Context Navigation

samba3.xml@ 4e9f28df

Visit:

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts krejzi/svn lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition systemd-11177 systemd-13485 trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal

Last change on this file since 4e9f28df was 4e9f28df, checked in by Randy McMurchy <randy@…>, 11 years ago

Updated to Samba-3.6.10

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@10929 af4574ff-66df-0310-9fd7-8a98e5e911e0

Property mode set to 100644

File size: 41.8 KB

Line
1	<?xml version="1.0" encoding="ISO-8859-1"?>
2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4	<!ENTITY % general-entities SYSTEM "../../general.ent">
5	%general-entities;
6
7	<!ENTITY samba3-download-http "http://ftp.samba.org/pub/samba/stable/samba-&samba3-version;.tar.gz">
8	<!ENTITY samba3-download-ftp "ftp://ftp.samba.org/pub/samba/stable/samba-&samba3-version;.tar.gz">
9	<!ENTITY samba3-md5sum "b5f0560c216122529b1c3b7f41c62567">
10	<!ENTITY samba3-size "34 MB">
11	<!ENTITY samba3-buildsize "535 MB (includes running the test suite)">
12	<!ENTITY samba3-time "2.7 SBU (additionall 1.4 SBU to run the test suite)">
13	]>
14
15	<sect1 id="samba3" xreflabel="Samba-&samba3-version;">
16	<?dbhtml filename="samba3.html"?>
17
18	<sect1info>
19	<othername>$LastChangedBy$</othername>
20	<date>$Date$</date>
21	</sect1info>
22
23	<title>Samba-&samba3-version;</title>
24
25	<indexterm zone="samba3">
26	<primary sortas="a-Samba">Samba</primary>
27	</indexterm>
28
29	<sect2 role="package">
30	<title>Introduction to Samba</title>
31
32	<para>The <application>Samba</application> package provides file and print
33	services to SMB/CIFS clients and Windows networking to Linux clients.
34	<application>Samba</application> can also be configured as a Windows NT
35	4.0 Domain Controller replacement (with caveats working with NT PDC's and
36	BDC's), a file/print server acting as a member of a Windows NT 4.0 or
37	Active Directory domain and a NetBIOS (rfc1001/1002) nameserver (which
38	amongst other things provides LAN browsing support).</para>
39
40	&lfs72_checked;
41
42	<bridgehead renderas="sect3">Package Information</bridgehead>
43	<itemizedlist spacing="compact">
44	<listitem>
45	<para>Download (HTTP): <ulink url="&samba3-download-http;"/></para>
46	</listitem>
47	<listitem>
48	<para>Download (FTP): <ulink url="&samba3-download-ftp;"/></para>
49	</listitem>
50	<listitem>
51	<para>Download MD5 sum: &samba3-md5sum;</para>
52	</listitem>
53	<listitem>
54	<para>Download size: &samba3-size;</para>
55	</listitem>
56	<listitem>
57	<para>Estimated disk space required: &samba3-buildsize;</para>
58	</listitem>
59	<listitem>
60	<para>Estimated build time: &samba3-time;</para>
61	</listitem>
62	</itemizedlist>
63
64	<!--<bridgehead renderas="sect3">Additional Downloads</bridgehead>
65	<itemizedlist spacing="compact">
66	<listitem>
67	<para>Required patch: <ulink
68	url="http://us3.samba.org/samba/patches/patches-&samba3-version;/spoolss.diff"/></para>
69	</listitem>
70	</itemizedlist> -->
71
72	<bridgehead renderas="sect3">Samba Dependencies</bridgehead>
73
74	<bridgehead renderas="sect4">Required</bridgehead>
75	<para role="required"><xref linkend="libtirpc"/></para>
76
77	<bridgehead renderas="sect4">Optional</bridgehead>
78	<para role="optional"><xref linkend="popt"/>,
79	<xref linkend="linux-pam"/>,
80	<xref linkend="cups"/>,
81	<xref linkend="openldap"/>,
82	<xref linkend="gamin"/>,
83	<xref linkend="acl"/>,
84	<xref linkend="xfsprogs"/>,
85	<xref linkend="mitkrb"/>,
86	<xref linkend="python2"/> (used only in parts of the test suite),
87	<ulink url="http://tdb.samba.org/">tdb</ulink>,
88	<ulink url="http://ctdb.samba.org/">ctdb</ulink>,
89	<xref linkend="libcap2"/>,
90	<ulink url="http://www.nongnu.org/libunwind/">libunwind</ulink>,
91	<xref linkend="avahi"/>,
92	<ulink url="http://www.openafs.org/">OpenAFS</ulink>,
93	and <ulink url="http://valgrind.org/">Valgrind</ulink> (optionally
94	used by the test suite)</para>
95
96	<para>You will need to install one of the kerberos packages if you plan
97	on using your system to join a Windows NT domain.</para>
98
99	<!-- <bridgehead renderas="sect4">Optional for Samba4 Support</bridgehead>
100	<para role="optional"><xref linkend="gnutls"/> (recommended),
101	<xref linkend="python2"/>, and
102	<xref linkend="sqlite"/></para> -->
103
104	<para condition="html" role="usernotes">User Notes:
105	<ulink url="&blfs-wiki;/samba3"/></para>
106
107	</sect2>
108
109	<sect2 role="installation">
110	<title>Installation of Samba</title>
111
112	<note>
113	<para>If you wish to run the test suite after the binaries are built,
114	you must add the <option>--enable-socket-wrapper</option> parameter to
115	the <command>configure</command> script below. You may want to run
116	<command>configure</command> with the <option>--help</option> parameter
117	first. There may be other parameters needed to take advantage of
118	optional dependencies.</para>
119	</note>
120
121	<para>Install <application>Samba</application> by running the following
122	commands:</para>
123
124	<screen><userinput>cd source3 &&
125
126	./configure \
127	--prefix=/usr \
128	--sysconfdir=/etc \
129	--localstatedir=/var \
130	--with-piddir=/run \
131	--with-pammodulesdir=/lib/security \
132	--with-fhs \
133	--enable-nss-wrapper \
134	--enable-socket-wrapper &&
135	sed -i "s/-ldl/& -ltirpc -lpthread/" Makefile &&
136	make</userinput></screen>
137
138	<para>To test the results, issue: <command>make test</command>. If you have
139	<application>Linux-PAM</application> installed and built the PAM library
140	modules, you can perform a dlopen test by issuing:
141	<command>make test_pam_modules</command>.</para>
142
