Context Navigation

samba3.xml@ 010573d

Visit:

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts krejzi/svn lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition systemd-11177 systemd-13485 trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal

Last change on this file since 010573d was 010573d, checked in by Krejzi <krejzi@…>, 11 years ago

Partially revert previous commit - to be honest I have no idea why I have winbindd_priv group.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@11087 af4574ff-66df-0310-9fd7-8a98e5e911e0

Property mode set to 100644

File size: 42.0 KB

Line
1	<?xml version="1.0" encoding="ISO-8859-1"?>
2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4	<!ENTITY % general-entities SYSTEM "../../general.ent">
5	%general-entities;
6
7	<!ENTITY samba3-download-http "http://ftp.samba.org/pub/samba/stable/samba-&samba3-version;.tar.gz">
8	<!ENTITY samba3-download-ftp "ftp://ftp.samba.org/pub/samba/stable/samba-&samba3-version;.tar.gz">
9	<!ENTITY samba3-md5sum "430fd21a1acd26964d3ccf366df8709a">
10	<!ENTITY samba3-size "34 MB">
11	<!ENTITY samba3-buildsize "535 MB (includes running the test suite)">
12	<!ENTITY samba3-time "2.7 SBU (additionall 1.4 SBU to run the test suite)">
13	]>
14
15	<sect1 id="samba3" xreflabel="Samba-&samba3-version;">
16	<?dbhtml filename="samba3.html"?>
17
18	<sect1info>
19	<othername>$LastChangedBy$</othername>
20	<date>$Date$</date>
21	</sect1info>
22
23	<title>Samba-&samba3-version;</title>
24
25	<indexterm zone="samba3">
26	<primary sortas="a-Samba">Samba</primary>
27	</indexterm>
28
29	<sect2 role="package">
30	<title>Introduction to Samba</title>
31
32	<para>The <application>Samba</application> package provides file and print
33	services to SMB/CIFS clients and Windows networking to Linux clients.
34	<application>Samba</application> can also be configured as a Windows NT
35	4.0 Domain Controller replacement (with caveats working with NT PDC's and
36	BDC's), a file/print server acting as a member of a Windows NT 4.0 or
37	Active Directory domain and a NetBIOS (rfc1001/1002) nameserver (which
38	amongst other things provides LAN browsing support).</para>
39
40	&lfs72_checked;
41
42	<bridgehead renderas="sect3">Package Information</bridgehead>
43	<itemizedlist spacing="compact">
44	<listitem>
45	<para>Download (HTTP): <ulink url="&samba3-download-http;"/></para>
46	</listitem>
47	<listitem>
48	<para>Download (FTP): <ulink url="&samba3-download-ftp;"/></para>
49	</listitem>
50	<listitem>
51	<para>Download MD5 sum: &samba3-md5sum;</para>
52	</listitem>
53	<listitem>
54	<para>Download size: &samba3-size;</para>
55	</listitem>
56	<listitem>
57	<para>Estimated disk space required: &samba3-buildsize;</para>
58	</listitem>
59	<listitem>
60	<para>Estimated build time: &samba3-time;</para>
61	</listitem>
62	</itemizedlist>
63
64	<!--<bridgehead renderas="sect3">Additional Downloads</bridgehead>
65	<itemizedlist spacing="compact">
66	<listitem>
67	<para>Required patch: <ulink
68	url="http://us3.samba.org/samba/patches/patches-&samba3-version;/spoolss.diff"/></para>
69	</listitem>
70	</itemizedlist> -->
71
72	<bridgehead renderas="sect3">Samba Dependencies</bridgehead>
73
74	<bridgehead renderas="sect4">Required</bridgehead>
75	<para role="required"><xref linkend="libtirpc"/></para>
76
77	<bridgehead renderas="sect4">Optional</bridgehead>
78	<para role="optional"><xref linkend="popt"/>,
79	<xref linkend="linux-pam"/>,
80	<xref linkend="cups"/>,
81	<xref linkend="openldap"/>,
82	<xref linkend="gamin"/>,
83	<xref linkend="acl"/>,
84	<xref linkend="xfsprogs"/>,
85	<xref linkend="mitkrb"/>,
86	<xref linkend="python2"/> (used only in parts of the test suite),
87	<ulink url="http://tdb.samba.org/">tdb</ulink>,
88	<ulink url="http://ctdb.samba.org/">ctdb</ulink>,
89	<xref linkend="libcap2"/>,
90	<ulink url="http://www.nongnu.org/libunwind/">libunwind</ulink>,
91	<xref linkend="avahi"/>,
92	<ulink url="http://www.openafs.org/">OpenAFS</ulink>,
93	and <ulink url="http://valgrind.org/">Valgrind</ulink> (optionally
94	used by the test suite)</para>
95
96	<para>You will need to install one of the kerberos packages if you plan
97	on using your system to join a Windows NT domain.</para>
98
99	<!-- <bridgehead renderas="sect4">Optional for Samba4 Support</bridgehead>
100	<para role="optional"><xref linkend="gnutls"/> (recommended),
101	<xref linkend="python2"/>, and
102	<xref linkend="sqlite"/></para> -->
103
104	<para condition="html" role="usernotes">User Notes:
105	<ulink url="&blfs-wiki;/samba3"/></para>
106
107	</sect2>
108
109	<sect2 role="installation">
110	<title>Installation of Samba</title>
111
112	<note>
113	<para>If you wish to run the test suite after the binaries are built,
114	you must add the <option>--enable-socket-wrapper</option> parameter to
115	the <command>configure</command> script below. You may want to run
116	<command>configure</command> with the <option>--help</option> parameter
117	first. There may be other parameters needed to take advantage of
118	optional dependencies.</para>
119	</note>
120
121	<para>Install <application>Samba</application> by running the following
