As I have mentioned before on this list, I am the network Admin for a k12 public school district. We have migrated to samba, in order to save money, and we love it. We have a situation though, where managing a program under samba, vs. Novell is a bit harder, and I want some suggestions on how to handle it. The program is Accelerated Reader, which is a program where students take quizes, and the quizes are read from a proprietary database(not sql) that is just a folder on a share. Quiz results are also posted here. We mapped this folder to a drive R:, and it works fine. Our problem is that sometimes the database needs maintenance, which is normal for this program....and all users of the have to exit the client process, in order for the database maintenance program to be able to run. Some users do not exit though, and this gives an error while trying to run the maintenance prog. Under novell, if we saw that someone was still using the AR program, we could kill their connection to the server, but since samba restores sessions automatically, and doesn't show what programs logged in users are using...this is very difficult to solve. We need to be able to do something that will kill current connections to the R: share, but allow the client pc with the datadoctor maintenance program to connect, and run. Then when finished, go back to normal. I had an idea of using 2 different smb.conf files, which could be interchanged by using a shell script. It could be done like a RedHat service script: service ARmaint start, and service ARmaint stop. now, what would it need to do to kill connections to just that share? what would it need to do to allow only the datadocter program to access share while in maintenance mode? Is there a command line utility that will list current connections, and what files are open as on novell's management console?
On Thu, Nov 29, 2001 at 11:27:57AM -0600, Barry Smoke wrote:> As I have mentioned before on this list, I am the network Admin for a > k12 public school district. We have migrated to samba, in order to save > money, and we love it. > > We have a situation though, where managing a program under samba, vs. > Novell is a bit harder, and I want some suggestions on how to handle it. > > The program is Accelerated Reader, which is a program where students > take quizes, and the quizes are read from a proprietary database(not > sql) that is just a folder on a share. Quiz results are also posted > here. We mapped this folder to a drive R:, and it works fine. > > Our problem is that sometimes the database needs maintenance, which is > normal for this program....and all users of the have to exit the client > process, in order for the database maintenance program to be able to > run. Some users do not exit though, and this gives an error while > trying to run the maintenance prog. > Under novell, if we saw that someone was still using the AR program, we > could kill their connection to the server, but since samba restores > sessions automatically, and doesn't show what programs logged in users > are using...this is very difficult to solve. > > We need to be able to do something that will kill current connections to > the R: share, but allow the client pc with the datadoctor maintenance > program to connect, and run. Then when finished, go back to normal. > > I had an idea of using 2 different smb.conf files, which could be > interchanged by using a shell script. It could be done like a RedHat > service script: > service ARmaint start, and service ARmaint stop. > > now, what would it need to do to kill connections to just that share? > what would it need to do to allow only the datadocter program to access > share while in maintenance mode? > Is there a command line utility that will list current connections, and > what files are open as on novell's management console?smbstatus will do this. As to terminating connections to a share, smbcontrol has a "close-share" message that will do this. Jeremy.
Barry, There appear to be two fundamental problems you're trying to tackle: 1. How to disconnect users from an existing share. 2. How to prevent users from reconnecting to this same share. According to comments in smbd man page, the only way to achieve #1 is to stop/start smbd. That's not too hard to accomplish from the server, or via SWAT. As for #2, you can, as you're currently thinking, modify your smb.conf just prior to the restart to disable the share that students access, effectively preventing new connections. Then, when administration of your app is complete, modify the smb.conf again and SIGHUP/restart smbd alowing connections to the share. Or, this is completely untested: 1. Add the "deadtime" global setting in smb.conf to some reasonable number. It would be great if this was a per share setting, but as it is this will effect ALL SHARES. With this setting you at least have a known amount time when a client connection will be considered dead by samba. 2. Write a script (let's call it script1) that checks for the existence of a known file and returns non-zero on failure. The file file could be anything, but I'm thinking something like ".SERVICE_DISABLED" in the application share directory. 3. Add the following to the application share in your smb.conf: preexec = script1 preexec close = yes 4. Create an administrative share for the same path that students map to, but do not include the preexec settings. With the above setup you could either manually, or via a cron job: 1) create the ".SERVICE_DISABLED" file, 2) restart smbd. Then any connection request to the student share would not be allowed, administration of the application would be allowed, and removing the ".SERVICE_DISABLED" file would allow student connections again. I kinda like it, except for the need to restart smbd. If there were a programatic way to disconnect users, then you could just incorporate that, and the creation of the ".SERVICE_DISABLED" file, into the preexec of the adminstrative share, and remove it with a postexec! That would be slick...connect for admin purposes, students are disconnected, no new students are alowed to connect, admin does his thing, disconnects, and students are back at it. If that all made sense, then I hope it helps you out. Feel free to email me back as I'm just finishing a strong cup of coffee and should be ful of even better ideas :-)) Doug