Version information
This version is compatible with:
- Puppet Enterprise 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x
- Puppet >= 7.0.0 < 9.0.0
- , , OracleLinux, Scientific, Fedora, Rocky, AlmaLinux, , , , ArchLinux
Start using this module
Add this module to your Puppetfile:
mod 'rehan-samba', '3.1.0'Learn more about managing modules with a PuppetfileDocumentation
rehan-samba
Table of Contents
Overview
The rehan-samba module manages the Samba/CIFS, the virtual filesystem based on SMB protocol.
Module Description
A puppet module for managing the installation and configuration of samba. This module installs and configures the samba server and client packages and allows configuration of user specific SMB shares.
Implemented Features:
- Installs samba server package
- Installs samba client package
- Allows managing global SMB configurations parameters.
- Allows managing SMB shares.
Setup
In order to install rehan-samba, run the following command:
$ puppet module install rehan-samba
The module does expect all the data to be provided through 'Hiera'. See Usage for examples on how to configure it.
Requirements
This module is designed to be as clean and compliant with latest puppet code guidelines.
Usage
Example Usage for Samba Server (puppet dsl)
class { 'samba':
package_ensure => 'installed'
os_level => 50,
workgroup => 'EXAMPLE',
wins_server => '10.10.10.10',
server_string => 'Example File Server 01',
netbios_name => 'F01',
interfaces => [ 'lo', 'eth0' ],
hosts_allow => [ '127.', '192.168.' ],
hosts_deny => [ 'ALL' ]
local_master => 'yes',
preferred_master => 'yes',
map_to_guest => 'Bad User',
additional_config => {
server_multi_channel_support => 'yes'
},
shares => {
'homes' => {
comment => 'Home Directories',
browseable => false,
path => '/home',
writable => true,
},
'pictures' => {
comment => 'Pictures',
path => '/srv/pictures',
browseable => true,
writable => true,
create_mask => '1777',
directory_mask => '1777',
},
},
}
Example Usage for Samba Client (puppet dsl)
contain samba::client
Example Usage (hiera)
All of this data can be provided through Hiera.
YAML
samba::package_ensure: 'installed'
samba::os_level: 50
samba::workgroup: 'EXAMPLE'
samba::wins_server: '10.10.10.10'
samba::server_string: 'Example File Server 01'
samba::netbios_name: 'F01'
samba::interfaces:
- 'lo'
- 'eth0'
samba::hosts_allow:
- '127.'
- '192.168.'
samba::hosts_deny:
- 'ALL'
samba::local_master: 'yes'
samba::preferred_master: 'yes'
samba::map_to_guest: 'Bad User'
samba::firewall_manage: true
additional_config:
server_multi_channel_support: 'yes'
samba::shares:
'homes':
comment: 'Home Directories'
browseable: false
path: '/home'
writable: true
'pictures':
comment: 'Pictures'
path: '/srv/pictures'
browseable: true
writable: true
create_mask: '1777'
directory_mask: '1777'
samba::idmap_config:
'*':
backend: 'tdb'
range: '400-999'
'AD':
unix_primary_group: 'Yes'
unix_nss_info: 'Yes'
schema_mode: 'rfc2307'
range: '1000-2147483647'
backend: 'ad'
Dependencies
Development
You can submit pull requests and create issues through the official page of this module on GitHub. Please do report any bug and suggest new features/improvements.
Reference
Table of Contents
Classes
samba: This module manages Samba/CIFS, the virtual filesystem based on SMB protocol.samba::client: @summary: This module installs the SAMBA/CIFS client. samba::clientsamba::config: @summary: Creates the [global] config section in smb.conf file.samba::firewall: @summary: Manage the firewallsamba::install: samba::installsamba::service: samba::service
Defined types
samba::option: Manages smb.conf options.samba::share: == Define samba::share
Classes
samba
For all main options, see the smb.conf(5) and samba(7) man pages. Default values for all parameters can be found at https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html. For the SELinux related options, see smbd_selinux(8).