122	commands:</para>
123
124	<screen><userinput>cd source3 &&
125
126	sed -i -e "s/python2.6 python2.5/python2.7 &/" \
127	-e "s/python2.6-config python2.5-config/python2.7-config &/" \
128	configure &&
129
130	./configure \
131	--prefix=/usr \
132	--sysconfdir=/etc \
133	--localstatedir=/var \
134	--with-piddir=/run/samba \
135	--with-pammodulesdir=/lib/security \
136	--with-fhs \
137	--enable-nss-wrapper \
138	--enable-socket-wrapper &&
139	sed -i "s/-ldl/& -ltirpc -lpthread/" Makefile &&
140	make</userinput></screen>
141
142	<para>To test the results, issue: <command>make test</command>. If you have
143	<application>Linux-PAM</application> installed and built the PAM library
144	modules, you can perform a dlopen test by issuing:
145	<command>make test_pam_modules</command>.</para>
146
147	<!-- <para>This program dose not come with a functional test suite.</para> -->
148
149	<para>Now, as the <systemitem class="username">root</systemitem> user:</para>
150
151	<screen role="root"><userinput>make install &&
152
153	install -v -m644 pkgconfig/*.pc /usr/lib/pkgconfig &&
154	install -v -m755 ../nsswitch/libnss_win{s,bind}.so /lib &&
155	ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2 &&
156	ln -v -sf libnss_wins.so /lib/libnss_wins.so.2 &&
157
158	install -v -m644 ../examples/smb.conf.default /etc/samba &&
159
160	if [ -d /etc/openldap/schema ]; then
161	install -v -m644 ../examples/LDAP/README \
162	/etc/openldap/schema/README.LDAP &&
163	install -v -m644 ../examples/LDAP/samba* \
164	/etc/openldap/schema &&
165	install -v -m755 ../examples/LDAP/{convert,get,ol*} \
166	/etc/openldap/schema &&
167	fi &&
168
169	install -v -m755 -d /usr/share/doc/samba-&samba3-version; &&
170	install -v -m644 ../docs/*.pdf \
171	/usr/share/doc/samba-&samba3-version; &&
172	ln -v -s ../../samba/swat /usr/share/doc/samba-&samba3-version;</userinput></screen>
173
174	</sect2>
175
176	<sect2 role="commands">
177	<title>Command Explanations</title>
178
179	<!-- <para><option>-enable-merged-build</option>: Use this parameter to build
180	the (alpha) Samba4 components (GnuTLS is recommended).</para> -->
181
182	<para><command>sed -i -e "s/python2.6 ...</command>: Make Samba checking
183	for newer Python versions too</para>
184
185	<para><parameter>--sysconfdir=/etc</parameter>: Sets the configuration
186	file directory to avoid the default of
187	<filename class="directory">/usr/etc</filename>.</para>
188
189	<para><parameter>--localstatedir=/var</parameter>: Sets the variable
190	data directory to avoid the default of
191	<filename class="directory">/usr/var</filename>.</para>
192
193	<para><parameter>--with-fhs</parameter>: Assigns all other file paths in
194	a manner compliant with the Filesystem Hierarchy Standard (FHS).</para>
195
196	<para><parameter>--enable-nss-wrapper</parameter>: Builds the nss-wrapper
197	library.</para>
198
199	<para><parameter>--enable-socket-wrapper</parameter>: This options is
200	required to run the test suite.</para>
201
202	<para><command>sed -i "s/-ldl/& -ltirpc -lpthread/" Makefile</command>:
203	This command enables the build to complete when using libtirpc instead of
204	the deprecated GLibC rpc functions.</para>
205
206	<para><command>cp pkgconfig/wbclient.pc /usr/lib/pkgconfig</command>:
207	Install a file omitted by the install procedure.</para>
208
209	<para><command>install -v -m755 nsswitch/libnss_win{s,bind}.so /lib</command>:
210	The nss libraries are not installed by default. If you intend to use
211	winbindd for Windows NT domain authentication, and/or WINS name resolution,
212	you need these libraries.</para>
213
214	<para><command>ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2</command>
215	and <command>ln -v -sf libnss_wins.so /lib/libnss_wins.so.2</command>:
216	These symlinks are required by <application>Glibc</application> to use the
217	NSS libraries.</para>
218
219	<para><command>if [ -d /etc/openldap/schema ]; then ...; fi</command>:
220	These commands are used to see if you have an OpenLDAP installation, and if
221	so, they copy sample Samba schemas to the OpenLDAP
222	<filename class='directory'>schema</filename> directory.</para>
223
224	<para><command>install -v -m644 ../examples/smb.conf.default
225	/etc/samba</command>: This copies a default <filename>smb.conf</filename>
226	file into <filename>/etc/samba</filename>. This sample configuration will
227	not work until you copy it to <filename>/etc/samba/smb.conf</filename> and
228	make the appropriate changes for your installation. See the configuration
229	section for minimum values which must be set.</para>
230
231	</sect2>
232
233	<sect2 role="configuration">
234	<title>Configuring Samba</title>
235
236	<sect3 id="samba3-config">
237	<title>Config Files</title>
238
239	<para>/etc/samba/smb.conf</para>
240
241	<indexterm zone="samba3 samba3-config">
242	<primary sortas="e-etc-samba-smb.conf">/etc/samba/smb.conf</primary>
243	</indexterm>
244
245	</sect3>
246	<!-- mount.cifs is now in the separate cifs-utils package
247	<sect3>
248	<title>Mounting Shares by Unprivileged Users</title>
249