143	<!-- <para>This program dose not come with a functional test suite.</para> -->
144
145	<para>Now, as the <systemitem class="username">root</systemitem> user:</para>
146
147	<screen role="root"><userinput>make install &&
148
149	cp pkgconfig/wbclient.pc /usr/lib/pkgconfig &&
150	install -v -m755 ../nsswitch/libnss_win{s,bind}.so /lib &&
151	ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2 &&
152	ln -v -sf libnss_wins.so /lib/libnss_wins.so.2 &&
153
154	install -v -m644 ../examples/smb.conf.default /etc/samba &&
155
156	if [ -d /etc/openldap/schema ]; then
157	install -v -m644 ../examples/LDAP/README \
158	/etc/openldap/schema/README.LDAP &&
159	install -v -m644 ../examples/LDAP/samba* \
160	/etc/openldap/schema &&
161	install -v -m755 ../examples/LDAP/{convert,get,ol*} \
162	/etc/openldap/schema &&
163	fi &&
164
165	install -v -m755 -d /usr/share/doc/samba-&samba3-version; &&
166	install -v -m644 ../docs/*.pdf \
167	/usr/share/doc/samba-&samba3-version; &&
168	ln -v -s ../../samba/swat /usr/share/doc/samba-&samba3-version;</userinput></screen>
169
170	</sect2>
171
172	<sect2 role="commands">
173	<title>Command Explanations</title>
174
175	<!-- <para><option>-enable-merged-build</option>: Use this parameter to build
176	the (alpha) Samba4 components (GnuTLS is recommended).</para> -->
177
178	<para><parameter>--sysconfdir=/etc</parameter>: Sets the configuration
179	file directory to avoid the default of
180	<filename class="directory">/usr/etc</filename>.</para>
181
182	<para><parameter>--localstatedir=/var</parameter>: Sets the variable
183	data directory to avoid the default of
184	<filename class="directory">/usr/var</filename>.</para>
185
186	<para><parameter>--with-fhs</parameter>: Assigns all other file paths in
187	a manner compliant with the Filesystem Hierarchy Standard (FHS).</para>
188
189	<para><parameter>--enable-nss-wrapper</parameter>: Builds the nss-wrapper
190	library.</para>
191
192	<para><parameter>--enable-socket-wrapper</parameter>: This options is
193	required to run the test suite.</para>
194
195	<para><command>sed -i "s/-ldl/& -ltirpc -lpthread/" Makefile</command>:
196	This command enables the build to complete when using libtirpc instead of
197	the deprecated GLibC rpc functions.</para>
198
199	<para><command>cp pkgconfig/wbclient.pc /usr/lib/pkgconfig</command>:
200	Install a file omitted by the install procedure.</para>
201
202	<para><command>install -v -m755 nsswitch/libnss_win{s,bind}.so /lib</command>:
203	The nss libraries are not installed by default. If you intend to use
204	winbindd for Windows NT domain authentication, and/or WINS name resolution,
205	you need these libraries.</para>
206
207	<para><command>ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2</command>
208	and <command>ln -v -sf libnss_wins.so /lib/libnss_wins.so.2</command>:
209	These symlinks are required by <application>Glibc</application> to use the
210	NSS libraries.</para>
211
212	<para><command>if [ -d /etc/openldap/schema ]; then ...; fi</command>:
213	These commands are used to see if you have an OpenLDAP installation, and if
214	so, they copy sample Samba schemas to the OpenLDAP
215	<filename class='directory'>schema</filename> directory.</para>
216
217	<para><command>install -v -m644 ../examples/smb.conf.default
218	/etc/samba</command>: This copies a default <filename>smb.conf</filename>
219	file into <filename>/etc/samba</filename>. This sample configuration will
220	not work until you copy it to <filename>/etc/samba/smb.conf</filename> and
221	make the appropriate changes for your installation. See the configuration
222	section for minimum values which must be set.</para>
223
224	</sect2>
225
226	<sect2 role="configuration">
227	<title>Configuring Samba</title>
228
229	<sect3 id="samba3-config">
230	<title>Config Files</title>
231
232	<para>/etc/samba/smb.conf</para>
233
234	<indexterm zone="samba3 samba3-config">
235	<primary sortas="e-etc-samba-smb.conf">/etc/samba/smb.conf</primary>
236	</indexterm>
237
238	</sect3>
239	<!-- mount.cifs is now in the separate cifs-utils package
240	<sect3>
241	<title>Mounting Shares by Unprivileged Users</title>
242
243	<para>If it is desired for unprivileged users to directly mount (and
244	unmount) CIFS shares, the <command>mount.cifs</command> and
245	<command>umount.cifs</command> commands must be setuid
246	<systemitem class='username'>root</systemitem>. Note that users can
247	only mount CIFS shares on a mount point owned by that user (requires
248	write access also). If desired, change these programs to setuid
249	<systemitem class='username'>root</systemitem> by issuing the following
250	command as the <systemitem class='username'>root</systemitem>
251	user:</para>
252
253	<screen role="root"><userinput>chmod -v 4755 /usr/sbin/{,u}mount.cifs</userinput></screen>
254
255	</sect3>
256	-->
257	<sect3>
258	<title>Printing to SMB Clients</title>
259
260	<para>If you use <application>CUPS</application> for print services,
261	and you wish to print to a printer attached to an SMB client, you
262	need to create an SMB backend device. To create the device, issue the
263	following command as the <systemitem class="username">root</systemitem>
264	user:</para>
265
266	<screen role="root"><userinput>ln -v -sf /usr/bin/smbspool /usr/lib/cups/backend/smb</userinput></screen>
267
268	</sect3>
269
270	<sect3>
271	<title>Configuration Information</title>
272
273	<para>Due to the complexity and the many various uses for
274	<application>Samba</application>, complete configuration for all the
275	package's capabilities is well beyond the scope of the BLFS book. This
276	section provides instructions to configure the
277	<filename>/etc/samba/smb.conf</filename> file for two common scenarios.
