From 74383f0f1911db5505eb12cdb9c5bd23a895030e Mon Sep 17 00:00:00 2001 From: Tim Dickson Date: Thu, 3 Sep 2020 11:29:43 +0100 Subject: network/wsdd2: Added (WSD/LLMNR Descovery/Name Service Daemon) Signed-off-by: Dave Woodfall Signed-off-by: Willy Sudiarto Raharjo --- network/wsdd2/README | 31 +++++++++++++ network/wsdd2/README.allowip6 | 17 ++++++++ network/wsdd2/doinst.sh | 26 +++++++++++ network/wsdd2/rc.wsdd2 | 58 +++++++++++++++++++++++++ network/wsdd2/slack-desc | 19 ++++++++ network/wsdd2/wsdd2.SlackBuild | 98 ++++++++++++++++++++++++++++++++++++++++++ network/wsdd2/wsdd2.info | 10 +++++ 7 files changed, 259 insertions(+) create mode 100644 network/wsdd2/README create mode 100644 network/wsdd2/README.allowip6 create mode 100644 network/wsdd2/doinst.sh create mode 100644 network/wsdd2/rc.wsdd2 create mode 100644 network/wsdd2/slack-desc create mode 100644 network/wsdd2/wsdd2.SlackBuild create mode 100644 network/wsdd2/wsdd2.info (limited to 'network/wsdd2') diff --git a/network/wsdd2/README b/network/wsdd2/README new file mode 100644 index 0000000000..f5e8736ab7 --- /dev/null +++ b/network/wsdd2/README @@ -0,0 +1,31 @@ +wsdd2 (WSD/LLMNR Descovery/Name Service Daemon) + +Provides samba share descovery for clients who don't support netbios +or are running ip6 (which netbios does not support). +Effectively this allows modern windows computers to find samba +shares, and allows you to avoid smb1/smb2 for which there are many +exploits in the wild. This is based on the NETGEAR implimentation. + +NOTE: make sure you allow local ip6 connections in your samba config +otherwise there will be no shares found. if you use "hosts allow" +then add fc00::/7 fe80::/64 ::1 +to the list of your local ip4 addresses so that local ip6 pcs can +use your shares. + +NOTE2: make sure ports 5357 (tcp) and 3702 (udp) are open if you +are using a firewall. + +to get wsdd2 to run automatically on startup add the following lines +in /etc/rc.d/rc.local + +#start wsdd2 daemon if samba is configured +if [ -x /etc/rc.d/rc.wsdd2 ]; then + /etc/rc.d/rc.wsdd2 start +fi + +and to stop it on shutdown, add the following to +samba section in /etc/rc.d/rc.local_shutdown + +if [ -x /etc/rc.d/rc.wsdd2 ]; then + /etc/rc.d/rc.wsdd2 stop +fi diff --git a/network/wsdd2/README.allowip6 b/network/wsdd2/README.allowip6 new file mode 100644 index 0000000000..85009e9325 --- /dev/null +++ b/network/wsdd2/README.allowip6 @@ -0,0 +1,17 @@ +It may be obvious, but its easy to forget; to access samba shares +using ip6 you need to allow ip6 addresses access to the server. If +you want to limit access to local ip6 addresses and you are using +the "hosts allow" option in smb.conf then add the following +address/masks to the end of any ip4 addresses you alread have listed + + fc00::/7 fe80::/64 ::1 + +this will allow link-local, unique-local, and local loop ip6 addresses + +Even if a machine has a public ip6 address, it will also have a +link-local one for ip6 sublayer operations of the Neighbor Discovery +Protocol as well as for some other protocols such as DHCPv6 + +if you are using a firewall, don't forget to allow access to port +5357 (tcp) and 3702 (udp) otherwise wsdd2 will not work. + diff --git a/network/wsdd2/doinst.sh b/network/wsdd2/doinst.sh new file mode 100644 index 0000000000..194630ea25 --- /dev/null +++ b/network/wsdd2/doinst.sh @@ -0,0 +1,26 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + chmod +x $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +preserve_perms() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + if [ -e $OLD ]; then + cp -a $OLD ${NEW}.incoming + cat $NEW > ${NEW}.incoming + mv ${NEW}.incoming $NEW + fi + config $NEW +} + +preserve_perms etc/rc.d/rc.wsdd2.new diff --git a/network/wsdd2/rc.wsdd2 b/network/wsdd2/rc.wsdd2 new file mode 100644 index 0000000000..594e1faab5 --- /dev/null +++ b/network/wsdd2/rc.wsdd2 @@ -0,0 +1,58 @@ +#!