Sample Usage : include samba
Parameters
The following parameters are available in the samba class:
packagespackage_managepackage_ensureconfig_fileconfig_lensservice_enableservice_ensureservice_manageservice_nameservice_portsfirewall_manageworkgroupserver_stringnetbios_namedomain_masterpreferred_masterlocal_masteros_levelwins_supportwins_servername_resolve_orderserver_min_protocolclient_max_protocolclient_min_protocolhosts_allowhosts_denyinterfacesbind_interfaces_onlylog_filemax_log_sizepassdb_backenddomain_logonsmap_to_guestsecurityencrypt_passwordsunix_password_syncsocket_optionssyslogntlm_authmachine_password_timeoutrealmkerberos_methoddedicated_keytab_fileobey_pam_restrictionssharesadditional_configidmap_config
packages
Data type:
Struct[{
server => Array[String[1]],
client => Array[String[1]],
utils => Array[String[1]],
}]
Names of the server, client and utility pacakges to be installed when managing Samba.
package_manage
Data type: Boolean
Should this module manage the installation/removal of the $packages?
package_ensure
Data type: Stdlib::Ensure::Package
The installation state of $packages.
config_file
Data type: String
The Augeas lens to use for managing the smb.conf file.
config_lens
Data type: String
The Augeas lens to use for managing the smb.conf file.
service_enable
Data type: Variant[Enum[mask, manual], Boolean]
Enable/disable the Samba service on reboot.
service_ensure
Data type: Enum[stopped, running]
The value of ensure for package resources.
service_manage
Data type: Boolean
Should the Samba service be managd by this module?
service_name
Data type: Array[String]
The name of the Samba service.
service_ports
Data type:
Array[
Struct[
{
port => Integer[0, 65535],
proto => Enum[tcp, udp],
}
]
]
The service ports to be added to the firewall (if managed).
firewall_manage
Data type: Boolean
Manage the firewall rules for the Samba services.
workgroup
Data type: Variant[Undef, String]
This controls what workgroup your server will appear to be in when queried by clients.
Default value: 'WORKGROUP'
server_string
Data type: Variant[Undef, String]
This controls what string will show up in the printer comment box in print manager and next to the IPC connection in net view.
Default value: '%h server (Samba Server Version %v)'
netbios_name
Data type: Variant[Undef, String]
This sets the NetBIOS name by which a Samba server is known.
Default value: '%{facts.hostname}'
domain_master
Data type: Variant[Boolean, String]
Tell smbd(8) to enable WAN-wide browse list collation.
Default value: 'auto'
preferred_master
Data type: Variant[Boolean, String]
This boolean parameter controls if nmbd(8) is a preferred master browser for its workgroup.
Default value: 'auto'
local_master
Data type: Variant[Undef, Boolean]
This option allows nmbd(8) to try and become a local master browser on a subnet.
Default value: true
os_level
Data type: Variant[Undef, Integer[0, 255]]
This integer value controls what level Samba advertises itself as for browse elections.
Default value: 20
wins_support
Data type: Variant[Undef, Boolean]
This boolean controls if the nmbd(8) process in Samba will act as a WINS server.
Default value: false
wins_server
Data type: Variant[Undef, String]
This specifies the IP address (or DNS name: IP address for preference) of the WINS server that nmbd(8) should register with.
Default value: undef
name_resolve_order
Data type: Variant[Undef, String]
This option is used by the programs in the Samba suite to determine what naming services to use and in what order to resolve host names to IP addresses.
Default value: 'lmhosts wins host bcast'
server_min_protocol
Data type: Variant[Undef, String]
This setting controls the minimum protocol version that the server will allow the client to use.
Default value: 'SMB2_10'
client_max_protocol
Data type: Variant[Undef, String]
The value of the parameter (a string) is the highest protocol level that will be supported for IPC$ connections as DCERPC transport.
Default value: 'SMB3'
client_min_protocol
Data type: Variant[Undef, String]
This setting controls the minimum protocol version that the client will attempt to use.
Default value: 'SMB2_10'
hosts_allow
Data type: Array[String]
This parameter is a comma, space, or tab delimited set of hosts which are permitted to access a service.
Default value: []
hosts_deny
Data type: Array[String]
The opposite of hosts allow - hosts listed here are NOT permitted access to services unless the specific services have their own lists to override this one.
Default value: ['ALL']
interfaces
Data type: Array[String]
default: interfaces =
Default value: []
bind_interfaces_only
Data type: Variant[Undef, Boolean]
This global parameter allows the Samba admin to limit what interfaces on a machine will serve SMB requests.
Default value: false
log_file
Data type: Variant[Undef, String]
This option allows you to override the name of the Samba log file (also known as the debug file).
Default value: '/var/log/samba/log.%m'
max_log_size
Data type: Variant[Undef, Integer]
This option (an integer in kilobytes) specifies the max size the log file should grow to.
Default value: 10000
passdb_backend
Data type: Variant[Undef, String]
This option allows the administrator to chose which backend will be used for storing user and possibly group information.
Default value: 'tdbsam'
domain_logons
Data type: Variant[Undef, Boolean]
DEPRECATED: This parameter has been deprecated since Samba 4.13 and support for NT4-style domain logons(as distinct from the Samba AD DC) will be removed in a future Samba release.
Default value: false
map_to_guest
Data type: Variant[Undef, String]
This parameter can take four different values, which tell smbd(8) what to do with user login requests that don't match a valid UNIX user in some way.
Default value: 'Never'
security
Data type: Variant[Undef, String]
This option affects how clients respond to Samba.
Default value: 'auto'
encrypt_passwords
Data type: Variant[Undef, Boolean]
DEPRECATED: This boolean controls whether encrypted passwords will be negotiated with the client
Default value: true
unix_password_sync
Data type: Variant[Undef, Boolean]
This boolean parameter controls whether Samba attempts to synchronize the UNIX password with the SMB password when the encrypted SMB password in the smbpasswd file is changed.
Default value: false
socket_options
Data type: Variant[Undef, String]
This option allows you to set socket options to be used when talking with the client.
Default value: 'TCP_NODELAY'
syslog
Data type: Variant[Undef, String]
This parameter maps how Samba debug messages are logged onto the system syslog logging levels.
Default value: undef
ntlm_auth
Data type: Variant[Enum['ntlmv1-permitted', 'ntlmv2-only', 'mschapv2-and-ntlmv2-only', 'disabled'], Boolean]
This parameter determines whether or not smbd(8) will attempt to authenticate users using the NTLM encrypted password response for this local passdb (SAM or account database).
Default value: false
machine_password_timeout
Data type: Variant[Undef, Integer]
This parameter specifies how often the MACHINE ACCOUNT password will be changed, in seconds.
Default value: 604800
realm
Data type: Variant[Undef, String]
This option specifies the kerberos realm to use.
Default value: undef
kerberos_method
Data type: Variant[Undef, String]
Controls how kerberos tickets are verified.
Default value: 'default'
dedicated_keytab_file
Data type: Variant[Undef, String]
Specifies the absolute path to the kerberos keytab file when kerberos method is set to "dedicated keytab".
Default value: undef
obey_pam_restrictions
Data type: Variant[Undef, Boolean]
This parameter will control whether or not Samba should obey PAM's account and session management directives.
Default value: false
shares
Data type: Hash
A hash of share names, their path(s) and other parameters.
Default value: {}
additional_config
Data type: Variant[Undef, Hash]
Additional configuration options to be added to the server smb.conf file.
Default value: {}
idmap_config
Data type: Variant[Undef, Hash]
The mapping between Windows SIDs and Unix user and group IDs.
Default value: {}
samba::client
@summary: This module installs the SAMBA/CIFS client. samba::client
Parameters
The following parameters are available in the samba::client class:
packages
Data type:
Struct[{
server => Array[String[1]],
client => Array[String[1]],
utils => Array[String[1]],
}]
The name of the Samba client package.
Default value: $samba::packages
package_manage
Data type: Boolean
Should the Samba client package be managed by this module?
Default value: $samba::package_manage
package_ensure
Data type: Stdlib::Ensure::Package
The installation state of the Samba client package
Default value: $samba::package_ensure
samba::config
@summary: Creates the [global] config section in smb.conf file.
samba::firewall
@summary: Manage the firewall
samba::install
samba::install
samba::service
samba::service
Defined types
samba::option
Manages smb.conf options.
Parameters
The following parameters are available in the samba::option defined type:
key
Data type: String
This is the Samba configuration parameter to be set.
Default value: $title
value
Data type: Variant[Boolean, Integer, String, Array[String], Undef]
The value of $key in the smb.conf file.
Default value: undef
config_file
Data type: String
The path to the Samba configuration file. eg: /etc/samba/smb.conf.
Default value: $samba::config_file
lens
Data type: String
The Augeas lens used to manage the entries in the $config_file.
Default value: $samba::config_lens
target
Data type: String
The Augeas target for the key/value pair settings.
Default value: $samba::target
samba::share
== Define samba::share
Parameters
The following parameters are available in the samba::share defined type:
commentpathwritableavailablebrowseablecopycreate_maskdirectory_maskforce_create_modeforce_directory_modeforce_groupforce_userguest_accountguest_okguest_onlyhide_unreadableinherit_ownerinherit_permissionsread_onlypublicprintablevalid_usersfollow_symlinkswide_linksmap_acl_inheritstore_dos_attributesstrict_allocateoplockslevel2_oplocksveto_oplock_fileswrite_listensure
comment
Data type: Optional[String]
This is a text field that is seen next to a share when a client does a queries the server, either via the network neighborhood or via net view to list what shares are available.
Default value: undef
path
Data type: Optional[Stdlib::Absolutepath]
This parameter specifies a directory to which the user of the service is to be given access.
Default value: undef
writable
Data type: Optional[Boolean]
If this parameter is true (ie: yes) then users of a service may create or modify files in the service's directory.
Default value: undef
available
Data type: Optional[Boolean]
This parameter lets you "turn off" a service. If available = false (ie, no), then ALL attempts to connect to the service will fail.
Default value: undef
browseable
Data type: Optional[Boolean]
This controls whether this share is seen in the list of available shares in a net view and in the browse list.
Default value: undef
copy
Data type: Optional[String]
This parameter allows you to "clone" service entries. The specified service is simply duplicated under the current service's name.
Default value: undef
create_mask
Data type: Optional[String]
This parameter is a bit-wise MASK for the UNIX modes of a file.
Default value: undef
directory_mask
Data type: Optional[String]
This parameter is the octal modes which are used when converting DOS modes to UNIX modes when creating UNIX directories.
Default value: undef
force_create_mode
Data type: Optional[String]
This parameter specifies a set of UNIX mode bit permissions that will always be set on a file created by Samba.
Default value: undef
force_directory_mode
Data type: Optional[String]
This parameter specifies a set of UNIX mode bit permissions that will always be set on a directory created by Samba.
Default value: undef
force_group
Data type: Optional[String]
This specifies a UNIX group name that will be assigned as the default primary group for all users connecting to this service.
Default value: undef
force_user
Data type: Optional[String]
This specifies a UNIX user name that will be assigned as the default user for all users connecting to this service.
Default value: undef
guest_account
Data type: Optional[String]
This is a username which will be used for access to services which are specified as $guest_ok (see below).
Default value: undef
guest_ok
Data type: Optional[Boolean]
If this parameter is true (ie: yes) for a service, then no password is required to connect to the service.
Default value: undef
guest_only
Data type: Optional[Boolean]
If this parameter is true (ie: yes) for a service, then only guest connections to the service are permitted
Default value: undef
hide_unreadable
Data type: Optional[Boolean]
This parameter prevents clients from seeing the existence of files that cannot be read.
Default value: undef
inherit_owner
Data type: Optional[Boolean]
The ownership of new files and directories is normally governed by effective uid of the connected user.
Default value: undef
inherit_permissions
Data type: Optional[Boolean]
The permissions on new files and directories are normally governed by create mask, directory mask, force create mode and force directory mode
Default value: undef
read_only
Data type: Optional[Boolean]
If this parameter is true (ie: yes) then users of a service may not create or modify files in the service's directory.
Default value: undef
public
Data type: Optional[Boolean]
If this parameter is true (ie: yes) for a service, then no password is required to connect to the service.
Default value: undef
printable
Data type: Optional[Boolean]
If this parameter is true (ie: yes) then clients may open, write to and submit spool files on the directory specified for the service.
Default value: undef
valid_users
Data type: Optional[Array[String]]
This is a list of users that should be allowed to login to this service.
Default value: undef
follow_symlinks
Data type: Optional[Boolean]
This parameter allows the Samba administrator to stop smbd(8) from following symbolic links in a particular share.
Default value: undef
wide_links
Data type: Optional[Boolean]
This parameter controls whether or not links in the UNIX file system may be followed by the server
Default value: undef
map_acl_inherit
Data type: Optional[Boolean]
this parameter controls whether smbd(8) will attempt to map the 'protected' (don't inherit) flags of the Windows ACLs into an extended attribute called user.SAMBA_PAI (POSIX draft ACL Inheritance).
Default value: undef
store_dos_attributes
Data type: Optional[Boolean]
When set, DOS attributes will be stored onto an extended attribute in the UNIX filesystem, associated with the file or directory.
Default value: undef
strict_allocate
Data type: Optional[Boolean]
When this is set to yes the server will change from UNIX behaviour of not committing real disk storage blocks when a file is extended to the Windows behaviour of actually forcing the disk system to allocate real storage blocks when a file is created or extended to be a given size. In UNIX terminology this means that Samba will stop creating sparse files.
Default value: undef
oplocks
Data type: Optional[String]
This boolean option tells smbd whether to issue oplocks (opportunistic locks) to file open requests on this share.
Default value: undef
level2_oplocks
Data type: Optional[String]
This parameter controls whether Samba supports level2 (read-only) oplocks on a share.
Default value: undef
veto_oplock_files
Data type: Optional[String]
This parameter allows the Samba administrator to selectively turn off the granting of oplocks on selected files that match a wildcarded list, similar to the wildcarded list used in the veto files parameter.
Default value: undef
write_list
Data type: Optional[String]
This is a list of users that are given read-write access to a service.
Default value: undef
ensure
Data type: Enum[present, absent]
The absent/present state of the key/value parameter.
Default value: present
3.1.0 (June 28, 2024)
Features:
- Updated os support matrix.
- Add 'samba::additional_config' option. (#52; parkr)
- Allow puppetlabs-stdlib 9.x. (#51; parkr)
- Remove custom types in favor of Puppetlabs Stdlib Stdlib::Ensure::Package. (#50; bschonec)
- Update parameters to samba.org defaults. (#49; bschonec)
3.0.0 (February 10, 2024)
Features:
This is a major release after a long while. The main reason for not being able to create a new release was two folds.
Firstly, the pdk in the latest releases has become almost unworkable (maybe it is my lack of understanding, but I do
not have the time commitment required to keep up with what is going on in there!). The second is the tests for this module
that were largely dependent on TravisCI which has
not been very kind to free and open source project of late. Without the ability to run any kind of tests, it was impossible
to merge further changes.
Well, most of that has been addressed to some extent in this release by very generous work of bschonec over the past few weeks. One of the main changes in this release is #43. Not all integration tests are fully migrated yet but this is a good starting point.
Other notable changes in this release are:
- Adding obey pam restrictions param. (#36; welchnut)
- Change ntlm_auth variable to a Variant and change its default value. (#40; bschonec)
- Add parameter descriptions to the class modules. (#48; bschonec)
- Other minor changes.
2.0.1 (August 24, 2022)
Features:
- Added machine password timeout parameter. (#29; welchnut)
- Added inherit owner and inherit permissions share options. (#26; casey36901)
- Updated os support matrix.
- Updated
pdktemplates.
2.0.0 (November 19, 2021)
Features:
- Updated os support matrix.
- Updated
pdktemplates. - Updated minimum
puppetversion to6.0.0. - Updated dependency versions.
- Added Debian 11 acceptance tests.
1.4.1 (May 6, 2021)
Features:
- Updated documentation with usage examples.
1.4.0 (May 6, 2021)
Features:
- Added support for openSUSE Leap 15.
- Added support for Puppet 7.
Improvements:
- Updated
pdktemplates. - Updated os support matrix.
- Added system tests for openSUSE Leap 15.
1.3.1 (May 22, 2020)
Improvements:
- Changed default value
encrypt passwordsto undef as it is deprecated in Samba. - Updated
pdktemplates.
1.3.0 (April 29, 2020)
Improvements:
- Added support for Ubuntu 20.04.
- Updated
pdktemplates. - Apply firewall rules if
fermis defined as firewall manager. It uses ferm module for managingferm.
1.2.0 (March 12, 2020)
Improvements:
-
samba::ntlm_auth paramThis allows enabling NTLMv1 authentication which nowadays is disabled by default due to being insecure. However, some users may require this for backwards compatibility, e.g., Sonos does not support NTLMv2 or any other choice for that matter. (#12; jflorian)
Bugfixes:
-
README uses bogus param extra_global_options. (#12; jflorian)
-
README uses bogus param selinux_enable_home_dirs. (#12; jflorian)
-
README is wrong for samba::shares usage. (#12; jflorian)
The
samba::sharedefine expects these params as a hash. Furthermore, it expects proper Boolean values instead ofyes/nostrings.
1.1.0 (February 13, 2020)
Improvements:
- Added support for CentOS 8.
- Updated os support matrix.
- Updated
pdktemplates.
1.0.0 (August 25, 2019)
Features:
- Initial release
Dependencies
- puppetlabs-stdlib (>= 8.6.0 < 10.0.0)
- puppetlabs-augeas_core (>= 1.0.0 < 2.0.0)
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.