Project Description

Continuation of exploration of using elasticsearch to provide windows search functionality with samba

Goal for this Hackweek

  • Explore security related features of elasticsearch that might provide the needed mechanism to filter search results based on user (rather than getting samba to filter and cache the results itself)
  • Start a unit test framework for the windows search protocol which should help with upstreaming
  • Maybe get to explore some container possibilities


Looking for hackers with the skills:

Nothing? Add some keywords!

This project is part of:

Hack Week 20


  • over 2 years ago: npower originated this project.

  • Comments

    • npower
      over 2 years ago by npower | Reply

      So progress this hackweek was slow but I

      • First updated my dev samba branch to latest master, this wasn't such a big chore as I had been keeping my branch reasonably up to date (e.g. I updated about a month ago) No big surprises, only some minor conflicts
      • I lost my elasticsearch install/setup when I rebuilt my desktop due to a disk failure so I had to start again to install/configure elasticsearch, filecrawler etc.
      • Maybe it's me or the problem domain is somewhat new/unfamiliar to me but I find the elasticsearch documentation hard to follow, anyway after some time I secured way more than I needed (e.g. the node itself and not just the client http communication) I verified the encrypted connections with curl. I found out later the needed configuration changes just for securing the client http connections were much simpler. I configured users and enabled xpack (the security add on package) again verifying basic authentication with curl. Also read the associated documentation re. document and field level security and found out unfortunately what I wanted to do isn't covered by the basic (free) license (maybe I should have read the fine print more closely add-emoji ) Although possible to get a 14 day evaluation licence I decided found out enough at this point.
      • I attempted to modify my elasticsearch wsp backend to use tls but unfortunately failed here, I don't know yet what the problem is but even thought the tls connection succeeded my attempts to query elasticsearch over tls failed. The failure was quite weird as the samba http library should transparently use tls once the connection has been configured to use tls (and has been successfully established) I can see the gnu tls function 'gnutlsrecordsend' is called to send the encrypted request (and returns successfully) but neither strace or wireshark show any data actually has been sent.
      • Additionally a goal of this hackweek was to work on unit tests, with this in mind I started first with
        1. building some simple unit tests using the wsp-to tool which allows simple queries to be specified using a textual Advanced Query Syntax - like syntax
        2. Creating a fake elasticsearch http server in python that could be used to provide basic end to end testing using the wspsearch client utility
        3. Start creating python bindings with the intention of building on the above to inject individual wsp messages to the wsp server/fake elasticsearch backend in order to build more fine grained unit tests

      The branch I was working on for hackweek can be found here

    Similar Projects

    This project is one of its kind!