250	<para>If it is desired for unprivileged users to directly mount (and
251	unmount) CIFS shares, the <command>mount.cifs</command> and
252	<command>umount.cifs</command> commands must be setuid
253	<systemitem class='username'>root</systemitem>. Note that users can
254	only mount CIFS shares on a mount point owned by that user (requires
255	write access also). If desired, change these programs to setuid
256	<systemitem class='username'>root</systemitem> by issuing the following
257	command as the <systemitem class='username'>root</systemitem>
258	user:</para>
259
260	<screen role="root"><userinput>chmod -v 4755 /usr/sbin/{,u}mount.cifs</userinput></screen>
261
262	</sect3>
263	-->
264	<sect3>
265	<title>Printing to SMB Clients</title>
266
267	<para>If you use <application>CUPS</application> for print services,
268	and you wish to print to a printer attached to an SMB client, you
269	need to create an SMB backend device. To create the device, issue the
270	following command as the <systemitem class="username">root</systemitem>
271	user:</para>
272
273	<screen role="root"><userinput>ln -v -sf /usr/bin/smbspool /usr/lib/cups/backend/smb</userinput></screen>
274
275	</sect3>
276
277	<sect3>
278	<title>Configuration Information</title>
279
280	<para>Due to the complexity and the many various uses for
281	<application>Samba</application>, complete configuration for all the
282	package's capabilities is well beyond the scope of the BLFS book. This
283	section provides instructions to configure the
284	<filename>/etc/samba/smb.conf</filename> file for two common scenarios.
285	The complete contents of <filename>/etc/samba/smb.conf</filename> will
286	depend on the purpose of <application>Samba</application>
287	installation.</para>
288
289	<note>
290	<para>You may find it easier to copy the configuration parameters shown
291	below into an empty <filename>/etc/samba/smb.conf</filename> file
292	instead of copying and editing the default file as mentioned in the
293	<quote>Command Explanations</quote> section. How you create/edit the
294	<filename>/etc/samba/smb.conf</filename> file will be left up to
295	you. Do ensure the file is only writeable by the
296	<systemitem class="username">root</systemitem> user (mode 644).</para>
297	</note>
298
299	<sect4>
300	<title>Scenario 1: Minimal Standalone Client-Only Installation</title>
301
302	<para>Choose this variant if you only want to transfer files using
303	<command>smbclient</command>, mount Windows shares and print to Windows
304	printers, and don't want to share your files and printers to Windows
305	machines.</para>
306
307	<para>A <filename>/etc/samba/smb.conf</filename> file with the following
308	three parameters is sufficient:</para>
309
310	<screen role='root'><literal>[global]
311	workgroup = <replaceable>MYGROUP</replaceable>
312	dos charset = <replaceable>cp850</replaceable>
313	unix charset = <replaceable>ISO-8859-1</replaceable></literal></screen>
314
315	<para>The values in this example specify that the computer belongs to a
316	Windows workgroup named
317	<quote><replaceable>MYGROUP</replaceable></quote>, uses the
318	<quote><replaceable>cp850</replaceable></quote> character set on the
319	wire when talking to MS-DOS and MS Windows 9x, and that the filenames
320	are stored in the <quote><replaceable>ISO-8859-1</replaceable></quote>
321	encoding on the disk. Adjust these values appropriately for your
322	installation. The <quote>unix charset</quote> value must be the same as
323	the output of <command>locale charmap</command> when executed with the
324	<envar>LANG</envar> variable set to your preferred locale, otherwise the
325	<command>ls</command> command may not display correct filenames of
326	downloaded files.</para>
327
328	<para>There is no need to run any <application>Samba</application>
329	servers in this scenario, thus you don't need to install the provided
330	bootscripts.</para>
331
332	</sect4>
333
334	<sect4>
335	<title>Scenario 2: Standalone File/Print Server</title>
336
337	<para>Choose this variant if you want to share your files and printers
338	to Windows machines in your workgroup in addition to the capabilities
339	described in Scenario 1.</para>
340
341	<para>In this case, the <filename>/etc/samba/smb.conf.default</filename>
342	file may be a good template to start from. Also add
343	<quote>dos charset</quote> and <quote>unix charset</quote> parameters
344	to the <quote>[global]</quote> section as described in Scenario 1 in
345	order to prevent filename corruption.</para>
346
347	<para>The following configuration file creates a separate share for each
348	user's home directory and also makes all printers available to Windows
349	machines:</para>
350
351	<screen role='root'><literal>[global]
352	workgroup = <replaceable>MYGROUP</replaceable>
353	dos charset = <replaceable>cp850</replaceable>
354	unix charset = <replaceable>ISO-8859-1</replaceable>
355
356	[homes]
357	comment = Home Directories
358	browseable = no
359	writable = yes
360
361	[printers]
362	comment = All Printers
363	path = /var/spool/samba
364	browseable = no
365	guest ok = no