278	The complete contents of <filename>/etc/samba/smb.conf</filename> will
279	depend on the purpose of <application>Samba</application>
280	installation.</para>
281
282	<note>
283	<para>You may find it easier to copy the configuration parameters shown
284	below into an empty <filename>/etc/samba/smb.conf</filename> file
285	instead of copying and editing the default file as mentioned in the
286	<quote>Command Explanations</quote> section. How you create/edit the
287	<filename>/etc/samba/smb.conf</filename> file will be left up to
288	you. Do ensure the file is only writeable by the
289	<systemitem class="username">root</systemitem> user (mode 644).</para>
290	</note>
291
292	<sect4>
293	<title>Scenario 1: Minimal Standalone Client-Only Installation</title>
294
295	<para>Choose this variant if you only want to transfer files using
296	<command>smbclient</command>, mount Windows shares and print to Windows
297	printers, and don't want to share your files and printers to Windows
298	machines.</para>
299
300	<para>A <filename>/etc/samba/smb.conf</filename> file with the following
301	three parameters is sufficient:</para>
302
303	<screen role='root'><literal>[global]
304	workgroup = <replaceable>MYGROUP</replaceable>
305	dos charset = <replaceable>cp850</replaceable>
306	unix charset = <replaceable>ISO-8859-1</replaceable></literal></screen>
307
308	<para>The values in this example specify that the computer belongs to a
309	Windows workgroup named
310	<quote><replaceable>MYGROUP</replaceable></quote>, uses the
311	<quote><replaceable>cp850</replaceable></quote> character set on the
312	wire when talking to MS-DOS and MS Windows 9x, and that the filenames
313	are stored in the <quote><replaceable>ISO-8859-1</replaceable></quote>
314	encoding on the disk. Adjust these values appropriately for your
315	installation. The <quote>unix charset</quote> value must be the same as
316	the output of <command>locale charmap</command> when executed with the
317	<envar>LANG</envar> variable set to your preferred locale, otherwise the
318	<command>ls</command> command may not display correct filenames of
319	downloaded files.</para>
320
321	<para>There is no need to run any <application>Samba</application>
322	servers in this scenario, thus you don't need to install the provided
323	bootscripts.</para>
324
325	</sect4>
326
327	<sect4>
328	<title>Scenario 2: Standalone File/Print Server</title>
329
330	<para>Choose this variant if you want to share your files and printers
331	to Windows machines in your workgroup in addition to the capabilities
332	described in Scenario 1.</para>
333
334	<para>In this case, the <filename>/etc/samba/smb.conf.default</filename>
335	file may be a good template to start from. Also add
336	<quote>dos charset</quote> and <quote>unix charset</quote> parameters
337	to the <quote>[global]</quote> section as described in Scenario 1 in
338	order to prevent filename corruption.</para>
339
340	<para>The following configuration file creates a separate share for each
341	user's home directory and also makes all printers available to Windows
342	machines:</para>
343
344	<screen role='root'><literal>[global]
345	workgroup = <replaceable>MYGROUP</replaceable>
346	dos charset = <replaceable>cp850</replaceable>
347	unix charset = <replaceable>ISO-8859-1</replaceable>
348
349	[homes]
350	comment = Home Directories
351	browseable = no
352	writable = yes
353
354	[printers]
355	comment = All Printers
356	path = /var/spool/samba
357	browseable = no
358	guest ok = no
359	printable = yes</literal></screen>
360
361	<para>Other parameters you may wish to customize in the
362	<quote>[global]</quote> section include:</para>
363
364	<screen role='root'><literal> server string =
365	security =
366	hosts allow =
367	load printers =
368	log file =
369	max log size =
370	socket options =
371	local master =</literal></screen>
372
373	<para>Reference the comments in the
374	<filename>/etc/samba/smb.conf.default</filename> file for information
375	regarding these parameters.</para>
376
377	<para>Since the <command>smbd</command> and <command>nmbd</command>
378	daemons are needed in this case, install the <filename>samba</filename>
379	bootscript. Be sure to run <command>smbpasswd</command> (with the
380	<option>-a</option> option to add users) to enable and
381	set passwords for all accounts that need
382	<application>Samba</application> access, or use the SWAT web interface
383	(see below) to do the same. Using the default
384	<application>Samba</application> passdb backend, any user you attempt
385	to add will also be required to exist in the
386	<filename>/etc/passwd</filename> file.</para>
387
388	</sect4>
389
390	<sect4>
391	<title>Advanced Requirements</title>
392
393	<para>More complex scenarios involving domain control or membership are
