[0931098] | 1 | <?xml version="1.0" encoding="ISO-8859-1"?>
|
---|
[6732c094] | 2 | <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
---|
| 3 | "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
|
---|
[0931098] | 4 | <!ENTITY % general-entities SYSTEM "../../general.ent">
|
---|
| 5 | %general-entities;
|
---|
| 6 |
|
---|
[a8ecf657] | 7 | <!ENTITY samba3-download-http "http://us1.samba.org/samba/ftp/stable/samba-&samba3-version;.tar.gz">
|
---|
[75b4d9e] | 8 | <!ENTITY samba3-download-ftp "ftp://us5.samba.org/pub/samba-ftp/samba-&samba3-version;.tar.gz">
|
---|
[e303de2] | 9 | <!ENTITY samba3-md5sum "d647ec1f34414fa8691f74536dcccfb5">
|
---|
| 10 | <!ENTITY samba3-size "20 MB">
|
---|
[65dea1b] | 11 | <!ENTITY samba3-buildsize "238 MB">
|
---|
| 12 | <!ENTITY samba3-time "2.3 SBU (additional 1.0 SBU to run the test suite)">
|
---|
[0931098] | 13 | ]>
|
---|
| 14 |
|
---|
[736ede9] | 15 | <sect1 id="samba3" xreflabel="Samba-&samba3-version;">
|
---|
[99ef1fc] | 16 | <?dbhtml filename="samba3.html"?>
|
---|
| 17 |
|
---|
| 18 | <sect1info>
|
---|
| 19 | <othername>$LastChangedBy$</othername>
|
---|
| 20 | <date>$Date$</date>
|
---|
| 21 | </sect1info>
|
---|
| 22 |
|
---|
| 23 | <title>Samba-&samba3-version;</title>
|
---|
| 24 |
|
---|
| 25 | <indexterm zone="samba3">
|
---|
| 26 | <primary sortas="a-Samba">Samba</primary>
|
---|
| 27 | </indexterm>
|
---|
| 28 |
|
---|
[4e82a189] | 29 | <sect2 role="package">
|
---|
[99ef1fc] | 30 | <title>Introduction to Samba</title>
|
---|
| 31 |
|
---|
| 32 | <para>The <application>Samba</application> package provides file and print
|
---|
| 33 | services to SMB/CIFS clients and Windows networking to Linux clients.
|
---|
| 34 | <application>Samba</application> can also be configured as a Windows NT
|
---|
| 35 | 4.0 Domain Controller replacement (with caveats working with NT PDC's and
|
---|
| 36 | BDC's), a file/print server acting as a member of a Windows NT 4.0 or
|
---|
| 37 | Active Directory domain and a NetBIOS (rfc1001/1002) nameserver (which
|
---|
| 38 | amongst other things provides LAN browsing support).</para>
|
---|
| 39 |
|
---|
| 40 | <bridgehead renderas="sect3">Package Information</bridgehead>
|
---|
| 41 | <itemizedlist spacing="compact">
|
---|
| 42 | <listitem>
|
---|
| 43 | <para>Download (HTTP): <ulink url="&samba3-download-http;"/></para>
|
---|
| 44 | </listitem>
|
---|
| 45 | <listitem>
|
---|
| 46 | <para>Download (FTP): <ulink url="&samba3-download-ftp;"/></para>
|
---|
| 47 | </listitem>
|
---|
| 48 | <listitem>
|
---|
| 49 | <para>Download MD5 sum: &samba3-md5sum;</para>
|
---|
| 50 | </listitem>
|
---|
| 51 | <listitem>
|
---|
| 52 | <para>Download size: &samba3-size;</para>
|
---|
| 53 | </listitem>
|
---|
| 54 | <listitem>
|
---|
| 55 | <para>Estimated disk space required: &samba3-buildsize;</para>
|
---|
| 56 | </listitem>
|
---|
| 57 | <listitem>
|
---|
| 58 | <para>Estimated build time: &samba3-time;</para>
|
---|
| 59 | </listitem>
|
---|
| 60 | </itemizedlist>
|
---|
| 61 |
|
---|
[65dea1b] | 62 | <!--<bridgehead renderas="sect3">Additional Downloads</bridgehead>
|
---|
[22320b4c] | 63 | <itemizedlist spacing="compact">
|
---|
[134279fd] | 64 | <listitem>
|
---|
| 65 | <para>Required patch: <ulink
|
---|
| 66 | url="http://us3.samba.org/samba/patches/patches-&samba3-version;/spoolss.diff"/></para>
|
---|
| 67 | </listitem>
|
---|
[65dea1b] | 68 | </itemizedlist> -->
|
---|
[22320b4c] | 69 |
|
---|
[99ef1fc] | 70 | <bridgehead renderas="sect3">Samba Dependencies</bridgehead>
|
---|
| 71 |
|
---|
| 72 | <bridgehead renderas="sect4">Optional</bridgehead>
|
---|
[a6ac43b] | 73 | <para role="optional"><xref linkend="popt"/>,
|
---|
[6603f8b] | 74 | <xref linkend="linux-pam"/>,
|
---|
[99ef1fc] | 75 | <xref linkend="cups"/>,
|
---|
[75b4d9e] | 76 | <xref linkend="openldap"/>,
|
---|
| 77 | <xref linkend="gamin"/>,
|
---|
[33e33b8] | 78 | <xref linkend="acl"/>,
|
---|
[eaf9ab0] | 79 | <xref linkend="heimdal"/> or <xref linkend="mitkrb"/>,
|
---|
[a8ecf657] | 80 | <xref linkend="python"/> (to build Samba API bindings for the
|
---|
[75b4d9e] | 81 | <application>Python</application> installation),
|
---|
[1c65bfd] | 82 | and <ulink url="http://valgrind.org/">Valgrind</ulink> (optionally
|
---|
[75b4d9e] | 83 | used by the test suite)</para>
|
---|
[a8ecf657] | 84 |
|
---|
[3cb0c57] | 85 | <para condition="html" role="usernotes">User Notes:
|
---|
| 86 | <ulink url="&blfs-wiki;/samba3"/></para>
|
---|
| 87 |
|
---|
[99ef1fc] | 88 | </sect2>
|
---|
| 89 |
|
---|
| 90 | <sect2 role="installation">
|
---|
| 91 | <title>Installation of Samba</title>
|
---|
| 92 |
|
---|
[22320b4c] | 93 | <note>
|
---|
[75b4d9e] | 94 | <para>If you wish to run the test suite after the binaries are built,
|
---|
| 95 | you must add the <option>--enable-socket-wrapper</option> parameter to
|
---|
| 96 | the <command>configure</command> script below. You may want to run
|
---|
| 97 | <command>configure</command> with the <option>--help</option> parameter
|
---|
| 98 | first. There may be other parameters needed to take advantage of
|
---|
| 99 | optional dependencies.</para>
|
---|
[22320b4c] | 100 | </note>
|
---|
| 101 |
|
---|
[65dea1b] | 102 | <para>Install <application>Samba</application> by running the following
|
---|
| 103 | commands:</para>
|
---|
| 104 |
|
---|
| 105 | <!-- <screen><userinput>for FILENAME in $(ls ../*.diff); do patch -Np1 -i $FILENAME; done && -->
|
---|
[134279fd] | 106 |
|
---|
[65dea1b] | 107 | <screen><userinput>cd source &&
|
---|
[134279fd] | 108 |
|
---|
[0931098] | 109 | ./configure \
|
---|
| 110 | --prefix=/usr \
|
---|
| 111 | --sysconfdir=/etc \
|
---|
| 112 | --localstatedir=/var \
|
---|
| 113 | --with-piddir=/var/run \
|
---|
[134279fd] | 114 | --with-pammodulesdir=/lib/security \
|
---|
[0931098] | 115 | --with-fhs \
|
---|
| 116 | --with-smbmount &&
|
---|
[99ef1fc] | 117 | make</userinput></screen>
|
---|
[38b41c2] | 118 |
|
---|
[75b4d9e] | 119 | <para>You must become the <systemitem class="username">root</systemitem>
|
---|
[864b24de] | 120 | user to run the test framework. To run the tests, issue:
|
---|
[75b4d9e] | 121 | <command>make test</command>. If you have
|
---|
| 122 | <application>Linux-PAM</application> installed and built the PAM library
|
---|
| 123 | modules, you can perform a dlopen test by issuing:
|
---|
| 124 | <command>make test_pam_modules</command>.</para>
|
---|
[22320b4c] | 125 |
|
---|
[99ef1fc] | 126 | <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
|
---|
[38b41c2] | 127 |
|
---|
[214b9ac] | 128 | <screen role="root"><userinput>make install &&
|
---|
[b5d1d872] | 129 | mv -v /usr/lib/samba/libsmbclient.so /usr/lib &&
|
---|
| 130 | ln -v -sf ../libsmbclient.so /usr/lib/samba &&
|
---|
[214b9ac] | 131 | ln -v -sf libsmbclient.so /usr/lib/libsmbclient.so.0 &&
|
---|
| 132 |
|
---|
[a8ecf657] | 133 | chmod -v 644 /usr/include/lib{smbclient,msrpc}.h &&
|
---|
[214b9ac] | 134 |
|
---|
[b5d1d872] | 135 | install -v -m755 nsswitch/libnss_win{s,bind}.so /lib &&
|
---|
| 136 | ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2 &&
|
---|