366	printable = yes</literal></screen>
367
368	<para>Other parameters you may wish to customize in the
369	<quote>[global]</quote> section include:</para>
370
371	<screen role='root'><literal> server string =
372	security =
373	hosts allow =
374	load printers =
375	log file =
376	max log size =
377	socket options =
378	local master =</literal></screen>
379
380	<para>Reference the comments in the
381	<filename>/etc/samba/smb.conf.default</filename> file for information
382	regarding these parameters.</para>
383
384	<para>Since the <command>smbd</command> and <command>nmbd</command>
385	daemons are needed in this case, install the <filename>samba</filename>
386	bootscript. Be sure to run <command>smbpasswd</command> (with the
387	<option>-a</option> option to add users) to enable and
388	set passwords for all accounts that need
389	<application>Samba</application> access, or use the SWAT web interface
390	(see below) to do the same. Using the default
391	<application>Samba</application> passdb backend, any user you attempt
392	to add will also be required to exist in the
393	<filename>/etc/passwd</filename> file.</para>
394
395	</sect4>
396
397	<sect4>
398	<title>Advanced Requirements</title>
399
400	<para>More complex scenarios involving domain control or membership are
401	possible if the right flags are passed to the ./configure script when
402	the package is built. Such setups are advanced topics and cannot be
403	adequately covered in BLFS. Many complete books have been written on
404	these topics alone. It should be noted, however, that a
405	<application>Samba</application> BDC cannot be used as a fallback
406	for a Windows PDC, and conversely, a Windows BDC cannot be used as a
407	fallback for a <application>Samba</application> PDC. Also in some
408	domain membership scenarios, the <command>winbindd</command> daemon and
409	the corresponding bootscript are needed.</para>
410
411	<para>There is quite a bit of documentation available which covers many
412	of these advanced configurations. Point your web browser to the links
413	below to view some of the documentation included with the
414	<application>Samba</application> package:</para>
415
416	<itemizedlist spacing='compact'>
417	<listitem>
418	<para>Using Samba, 2nd Edition; a popular book published by O'Reilly
419	<ulink url="file:///usr/share/samba/swat/using_samba/toc.html"/></para>
420	</listitem>
421	<listitem>
422	<para>The Official Samba HOWTO and Reference Guide <ulink
423	url="file:///usr/share/samba/swat/help/Samba-HOWTO-Collection/index.html"/>
424	</para>
425	</listitem>
426	<listitem>
427	<para>Samba-3 by Example
428	<ulink url="file:///usr/share/samba/swat/help/Samba-Guide/index.html"/>
429	</para>
430	</listitem>
431	<listitem>
432	<para>The Samba-3 man Pages
433	<ulink url="file:///usr/share/samba/swat/help/samba.7.html"/></para>
434	</listitem>
435	</itemizedlist>
436
437	</sect4>
438
439	<sect4 id="samba3-init">
440	<title>Boot Script</title>
441
442	<para>For your convenience, boot scripts have been provided for
443	<application>Samba</application>. There are two included in the
444	<xref linkend="bootscripts"/> package. The first,
445	<filename>samba</filename>, will start the <command>smbd</command>
446	and <command>nmbd</command> daemons needed to provide SMB/CIFS
447	services. The second script, <filename>winbind</filename>, starts
448	the <command>winbindd</command> daemon, used for providing Windows
449	domain services to Linux clients.</para>
450
451	<indexterm zone="samba3 samba3-init">
452	<primary sortas="f-samba">samba</primary>
453	</indexterm>
454
455	<indexterm zone="samba3 samba3-init">
456	<primary sortas="f-winbind">winbind</primary>
457	</indexterm>
458
459	<para>The default <application>Samba</application> installation uses the
460	<systemitem class='username'>nobody</systemitem> user for guest access
461	to the server. This can be overridden by setting the
462	<option>guest account =</option> parameter in the
463	<filename>/etc/samba/smb.conf</filename> file. If you utilize the
464	<option>guest account =</option> parameter, ensure this user exists in
465	the <filename>/etc/passwd</filename> file. To use the default user,
466	issue the following commands as the
467	<systemitem class='username'>root</systemitem> user:</para>
468
469	<screen><userinput>groupadd -g 99 nogroup &&
470	useradd -c "Unprivileged Nobody" -d /dev/null -g nogroup \
471	-s /bin/false -u 99 nobody</userinput></screen>
472
473	<para>Install the <filename>samba</filename> script with the following
474	command issued as the <systemitem class="username">root</systemitem>
475	user:</para>
476
477	<screen role="root"><userinput>make install-samba</userinput></screen>
478
479	<para>If you also need the <filename>winbindd</filename>
480	script to resolve names from Windows clients, run:</para>
481
482	<screen role="root"><userinput>make install-winbindd</userinput></screen>
483
484	</sect4>
485
486	</sect3>
487
488	<sect3 id="samba3-swat-config">
489	<title>Configuring SWAT</title>
490
491	<para>The SWAT (<application>Samba</application> Web Administration Tool)
492	utility can be used for configuration of the
493	<application>Samba</application> installation.</para>
494
495	<indexterm zone="samba3 samba3-swat-config">
496	<primary sortas="g-configuring-SWAT">Configuring SWAT</primary>
497	</indexterm>
498	<!--
499	<sect4>
500	<title>Setting up SWAT using inetd</title>
501
502	<indexterm zone="samba3 samba3-swat-config">
503	<primary sortas="e-etc-inetd.conf">/etc/inetd.conf</primary>
504	</indexterm>
505
506	<indexterm zone="samba3 samba3-swat-config">
507	<primary sortas="e-etc-services">/etc/services</primary>
508	</indexterm>
509
510	<warning>
511	<para>BLFS does not recommend using these procedures because of the
512	security risk involved. However, in a home network environment and
513	disclosure of the <systemitem class='username'>root</systemitem>
514	password is an acceptable risk, the following
515	instructions are provided for your convenience.</para>
516	</warning>
517
518	<para>First you must add an entry to <filename>/etc/services</filename>
519	and modify the <command>inetd</command> configuration. Add this entry
520	with the following command issued as the <systemitem
521	class="username">root</systemitem> user:</para>
522
523	<screen role="root"><userinput>echo "swat 905/tcp" >> /etc/services</userinput></screen>
524
525	<para>Now add this entry to the <filename>/etc/inetd.conf</filename>
526	file, again as the <systemitem class="username">root</systemitem>
527	user:</para>
528
529	<screen role="root"><userinput>echo "swat stream tcp nowait.5 root /usr/sbin/swat swat >> /etc/inetd.conf</userinput></screen>
530
531	<para>Issue a <command>killall -HUP inetd</command> to reread the
532	changed <filename>inetd.conf</filename> file.</para>
533
534	<para>SWAT can be launched by pointing your web browser to
535	http://localhost:905.</para>
536
537	</sect4>
538	-->
539	<sect4>
540	<title>Setting up SWAT using xinetd</title>
541
542	<indexterm zone="samba3 samba3-swat-config">
543	<primary sortas="e-etc-xinetd.conf">/etc/xinetd.conf</primary>
544	</indexterm>
545
546	<para>If not already done, add an entry to <filename>/etc/services</filename> file
547	as the <systemitem class="username">root</systemitem> user:</para>
548
549	<screen role="root"><userinput>echo "swat 905/tcp" >> /etc/services</userinput></screen>
550
551	<para>Create the <application>Samba</application> <xref
552	linkend='xinetd'/> file as <filename>/etc/xinetd.d/swat</filename>.</para>
553
554	<warning>
555	<para>You may modify or remove the <quote>only_from</quote> line
556	below to include other host(s). BLFS does not recommend doing this
557	because of the security risk involved. However, in a home network
558	environment, disclosure of the <systemitem
559	class='username'>root</systemitem> password may be an acceptable
560	risk.</para>
561	</warning>
562
563	<screen role="root"><userinput>cat >> /etc/xinetd.d/swat << "EOF"
564	<literal># Begin /etc/xinetd.d/swat
565
566	service swat
567	{
568	port = 905
569	socket_type = stream
570	wait = no
571	instances = 5
572	only_from = 127.0.0.1
573	user = root
574	server = /usr/sbin/swat
575	log_on_failure += USERID
576	}
577
578	# End /etc/xinetd.d/swat</literal>
579	EOF</userinput></screen>
580
581	<para>Issue a <command>killall -HUP xinetd</command> to read the new
582	<filename>/etc/xinetd.d/swat</filename> file.</para>
583
584	<note>
585	<para>If you linked <application>Linux-PAM</application> into the
586	<application>Samba</application> build, you'll need to create an
587	<filename>/etc/pam.d/samba</filename> file.</para>
588	</note>
589
590	<para>SWAT can now be launched by pointing your web browser to
591	http://localhost:905.</para>
592
593	</sect4>
594
595	<sect4>
596	<title>Setting up SWAT using stunnel</title>
597
598	<para>A better way to set up SWAT for network access is through
599	<xref linkend='stunnel'/>. For convenience, a boot scripts has
600	been provided for SWAT via stunnel. First, create the stunnel
601	configuration file:</para>
602
603	<indexterm zone="samba3 samba3-swat-config">
604	<primary sortas="e-etc-stunnel-swat.conf">/etc/stunnel/swat.conf</primary>
605	</indexterm>
606
607	<screen role="root"><userinput>cat >> /etc/stunnel/swat.conf << "EOF"
608	<literal>; File: /etc/stunnel/swat.conf
609
610	pid = /run/stunnel-swat.pid
611	setuid = root
612	setgid = root
613	cert = /etc/stunnel/stunnel.pem
614
615	[swat]
616	accept = swat
617	exec = /usr/sbin/swat
618	</literal>
619	EOF</userinput></screen>
620
621	<para>Next, install the swat bootscript:</para>
622
623	<screen role="root"><userinput>make install-swat</userinput></screen>
624
625	<para>After starting the SWAT boot script the tool can be accessed by
626	pointing your web browser to https://localhost:905. Note:
627	<emphasis>https</emphasis>. If access to the tool needs to be
628	further restricted, then <xref linkend='iptables'/> can be
629	used.</para>
630
631	</sect4>
632
633	</sect3>
634
635	<sect3>
636	<title/>
637
638
639	<indexterm zone="samba3 samba3-swat-config">
640	<primary sortas="e-etc-pam.d-samba">/etc/pam.d/samba</primary>
641	</indexterm>
642