394	possible if the right flags are passed to the ./configure script when
395	the package is built. Such setups are advanced topics and cannot be
396	adequately covered in BLFS. Many complete books have been written on
397	these topics alone. It should be noted, however, that a
398	<application>Samba</application> BDC cannot be used as a fallback
399	for a Windows PDC, and conversely, a Windows BDC cannot be used as a
400	fallback for a <application>Samba</application> PDC. Also in some
401	domain membership scenarios, the <command>winbindd</command> daemon and
402	the corresponding bootscript are needed.</para>
403
404	<para>There is quite a bit of documentation available which covers many
405	of these advanced configurations. Point your web browser to the links
406	below to view some of the documentation included with the
407	<application>Samba</application> package:</para>
408
409	<itemizedlist spacing='compact'>
410	<listitem>
411	<para>Using Samba, 2nd Edition; a popular book published by O'Reilly
412	<ulink url="file:///usr/share/samba/swat/using_samba/toc.html"/></para>
413	</listitem>
414	<listitem>
415	<para>The Official Samba HOWTO and Reference Guide <ulink
416	url="file:///usr/share/samba/swat/help/Samba-HOWTO-Collection/index.html"/>
417	</para>
418	</listitem>
419	<listitem>
420	<para>Samba-3 by Example
421	<ulink url="file:///usr/share/samba/swat/help/Samba-Guide/index.html"/>
422	</para>
423	</listitem>
424	<listitem>
425	<para>The Samba-3 man Pages
426	<ulink url="file:///usr/share/samba/swat/help/samba.7.html"/></para>
427	</listitem>
428	</itemizedlist>
429
430	</sect4>
431
432	<sect4 id="samba3-init">
433	<title>Boot Script</title>
434
435	<para>For your convenience, boot scripts have been provided for
436	<application>Samba</application>. There are two included in the
437	<xref linkend="bootscripts"/> package. The first,
438	<filename>samba</filename>, will start the <command>smbd</command>
439	and <command>nmbd</command> daemons needed to provide SMB/CIFS
440	services. The second script, <filename>winbind</filename>, starts
441	the <command>winbindd</command> daemon, used for providing Windows
442	domain services to Linux clients.</para>
443
444	<indexterm zone="samba3 samba3-init">
445	<primary sortas="f-samba">samba</primary>
446	</indexterm>
447
448	<indexterm zone="samba3 samba3-init">
449	<primary sortas="f-winbind">winbind</primary>
450	</indexterm>
451
452	<para>The default <application>Samba</application> installation uses the
453	<systemitem class='username'>nobody</systemitem> user for guest access
454	to the server. This can be overridden by setting the
455	<option>guest account =</option> parameter in the
456	<filename>/etc/samba/smb.conf</filename> file. If you utilize the
457	<option>guest account =</option> parameter, ensure this user exists in
458	the <filename>/etc/passwd</filename> file. To use the default user,
459	issue the following commands as the
460	<systemitem class='username'>root</systemitem> user:</para>
461
462	<screen><userinput>groupadd -g 99 nogroup &&
463	useradd -c "Unprivileged Nobody" -d /dev/null -g nogroup \
464	-s /bin/false -u 99 nobody</userinput></screen>
465
466	<para>Install the <filename>samba</filename> script with the following
467	command issued as the <systemitem class="username">root</systemitem>
468	user:</para>
469
470	<screen role="root"><userinput>make install-samba</userinput></screen>
471
472	<para>If you also need the <filename>winbindd</filename>
473	script to resolve names from Windows clients, run:</para>
474
475	<screen role="root"><userinput>make install-winbindd</userinput></screen>
476
477	</sect4>
478
479	</sect3>
480
481	<sect3 id="samba3-swat-config">
482	<title>Configuring SWAT</title>
483
484	<para>The SWAT (<application>Samba</application> Web Administration Tool)
485	utility can be used for configuration of the
486	<application>Samba</application> installation.</para>
487
488	<indexterm zone="samba3 samba3-swat-config">
489	<primary sortas="g-configuring-SWAT">Configuring SWAT</primary>
490	</indexterm>
491	<!--
492	<sect4>
493	<title>Setting up SWAT using inetd</title>
494
495	<indexterm zone="samba3 samba3-swat-config">
496	<primary sortas="e-etc-inetd.conf">/etc/inetd.conf</primary>
497	</indexterm>
498
499	<indexterm zone="samba3 samba3-swat-config">
500	<primary sortas="e-etc-services">/etc/services</primary>
501	</indexterm>
502
503	<warning>
504	<para>BLFS does not recommend using these procedures because of the
505	security risk involved. However, in a home network environment and
506	disclosure of the <systemitem class='username'>root</systemitem>
507	password is an acceptable risk, the following
508	instructions are provided for your convenience.</para>
509	</warning>
510
511	<para>First you must add an entry to <filename>/etc/services</filename>
512	and modify the <command>inetd</command> configuration. Add this entry
