977baf7100
Fixes CVE-2016-2119
Client side SMB2/3 required signing can be downgraded
Summary: A man in the middle attack can disable client signing
over SMB2/3, even if enforced by configuration
parameters.
Details:
https://www.samba.org/samba/security/CVE-2016-2119.html
40 lines
762 B
Bash
Executable File
40 lines
762 B
Bash
Executable File
#!/bin/sh
|
|
|
|
PATH="/sbin:/usr/sbin:/bin:/usr/bin"
|
|
|
|
NAME="nmbd"
|
|
USER="root"
|
|
RUNDIR="/var/run/samba"
|
|
PIDFILE="$RUNDIR/$NAME.pid"
|
|
PROG="/usr/sbin/$NAME"
|
|
|
|
case $1 in
|
|
start)
|
|
install -d -m 755 -o $USER $RUNDIR || exit 1
|
|
start-stop-daemon --start --pidfile $PIDFILE --exec $PROG -- $ARGS
|
|
;;
|
|
stop)
|
|
start-stop-daemon --stop --retry 30 --pidfile $PIDFILE
|
|
;;
|
|
restart)
|
|
$0 stop
|
|
$0 start
|
|
;;
|
|
status)
|
|
start-stop-daemon --status --pidfile $PIDFILE
|
|
case $? in
|
|
0) echo "$PROG running with pid: $(cat $PIDFILE)" ;;
|
|
1) echo "$PROG not running, stale pidfile: $PIDFILE" ;;
|
|
3) echo "$PROG not running" ;;
|
|
4) echo "Unable to determine program status" ;;
|
|
esac
|
|
;;
|
|
reload)
|
|
smbcontrol $NAME reload-config
|
|
;;
|
|
*)
|
|
echo "usage: $0 [start|stop|restart|reload|status]"
|
|
;;
|
|
esac
|
|
|