/bin/sh +# +# /etc/rc.d/rc.wsdd2 +# +# start/stop/restart the wsdd2 daemon. +# +# To make wsdd2 start automatically at boot make sure this +# file is executable, and add the following entry to rc.local +# after the samba test (uncommented) + +# if [ -x /etc/rc.d/rc.wsdd2 ]; then +# /etc/rc.d/rc.wsdd2 start +# fi + +# you may also add the following entry to rc.local_shutdown +# (uncommented) + +# if [ -x /etc/rc.d/rc.wsdd2 ]; then +# /etc/rc.d/rc.wsdd2 stop +# fi + +wsdd2_start() { + if [ -r /etc/samba/smb.conf -a -x /etc/rc.d/rc.samba -a -x /usr/sbin/wsdd2 ]; then + echo "Starting wsdd2: /usr/bin/wsdd2 -d" + /usr/sbin/wsdd2 -d + elif [ ! -r /etc/samba/smb.conf ]; then + echo "ERROR: samba not configured, so wsdd2 has no service to advertise" + fi +} +wsdd2_stop() { + #check something is running before trying to kill it. + if [ "x`ps -A|grep ' wsdd2'|wc -l`" != "x0" ]; then + killall wsdd2 + fi +} +wsdd2_restart() { + wsdd2_stop + sleep 1 + wsdd2_start +} +case "$1" in +'start') + #we don't want to run this more than once, + #so kill off any instance already running + wsdd2_stop + wsdd2_start + ;; +'stop') + wsdd2_stop + ;; +'restart') + wsdd2_restart + ;; +*) + # default is start + wsdd2_start +esac + diff --git a/network/wsdd2/slack-desc b/network/wsdd2/slack-desc new file mode 100644 index 0000000000..31fade9c60 --- /dev/null +++ b/network/wsdd2/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +wsdd2: wsdd2 (WSD/LLMNR Descovery/Name Service Daemon) +wsdd2: +wsdd2: Provides samba share browsing for clients who don't support netbios +wsdd2: or are running ip6 (which netbios does not support). +wsdd2: Effectively this allows modern windows computers to find samba +wsdd2: shares, and allows you to avoid smb1/smb2 for which there are many +wsdd2: exploits in the wild. This is based on the NETGEAR implimentation. +wsdd2: +wsdd2: Don't forget to allow local ip6 connections in your smb.conf file. +wsdd2: +wsdd2: Home Page https://github/Andy2244/wsdd2 diff --git a/network/wsdd2/wsdd2.SlackBuild b/network/wsdd2/wsdd2.SlackBuild new file mode 100644 index 0000000000..2fc09749ce --- /dev/null +++ b/network/wsdd2/wsdd2.SlackBuild @@ -0,0 +1,98 @@ +#!/bin/sh + +# Slackware build script for wsdd2 + +# Copyright 2020 Tim Dickson Scotland +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PRGNAM=wsdd2 +VERSION=${VERSION:-1.8.1} +BUILD=${BUILD:-1} +TAG=${TAG:-_SBo} + +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) ARCH=i586 ;; + arm*) ARCH=arm ;; + *) ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp/SBo} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +set -e +rm -rf $PKG +mkdir -p $TMP $PKG $OUTPUT +cd $TMP +rm -rf $PRGNAM-$VERSION +tar xvf $CWD/$PRGNAM-$VERSION.tar.gz +cd $PRGNAM-$VERSION +chown -R root:root . +find -L . \ + \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ + -o -perm 511 \) -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ + -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; + +#we are going to have to fix Makefile as we don't want systemd stuff +sed -i "/systemd/d" Makefile + +make CFLAGS="$SLKCFLAGS" CXXFLAGS="$SLKCFLAGS" +make install DESTDIR=$PKG MANINSTALLDIR="usr/man" INSTALLPREFIX="usr" + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +find $PKG/usr/man -type f -exec gzip -9 {} \; +for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done + +#copy over the rc file +mkdir -p $PKG/etc/rc.d +cp -a $CWD/rc.${PRGNAM} $PKG/etc/rc.d/rc.${PRGNAM}.new +# now for docs +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +cp -a LICENSE README.md $PKG/usr/doc/$PRGNAM-$VERSION +cat $CWD/README.allowip6 > $PKG/usr/doc/$PRGNAM-$VERSION/README.allowip6 +cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +cat $CWD/doinst.sh > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} + diff --git a/network/wsdd2/wsdd2.info b/network/wsdd2/wsdd2.info new file mode 100644 index 0000000000..fbe5e086c0 --- /dev/null +++ b/network/wsdd2/wsdd2.info @@ -0,0 +1,10 @@ +PRGNAM="wsdd2" +VERSION="1.8.1" +HOMEPAGE="https://github.com/Andy2244/wsdd2" +DOWNLOAD="https://github.com/Andy2244/wsdd2/archive/1.8.1/wsdd2-1.8.1.tar.gz" +MD5SUM="fe07c4d77d58eadc7f2d5fb82493a67d" +DOWNLOAD_x86_64="" +MD5SUM_x86_64="" +REQUIRES="%README%" +MAINTAINER="Tim Dickson" +EMAIL="dickson.tim@googlemail.com" -- cgit v1.2.3