| 137 | ln -v -sf libnss_wins.so /lib/libnss_wins.so.2 &&
|
---|
[214b9ac] | 138 |
|
---|
[b5d1d872] | 139 | install -v -m644 ../examples/smb.conf.default /etc/samba &&
|
---|
[214b9ac] | 140 |
|
---|
| 141 | install -v -m755 -d /usr/share/doc/samba-&samba3-version; &&
|
---|
| 142 | install -v -m644 ../docs/*.pdf /usr/share/doc/samba-&samba3-version; &&
|
---|
[a8ecf657] | 143 | ln -v -s ../../samba/swat /usr/share/doc/samba-&samba3-version;</userinput></screen>
|
---|
[214b9ac] | 144 |
|
---|
| 145 | <para>If you passed the <option>--with-python</option> option to the
|
---|
| 146 | <command>configure</command> script, issue the following command as the
|
---|
| 147 | <systemitem class="username">root</systemitem> user to install the
|
---|
| 148 | <application>Python</application> extensions:</para>
|
---|
| 149 |
|
---|
| 150 | <screen role="root"><userinput>make python_install</userinput></screen>
|
---|
[99ef1fc] | 151 |
|
---|
| 152 | </sect2>
|
---|
| 153 |
|
---|
| 154 | <sect2 role="commands">
|
---|
| 155 | <title>Command Explanations</title>
|
---|
| 156 |
|
---|
| 157 | <para><parameter>--sysconfdir=/etc</parameter>: Sets the configuration
|
---|
| 158 | file directory to avoid the default of
|
---|
| 159 | <filename class="directory">/usr/etc</filename>.</para>
|
---|
| 160 |
|
---|
| 161 | <para><parameter>--localstatedir=/var</parameter>: Sets the variable
|
---|
| 162 | data directory to avoid the default of
|
---|
| 163 | <filename class="directory">/usr/var</filename>.</para>
|
---|
| 164 |
|
---|
| 165 | <para><parameter>--with-fhs</parameter>: Assigns all other file paths in
|
---|
| 166 | a manner compliant with the Filesystem Hierarchy Standard (FHS).</para>
|
---|
| 167 |
|
---|
| 168 | <para><parameter>--with-smbmount</parameter>: Orders the creation of an
|
---|
| 169 | extra binary for use by the <command>mount</command> command so that
|
---|
| 170 | mounting remote SMB (Windows) shares becomes no more complex than
|
---|
| 171 | mounting remote NFS shares.</para>
|
---|
| 172 |
|
---|
| 173 | <para><option>--with-pam</option>: Use this parameter to link
|
---|
| 174 | <application>Linux-PAM</application> into the build. This
|
---|
| 175 | also builds the <filename class='libraryfile'>pam_winbind.so</filename>
|
---|
[75b4d9e] | 176 | and <filename class='libraryfile'>pam_smbpass.so</filename>
|
---|
| 177 | <application>PAM</application> modules. You can find
|
---|
| 178 | instructions on how to configure and use the
|
---|
| 179 | <filename class='libraryfile'>pam_winbind.so</filename>module by running
|
---|
[99ef1fc] | 180 | <command>man winbindd</command>.</para>
|
---|
| 181 |
|
---|
| 182 | <para><command>mv -v /usr/lib/samba/libsmbclient.so ...; ln -v -sf
|
---|
| 183 | ../libsmbclient.so ...</command>: The
|
---|
| 184 | <filename class='libraryfile'>libsmbclient.so</filename> library is needed
|
---|
| 185 | by other packages. This command moves it to a location where other packages
|
---|
| 186 | can find it.</para>
|
---|
| 187 |
|
---|
| 188 | <para><command>install -v -m755 nsswitch/libnss_win{s,bind}.so /lib</command>:
|
---|
| 189 | The nss libraries are not installed by default. If you intend to use
|
---|
| 190 | winbindd for domain auth, and/or WINS name resolution,
|
---|
| 191 | you need these libraries.</para>
|
---|
| 192 |
|
---|
| 193 | <para><command>ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2</command>
|
---|
| 194 | and <command>ln -v -sf libnss_wins.so /lib/libnss_wins.so.2</command>:
|
---|
| 195 | These symlinks are required by glibc to use the NSS
|
---|
| 196 | libraries.</para>
|
---|
| 197 |
|
---|
| 198 | <para><command>install -v -m644 ../examples/smb.conf.default
|
---|
| 199 | /etc/samba</command>: This copies a default <filename>smb.conf</filename>
|
---|
[2ccb0dc] | 200 | file into <filename>/etc/samba</filename>. This sample configuration will
|
---|
| 201 | not work until you copy it to <filename>/etc/samba/smb.conf</filename> and
|
---|
| 202 | make the appropriate changes for your installation. See the configuration
|
---|
| 203 | section for minimum values which must be set.</para>
|
---|
[99ef1fc] | 204 |
|
---|
| 205 | </sect2>
|
---|
| 206 |
|
---|
| 207 | <sect2 role="configuration">
|
---|
| 208 | <title>Configuring Samba</title>
|
---|
| 209 |
|
---|
| 210 | <sect3 id="samba3-config">
|
---|
| 211 | <title>Config Files</title>
|
---|
| 212 |
|
---|
| 213 | <para>/etc/samba/smb.conf</para>
|
---|
| 214 |
|
---|
| 215 | <indexterm zone="samba3 samba3-config">
|
---|
| 216 | <primary sortas="e-etc-samba-smb.conf">/etc/samba/smb.conf</primary>
|
---|
| 217 | </indexterm>
|
---|
| 218 |
|
---|
| 219 | </sect3>
|
---|
| 220 |
|
---|
[e75747d1] | 221 | <sect3>
|
---|
| 222 | <title>Mounting Shares by Unprivileged Users</title>
|
---|
| 223 |
|
---|
| 224 | <para>If it is desired for unprivileged users to directly mount (and
|
---|
[75b4d9e] | 225 | unmount) SMB and CIFS shares, the <command>smbmnt</command>,
|
---|
| 226 | <command>smbumount</command>, <command>mount.cifs</command> and
|
---|
| 227 | <command>umount.cifs</command> commands must be setuid
|
---|
[e75747d1] | 228 | <systemitem class='username'>root</systemitem>. Note that users can
|
---|
[75b4d9e] | 229 | only mount SMB/CIFS shares on a mount point owned by that user (requires
|
---|
[c9f3c0a] | 230 | write access also). If desired, change these programs to setuid
|
---|
[e75747d1] | 231 | <systemitem class='username'>root</systemitem> by issuing the following
|
---|
[bccbdaea] | 232 | command as the <systemitem class='username'>root</systemitem>
|
---|
[e75747d1] | 233 | user:</para>
|
---|
| 234 |
|
---|
[ebbb051] | 235 | <screen role="root"><userinput>chmod -v 4755 /usr/bin/smb{mnt,umount} \
|
---|
[75b4d9e] | 236 | /usr/sbin/{,u}mount.cifs</userinput></screen>
|
---|
[e75747d1] | 237 |
|
---|
| 238 | </sect3>
|
---|
| 239 |
|
---|
[2ccb0dc] | 240 | <sect3>
|
---|
[fc290c7] | 241 | <title>Printing to SMB Clients</title>
|
---|
[2ccb0dc] | 242 |
|
---|
[fc290c7] | 243 | <para>If you use <application>CUPS</application> for print services,
|
---|
| 244 | and you wish to print to a printer attached to an SMB client, you
|
---|
| 245 | need to create an SMB backend device. To create the device, issue the
|
---|
| 246 | following command as the <systemitem class="username">root</systemitem>
|
---|
| 247 | user:</para>
|
---|
[2ccb0dc] | 248 |
|
---|
[fc290c7] | 249 | <screen role="root"><userinput>ln -v -sf /usr/bin/smbspool /usr/lib/cups/backend/smb</userinput></screen>
|
---|
[2ccb0dc] | 250 |
|
---|
| 251 | </sect3>
|
---|
| 252 |
|
---|
[99ef1fc] | 253 | <sect3>
|
---|
[fc290c7] | 254 | <title>Configuration Information</title>
|
---|
[99ef1fc] | 255 |
|
---|
| 256 | <para>Due to the complexity and the many various uses for
|
---|
[fc290c7] | 257 | <application>Samba</application>, complete configuration for all the
|
---|
[e59bdce] | 258 | package's capabilities is well beyond the scope of the BLFS book. This
|
---|
[fc290c7] | 259 | section provides instructions to configure the
|
---|
| 260 | <filename>/etc/samba/smb.conf</filename> file for two common scenarios.
