,relatime)
debugfs on /sys/kernel/debug type debugfs (rw,relatime)
/dev/sda1 on /mnt type vfat (rw,sync,relatime,fmask=0022,dmask=0022,codepage=cp437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro)
none on /proc/bus/usb type usbfs (rw,relatime)

Re: Storage Administration Tool

lizby wrote:

I had been explicitely mounting my drive.  I followed the wiki to modify /etc/config/fstab so that the drive now mounts automatically on booting.  I'm still getting the "chown" error messages.  Can this be because I am using a vfat drive?

Hi, this is exactly the reason. I am almost sure I have mentioned this somewhere in the above comments. Use a more native *IX file system, like ext2/3/4, btrfs, etc... Unfortunately jfs is not supported be OpenWrt otherwise this would be my decision.

Re: Storage Administration Tool

I tried a 32gb usb drive as ext2 and a 640gb external usb hard drive as ext4, and both worked.  I have successfully done ftp transfers with Filezilla.  Thanks for your responses which got me this far.

I haven't tested the samba part yet because I don't know how to access it from a windows pc.  Still researching.