diff options
Diffstat (limited to 'docs/docbook/manpages/smb.conf.5.sgml')
-rw-r--r-- | docs/docbook/manpages/smb.conf.5.sgml | 142 |
1 files changed, 120 insertions, 22 deletions
diff --git a/docs/docbook/manpages/smb.conf.5.sgml b/docs/docbook/manpages/smb.conf.5.sgml index 4a6de97f92..e8846e4b26 100644 --- a/docs/docbook/manpages/smb.conf.5.sgml +++ b/docs/docbook/manpages/smb.conf.5.sgml @@ -542,8 +542,10 @@ steps fail, then the connection request is rejected. However, if one of the steps succeeds, then the following steps are not checked.</para> - <para>If the service is marked "guest only = yes" then - steps 1 to 5 are skipped.</para> + <para>If the service is marked "guest only = yes" and the + server is running with share-level security ("security = share") + then steps 1 to 5 are skipped.</para> + <orderedlist numeration="Arabic"> <listitem><para>If the client has passed a username/password @@ -653,6 +655,9 @@ <listitem><para><link linkend="LOCALMASTER"><parameter>local master</parameter></link></para></listitem> <listitem><para><link linkend="LOCKDIR"><parameter>lock dir</parameter></link></para></listitem> <listitem><para><link linkend="LOCKDIRECTORY"><parameter>lock directory</parameter></link></para></listitem> + <listitem><para><link linkend="LOCKSPINCOUNT"><parameter>lock spin count</parameter></link></para></listitem> + <listitem><para><link linkend="LOCKSPINTIME"><parameter>lock spin time</parameter></link></para></listitem> + <listitem><para><link linkend="PIDDIRECTORY"><parameter>pid directory</parameter></link></para></listitem> <listitem><para><link linkend="LOGFILE"><parameter>log file</parameter></link></para></listitem> <listitem><para><link linkend="LOGLEVEL"><parameter>log level</parameter></link></para></listitem> <listitem><para><link linkend="LOGONDRIVE"><parameter>logon drive</parameter></link></para></listitem> @@ -833,6 +838,7 @@ <listitem><para><link linkend="HOSTSALLOW"><parameter>hosts allow</parameter></link></para></listitem> <listitem><para><link linkend="HOSTSDENY"><parameter>hosts deny</parameter></link></para></listitem> <listitem><para><link linkend="INCLUDE"><parameter>include</parameter></link></para></listitem> + <listitem><para><link linkend="INHERITACLS"><parameter>inherit acls</parameter></link></para></listitem> <listitem><para><link linkend="INHERITPERMISSIONS"><parameter>inherit permissions</parameter></link></para></listitem> <listitem><para><link linkend="INVALIDUSERS"><parameter>invalid users</parameter></link></para></listitem> <listitem><para><link linkend="LEVEL2OPLOCKS"><parameter>level2 oplocks</parameter></link></para></listitem> @@ -3094,6 +3100,24 @@ <varlistentry> + <term><anchor id="INHERITACLS">inherit acls (S)</term> + <listitem><para>This parameter can be used to ensure + that if default acls exist on parent directories, + they are always honored when creating a subdirectory. + The default behavior is to use the mode specified + when creating the directory. Enabling this option + sets the mode to 0777, thus guaranteeing that + default directory acls are propagated. + </para> + + <para>Default: <command>inherit acls = no</command> + </para></listitem> + </varlistentry> + + + + + <varlistentry> <term><anchor id="INHERITPERMISSIONS">inherit permissions (S)</term> <listitem><para>The permissions on new files and directories are normally governed by <link linkend="CREATEMASK"><parameter> @@ -3601,6 +3625,39 @@ <varlistentry> + <term><anchor id="LOCKSPINCOUNT">lock spin count (G)</term> + <listitem><para>This parameter controls the number of times + that smbd should attempt to gain a byte range lock on the + behalf of a client request. Experiments have shown that + Windows 2k servers do not reply with a failure if the lock + could not be immediately granted, but try a few more times + in case the lock could later be aquired. This behavior + is used to support PC database formats such as MS Access + and FoxPro. + </para> + + <para>Default: <command>lock spin count = 2</command> + </para></listitem> + </varlistentry> + + + + + <varlistentry> + <term><anchor id="LOCKSPINTIME">lock spin time (G)</term> + <listitem><para>The time in microseconds that smbd should + pause before attempting to gain a failed lock. See + <link linkend="LOCKSPINCOUNT"><parameter>lock spin + count</parameter></link> for more details. + </para> + + <para>Default: <command>lock spin time = 10</command> + </para></listitem> + </varlistentry> + + + + <varlistentry> <term><anchor id="LOCKING">locking (S)</term> <listitem><para>This controls whether or not locking will be performed by the server in response to lock requests from the @@ -3889,8 +3946,8 @@ takes a printer name as its only parameter and outputs printer status information.</para> - <para>Currently eight styles of printer status information - are supported; BSD, AIX, LPRNG, PLP, SYSV, HPUX, QNX and SOFTQ. + <para>Currently nine styles of printer status information + are supported; BSD, AIX, LPRNG, PLP, SYSV, HPUX, QNX, CUPS, and SOFTQ. This covers most UNIX systems. You control which type is expected using the <parameter>printing =</parameter> option.</para> @@ -3906,7 +3963,10 @@ <para>Note that it is good practice to include the absolute path in the <parameter>lpq command</parameter> as the <envar>$PATH - </envar> may not be available to the server.</para> + </envar> may not be available to the server. When compiled with + the CUPS libraries, no <parameter>lpq command</parameter> is + needed because smbd will make a library call to obtain the + print queue listing.</para> <para>See also the <link linkend="PRINTING"><parameter>printing </parameter></link> parameter.</para> @@ -5479,6 +5539,18 @@ <varlistentry> + <term><anchor id="PIDDIRECTORY">pid directory (G)</term> + <listitem><para>This option specifies the directory where pid + files will be placed. </para> + + <para>Default: <command>pid directory = ${prefix}/var/locks</command></para> + <para>Example: <command>pid directory = /var/run/</command> + </para></listitem> + </varlistentry> + + + + <varlistentry> <term><anchor id="POSIXLOCKING">posix locking (S)</term> <listitem><para>The <ulink url="smbd.8.html"><command>smbd(8)</command></ulink> daemon maintains an database of file locks obtained by SMB clients. @@ -5657,14 +5729,23 @@ manually remove old spool files.</para> <para>The print command is simply a text string. It will be used - verbatim, with two exceptions: All occurrences of <parameter>%s - </parameter> and <parameter>%f</parameter> will be replaced by the - appropriate spool file name, and all occurrences of <parameter>%p - </parameter> will be replaced by the appropriate printer name. The - spool file name is generated automatically by the server. The - <parameter>%J</parameter> macro can be used to access the job + verbatim after macro substitutions have been made:</para> + + <para>s, %p - the path to the spool + file name</para> + + <para>%p - the appropriate printer + name</para> + + <para>%J - the job name as transmitted by the client.</para> + <para>%c - The number of printed pages + of the spooled job (if known).</para> + + <para>%z - the size of the spooled + print job (in bytes)</para> + <para>The print command <emphasis>MUST</emphasis> contain at least one occurrence of <parameter>%s</parameter> or <parameter>%f </parameter> - the <parameter>%p</parameter> is optional. At the time @@ -5708,6 +5789,17 @@ <para>For <command>printing = SOFTQ :</command></para> <para><command>print command = lp -d%p -s %s; rm %s</command></para> + <para>For printing = CUPS : If SAMBA is compiled against + libcups, then <link linkend="PRINTING">printcap = cups</link> + uses the CUPS API to + submit jobs, etc. Otherwise it maps to the System V + commands with the -oraw option for printing, i.e. it + uses <command>lp -c -d%p -oraw; rm %s</command>. + With <command>printing = cups</command>, + and if SAMBA is compiled against libcups, any manually + set print command will be ignored.</para> + + <para>Example: <command>print command = /usr/local/samba/bin/myprintscript %p %s</command></para> </listitem> @@ -5762,7 +5854,13 @@ why you might want to do this.</para> <para>To use the CUPS printing interface set <command>printcap name = cups - </command>.</para> + </command>. This should be supplemented by an addtional setting + <link linkend="PRINTING">printing = cups</link> in the [global] + section. <command>printcap name = cups</command> will use the + "dummy" printcap created by CUPS, as specified in your CUPS + configuration file. + </para> + <para>On System V systems that use <command>lpstat</command> to list available printers you can use <command>printcap name = lpstat </command> to automatically obtain lists of available printers. This @@ -8089,7 +8187,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ <varlistentry> - <term><anchor id="WINBINDCACHETIME">winbind cache time</term> + <term><anchor id="WINBINDCACHETIME">winbind cache time (G)</term> <listitem><para>This parameter specifies the number of seconds the <ulink url="winbindd.8.html">winbindd(8)</ulink> daemon will cache user and group information before querying a Windows NT server @@ -8101,8 +8199,8 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ <varlistentry> - <term><anchor id="WINBINDENUMUSERS">winbind enum - users</term> <listitem><para>On large installations using + <term><anchor id="WINBINDENUMUSERS">winbind enum users (G)</term> + <listitem><para>On large installations using <ulink url="winbindd.8.html">winbindd(8)</ulink> it may be necessary to suppress the enumeration of users through the <command> setpwent()</command>, @@ -8123,8 +8221,8 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ </varlistentry> <varlistentry> - <term><anchor id="WINBINDENUMGROUPS">winbind enum - groups</term> <listitem><para>On large installations using + <term><anchor id="WINBINDENUMGROUPS">winbind enum groups (G)</term> + <listitem><para>On large installations using <ulink url="winbindd.8.html">winbindd(8)</ulink> it may be necessary to suppress the enumeration of groups through the <command> setgrent()</command>, @@ -8144,7 +8242,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ <varlistentry> - <term><anchor id="WINBINDGID">winbind gid</term> + <term><anchor id="WINBINDGID">winbind gid (G)</term> <listitem><para>The winbind gid parameter specifies the range of group ids that are allocated by the <ulink url="winbindd.8.html"> winbindd(8)</ulink> daemon. This range of group ids should have no @@ -8160,7 +8258,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ <varlistentry> - <term><anchor id="WINBINDSEPARATOR">winbind separator</term> + <term><anchor id="WINBINDSEPARATOR">winbind separator (G)</term> <listitem><para>This parameter allows an admin to define the character used when listing a username of the form of <replaceable>DOMAIN </replaceable>\<replaceable>user</replaceable>. This parameter @@ -8172,8 +8270,8 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ with group membership at least on glibc systems, as the character + is used as a special character for NIS in /etc/group.</para> - <para>Example: <command>winbind separator = \\</command></para> - <para>Example: <command>winbind separator = /</command></para> + <para>Default: <command>winbind separator = '\'</command></para> + <para>Example: <command>winbind separator = +</command></para> </listitem> </varlistentry> @@ -8181,7 +8279,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ <varlistentry> - <term><anchor id="WINBINDUID">winbind uid</term> + <term><anchor id="WINBINDUID">winbind uid (G)</term> <listitem><para>The winbind gid parameter specifies the range of group ids that are allocated by the <ulink url="winbindd.8.html"> winbindd(8)</ulink> daemon. This range of ids should have no |