|
---|
| 261 | The complete contents of <filename>/etc/samba/smb.conf</filename> will
|
---|
[bccbdaea] | 262 | depend on the purpose of <application>Samba</application>
|
---|
[fc290c7] | 263 | installation.</para>
|
---|
| 264 |
|
---|
| 265 | <note>
|
---|
| 266 | <para>You may find it easier to copy the configuration parameters shown
|
---|
| 267 | below into an empty <filename>/etc/samba/smb.conf</filename> file
|
---|
| 268 | instead of copying and editing the default file as mentioned in the
|
---|
| 269 | <quote>Command Explanations</quote> section. How you create/edit the
|
---|
| 270 | <filename>/etc/samba/smb.conf</filename> file will be left up to
|
---|
| 271 | you. Do ensure the file is only writeable by the
|
---|
| 272 | <systemitem class="username">root</systemitem> user (mode 644).</para>
|
---|
| 273 | </note>
|
---|
| 274 |
|
---|
| 275 | <sect4>
|
---|
| 276 | <title>Scenario 1: Minimal Standalone Client-Only Installation</title>
|
---|
| 277 |
|
---|
[bccbdaea] | 278 | <para>Choose this variant if you only want to transfer files using
|
---|
[fc290c7] | 279 | <command>smbclient</command>, mount Windows shares and print to Windows
|
---|
[bccbdaea] | 280 | printers, and don't want to share your files and printers to Windows
|
---|
[fc290c7] | 281 | machines.</para>
|
---|
| 282 |
|
---|
| 283 | <para>A <filename>/etc/samba/smb.conf</filename> file with the following
|
---|
| 284 | three parameters is sufficient:</para>
|
---|
| 285 |
|
---|
| 286 | <screen role='root'><literal>[global]
|
---|
| 287 | workgroup = <replaceable>MYGROUP</replaceable>
|
---|
| 288 | dos charset = <replaceable>cp850</replaceable>
|
---|
| 289 | unix charset = <replaceable>ISO-8859-1</replaceable></literal></screen>
|
---|
| 290 |
|
---|
| 291 | <para>The values in this example specify that the computer belongs to a
|
---|
| 292 | Windows workgroup named
|
---|
| 293 | <quote><replaceable>MYGROUP</replaceable></quote>, uses the
|
---|
| 294 | <quote><replaceable>cp850</replaceable></quote> character set on the
|
---|
| 295 | wire when talking to MS-DOS and MS Windows 9x, and that the filenames
|
---|
| 296 | are stored in the <quote><replaceable>ISO-8859-1</replaceable></quote>
|
---|
| 297 | encoding on the disk. Adjust these values appropriately for your
|
---|
| 298 | installation. The <quote>unix charset</quote> value must be the same as
|
---|
| 299 | the output of <command>locale charmap</command> when executed with the
|
---|
| 300 | <envar>LANG</envar> variable set to your preferred locale, otherwise the
|
---|
| 301 | <command>ls</command> command may not display correct filenames of
|
---|
| 302 | downloaded files.</para>
|
---|
| 303 |
|
---|
| 304 | <para>There is no need to run any <application>Samba</application>
|
---|
| 305 | servers in this scenario, thus you don't need to install the provided
|
---|
| 306 | bootscripts.</para>
|
---|
| 307 |
|
---|
| 308 | </sect4>
|
---|
| 309 |
|
---|
| 310 | <sect4>
|
---|
| 311 | <title>Scenario 2: Standalone File/Print Server</title>
|
---|
| 312 |
|
---|
| 313 | <para>Choose this variant if you want to share your files and printers
|
---|
| 314 | to Windows machines in your workgroup in addition to the capabilities
|
---|
| 315 | described in Scenario 1.</para>
|
---|
| 316 |
|
---|
| 317 | <para>In this case, the <filename>/etc/samba/smb.conf.default</filename>
|
---|
[bccbdaea] | 318 | file may be a good template to start from. Also add
|
---|
[fc290c7] | 319 | <quote>dos charset</quote> and <quote>unix charset</quote> parameters
|
---|
| 320 | to the <quote>[global]</quote> section as described in Scenario 1 in
|
---|
| 321 | order to prevent filename corruption.</para>
|
---|
| 322 |
|
---|
| 323 | <para>The following configuration file creates a separate share for each
|
---|
| 324 | user's home directory and also makes all printers available to Windows
|
---|
| 325 | machines:</para>
|
---|
| 326 |
|
---|
| 327 | <screen role='root'><literal>[global]
|
---|
| 328 | workgroup = <replaceable>MYGROUP</replaceable>
|
---|
| 329 | dos charset = <replaceable>cp850</replaceable>
|
---|
| 330 | unix charset = <replaceable>ISO-8859-1</replaceable>
|
---|
| 331 |
|
---|
| 332 | [homes]
|
---|
| 333 | comment = Home Directories
|
---|
| 334 | browseable = no
|
---|
| 335 | writable = yes
|
---|
| 336 |
|
---|
| 337 | [printers]
|
---|
| 338 | comment = All Printers
|
---|
| 339 | path = /var/spool/samba
|
---|
| 340 | browseable = no
|
---|
| 341 | guest ok = no
|
---|
| 342 | printable = yes</literal></screen>
|
---|
| 343 |
|
---|
[bccbdaea] | 344 | <para>Other parameters you may wish to customize in the
|
---|
[fc290c7] | 345 | <quote>[global]</quote> section include:</para>
|
---|
| 346 |
|
---|
| 347 | <screen role='root'><literal> server string =
|
---|
| 348 | security =
|
---|
| 349 | hosts allow =
|
---|
| 350 | load printers =
|
---|
| 351 | log file =
|
---|
| 352 | max log size =
|
---|
| 353 | socket options =
|
---|
| 354 | local master =</literal></screen>
|
---|
| 355 |
|
---|
| 356 | <para>Reference the comments in the
|
---|
| 357 | <filename>/etc/samba/smb.conf.default</filename> file for information
|
---|
| 358 | regarding these parameters.</para>
|
---|
| 359 |
|
---|
| 360 | <para>Since the <command>smbd</command> and <command>nmbd</command>
|
---|
| 361 | daemons are needed in this case, install the <filename>samba</filename>
|
---|
| 362 | bootscript. Be sure to run <command>smbpasswd</command> (with the
|
---|
| 363 | <option>-a</option> option to add users) to enable and
|
---|
| 364 | set passwords for all accounts that need
|
---|
| 365 | <application>Samba</application> access, or use the SWAT web interface
|
---|
| 366 | (see below) to do the same. Using the default
|
---|
| 367 | <application>Samba</application> passdb backend, any user you attempt
|
---|
| 368 | to add will also be required to exist in the
|
---|
| 369 | <filename>/etc/passwd</filename> file.</para>
|
---|
| 370 |
|
---|
| 371 | </sect4>
|
---|
| 372 |
|
---|
| 373 | <sect4>
|
---|
| 374 | <title>Advanced Requirements</title>
|
---|
| 375 |
|
---|
| 376 | <para>More complex scenarios involving domain control or membership are
|
---|
| 377 | possible if the right flags are passed to the ./configure script when
|
---|
| 378 | the package is built. Such setups are advanced topics and cannot be
|
---|
| 379 | adequately covered in BLFS. Many complete books have been written on
|
---|
| 380 | these topics alone. It should be noted, however, that a
|
---|
| 381 | <application>Samba</application> BDC cannot be used as a fallback
|
---|
| 382 | for a Windows PDC, and conversely, a Windows BDC cannot be used as a
|
---|
| 383 | fallback for a <application>Samba</application> PDC. Also in some
|
---|
[bfb7882] | 384 | domain membership scenarios, the <command>winbindd</command> daemon and
|
---|
[fc290c7] | 385 | the corresponding bootscript are needed.</para>
|
---|
| 386 |
|
---|
| 387 | <para>There is quite a bit of documentation available which covers many
|
---|
| 388 | of these advanced configurations. Point your web browser to the links
|
---|
| 389 | below to view some of the documentation included with the
|
---|
| 390 | <application>Samba</application> package:</para>
|
---|
| 391 |
|
---|
| 392 | <itemizedlist spacing='compact'>
|
---|
| 393 | <listitem>
|
---|
| 394 | <para>Using Samba, 2nd Edition; a popular book published by O'Reilly
|
---|
| 395 | <ulink url="file:///usr/share/samba/swat/using_samba/toc.html"/></para>
|
---|
| 396 | </listitem>
|
---|
| 397 | <listitem>
|
---|
| 398 | <para>The Official Samba HOWTO and Reference Guide <ulink
|
---|
| 399 | url="file:///usr/share/samba/swat/help/Samba-HOWTO-Collection/index.html"/>
|
---|
| 400 | </para>
|
---|
| 401 | </listitem>
|
---|
| 402 | <listitem>
|
---|
| 403 | <para>Samba-3 by Example
|
---|
| 404 | <ulink url="file:///usr/share/samba/swat/help/Samba-Guide/index.html"/>
|
---|
| 405 | </para>
|
---|
| 406 | </listitem>
|
---|
| 407 | <listitem>
|
---|
| 408 | <para>The Samba-3 man Pages
|
---|
| 409 | <ulink url="file:///usr/share/samba/swat/help/samba.7.html"/></para>
|
---|
| 410 | </listitem>
|
---|
| 411 | </itemizedlist>
|
---|
| 412 |
|
---|
| 413 | </sect4>
|
---|
[99ef1fc] | 414 |
|
---|
| 415 | </sect3>
|
---|
| 416 |
|
---|
| 417 | <sect3 id="samba3-swat-config">
|
---|
| 418 | <title>Configuring SWAT</title>
|
---|
| 419 |
|
---|
| 420 | <para>The built in SWAT (<application>Samba</application> Web
|
---|
| 421 | Administration Tool) utility can be used for basic configuration of
|
---|
| 422 | the <application>Samba</application> installation, but because it may
|
---|
[bfb7882] | 423 | be inconvenient, undesirable or perhaps even impossible to gain
|
---|
[99ef1fc] | 424 | access to the console, BLFS recommends setting up access to SWAT using
|
---|
[fc290c7] | 425 | <application>Stunnel</application>. Without
|
---|
| 426 | <application>Stunnel</application>, the
|
---|
| 427 | <systemitem class="username">root</systemitem> password is transmitted
|
---|
| 428 | in clear text over the wire, and is considered an unacceptable security
|
---|
| 429 | risk. After considering the security implications of using SWAT without
|
---|
| 430 | <application>Stunnel</application>, and you still wish to implement SWAT
|
---|
| 431 | without it, instructions are provided at this end of this section.</para>
|
---|
[99ef1fc] | 432 |
|
---|
| 433 | <indexterm zone="samba3 samba3-swat-config">
|
---|
| 434 | <primary sortas="g-SWAT">SWAT</primary>
|
---|
| 435 | </indexterm>
|
---|
| 436 |
|
---|
[fc290c7] | 437 | <sect4>
|
---|
| 438 | <title>Setting up SWAT using Stunnel</title>
|
---|
[99ef1fc] | 439 |
|
---|
[fc290c7] | 440 | <para>First install, or ensure you have already installed, the
|
---|
| 441 | <xref linkend="stunnel"/> package.</para>
|
---|
[99ef1fc] | 442 |
|
---|
[fc290c7] | 443 | <para>Next you must add entries to <filename>/etc/services</filename>
|
---|
| 444 | and modify the <command>inetd</command>/<command>xinetd</command>
|
---|
| 445 | configuration.</para>
|
---|
[99ef1fc] | 446 |
|
---|
[fc290c7] | 447 | <indexterm zone="samba3 samba3-swat-config">
|
---|
| 448 | <primary sortas="e-etc-services">/etc/services</primary>
|
---|
| 449 | </indexterm>
|
---|
| 450 |
|
---|
| 451 | <indexterm zone="samba3 samba3-swat-config">
|
---|
| 452 | <primary sortas="e-etc-inetd.conf">/etc/inetd.conf</primary>
|
---|
| 453 | </indexterm>
|
---|
| 454 |
|
---|
| 455 | <indexterm zone="samba3 samba3-swat-config">
|
---|
| 456 | <primary sortas="e-etc-xinetd.conf">/etc/xinetd.conf</primary>
|
---|
| 457 | </indexterm>
|
---|
[99ef1fc] | 458 |
|
---|
[fc290c7] | 459 | <para>Add swat and swat_tunnel entries to
|
---|
| 460 | <filename>/etc/services</filename> with the following commands issued
|
---|
| 461 | as the <systemitem class="username">root</systemitem> user:</para>
|
---|
[99ef1fc] | 462 |
|
---|
[224b0659] | 463 | <screen role="root"><userinput>echo "swat 904/tcp" >> /etc/services &&
|
---|
| 464 | echo "swat_tunnel 905/tcp" >> /etc/services</userinput></screen>
|
---|
[99ef1fc] | 465 |
|
---|
[fc290c7] | 466 | <para>If <command>inetd</command> is used, the following command will
|
---|
| 467 | add the swat_tunnel entry to <filename>/etc/inetd.conf</filename> (as
|
---|
| 468 | user <systemitem class="username">root</systemitem>):</para>
|
---|
[99ef1fc] | 469 |
|
---|
| 470 | <screen role="root"><userinput>echo "swat_tunnel stream tcp nowait.400 root /usr/sbin/swat swat" \
|
---|
| 471 | >> /etc/inetd.conf</userinput></screen>
|
---|
| 472 |
|
---|
[fc290c7] | 473 | <para>Issue a <command>killall -HUP inetd</command> to reread the
|
---|
| 474 | changed <filename>inetd.conf</filename> file.</para>
|
---|
[99ef1fc] | 475 |
|
---|
[fc290c7] | 476 | <para>If you use <command>xinetd</command>, the following command will
|
---|
| 477 | create the <application>Samba</application> file as
|
---|
| 478 | <filename>/etc/xinetd.d/swat_tunnel</filename> (you may need to modify
|
---|
| 479 | or remove the <quote>only_from</quote> line to include the desired
|
---|
| 480 | host[s]):</para>
|
---|
[99ef1fc] | 481 |
|
---|
| 482 | <screen role="root"><userinput>cat >> /etc/xinetd.d/swat_tunnel << "EOF"
|
---|
| 483 | <literal># Begin /etc/xinetd.d/swat_tunnel
|
---|
[1f672c1] | 484 |
|
---|
[2bfe939] | 485 | service swat_tunnel
|
---|
[0931098] | 486 | {
|
---|
[224b0659] | 487 | port = 905
|
---|
[0931098] | 488 | socket_type = stream
|
---|
| 489 | wait = no
|
---|
| 490 | only_from = 127.0.0.1
|
---|
| 491 | user = root
|
---|
| 492 | server = /usr/sbin/swat
|
---|
| 493 | log_on_failure += USERID
|
---|
| 494 | }
|
---|
[1f672c1] | 495 |
|
---|
[99ef1fc] | 496 | # End /etc/xinetd.d/swat_tunnel</literal>
|
---|
| 497 | EOF</userinput></screen>
|
---|
[0931098] | 498 |
|
---|
[fc290c7] | 499 | <indexterm zone="samba3 samba3-swat-config">
|
---|
| 500 | <primary sortas="e-etc-xinetd.d-swat-tunnel">/etc/xinetd.d/swat_tunnel</primary>
|
---|
| 501 | </indexterm>
|
---|
[2a3fc53] | 502 |
|
---|
[fc290c7] | 503 | <para>Issue a <command>killall -HUP xinetd</command> to read the new
|
---|
| 504 | <filename>/etc/xinetd.d/swat_tunnel</filename> file.</para>
|
---|
[0931098] | 505 |
|
---|
[fc290c7] | 506 | <para>Next, you must add an entry for the swat service to the
|
---|
| 507 | <filename>/etc/stunnel/stunnel.conf</filename> file (as user
|
---|
| 508 | <systemitem class="username">root</systemitem>):</para>
|
---|
[2a3fc53] | 509 |
|
---|
[fc290c7] | 510 | <indexterm zone="samba3 samba3-swat-config">
|
---|
| 511 | <primary sortas="e-etc-stunnel-stunnel.conf">/etc/stunnel/stunnel.conf</primary>
|
---|
| 512 | </indexterm>
|
---|
[2bfe939] | 513 |
|
---|
[99ef1fc] | 514 | <screen role="root"><userinput>cat >> /etc/stunnel/stunnel.conf << "EOF"
|
---|
| 515 | <literal>[swat]
|
---|
[224b0659] | 516 | accept = 904
|
---|
| 517 | connect = 905
|
---|
[a8ecf657] | 518 | TIMEOUTclose = 1</literal>
|
---|
[736ede9] | 519 |
|
---|
[99ef1fc] | 520 | EOF</userinput></screen>
|
---|
| 521 |
|
---|
[fc290c7] | 522 | <para>Restart the <command>stunnel</command> daemon using the following
|
---|
| 523 | command as the <systemitem class="username">root</systemitem> user:</para>
|
---|
[736ede9] | 524 |
|
---|
[99ef1fc] | 525 | <screen role="root"><userinput>/etc/rc.d/init.d/stunnel restart</userinput></screen>
|
---|
| 526 |
|
---|
| 527 | <para>SWAT can be launched by pointing your web browser to
|
---|
[224b0659] | 528 | <uri>https://<replaceable><CA_DN_field></replaceable>:904</uri>.
|
---|
[99ef1fc] | 529 | Substitute the hostname listed in the DN field of the CA certificate
|
---|
| 530 | used with <application>Stunnel</application> for
|
---|
[3cb0c57] | 531 | <replaceable><CA_DN_field></replaceable>.</para>
|
---|
[99ef1fc] | 532 |
|
---|
[fc290c7] | 533 | </sect4>
|
---|
| 534 |
|
---|
| 535 | <sect4>
|
---|
| 536 | <title>Setting up SWAT without Stunnel</title>
|
---|
| 537 |
|
---|
| 538 | <warning>
|
---|
| 539 | <para>BLFS does not recommend using these procedures because of the
|
---|
| 540 | security risk involved. However, in a home network environment and
|
---|
[823b1a3] | 541 | disclosure of the <systemitem class='username'>root</systemitem>
|
---|
| 542 | password is an acceptable risk, the following
|
---|
[fc290c7] | 543 | instructions are provided for your convenience.</para>
|
---|
| 544 | </warning>
|
---|
| 545 |
|
---|
| 546 | <para>Add a swat entry to <filename>/etc/services</filename> with the
|
---|
[bccbdaea] | 547 | following command issued as the
|
---|
[fc290c7] | 548 | <systemitem class='username'>root</systemitem> user:</para>
|
---|
| 549 |
|
---|
[224b0659] | 550 | <screen role='root'><userinput>echo "swat 904/tcp" >> /etc/services</userinput></screen>
|
---|
[fc290c7] | 551 |
|
---|
| 552 | <para>If <command>inetd</command> is used, the following command
|
---|
[6f19a68e] | 553 | issued as the <systemitem class='username'>root</systemitem> user will
|
---|
[fc290c7] | 554 | add a swat entry to the <filename>/etc/inetd.conf</filename> file:</para>
|
---|
| 555 |
|
---|
| 556 | <screen role='root'><userinput>echo "swat stream tcp nowait.400 root /usr/sbin/swat swat" \
|
---|
| 557 | >> /etc/inetd.conf</userinput></screen>
|
---|
| 558 |
|
---|
| 559 | <para>Issue a <command>killall -HUP inetd</command> to reread the
|
---|
| 560 | changed <filename>inetd.conf</filename> file.</para>
|
---|
| 561 |
|
---|
| 562 | <para>If <command>xinetd</command> is used, the following command
|
---|
| 563 | issued as the <systemitem class='username'>root</systemitem> user
|
---|
[bccbdaea] | 564 | will create an <filename>/etc/xinetd.d/swat</filename> file:</para>
|
---|
[fc290c7] | 565 |
|
---|
| 566 | <screen role='root'><userinput>cat >> /etc/xinetd.d/swat << "EOF"
|
---|
| 567 | <literal># Begin /etc/xinetd.d/swat
|
---|
| 568 |
|
---|
| 569 | service swat
|
---|
| 570 | {
|
---|
[224b0659] | 571 | port = 904
|
---|
[fc290c7] | 572 | socket_type = stream
|
---|
| 573 | wait = no
|
---|
| 574 | only_from = 127.0.0.1
|
---|
| 575 | user = root
|
---|
| 576 | server = /usr/sbin/swat
|
---|
| 577 | log_on_failure += USERID
|
---|
| 578 | }
|
---|
| 579 |
|
---|
| 580 | # End /etc/xinetd.d/swat</literal>
|
---|
| 581 | EOF</userinput></screen>
|
---|
| 582 |
|
---|
| 583 | <para>Issue a <command>killall -HUP xinetd</command> to read the
|
---|
| 584 | new <filename>/etc/xinetd.d/swat</filename> file.</para>
|
---|
| 585 |
|
---|
| 586 | <para>SWAT can be launched by pointing your web browser to
|
---|
[224b0659] | 587 | http://localhost:904.</para>
|
---|
[fc290c7] | 588 |
|
---|
| 589 | </sect4>
|
---|
| 590 |
|
---|
| 591 | </sect3>
|
---|
| 592 |
|
---|
| 593 | <sect3>
|
---|
| 594 | <title/>
|
---|
| 595 |
|
---|
[99ef1fc] | 596 | <note>
|
---|
| 597 | <para>If you linked <application>Linux-PAM</application> into the
|
---|
| 598 | <application>Samba</application> build, you'll need to create an
|
---|
| 599 | <filename>/etc/pam.d/samba</filename> file.</para>
|
---|
| 600 | </note>
|
---|
| 601 |
|
---|
| 602 | <indexterm zone="samba3 samba3-swat-config">
|
---|
| 603 | <primary sortas="e-etc-pam.d-samba">/etc/pam.d/samba</primary>
|
---|
| 604 | </indexterm>
|
---|
| 605 |
|
---|
| 606 | </sect3>
|
---|
| 607 |
|
---|
| 608 | <sect3 id="samba3-init">
|
---|
| 609 | <title>Boot Script</title>
|
---|
| 610 |
|
---|
| 611 | <para>For your convenience, boot scripts have been provided for
|
---|
| 612 | <application>Samba</application>. There are two included in the
|
---|
[5254d12] | 613 | <xref linkend="bootscripts"/> package. The first,
|
---|
[99ef1fc] | 614 | <filename>samba</filename>, will start the <command>smbd</command>
|
---|
| 615 | and <command>nmbd</command> daemons needed to provide SMB/CIFS
|
---|
| 616 | services. The second script, <filename>winbind</filename>, starts
|
---|
| 617 | the <command>winbindd</command> daemon, used for providing Windows
|
---|
| 618 | domain services to Linux clients.</para>
|
---|
| 619 |
|
---|
| 620 | <indexterm zone="samba3 samba3-init">
|
---|
| 621 | <primary sortas="f-samba">samba</primary>
|
---|
| 622 | </indexterm>
|
---|
| 623 |
|
---|
| 624 | <indexterm zone="samba3 samba3-init">
|
---|
| 625 | <primary sortas="f-winbind">winbind</primary>
|
---|
| 626 | </indexterm>
|
---|
| 627 |
|
---|
[fc290c7] | 628 | <para>The default <application>Samba</application> installation uses the
|
---|
| 629 | <systemitem class='username'>nobody</systemitem> user for guest access
|
---|
| 630 | to the server. This can be overridden by setting the
|
---|
| 631 | <option>guest account =</option> parameter in the
|
---|
| 632 | <filename>/etc/samba/smb.conf</filename> file. If you utilize the
|
---|
| 633 | <option>guest account =</option> parameter, ensure this user exists in
|
---|
| 634 | the <filename>/etc/passwd</filename> file. To use the default user,
|
---|
| 635 | issue the following commands as the
|
---|
| 636 | <systemitem class='username'>root</systemitem> user:</para>
|
---|
| 637 |
|
---|
| 638 | <screen><userinput>groupadd -g 99 nogroup &&
|
---|
| 639 | useradd -c "Unprivileged Nobody" -d /dev/null -g nogroup \
|
---|
| 640 | -s /bin/false -u 99 nobody</userinput></screen>
|
---|
| 641 |
|
---|
[99ef1fc] | 642 | <para>Install the <filename>samba</filename> script with the following
|
---|
| 643 | command issued as the <systemitem class="username">root</systemitem>
|
---|
| 644 | user:</para>
|
---|
| 645 |
|
---|
| 646 | <screen role="root"><userinput>make install-samba</userinput></screen>
|
---|
| 647 |
|
---|
| 648 | <para>If you also need the <filename>winbind</filename>
|
---|
| 649 | script:</para>
|
---|
| 650 |
|
---|
| 651 | <screen role="root"><userinput>make install-winbind</userinput></screen>
|
---|
| 652 |
|
---|
| 653 | </sect3>
|
---|
| 654 |
|
---|
| 655 | </sect2>
|
---|
| 656 |
|
---|
| 657 | <sect2 role="content">
|
---|
| 658 | <title>Contents</title>
|
---|
| 659 |
|
---|
| 660 | <segmentedlist>
|
---|
| 661 | <segtitle>Installed Programs</segtitle>
|
---|
| 662 | <segtitle>Installed Libraries</segtitle>
|
---|
| 663 | <segtitle>Installed Directories</segtitle>
|
---|
| 664 |
|
---|
[a8ecf657] | 665 | <!--newprogs: eventlogadm smbget-->
|
---|
| 666 |
|
---|
[99ef1fc] | 667 | <seglistitem>
|
---|
[75b4d9e] | 668 | <seg>eventlogadm, findsmb, mount.cifs, mount.smbfs, net, nmbd,
|
---|
| 669 | nmblookup, ntlm_auth, pdbedit, profiles, rpcclient, smbcacls,
|
---|
| 670 | smbclient, smbcontrol, smbcquotas, smbd, smbget, smbmnt, smbmount,
|
---|
| 671 | smbpasswd, smbspool, smbstatus, smbtar, smbtree, smbumount, swat,
|
---|
[de2551f] | 672 | tdbbackup, tdbdump, tdbtool, testparm, umount.cifs, wbinfo
|
---|
[75b4d9e] | 673 | and winbindd</seg>
|
---|
[a8ecf657] | 674 | <seg>libnss_winbind.so, libnss_wins.so, libsmbclient.so, libmsrpc.so,
|
---|
[75b4d9e] | 675 | the pam_winbind.so and pam_smbpass.so PAM libraries, and assorted
|
---|
| 676 | character set, filesystem and support modules.</seg>
|
---|
[1970f00] | 677 | <seg>/etc/samba, /usr/lib/python&python-majorver;/site-packages/samba,
|
---|
[a8ecf657] | 678 | /usr/lib/samba, /usr/share/doc/samba-&samba3-version;,
|
---|
| 679 | /usr/share/samba, /var/lib/samba and /var/log/samba</seg>
|
---|
[99ef1fc] | 680 | </seglistitem>
|
---|
| 681 | </segmentedlist>
|
---|
| 682 |
|
---|
| 683 | <variablelist>
|
---|
| 684 | <bridgehead renderas="sect3">Short Descriptions</bridgehead>
|
---|
| 685 | <?dbfo list-presentation="list"?>
|
---|
| 686 | <?dbhtml list-presentation="table"?>
|
---|
| 687 |
|
---|
[a8ecf657] | 688 | <varlistentry id="eventlogadm">
|
---|
| 689 | <term><command>eventlogadm</command></term>
|
---|
| 690 | <listitem>
|
---|
| 691 | <para>is used to write records to eventlogs from STDIN, add the
|
---|
| 692 | specified source and DLL eventlog registry entries and display the
|
---|
| 693 | active eventlog names (from <filename>smb.conf</filename>).</para>
|
---|
| 694 | <indexterm zone="samba3 eventlogadm">
|
---|
| 695 | <primary sortas="b-eventlogadm">eventlogadm</primary>
|
---|
| 696 | </indexterm>
|
---|
| 697 | </listitem>
|
---|
| 698 | </varlistentry>
|
---|
| 699 |
|
---|
[99ef1fc] | 700 | <varlistentry id="findsmb">
|
---|
| 701 | <term><command>findsmb</command></term>
|
---|
| 702 | <listitem>
|
---|
| 703 | <para>lists information about machines that respond to
|
---|
| 704 | SMB name queries on a subnet.</para>
|
---|
| 705 | <indexterm zone="samba3 findsmb">
|
---|
| 706 | <primary sortas="b-findsmb">findsmb</primary>
|
---|
| 707 | </indexterm>
|
---|
| 708 | </listitem>
|
---|
| 709 | </varlistentry>
|
---|
| 710 |
|
---|
[75b4d9e] | 711 | <varlistentry id="mount.cifs">
|
---|
| 712 | <term><command>mount.cifs</command></term>
|
---|
| 713 | <listitem>
|
---|
| 714 | <para>mounts a Linux CIFS filesystem. It is usually invoked
|
---|
| 715 | indirectly by the <command>mount</command> command when using the
|
---|
| 716 | <option>-t cifs</option> option.</para>
|
---|
| 717 | <indexterm zone="samba3 mount.cifs">
|
---|
| 718 | <primary sortas="b-mount.cifs">mount.cifs</primary>
|
---|
| 719 | </indexterm>
|
---|
| 720 | </listitem>
|
---|
| 721 | </varlistentry>
|
---|
| 722 |
|
---|
[99ef1fc] | 723 | <varlistentry id="mount.smbfs">
|
---|
| 724 | <term><command>mount.smbfs</command></term>
|
---|
| 725 | <listitem>
|
---|
[e75747d1] | 726 | <para>is a symlink to <command>smbmount</command> which provides
|
---|
[99ef1fc] | 727 | <command>/bin/mount</command> with a way to mount remote Windows
|
---|
| 728 | (or <application>Samba</application>) fileshares.</para>
|
---|
| 729 | <indexterm zone="samba3 mount.smbfs">
|
---|
| 730 | <primary sortas="b-mount.smbfs">mount.smbfs</primary>
|
---|
| 731 | </indexterm>
|
---|
| 732 | </listitem>
|
---|
| 733 | </varlistentry>
|
---|
| 734 |
|
---|
| 735 | <varlistentry id="net">
|
---|
| 736 | <term><command>net</command></term>
|
---|
| 737 | <listitem>
|
---|
| 738 | <para>is a tool for administration of
|
---|
| 739 | <application>Samba</application> and remote CIFS servers, similar
|
---|
| 740 | to the <command>net</command> utility for DOS/Windows.</para>
|
---|
| 741 | <indexterm zone="samba3 net">
|
---|
| 742 | <primary sortas="b-net">net</primary>
|
---|
| 743 | </indexterm>
|
---|
| 744 | </listitem>
|
---|
| 745 | </varlistentry>
|
---|
| 746 |
|
---|
| 747 | <varlistentry id="nmbd">
|
---|
| 748 | <term><command>nmbd</command></term>
|
---|
| 749 | <listitem>
|
---|
| 750 | <para>is the <application>Samba</application>
|
---|
| 751 | NetBIOS name server.</para>
|
---|
| 752 | <indexterm zone="samba3 nmbd">
|
---|
| 753 | <primary sortas="b-nmbd">nmbd</primary>
|
---|
| 754 | </indexterm>
|
---|
| 755 | </listitem>
|
---|
| 756 | </varlistentry>
|
---|
| 757 |
|
---|
| 758 | <varlistentry id="nmblookup">
|
---|
| 759 | <term><command>nmblookup</command></term>
|
---|
| 760 | <listitem>
|
---|
| 761 | <para>is used to query NetBIOS names and map
|
---|
| 762 | them to IP addresses.</para>
|
---|
| 763 | <indexterm zone="samba3 nmblookup">
|
---|
| 764 | <primary sortas="b-nmblookup">nmblookup</primary>
|
---|
| 765 | </indexterm>
|
---|
| 766 | </listitem>
|
---|
| 767 | </varlistentry>
|
---|
| 768 |
|
---|
| 769 | <varlistentry id="ntlm_auth">
|
---|
| 770 | <term><command>ntlm_auth</command></term>
|
---|
| 771 | <listitem>
|
---|
| 772 | <para>is a tool to allow external access to Winbind's
|
---|
| 773 | NTLM authentication function.</para>
|
---|
| 774 | <indexterm zone="samba3 ntlm_auth">
|
---|
| 775 | <primary sortas="b-ntlm_auth">ntlm_auth</primary>
|
---|
| 776 | </indexterm>
|
---|
| 777 | </listitem>
|
---|
| 778 | </varlistentry>
|
---|
| 779 |
|
---|
| 780 | <varlistentry id="pdbedit">
|
---|
| 781 | <term><command>pdbedit</command></term>
|
---|
| 782 | <listitem>
|
---|
| 783 | <para>is a tool used to manage the SAM database.</para>
|
---|
| 784 | <indexterm zone="samba3 pdbedit">
|
---|
| 785 | <primary sortas="b-pdbedit">pdbedit</primary>
|
---|
| 786 | </indexterm>
|
---|
| 787 | </listitem>
|
---|
| 788 | </varlistentry>
|
---|
| 789 |
|
---|
| 790 | <varlistentry id="profiles">
|
---|
| 791 | <term><command>profiles</command></term>
|
---|
| 792 | <listitem>
|
---|
| 793 | <para>is a utility that reports and changes SIDs in Windows
|
---|
| 794 | registry files. It currently only supports Windows NT.</para>
|
---|
| 795 | <indexterm zone="samba3 profiles">
|
---|
| 796 | <primary sortas="b-profiles">profiles</primary>
|
---|
| 797 | </indexterm>
|
---|
| 798 | </listitem>
|
---|
| 799 | </varlistentry>
|
---|
| 800 |
|
---|
| 801 | <varlistentry id="rpcclient">
|
---|
| 802 | <term><command>rpcclient</command></term>
|
---|
| 803 | <listitem>
|
---|
| 804 | <para>is used to execute MS-RPC client side functions.</para>
|
---|
| 805 | <indexterm zone="samba3 rpcclient">
|
---|
| 806 | <primary sortas="b-rpcclient">rpcclient</primary>
|
---|
| 807 | </indexterm>
|
---|
| 808 | </listitem>
|
---|
| 809 | </varlistentry>
|
---|
| 810 |
|
---|
| 811 | <varlistentry id="smbcacls">
|
---|
| 812 | <term><command>smbcacls</command></term>
|
---|
| 813 | <listitem>
|
---|
| 814 | <para>is used to manipulate Windows NT access control lists.</para>
|
---|
| 815 | <indexterm zone="samba3 smbcacls">
|
---|
| 816 | <primary sortas="b-smbcacls">smbcacls</primary>
|
---|
| 817 | </indexterm>
|
---|
| 818 | </listitem>
|
---|
| 819 | </varlistentry>
|
---|
| 820 |
|
---|
| 821 | <varlistentry id="smbclient">
|
---|
| 822 | <term><command>smbclient</command></term>
|
---|
| 823 | <listitem>
|
---|
| 824 | <para>is a SMB/CIFS access utility, similar to FTP.</para>
|
---|
| 825 | <indexterm zone="samba3 smbclient">
|
---|
| 826 | <primary sortas="b-smbclient">smbclient</primary>
|
---|
| 827 | </indexterm>
|
---|
| 828 | </listitem>
|
---|
| 829 | </varlistentry>
|
---|
| 830 |
|
---|
| 831 | <varlistentry id="smbcontrol">
|
---|
| 832 | <term><command>smbcontrol</command></term>
|
---|
| 833 | <listitem>
|
---|
| 834 | <para>is used to control running <command>smbd</command>,
|
---|
| 835 | <command>nmbd</command> and <command>winbindd</command>
|
---|
| 836 | daemons.</para>
|
---|
| 837 | <indexterm zone="samba3 smbcontrol">
|
---|
| 838 | <primary sortas="b-smbcontrol">smbcontrol</primary>
|
---|
| 839 | </indexterm>
|
---|
| 840 | </listitem>
|
---|
| 841 | </varlistentry>
|
---|
| 842 |
|
---|
| 843 | <varlistentry id="smbcquotas">
|
---|
| 844 | <term><command>smbcquotas</command></term>
|
---|
| 845 | <listitem>
|
---|
| 846 | <para>is used to manipulate Windows NT quotas on
|
---|
| 847 | SMB file shares.</para>
|
---|
| 848 | <indexterm zone="samba3 smbcquotas">
|
---|
| 849 | <primary sortas="b-smbcquotas">smbcquotas</primary>
|
---|
| 850 | </indexterm>
|
---|
| 851 | </listitem>
|
---|
| 852 | </varlistentry>
|
---|
| 853 |
|
---|
| 854 | <varlistentry id="smbd">
|
---|
| 855 | <term><command>smbd</command></term>
|
---|
| 856 | <listitem>
|
---|
| 857 | <para>is the main <application>Samba</application> daemon which
|
---|
| 858 | provides SMB/CIFS services to clients.</para>
|
---|
| 859 | <indexterm zone="samba3 smbd">
|
---|
| 860 | <primary sortas="b-smbd">smbd</primary>
|
---|
| 861 | </indexterm>
|
---|
| 862 | </listitem>
|
---|
| 863 | </varlistentry>
|
---|
| 864 |
|
---|
[a8ecf657] | 865 | <varlistentry id="smbget">
|
---|
| 866 | <term><command>smbget</command></term>
|
---|
| 867 | <listitem>
|
---|
| 868 | <para>is a simple utility with <command>wget</command>-like
|
---|
| 869 | semantics, that can download files from SMB servers. You can specify
|
---|
| 870 | the files you would like to download on the command-line.</para>
|
---|
| 871 | <indexterm zone="samba3 smbget">
|
---|
| 872 | <primary sortas="b-smbget">smbget</primary>
|
---|
| 873 | </indexterm>
|
---|
| 874 | </listitem>
|
---|
| 875 | </varlistentry>
|
---|
| 876 |
|
---|
[99ef1fc] | 877 | <varlistentry id="smbmnt">
|
---|
| 878 | <term><command>smbmnt</command></term>
|
---|
| 879 | <listitem>
|
---|
| 880 | <para>is a helper application used by the
|
---|
| 881 | <command>smbmount</command> program to do the actual mounting of
|
---|
[823b1a3] | 882 | SMB shares. It can be installed setuid
|
---|
| 883 | <systemitem class='username'>root</systemitem> if you want
|
---|
[e615d9b] | 884 | unprivileged users to be able to mount their SMB shares.</para>
|
---|
[99ef1fc] | 885 | <indexterm zone="samba3 smbmnt">
|
---|
| 886 | <primary sortas="b-smbmnt">smbmnt</primary>
|
---|
| 887 | </indexterm>
|
---|
| 888 | </listitem>
|
---|
| 889 | </varlistentry>
|
---|
| 890 |
|
---|
| 891 | <varlistentry id="smbmount">
|
---|
| 892 | <term><command>smbmount</command></term>
|
---|
| 893 | <listitem>
|
---|
| 894 | <para>is usually invoked as <command>mount.smbfs</command> by the
|
---|
| 895 | <command>mount</command> command when using the
|
---|
| 896 | <parameter>-t smbfs</parameter> option, mounts a Linux SMB
|
---|
| 897 | filesystem.</para>
|
---|
| 898 | <indexterm zone="samba3 smbmount">
|
---|
| 899 | <primary sortas="b-smbmount">smbmount</primary>
|
---|
| 900 | </indexterm>
|
---|
| 901 | </listitem>
|
---|
| 902 | </varlistentry>
|
---|
| 903 |
|
---|
| 904 | <varlistentry id="smbpasswd">
|
---|
| 905 | <term><command>smbpasswd</command></term>
|
---|
| 906 | <listitem>
|
---|
| 907 | <para>changes a user's <application>Samba</application>
|
---|
| 908 | password.</para>
|
---|
| 909 | <indexterm zone="samba3 smbpasswd">
|
---|
| 910 | <primary sortas="b-smbpasswd">smbpasswd</primary>
|
---|
| 911 | </indexterm>
|
---|
| 912 | </listitem>
|
---|
| 913 | </varlistentry>
|
---|
| 914 |
|
---|
| 915 | <varlistentry id="smbspool">
|
---|
| 916 | <term><command>smbspool</command></term>
|
---|
| 917 | <listitem>
|
---|
| 918 | <para>sends a print job to an SMB printer.</para>
|
---|
| 919 | <indexterm zone="samba3 smbspool">
|
---|
| 920 | <primary sortas="b-smbspool">smbspool</primary>
|
---|
| 921 | </indexterm>
|
---|
| 922 | </listitem>
|
---|
| 923 | </varlistentry>
|
---|
| 924 |
|
---|
| 925 | <varlistentry id="smbstatus">
|
---|
| 926 | <term><command>smbstatus</command></term>
|
---|
| 927 | <listitem>
|
---|
| 928 | <para>reports current <application>Samba</application>
|
---|
| 929 | connections.</para>
|
---|
| 930 | <indexterm zone="samba3 smbstatus">
|
---|
| 931 | <primary sortas="b-smbstatus">smbstatus</primary>
|
---|
| 932 | </indexterm>
|
---|
| 933 | </listitem>
|
---|
| 934 | </varlistentry>
|
---|
| 935 |
|
---|
| 936 | <varlistentry id="smbtar">
|
---|
| 937 | <term><command>smbtar</command></term>
|
---|
| 938 | <listitem>
|
---|
| 939 | <para>is a shell script used for backing up SMB/CIFS shares
|
---|
| 940 | directly to Linux tape drives or a file.</para>
|
---|
| 941 | <indexterm zone="samba3 smbtar">
|
---|
| 942 | <primary sortas="b-smbtar">smbtar</primary>
|
---|
| 943 | </indexterm>
|
---|
| 944 | </listitem>
|
---|
| 945 | </varlistentry>
|
---|
| 946 |
|
---|
| 947 | <varlistentry id="smbtree">
|
---|
| 948 | <term><command>smbtree</command></term>
|
---|
| 949 | <listitem>
|
---|
| 950 | <para>is a text-based SMB network browser.</para>
|
---|
| 951 | <indexterm zone="samba3 smbtree">
|
---|
| 952 | <primary sortas="b-smbtree">smbtree</primary>
|
---|
| 953 | </indexterm>
|
---|
| 954 | </listitem>
|
---|
| 955 | </varlistentry>
|
---|
| 956 |
|
---|
| 957 | <varlistentry id="smbumount">
|
---|
| 958 | <term><command>smbumount</command></term>
|
---|
| 959 | <listitem>
|
---|
[e615d9b] | 960 | <para>is used by unprivileged users to unmount SMB filesystems,
|
---|
[99ef1fc] | 961 | provided that it is setuid root.</para>
|
---|
| 962 | <indexterm zone="samba3 smbumount">
|
---|
| 963 | <primary sortas="b-smbumount">smbumount</primary>
|
---|
| 964 | </indexterm>
|
---|
| 965 | </listitem>
|
---|
| 966 | </varlistentry>
|
---|
| 967 |
|
---|
| 968 | <varlistentry id="swat">
|
---|
| 969 | <term><command>swat</command></term>
|
---|
| 970 | <listitem>
|
---|
| 971 | <para>is the <application>Samba</application> Web Administration
|
---|
| 972 | Tool.</para>
|
---|
| 973 | <indexterm zone="samba3 swat">
|
---|
| 974 | <primary sortas="b-swat">swat</primary>
|
---|
| 975 | </indexterm>
|
---|
| 976 | </listitem>
|
---|
| 977 | </varlistentry>
|
---|
| 978 |
|
---|
| 979 | <varlistentry id="tdbbackup">
|
---|
| 980 | <term><command>tdbbackup</command></term>
|
---|
| 981 | <listitem>
|
---|
| 982 | <para>is a tool for backing up or validating the integrity of
|
---|
| 983 | <application>Samba</application> <filename>.tdb</filename>
|
---|
| 984 | files.</para>
|
---|
| 985 | <indexterm zone="samba3 tdbbackup">
|
---|
| 986 | <primary sortas="b-tdbbackup">tdbbackup</primary>
|
---|
| 987 | </indexterm>
|
---|
| 988 | </listitem>
|
---|
| 989 | </varlistentry>
|
---|
| 990 |
|
---|
| 991 | <varlistentry id="tdbdump">
|
---|
| 992 | <term><command>tdbdump</command></term>
|
---|
| 993 | <listitem>
|
---|
| 994 | <para> is a tool used to print the contents of a
|
---|
| 995 | <application>Samba</application> <filename>.tdb</filename>
|
---|
| 996 | file.</para>
|
---|
| 997 | <indexterm zone="samba3 tdbdump">
|
---|
| 998 | <primary sortas="b-tdbdump">tdbdump</primary>
|
---|
| 999 | </indexterm>
|
---|
| 1000 | </listitem>
|
---|
| 1001 | </varlistentry>
|
---|
| 1002 |
|
---|
| 1003 | <varlistentry id="tdbtool">
|
---|
| 1004 | <term><command>tdbtool</command></term>
|
---|
| 1005 | <listitem>
|
---|
| 1006 | <para>is a tool which allows simple database manipulation from the
|
---|
| 1007 | command line.</para>
|
---|
| 1008 | <indexterm zone="samba3 tdbtool">
|
---|
| 1009 | <primary sortas="b-tdbtool">tdbtool</primary>
|
---|
| 1010 | </indexterm>
|
---|
| 1011 | </listitem>
|
---|
| 1012 | </varlistentry>
|
---|
| 1013 |
|
---|
| 1014 | <varlistentry id="testparm">
|
---|
| 1015 | <term><command>testparm</command></term>
|
---|
| 1016 | <listitem>
|
---|
| 1017 | <para>checks an <filename>smb.conf</filename> file for proper
|
---|
| 1018 | syntax.</para>
|
---|
| 1019 | <indexterm zone="samba3 testparm">
|
---|
| 1020 | <primary sortas="b-testparm">testparm</primary>
|
---|
| 1021 | </indexterm>
|
---|
| 1022 | </listitem>
|
---|
| 1023 | </varlistentry>
|
---|
| 1024 |
|
---|
[75b4d9e] | 1025 | <varlistentry id="umount.cifs">
|
---|
| 1026 | <term><command>umount.cifs</command></term>
|
---|
[99ef1fc] | 1027 | <listitem>
|
---|
[75b4d9e] | 1028 | <para>is used by normal, non-<systemitem
|
---|
| 1029 | class="username">root</systemitem> users, to
|
---|
| 1030 | <command>unmount</command> their own Common Internet File System
|
---|
| 1031 | (CIFS) mounts.</para>
|
---|
| 1032 | <indexterm zone="samba3 umount.cifs">
|
---|
| 1033 | <primary sortas="b-umount.cifs">umount.cifs</primary>
|
---|
[99ef1fc] | 1034 | </indexterm>
|
---|
| 1035 | </listitem>
|
---|
| 1036 | </varlistentry>
|
---|
| 1037 |
|
---|
| 1038 | <varlistentry id="wbinfo">
|
---|
| 1039 | <term><command>wbinfo</command></term>
|
---|
| 1040 | <listitem>
|
---|
| 1041 | <para>queries a running <command>winbindd</command> daemon.</para>
|
---|
| 1042 | <indexterm zone="samba3 wbinfo">
|
---|
| 1043 | <primary sortas="b-wbinfo">wbinfo</primary>
|
---|
| 1044 | </indexterm>
|
---|
| 1045 | </listitem>
|
---|
| 1046 | </varlistentry>
|
---|
| 1047 |
|
---|
| 1048 | <varlistentry id="winbindd">
|
---|
| 1049 | <term><command>winbindd</command></term>
|
---|
| 1050 | <listitem>
|
---|
| 1051 | <para>resolves names from Windows NT servers.</para>
|
---|
| 1052 | <indexterm zone="samba3 winbindd">
|
---|
| 1053 | <primary sortas="b-winbindd">winbindd</primary>
|
---|
| 1054 | </indexterm>
|
---|
| 1055 | </listitem>
|
---|
| 1056 | </varlistentry>
|
---|
| 1057 |
|
---|
| 1058 | </variablelist>
|
---|
| 1059 |
|
---|
| 1060 | </sect2>
|
---|
| 1061 |
|
---|
| 1062 | </sect1>
|
---|