513	with the following command issued as the <systemitem
514	class="username">root</systemitem> user:</para>
515
516	<screen role="root"><userinput>echo "swat 905/tcp" >> /etc/services</userinput></screen>
517
518	<para>Now add this entry to the <filename>/etc/inetd.conf</filename>
519	file, again as the <systemitem class="username">root</systemitem>
520	user:</para>
521
522	<screen role="root"><userinput>echo "swat stream tcp nowait.5 root /usr/sbin/swat swat >> /etc/inetd.conf</userinput></screen>
523
524	<para>Issue a <command>killall -HUP inetd</command> to reread the
525	changed <filename>inetd.conf</filename> file.</para>
526
527	<para>SWAT can be launched by pointing your web browser to
528	http://localhost:905.</para>
529
530	</sect4>
531	-->
532	<sect4>
533	<title>Setting up SWAT using xinetd</title>
534
535	<indexterm zone="samba3 samba3-swat-config">
536	<primary sortas="e-etc-xinetd.conf">/etc/xinetd.conf</primary>
537	</indexterm>
538
539	<para>If not already done, add an entry to <filename>/etc/services</filename> file
540	as the <systemitem class="username">root</systemitem> user:</para>
541
542	<screen role="root"><userinput>echo "swat 905/tcp" >> /etc/services</userinput></screen>
543
544	<para>Create the <application>Samba</application> <xref
545	linkend='xinetd'/> file as <filename>/etc/xinetd.d/swat</filename>.</para>
546
547	<warning>
548	<para>You may modify or remove the <quote>only_from</quote> line
549	below to include other host(s). BLFS does not recommend doing this
550	because of the security risk involved. However, in a home network
551	environment, disclosure of the <systemitem
552	class='username'>root</systemitem> password may be an acceptable
553	risk.</para>
554	</warning>
555
556	<screen role="root"><userinput>cat >> /etc/xinetd.d/swat << "EOF"
557	<literal># Begin /etc/xinetd.d/swat
558
559	service swat
560	{
561	port = 905
562	socket_type = stream
563	wait = no
564	instances = 5
565	only_from = 127.0.0.1
566	user = root
567	server = /usr/sbin/swat
568	log_on_failure += USERID
569	}
570
571	# End /etc/xinetd.d/swat</literal>
572	EOF</userinput></screen>
573
574	<para>Issue a <command>killall -HUP xinetd</command> to read the new
575	<filename>/etc/xinetd.d/swat</filename> file.</para>
576
577	<note>
578	<para>If you linked <application>Linux-PAM</application> into the
579	<application>Samba</application> build, you'll need to create an
580	<filename>/etc/pam.d/samba</filename> file.</para>
581	</note>
582
583	<para>SWAT can now be launched by pointing your web browser to
584	http://localhost:905.</para>
585
586	</sect4>
587
588	<sect4>
589	<title>Setting up SWAT using stunnel</title>
590
591	<para>A better way to set up SWAT for network access is through
592	<xref linkend='stunnel'/>. For convenience, a boot scripts has
593	been provided for SWAT via stunnel. First, create the stunnel
594	configuration file:</para>
595
596	<indexterm zone="samba3 samba3-swat-config">
597	<primary sortas="e-etc-stunnel-swat.conf">/etc/stunnel/swat.conf</primary>
598	</indexterm>
599
600	<screen role="root"><userinput>cat >> /etc/stunnel/swat.conf << "EOF"
601	<literal>; File: /etc/stunnel/swat.conf
602
603	pid = /run/stunnel-swat.pid
604	setuid = root
605	setgid = root
606	cert = /etc/stunnel/stunnel.pem
607
608	[swat]
609	accept = swat
610	exec = /usr/sbin/swat
611	</literal>
612	EOF</userinput></screen>
613
614	<para>Next, install the swat bootscript:</para>
615
616	<screen role="root"><userinput>make install-swat</userinput></screen>
617
618	<para>After starting the SWAT boot script the tool can be accessed by
619	pointing your web browser to https://localhost:905. Note:
620	<emphasis>https</emphasis>. If access to the tool needs to be
621	further restricted, then <xref linkend='iptables'/> can be
622	used.</para>
623
624	</sect4>
625
626	</sect3>
627
628	<sect3>
629	<title/>
630
631
632	<indexterm zone="samba3 samba3-swat-config">
633	<primary sortas="e-etc-pam.d-samba">/etc/pam.d/samba</primary>
634	</indexterm>
635
636	</sect3>
637
638
639	</sect2>
640
641	<sect2 role="content">
642	<title>Contents</title>
643
644	<segmentedlist>
645	<segtitle>Installed Programs</segtitle>
646	<segtitle>Installed Libraries</segtitle>
647	<segtitle>Installed Directories</segtitle>
648
649	<seglistitem>
650	<seg>eventlogadm, findsmb, ldbadd, ldbdel, ldbedit,
651	ldbmodify, ldbrename, ldbsearch, net, nmbd,
652	nmblookup, ntlm_auth, pdbedit, profiles, rpcclient, sharesec, smbcacls,
653	smbclient, smbcontrol, smbcquotas, smbd, smbget, smbpasswd, smbspool,
654	smbstatus, smbtar, smbtree, swat, testparm, wbinfo,
655	winbindd, and (if not using system TDB) tdbbackup, tdbdump, and
656	tdbtool</seg>
657	<seg>libnss_winbind.so, libnss_wins.so, libnetapi.so, libsmbclient.so,
658	libsmbsharemodes.so, libtalloc.so, libwbclient.so, the pam_winbind.so
659	and pam_smbpass.so PAM libraries, and assorted character set,
660	filesystem and support modules.</seg>
661	<seg>/etc/samba, /usr/lib/samba, /usr/share/doc/samba-&samba3-version;,
662	/usr/share/samba, /var/lib/samba, /var/log/samba (if configured), and
663	/var/nmbd</seg>
664	</seglistitem>
665	</segmentedlist>
666
667	<variablelist>
668	<bridgehead renderas="sect3">Short Descriptions</bridgehead>
669	<?dbfo list-presentation="list"?>
670	<?dbhtml list-presentation="table"?>
671
672	<varlistentry id="eventlogadm">
673	<term><command>eventlogadm</command></term>
674	<listitem>
675	<para>is used to write records to eventlogs from STDIN, add the
676	specified source and DLL eventlog registry entries and display the
677	active eventlog names (from <filename>smb.conf</filename>).</para>
678	<indexterm zone="samba3 eventlogadm">
679	<primary sortas="b-eventlogadm">eventlogadm</primary>
680	</indexterm>
681	</listitem>
682	</varlistentry>
683
684	<varlistentry id="findsmb">
685	<term><command>findsmb</command></term>
686	<listitem>
687	<para>lists information about machines that respond to
688	SMB name queries on a subnet.</para>
689	<indexterm zone="samba3 findsmb">
690	<primary sortas="b-findsmb">findsmb</primary>
691	</indexterm>
692	</listitem>
693	</varlistentry>
694
695	<varlistentry id="ldbadd">
696	<term><command>ldbadd</command></term>
697	<listitem>
698	<para>is a command-line utility for adding records to an LDB
699	database.</para>
700	<indexterm zone="samba3 ldbadd">
701	<primary sortas="b-ldbadd">ldbadd</primary>
702	</indexterm>
703	</listitem>
704	</varlistentry>
705
706	<varlistentry id="ldbdel">
707	<term><command>ldbdel</command></term>
708	<listitem>
709	<para>is a command-line program for deleting LDB database
710	records.</para>
711	<indexterm zone="samba3 ldbdel">
712	<primary sortas="b-ldbdel">ldbdel</primary>
713	</indexterm>
714	</listitem>
715	</varlistentry>
716
717	<varlistentry id="ldbedit">
718	<term><command>ldbedit</command></term>
719	<listitem>
720	<para>allows you to edit LDB databases using your preferred
721	editor.</para>
722	<indexterm zone="samba3 ldbedit">
723	<primary sortas="b-ldbedit">ldbedit</primary>
724	</indexterm>
725	</listitem>
726	</varlistentry>
727
728	<varlistentry id="ldbmodify">
729	<term><command>ldbmodify</command></term>
730	<listitem>
731	<para>allows you to modify records in an LDB database.</para>
732	<indexterm zone="samba3 ldbmodify">
733	<primary sortas="b-ldbmodify">ldbmodify</primary>
734	</indexterm>
735	</listitem>
736	</varlistentry>
737
738	<varlistentry id="ldbrename">
739	<term><command>ldbrename</command></term>
740	<listitem>
741	<para>allows you to edit LDB databases using your preferred
742	editor.</para>
743	<indexterm zone="samba3 ldbrename">
744	<primary sortas="b-ldbrename">ldbrename</primary>
745	</indexterm>
746	</listitem>
747	</varlistentry>
748
749	<varlistentry id="ldbsearch">
750	<term><command>ldbsearch</command></term>
751	<listitem>
752	<para>searches an LDB database for records matching a specified
753	expression.</para>
754	<indexterm zone="samba3 ldbsearch">
755	<primary sortas="b-ldbsearch">ldbsearch</primary>
756	</indexterm>
757	</listitem>
758	</varlistentry>
759
760	<varlistentry id="net">
761	<term><command>net</command></term>
762	<listitem>
763	<para>is a tool for administration of
764	<application>Samba</application> and remote CIFS servers, similar
765	to the <command>net</command> utility for DOS/Windows.</para>
766	<indexterm zone="samba3 net">
767	<primary sortas="b-net">net</primary>
768	</indexterm>
769	</listitem>
770	</varlistentry>
771
772	<varlistentry id="nmbd">
773	<term><command>nmbd</command></term>
774	<listitem>
775	<para>is the <application>Samba</application>
776	NetBIOS name server.</para>
777	<indexterm zone="samba3 nmbd">
778	<primary sortas="b-nmbd">nmbd</primary>
779	</indexterm>
780	</listitem>
781	</varlistentry>
782
783	<varlistentry id="nmblookup">
784	<term><command>nmblookup</command></term>
785	<listitem>
786	<para>is used to query NetBIOS names and map
787	them to IP addresses.</para>
788	<indexterm zone="samba3 nmblookup">
789	<primary sortas="b-nmblookup">nmblookup</primary>
790	</indexterm>
791	</listitem>
792	</varlistentry>
793
794	<varlistentry id="ntlm_auth">
795	<term><command>ntlm_auth</command></term>
796	<listitem>
797	<para>is a tool to allow external access to Winbind's
798	NTLM authentication function.</para>
799	<indexterm zone="samba3 ntlm_auth">
800	<primary sortas="b-ntlm_auth">ntlm_auth</primary>
801	</indexterm>
802	</listitem>
803	</varlistentry>
804
805	<varlistentry id="pdbedit">
806	<term><command>pdbedit</command></term>
807	<listitem>
808	<para>is a tool used to manage the SAM database.</para>
809	<indexterm zone="samba3 pdbedit">
810	<primary sortas="b-pdbedit">pdbedit</primary>