643	</sect3>
644
645
646	</sect2>
647
648	<sect2 role="content">
649	<title>Contents</title>
650
651	<segmentedlist>
652	<segtitle>Installed Programs</segtitle>
653	<segtitle>Installed Libraries</segtitle>
654	<segtitle>Installed Directories</segtitle>
655
656	<seglistitem>
657	<seg>eventlogadm, findsmb, ldbadd, ldbdel, ldbedit,
658	ldbmodify, ldbrename, ldbsearch, net, nmbd,
659	nmblookup, ntlm_auth, pdbedit, profiles, rpcclient, sharesec, smbcacls,
660	smbclient, smbcontrol, smbcquotas, smbd, smbget, smbpasswd, smbspool,
661	smbstatus, smbtar, smbtree, swat, testparm, wbinfo,
662	winbindd, and (if not using system TDB) tdbbackup, tdbdump, and
663	tdbtool</seg>
664	<seg>libnss_winbind.so, libnss_wins.so, libnetapi.so, libsmbclient.so,
665	libsmbsharemodes.so, libtalloc.so, libwbclient.so, the pam_winbind.so
666	and pam_smbpass.so PAM libraries, and assorted character set,
667	filesystem and support modules.</seg>
668	<seg>/etc/samba, /usr/lib/samba, /usr/share/doc/samba-&samba3-version;,
669	/usr/share/samba, /var/lib/samba, /var/log/samba (if configured), and
670	/var/nmbd</seg>
671	</seglistitem>
672	</segmentedlist>
673
674	<variablelist>
675	<bridgehead renderas="sect3">Short Descriptions</bridgehead>
676	<?dbfo list-presentation="list"?>
677	<?dbhtml list-presentation="table"?>
678
679	<varlistentry id="eventlogadm">
680	<term><command>eventlogadm</command></term>
681	<listitem>
682	<para>is used to write records to eventlogs from STDIN, add the
683	specified source and DLL eventlog registry entries and display the
684	active eventlog names (from <filename>smb.conf</filename>).</para>
685	<indexterm zone="samba3 eventlogadm">
686	<primary sortas="b-eventlogadm">eventlogadm</primary>
687	</indexterm>
688	</listitem>
689	</varlistentry>
690
691	<varlistentry id="findsmb">
692	<term><command>findsmb</command></term>
693	<listitem>
694	<para>lists information about machines that respond to
695	SMB name queries on a subnet.</para>
696	<indexterm zone="samba3 findsmb">
697	<primary sortas="b-findsmb">findsmb</primary>
698	</indexterm>
699	</listitem>
700	</varlistentry>
701
702	<varlistentry id="ldbadd">
703	<term><command>ldbadd</command></term>
704	<listitem>
705	<para>is a command-line utility for adding records to an LDB
706	database.</para>
707	<indexterm zone="samba3 ldbadd">
708	<primary sortas="b-ldbadd">ldbadd</primary>
709	</indexterm>
710	</listitem>
711	</varlistentry>
712
713	<varlistentry id="ldbdel">
714	<term><command>ldbdel</command></term>
715	<listitem>
716	<para>is a command-line program for deleting LDB database
717	records.</para>
718	<indexterm zone="samba3 ldbdel">
719	<primary sortas="b-ldbdel">ldbdel</primary>
720	</indexterm>
721	</listitem>
722	</varlistentry>
723
724	<varlistentry id="ldbedit">
725	<term><command>ldbedit</command></term>
726	<listitem>
727	<para>allows you to edit LDB databases using your preferred
728	editor.</para>
729	<indexterm zone="samba3 ldbedit">
730	<primary sortas="b-ldbedit">ldbedit</primary>
731	</indexterm>
732	</listitem>
733	</varlistentry>
734
735	<varlistentry id="ldbmodify">
736	<term><command>ldbmodify</command></term>
737	<listitem>
738	<para>allows you to modify records in an LDB database.</para>
739	<indexterm zone="samba3 ldbmodify">
740	<primary sortas="b-ldbmodify">ldbmodify</primary>
741	</indexterm>
742	</listitem>
743	</varlistentry>
744
745	<varlistentry id="ldbrename">
746	<term><command>ldbrename</command></term>
747	<listitem>
748	<para>allows you to edit LDB databases using your preferred
749	editor.</para>
750	<indexterm zone="samba3 ldbrename">
751	<primary sortas="b-ldbrename">ldbrename</primary>
752	</indexterm>
753	</listitem>
754	</varlistentry>
755
756	<varlistentry id="ldbsearch">
757	<term><command>ldbsearch</command></term>
758	<listitem>
759	<para>searches an LDB database for records matching a specified
760	expression.</para>
761	<indexterm zone="samba3 ldbsearch">
762	<primary sortas="b-ldbsearch">ldbsearch</primary>
763	</indexterm>
764	</listitem>
765	</varlistentry>
766
767	<varlistentry id="net">
768	<term><command>net</command></term>
769	<listitem>
770	<para>is a tool for administration of
771	<application>Samba</application> and remote CIFS servers, similar
772	to the <command>net</command> utility for DOS/Windows.</para>
773	<indexterm zone="samba3 net">
774	<primary sortas="b-net">net</primary>
775	</indexterm>
776	</listitem>
777	</varlistentry>
778
779	<varlistentry id="nmbd">
780	<term><command>nmbd</command></term>
781	<listitem>
782	<para>is the <application>Samba</application>
783	NetBIOS name server.</para>
784	<indexterm zone="samba3 nmbd">
785	<primary sortas="b-nmbd">nmbd</primary>
786	</indexterm>
787	</listitem>
788	</varlistentry>
789
790	<varlistentry id="nmblookup">
791	<term><command>nmblookup</command></term>
792	<listitem>
793	<para>is used to query NetBIOS names and map
794	them to IP addresses.</para>
795	<indexterm zone="samba3 nmblookup">
796	<primary sortas="b-nmblookup">nmblookup</primary>
797	</indexterm>
798	</listitem>
799	</varlistentry>
800
801	<varlistentry id="ntlm_auth">
802	<term><command>ntlm_auth</command></term>
803	<listitem>
804	<para>is a tool to allow external access to Winbind's
805	NTLM authentication function.</para>
806	<indexterm zone="samba3 ntlm_auth">
807	<primary sortas="b-ntlm_auth">ntlm_auth</primary>
808	</indexterm>
809	</listitem>
810	</varlistentry>
811
812	<varlistentry id="pdbedit">
813	<term><command>pdbedit</command></term>
814	<listitem>
815	<para>is a tool used to manage the SAM database.</para>
816	<indexterm zone="samba3 pdbedit">
817	<primary sortas="b-pdbedit">pdbedit</primary>
818	</indexterm>
819	</listitem>
820	</varlistentry>
821
822	<varlistentry id="profiles">
823	<term><command>profiles</command></term>
824	<listitem>
825	<para>is a utility that reports and changes SIDs in Windows
826	registry files. It currently only supports Windows NT.</para>
827	<indexterm zone="samba3 profiles">
828	<primary sortas="b-profiles">profiles</primary>
829	</indexterm>
830	</listitem>
831	</varlistentry>
832
833	<varlistentry id="rpcclient">
834	<term><command>rpcclient</command></term>
835	<listitem>
836	<para>is used to execute MS-RPC client side functions.</para>
837	<indexterm zone="samba3 rpcclient">
838	<primary sortas="b-rpcclient">rpcclient</primary>
839	</indexterm>
840	</listitem>
841	</varlistentry>
842
843	<varlistentry id="sharesec">
844	<term><command>sharesec</command></term>
845	<listitem>
846	<para>manipulates share ACL permissions on SMB file shares.</para>
847	<indexterm zone="samba3 sharesec">
848	<primary sortas="b-sharesec">sharesec</primary>
849	</indexterm>
850	</listitem>
851	</varlistentry>
852
853	<varlistentry id="smbcacls">
854	<term><command>smbcacls</command></term>
855	<listitem>
856	<para>is used to manipulate Windows NT access control lists.</para>
857	<indexterm zone="samba3 smbcacls">
858	<primary sortas="b-smbcacls">smbcacls</primary>
859	</indexterm>
860	</listitem>
861	</varlistentry>
862
863	<varlistentry id="smbclient">
864	<term><command>smbclient</command></term>
865	<listitem>
866	<para>is a SMB/CIFS access utility, similar to FTP.</para>
867	<indexterm zone="samba3 smbclient">
868	<primary sortas="b-smbclient">smbclient</primary>
869	</indexterm>
870	</listitem>
871	</varlistentry>
872
873	<varlistentry id="smbcontrol">
874	<term><command>smbcontrol</command></term>
875	<listitem>
876	<para>is used to control running <command>smbd</command>,
877	<command>nmbd</command> and <command>winbindd</command>
878	daemons.</para>
879	<indexterm zone="samba3 smbcontrol">
880	<primary sortas="b-smbcontrol">smbcontrol</primary>
881	</indexterm>
882	</listitem>
883	</varlistentry>
884
885	<varlistentry id="smbcquotas">
886	<term><command>smbcquotas</command></term>
887	<listitem>
888	<para>is used to manipulate Windows NT quotas on
889	SMB file shares.</para>
890	<indexterm zone="samba3 smbcquotas">
891	<primary sortas="b-smbcquotas">smbcquotas</primary>
892	</indexterm>
893	</listitem>
894	</varlistentry>
895
896	<varlistentry id="smbd">
897	<term><command>smbd</command></term>
898	<listitem>
899	<para>is the main <application>Samba</application> daemon which
900	provides SMB/CIFS services to clients.</para>
901	<indexterm zone="samba3 smbd">
902	<primary sortas="b-smbd">smbd</primary>
903	</indexterm>
904	</listitem>
905	</varlistentry>
906
907	<varlistentry id="smbget">
908	<term><command>smbget</command></term>
909	<listitem>
910	<para>is a simple utility with <command>wget</command>-like
911	semantics, that can download files from SMB servers. You can specify
912	the files you would like to download on the command-line.</para>
913	<indexterm zone="samba3 smbget">
914	<primary sortas="b-smbget">smbget</primary>
915	</indexterm>
916	</listitem>
917	</varlistentry>
918
919	<varlistentry id="smbpasswd">
920	<term><command>smbpasswd</command></term>
921	<listitem>
922	<para>changes a user's <application>Samba</application>
923	password.</para>
924	<indexterm zone="samba3 smbpasswd">
925	<primary sortas="b-smbpasswd">smbpasswd</primary>
926	</indexterm>
927	</listitem>
928	</varlistentry>
929
930	<varlistentry id="smbspool">
931	<term><command>smbspool</command></term>
932	<listitem>
933	<para>sends a print job to an SMB printer.</para>
934	<indexterm zone="samba3 smbspool">
935	<primary sortas="b-smbspool">smbspool</primary>
936	</indexterm>
937	</listitem>
938	</varlistentry>
939
940	<varlistentry id="smbstatus">
941	<term><command>smbstatus</command></term>
942	<listitem>
943	<para>reports current <application>Samba</application>
944	connections.</para>
945	<indexterm zone="samba3 smbstatus">
946	<primary sortas="b-smbstatus">smbstatus</primary>
947	</indexterm>
948	</listitem>
949	</varlistentry>
950
951	<varlistentry id="smbtar">
952	<term><command>smbtar</command></term>
953	<listitem>
954	<para>is a shell script used for backing up SMB/CIFS shares
955	directly to Linux tape drives or a file.</para>
956	<indexterm zone="samba3 smbtar">
957	<primary sortas="b-smbtar">smbtar</primary>
958	</indexterm>
959	</listitem>
960	</varlistentry>
961
962	<varlistentry id="smbtree">
963	<term><command>smbtree</command></term>
964	<listitem>
965	<para>is a text-based SMB network browser.</para>
966	<indexterm zone="samba3 smbtree">
967	<primary sortas="b-smbtree">smbtree</primary>
968	</indexterm>
969	</listitem>
970	</varlistentry>
971
972	<varlistentry id="swat">
973	<term><command>swat</command></term>
974	<listitem>
975	<para>is the <application>Samba</application> Web Administration
976	Tool.</para>
977	<indexterm zone="samba3 swat">
978	<primary sortas="b-swat">swat</primary>
979	</indexterm>
980	</listitem>
981	</varlistentry>
982
983	<varlistentry id="tdbbackup">
984	<term><command>tdbbackup</command></term>
985	<listitem>
986	<para>is a tool for backing up or validating the integrity of
987	<application>Samba</application> <filename>.tdb</filename>
988	files.</para>
989	<indexterm zone="samba3 tdbbackup">
990	<primary sortas="b-tdbbackup">tdbbackup</primary>
991	</indexterm>
992	</listitem>
993	</varlistentry>
994
995	<varlistentry id="tdbdump">
996	<term><command>tdbdump</command></term>
997	<listitem>
998	<para> is a tool used to print the contents of a
999	<application>Samba</application> <filename>.tdb</filename>
1000	file.</para>
1001	<indexterm zone="samba3 tdbdump">
1002	<primary sortas="b-tdbdump">tdbdump</primary>
1003	</indexterm>
1004	</listitem>
1005	</varlistentry>
1006
1007	<varlistentry id="tdbtool">
1008	<term><command>tdbtool</command></term>
1009	<listitem>
1010	<para>is a tool which allows simple database manipulation from the
1011	command line.</para>
1012	<indexterm zone="samba3 tdbtool">
1013	<primary sortas="b-tdbtool">tdbtool</primary>
1014	</indexterm>
1015	</listitem>
1016	</varlistentry>
1017
1018	<varlistentry id="testparm">
1019	<term><command>testparm</command></term>
1020	<listitem>
1021	<para>checks an <filename>smb.conf</filename> file for proper
1022	syntax.</para>
1023	<indexterm zone="samba3 testparm">
1024	<primary sortas="b-testparm">testparm</primary>
1025	</indexterm>
1026	</listitem>
1027	</varlistentry>
1028
1029	<varlistentry id="wbinfo">
1030	<term><command>wbinfo</command></term>
1031	<listitem>
1032	<para>queries a running <command>winbindd</command> daemon.</para>
1033	<indexterm zone="samba3 wbinfo">
1034	<primary sortas="b-wbinfo">wbinfo</primary>
1035	</indexterm>
1036	</listitem>
1037	</varlistentry>
1038
1039	<varlistentry id="winbindd">
1040	<term><command>winbindd</command></term>
1041	<listitem>
1042	<para>resolves names from Windows NT servers.</para>
1043	<indexterm zone="samba3 winbindd">
1044	<primary sortas="b-winbindd">winbindd</primary>
1045	</indexterm>
1046	</listitem>
1047	</varlistentry>
1048
1049	<varlistentry id="libnss_winbind">
1050	<term><filename class='libraryfile'>libnss_winbind.so</filename></term>
1051	<listitem>
1052	<para>provides Name Service Switch API functions for resolving names
1053	from NT servers.</para>
1054	<indexterm zone="samba3 libnss_winbind">
1055	<primary sortas="c-libnss_winbind">libnss_winbind.so</primary>
1056	</indexterm>
1057	</listitem>
1058	</varlistentry>
1059
1060	<varlistentry id="libnss_wins">
1061	<term><filename class='libraryfile'>libnss_wins.so</filename></term>
1062	<listitem>
1063	<para>provides API functions for Samba's implementation of the
1064	Windows Internet Naming Service.</para>
1065	<indexterm zone="samba3 libnss_wins">
1066	<primary sortas="c-libnss_wins">libnss_wins.so</primary>
1067	</indexterm>
1068	</listitem>
1069	</varlistentry>
1070
1071	<varlistentry id="libnetapi">
1072	<term><filename class='libraryfile'>libnetapi.so</filename></term>
1073	<listitem>
1074	<para>provides the API functions for the administration tools used
1075	for Samba and remote CIFS servers.</para>
1076	<indexterm zone="samba3 libnetapi">
1077	<primary sortas="c-libnetapi">libnetapi.so</primary>
1078	</indexterm>
1079	</listitem>
1080	</varlistentry>
1081
1082	<varlistentry id="libsmbclient">
1083	<term><filename class='libraryfile'>libsmbclient.so</filename></term>
1084	<listitem>
1085	<para>provides the API functions for the Samba SMB client tools.</para>
1086	<indexterm zone="samba3 libsmbclient">
1087	<primary sortas="c-libsmbclient">libsmbclient.so</primary>
1088	</indexterm>
1089	</listitem>
1090	</varlistentry>
1091
1092	<varlistentry id="libsmbsharemodes">
1093	<term><filename class='libraryfile'>libsmbsharemodes.so</filename></term>
1094	<listitem>
1095	<para>provides API functions for accessing SMB share modes
1096	(locks etc.)</para>
1097	<indexterm zone="samba3 libsmbsharemodes">
1098	<primary sortas="c-libsmbsharemodes">libsmbsharemodes.so</primary>
1099	</indexterm>
1100	</listitem>
1101	</varlistentry>
1102
1103	<varlistentry id="libwbclient">
1104	<term><filename class='libraryfile'>libwbclient.so</filename></term>
1105	<listitem>
1106	<para>provides API functions for Windows domain client services.</para>
1107	<indexterm zone="samba3 libwbclient">
1108	<primary sortas="c-libwbclient">libwbclient.so</primary>
1109	</indexterm>
1110	</listitem>
1111	</varlistentry>
1112
1113	</variablelist>
1114
1115	</sect2>
1116
1117	</sect1>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: networking/netprogs/samba3.xml@ 010573d

Download in other formats: