summaryrefslogtreecommitdiff
path: root/docs/docbook/manpages/smb.conf.5.sgml
diff options
context:
space:
mode:
Diffstat (limited to 'docs/docbook/manpages/smb.conf.5.sgml')
-rw-r--r--docs/docbook/manpages/smb.conf.5.sgml142
1 files changed, 120 insertions, 22 deletions
diff --git a/docs/docbook/manpages/smb.conf.5.sgml b/docs/docbook/manpages/smb.conf.5.sgml
index 4a6de97f92..e8846e4b26 100644
--- a/docs/docbook/manpages/smb.conf.5.sgml
+++ b/docs/docbook/manpages/smb.conf.5.sgml
@@ -542,8 +542,10 @@
steps fail, then the connection request is rejected. However, if one of the
steps succeeds, then the following steps are not checked.</para>
- <para>If the service is marked "guest only = yes" then
- steps 1 to 5 are skipped.</para>
+ <para>If the service is marked "guest only = yes" and the
+ server is running with share-level security ("security = share")
+ then steps 1 to 5 are skipped.</para>
+
<orderedlist numeration="Arabic">
<listitem><para>If the client has passed a username/password
@@ -653,6 +655,9 @@
<listitem><para><link linkend="LOCALMASTER"><parameter>local master</parameter></link></para></listitem>
<listitem><para><link linkend="LOCKDIR"><parameter>lock dir</parameter></link></para></listitem>
<listitem><para><link linkend="LOCKDIRECTORY"><parameter>lock directory</parameter></link></para></listitem>
+ <listitem><para><link linkend="LOCKSPINCOUNT"><parameter>lock spin count</parameter></link></para></listitem>
+ <listitem><para><link linkend="LOCKSPINTIME"><parameter>lock spin time</parameter></link></para></listitem>
+ <listitem><para><link linkend="PIDDIRECTORY"><parameter>pid directory</parameter></link></para></listitem>
<listitem><para><link linkend="LOGFILE"><parameter>log file</parameter></link></para></listitem>
<listitem><para><link linkend="LOGLEVEL"><parameter>log level</parameter></link></para></listitem>
<listitem><para><link linkend="LOGONDRIVE"><parameter>logon drive</parameter></link></para></listitem>
@@ -833,6 +838,7 @@
<listitem><para><link linkend="HOSTSALLOW"><parameter>hosts allow</parameter></link></para></listitem>
<listitem><para><link linkend="HOSTSDENY"><parameter>hosts deny</parameter></link></para></listitem>
<listitem><para><link linkend="INCLUDE"><parameter>include</parameter></link></para></listitem>
+ <listitem><para><link linkend="INHERITACLS"><parameter>inherit acls</parameter></link></para></listitem>
<listitem><para><link linkend="INHERITPERMISSIONS"><parameter>inherit permissions</parameter></link></para></listitem>
<listitem><para><link linkend="INVALIDUSERS"><parameter>invalid users</parameter></link></para></listitem>
<listitem><para><link linkend="LEVEL2OPLOCKS"><parameter>level2 oplocks</parameter></link></para></listitem>
@@ -3094,6 +3100,24 @@
<varlistentry>
+ <term><anchor id="INHERITACLS">inherit acls (S)</term>
+ <listitem><para>This parameter can be used to ensure
+ that if default acls exist on parent directories,
+ they are always honored when creating a subdirectory.
+ The default behavior is to use the mode specified
+ when creating the directory. Enabling this option
+ sets the mode to 0777, thus guaranteeing that
+ default directory acls are propagated.
+ </para>
+
+ <para>Default: <command>inherit acls = no</command>
+ </para></listitem>
+ </varlistentry>
+
+
+
+
+ <varlistentry>
<term><anchor id="INHERITPERMISSIONS">inherit permissions (S)</term>
<listitem><para>The permissions on new files and directories
are normally governed by <link linkend="CREATEMASK"><parameter>
@@ -3601,6 +3625,39 @@
<varlistentry>
+ <term><anchor id="LOCKSPINCOUNT">lock spin count (G)</term>
+ <listitem><para>This parameter controls the number of times
+ that smbd should attempt to gain a byte range lock on the
+ behalf of a client request. Experiments have shown that
+ Windows 2k servers do not reply with a failure if the lock
+ could not be immediately granted, but try a few more times
+ in case the lock could later be aquired. This behavior
+ is used to support PC database formats such as MS Access
+ and FoxPro.
+ </para>
+
+ <para>Default: <command>lock spin count = 2</command>
+ </para></listitem>
+ </varlistentry>
+
+
+
+
+ <varlistentry>
+ <term><anchor id="LOCKSPINTIME">lock spin time (G)</term>
+ <listitem><para>The time in microseconds that smbd should
+ pause before attempting to gain a failed lock. See
+ <link linkend="LOCKSPINCOUNT"><parameter>lock spin
+ count</parameter></link> for more details.
+ </para>
+
+ <para>Default: <command>lock spin time = 10</command>
+ </para></listitem>
+ </varlistentry>
+
+
+
+ <varlistentry>
<term><anchor id="LOCKING">locking (S)</term>
<listitem><para>This controls whether or not locking will be
performed by the server in response to lock requests from the
@@ -3889,8 +3946,8 @@
takes a printer name as its only parameter and outputs printer
status information.</para>
- <para>Currently eight styles of printer status information
- are supported; BSD, AIX, LPRNG, PLP, SYSV, HPUX, QNX and SOFTQ.
+ <para>Currently nine styles of printer status information
+ are supported; BSD, AIX, LPRNG, PLP, SYSV, HPUX, QNX, CUPS, and SOFTQ.
This covers most UNIX systems. You control which type is expected
using the <parameter>printing =</parameter> option.</para>
@@ -3906,7 +3963,10 @@
<para>Note that it is good practice to include the absolute path
in the <parameter>lpq command</parameter> as the <envar>$PATH
- </envar> may not be available to the server.</para>
+ </envar> may not be available to the server. When compiled with
+ the CUPS libraries, no <parameter>lpq command</parameter> is
+ needed because smbd will make a library call to obtain the
+ print queue listing.</para>
<para>See also the <link linkend="PRINTING"><parameter>printing
</parameter></link> parameter.</para>
@@ -5479,6 +5539,18 @@
<varlistentry>
+ <term><anchor id="PIDDIRECTORY">pid directory (G)</term>
+ <listitem><para>This option specifies the directory where pid
+ files will be placed. </para>
+
+ <para>Default: <command>pid directory = ${prefix}/var/locks</command></para>
+ <para>Example: <command>pid directory = /var/run/</command>
+ </para></listitem>
+ </varlistentry>
+
+
+
+ <varlistentry>
<term><anchor id="POSIXLOCKING">posix locking (S)</term>
<listitem><para>The <ulink url="smbd.8.html"><command>smbd(8)</command></ulink>
daemon maintains an database of file locks obtained by SMB clients.
@@ -5657,14 +5729,23 @@
manually remove old spool files.</para>
<para>The print command is simply a text string. It will be used
- verbatim, with two exceptions: All occurrences of <parameter>%s
- </parameter> and <parameter>%f</parameter> will be replaced by the
- appropriate spool file name, and all occurrences of <parameter>%p
- </parameter> will be replaced by the appropriate printer name. The
- spool file name is generated automatically by the server. The
- <parameter>%J</parameter> macro can be used to access the job
+ verbatim after macro substitutions have been made:</para>
+
+ <para>s, %p - the path to the spool
+ file name</para>
+
+ <para>%p - the appropriate printer
+ name</para>
+
+ <para>%J - the job
name as transmitted by the client.</para>
+ <para>%c - The number of printed pages
+ of the spooled job (if known).</para>
+
+ <para>%z - the size of the spooled
+ print job (in bytes)</para>
+
<para>The print command <emphasis>MUST</emphasis> contain at least
one occurrence of <parameter>%s</parameter> or <parameter>%f
</parameter> - the <parameter>%p</parameter> is optional. At the time
@@ -5708,6 +5789,17 @@
<para>For <command>printing = SOFTQ :</command></para>
<para><command>print command = lp -d%p -s %s; rm %s</command></para>
+ <para>For printing = CUPS : If SAMBA is compiled against
+ libcups, then <link linkend="PRINTING">printcap = cups</link>
+ uses the CUPS API to
+ submit jobs, etc. Otherwise it maps to the System V
+ commands with the -oraw option for printing, i.e. it
+ uses <command>lp -c -d%p -oraw; rm %s</command>.
+ With <command>printing = cups</command>,
+ and if SAMBA is compiled against libcups, any manually
+ set print command will be ignored.</para>
+
+
<para>Example: <command>print command = /usr/local/samba/bin/myprintscript
%p %s</command></para>
</listitem>
@@ -5762,7 +5854,13 @@
why you might want to do this.</para>
<para>To use the CUPS printing interface set <command>printcap name = cups
- </command>.</para>
+ </command>. This should be supplemented by an addtional setting
+ <link linkend="PRINTING">printing = cups</link> in the [global]
+ section. <command>printcap name = cups</command> will use the
+ "dummy" printcap created by CUPS, as specified in your CUPS
+ configuration file.
+ </para>
+
<para>On System V systems that use <command>lpstat</command> to
list available printers you can use <command>printcap name = lpstat
</command> to automatically obtain lists of available printers. This
@@ -8089,7 +8187,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
<varlistentry>
- <term><anchor id="WINBINDCACHETIME">winbind cache time</term>
+ <term><anchor id="WINBINDCACHETIME">winbind cache time (G)</term>
<listitem><para>This parameter specifies the number of seconds the
<ulink url="winbindd.8.html">winbindd(8)</ulink> daemon will cache
user and group information before querying a Windows NT server
@@ -8101,8 +8199,8 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
<varlistentry>
- <term><anchor id="WINBINDENUMUSERS">winbind enum
- users</term> <listitem><para>On large installations using
+ <term><anchor id="WINBINDENUMUSERS">winbind enum users (G)</term>
+ <listitem><para>On large installations using
<ulink url="winbindd.8.html">winbindd(8)</ulink> it may be
necessary to suppress the enumeration of users through the
<command> setpwent()</command>,
@@ -8123,8 +8221,8 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
</varlistentry>
<varlistentry>
- <term><anchor id="WINBINDENUMGROUPS">winbind enum
- groups</term> <listitem><para>On large installations using
+ <term><anchor id="WINBINDENUMGROUPS">winbind enum groups (G)</term>
+ <listitem><para>On large installations using
<ulink url="winbindd.8.html">winbindd(8)</ulink> it may be
necessary to suppress the enumeration of groups through the
<command> setgrent()</command>,
@@ -8144,7 +8242,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
<varlistentry>
- <term><anchor id="WINBINDGID">winbind gid</term>
+ <term><anchor id="WINBINDGID">winbind gid (G)</term>
<listitem><para>The winbind gid parameter specifies the range of group
ids that are allocated by the <ulink url="winbindd.8.html">
winbindd(8)</ulink> daemon. This range of group ids should have no
@@ -8160,7 +8258,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
<varlistentry>
- <term><anchor id="WINBINDSEPARATOR">winbind separator</term>
+ <term><anchor id="WINBINDSEPARATOR">winbind separator (G)</term>
<listitem><para>This parameter allows an admin to define the character
used when listing a username of the form of <replaceable>DOMAIN
</replaceable>\<replaceable>user</replaceable>. This parameter
@@ -8172,8 +8270,8 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
with group membership at least on glibc systems, as the character +
is used as a special character for NIS in /etc/group.</para>
- <para>Example: <command>winbind separator = \\</command></para>
- <para>Example: <command>winbind separator = /</command></para>
+ <para>Default: <command>winbind separator = '\'</command></para>
+ <para>Example: <command>winbind separator = +</command></para>
</listitem>
</varlistentry>
@@ -8181,7 +8279,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
<varlistentry>
- <term><anchor id="WINBINDUID">winbind uid</term>
+ <term><anchor id="WINBINDUID">winbind uid (G)</term>
<listitem><para>The winbind gid parameter specifies the range of group
ids that are allocated by the <ulink url="winbindd.8.html">
winbindd(8)</ulink> daemon. This range of ids should have no