811	</indexterm>
812	</listitem>
813	</varlistentry>
814
815	<varlistentry id="profiles">
816	<term><command>profiles</command></term>
817	<listitem>
818	<para>is a utility that reports and changes SIDs in Windows
819	registry files. It currently only supports Windows NT.</para>
820	<indexterm zone="samba3 profiles">
821	<primary sortas="b-profiles">profiles</primary>
822	</indexterm>
823	</listitem>
824	</varlistentry>
825
826	<varlistentry id="rpcclient">
827	<term><command>rpcclient</command></term>
828	<listitem>
829	<para>is used to execute MS-RPC client side functions.</para>
830	<indexterm zone="samba3 rpcclient">
831	<primary sortas="b-rpcclient">rpcclient</primary>
832	</indexterm>
833	</listitem>
834	</varlistentry>
835
836	<varlistentry id="sharesec">
837	<term><command>sharesec</command></term>
838	<listitem>
839	<para>manipulates share ACL permissions on SMB file shares.</para>
840	<indexterm zone="samba3 sharesec">
841	<primary sortas="b-sharesec">sharesec</primary>
842	</indexterm>
843	</listitem>
844	</varlistentry>
845
846	<varlistentry id="smbcacls">
847	<term><command>smbcacls</command></term>
848	<listitem>
849	<para>is used to manipulate Windows NT access control lists.</para>
850	<indexterm zone="samba3 smbcacls">
851	<primary sortas="b-smbcacls">smbcacls</primary>
852	</indexterm>
853	</listitem>
854	</varlistentry>
855
856	<varlistentry id="smbclient">
857	<term><command>smbclient</command></term>
858	<listitem>
859	<para>is a SMB/CIFS access utility, similar to FTP.</para>
860	<indexterm zone="samba3 smbclient">
861	<primary sortas="b-smbclient">smbclient</primary>
862	</indexterm>
863	</listitem>
864	</varlistentry>
865
866	<varlistentry id="smbcontrol">
867	<term><command>smbcontrol</command></term>
868	<listitem>
869	<para>is used to control running <command>smbd</command>,
870	<command>nmbd</command> and <command>winbindd</command>
871	daemons.</para>
872	<indexterm zone="samba3 smbcontrol">
873	<primary sortas="b-smbcontrol">smbcontrol</primary>
874	</indexterm>
875	</listitem>
876	</varlistentry>
877
878	<varlistentry id="smbcquotas">
879	<term><command>smbcquotas</command></term>
880	<listitem>
881	<para>is used to manipulate Windows NT quotas on
882	SMB file shares.</para>
883	<indexterm zone="samba3 smbcquotas">
884	<primary sortas="b-smbcquotas">smbcquotas</primary>
885	</indexterm>
886	</listitem>
887	</varlistentry>
888
889	<varlistentry id="smbd">
890	<term><command>smbd</command></term>
891	<listitem>
892	<para>is the main <application>Samba</application> daemon which
893	provides SMB/CIFS services to clients.</para>
894	<indexterm zone="samba3 smbd">
895	<primary sortas="b-smbd">smbd</primary>
896	</indexterm>
897	</listitem>
898	</varlistentry>
899
900	<varlistentry id="smbget">
901	<term><command>smbget</command></term>
902	<listitem>
903	<para>is a simple utility with <command>wget</command>-like
904	semantics, that can download files from SMB servers. You can specify
905	the files you would like to download on the command-line.</para>
906	<indexterm zone="samba3 smbget">
907	<primary sortas="b-smbget">smbget</primary>
908	</indexterm>
909	</listitem>
910	</varlistentry>
911
912	<varlistentry id="smbpasswd">
913	<term><command>smbpasswd</command></term>
914	<listitem>
915	<para>changes a user's <application>Samba</application>
916	password.</para>
917	<indexterm zone="samba3 smbpasswd">
918	<primary sortas="b-smbpasswd">smbpasswd</primary>
919	</indexterm>
920	</listitem>
921	</varlistentry>
922
923	<varlistentry id="smbspool">
924	<term><command>smbspool</command></term>
925	<listitem>
926	<para>sends a print job to an SMB printer.</para>
927	<indexterm zone="samba3 smbspool">
928	<primary sortas="b-smbspool">smbspool</primary>
929	</indexterm>
930	</listitem>
931	</varlistentry>
932
933	<varlistentry id="smbstatus">
934	<term><command>smbstatus</command></term>
935	<listitem>
936	<para>reports current <application>Samba</application>
937	connections.</para>
938	<indexterm zone="samba3 smbstatus">
939	<primary sortas="b-smbstatus">smbstatus</primary>
940	</indexterm>
941	</listitem>
942	</varlistentry>
943
944	<varlistentry id="smbtar">
945	<term><command>smbtar</command></term>
946	<listitem>
947	<para>is a shell script used for backing up SMB/CIFS shares
948	directly to Linux tape drives or a file.</para>
949	<indexterm zone="samba3 smbtar">
950	<primary sortas="b-smbtar">smbtar</primary>
951	</indexterm>
952	</listitem>
953	</varlistentry>
954
955	<varlistentry id="smbtree">
956	<term><command>smbtree</command></term>
957	<listitem>
958	<para>is a text-based SMB network browser.</para>
959	<indexterm zone="samba3 smbtree">
960	<primary sortas="b-smbtree">smbtree</primary>
961	</indexterm>
962	</listitem>
963	</varlistentry>
964
965	<varlistentry id="swat">
966	<term><command>swat</command></term>
967	<listitem>
968	<para>is the <application>Samba</application> Web Administration
969	Tool.</para>
970	<indexterm zone="samba3 swat">
971	<primary sortas="b-swat">swat</primary>
972	</indexterm>
973	</listitem>
974	</varlistentry>
975
976	<varlistentry id="tdbbackup">
977	<term><command>tdbbackup</command></term>
978	<listitem>
979	<para>is a tool for backing up or validating the integrity of
980	<application>Samba</application> <filename>.tdb</filename>
981	files.</para>
982	<indexterm zone="samba3 tdbbackup">
983	<primary sortas="b-tdbbackup">tdbbackup</primary>
984	</indexterm>
985	</listitem>
986	</varlistentry>
987
988	<varlistentry id="tdbdump">
989	<term><command>tdbdump</command></term>
990	<listitem>
991	<para> is a tool used to print the contents of a
992	<application>Samba</application> <filename>.tdb</filename>
993	file.</para>
994	<indexterm zone="samba3 tdbdump">
995	<primary sortas="b-tdbdump">tdbdump</primary>
996	</indexterm>
997	</listitem>
998	</varlistentry>
999
1000	<varlistentry id="tdbtool">
1001	<term><command>tdbtool</command></term>
1002	<listitem>
1003	<para>is a tool which allows simple database manipulation from the
1004	command line.</para>
1005	<indexterm zone="samba3 tdbtool">
1006	<primary sortas="b-tdbtool">tdbtool</primary>
1007	</indexterm>
1008	</listitem>
1009	</varlistentry>
1010
1011	<varlistentry id="testparm">
1012	<term><command>testparm</command></term>
1013	<listitem>
1014	<para>checks an <filename>smb.conf</filename> file for proper
1015	syntax.</para>
1016	<indexterm zone="samba3 testparm">
1017	<primary sortas="b-testparm">testparm</primary>
1018	</indexterm>
1019	</listitem>
1020	</varlistentry>
1021
1022	<varlistentry id="wbinfo">
1023	<term><command>wbinfo</command></term>
1024	<listitem>
1025	<para>queries a running <command>winbindd</command> daemon.</para>
1026	<indexterm zone="samba3 wbinfo">
1027	<primary sortas="b-wbinfo">wbinfo</primary>
1028	</indexterm>
1029	</listitem>
1030	</varlistentry>
1031
1032	<varlistentry id="winbindd">
1033	<term><command>winbindd</command></term>
1034	<listitem>
1035	<para>resolves names from Windows NT servers.</para>
1036	<indexterm zone="samba3 winbindd">
1037	<primary sortas="b-winbindd">winbindd</primary>
1038	</indexterm>
1039	</listitem>
1040	</varlistentry>
1041
1042	<varlistentry id="libnss_winbind">
1043	<term><filename class='libraryfile'>libnss_winbind.so</filename></term>
1044	<listitem>
1045	<para>provides Name Service Switch API functions for resolving names
1046	from NT servers.</para>
1047	<indexterm zone="samba3 libnss_winbind">
1048	<primary sortas="c-libnss_winbind">libnss_winbind.so</primary>
1049	</indexterm>
1050	</listitem>
1051	</varlistentry>
1052
1053	<varlistentry id="libnss_wins">
1054	<term><filename class='libraryfile'>libnss_wins.so</filename></term>
1055	<listitem>
1056	<para>provides API functions for Samba's implementation of the
1057	Windows Internet Naming Service.</para>
1058	<indexterm zone="samba3 libnss_wins">
1059	<primary sortas="c-libnss_wins">libnss_wins.so</primary>
1060	</indexterm>
1061	</listitem>
1062	</varlistentry>
1063
1064	<varlistentry id="libnetapi">
1065	<term><filename class='libraryfile'>libnetapi.so</filename></term>
1066	<listitem>
1067	<para>provides the API functions for the administration tools used
1068	for Samba and remote CIFS servers.</para>
1069	<indexterm zone="samba3 libnetapi">
1070	<primary sortas="c-libnetapi">libnetapi.so</primary>
1071	</indexterm>
1072	</listitem>
1073	</varlistentry>
1074
1075	<varlistentry id="libsmbclient">
1076	<term><filename class='libraryfile'>libsmbclient.so</filename></term>
1077	<listitem>
1078	<para>provides the API functions for the Samba SMB client tools.</para>
1079	<indexterm zone="samba3 libsmbclient">
1080	<primary sortas="c-libsmbclient">libsmbclient.so</primary>
1081	</indexterm>
1082	</listitem>
1083	</varlistentry>
1084
1085	<varlistentry id="libsmbsharemodes">
1086	<term><filename class='libraryfile'>libsmbsharemodes.so</filename></term>
1087	<listitem>
1088	<para>provides API functions for accessing SMB share modes
1089	(locks etc.)</para>
1090	<indexterm zone="samba3 libsmbsharemodes">
1091	<primary sortas="c-libsmbsharemodes">libsmbsharemodes.so</primary>
1092	</indexterm>
1093	</listitem>
1094	</varlistentry>
1095
1096	<varlistentry id="libwbclient">
1097	<term><filename class='libraryfile'>libwbclient.so</filename></term>
1098	<listitem>
1099	<para>provides API functions for Windows domain client services.</para>
1100	<indexterm zone="samba3 libwbclient">
1101	<primary sortas="c-libwbclient">libwbclient.so</primary>
1102	</indexterm>
1103	</listitem>
1104	</varlistentry>
1105
1106	</variablelist>
1107
1108	</sect2>
1109
1110	</sect1>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: networking/netprogs/samba3.xml@ 4e9f28df

Download in other formats: