diff options
Diffstat (limited to 'docs/docbook/manpages/smb.conf.5.sgml')
| -rw-r--r-- | docs/docbook/manpages/smb.conf.5.sgml | 403 |
1 files changed, 191 insertions, 212 deletions
diff --git a/docs/docbook/manpages/smb.conf.5.sgml b/docs/docbook/manpages/smb.conf.5.sgml index c0893f1005..a1f767185c 100644 --- a/docs/docbook/manpages/smb.conf.5.sgml +++ b/docs/docbook/manpages/smb.conf.5.sgml @@ -109,7 +109,7 @@ <computeroutput> [foo] path = /home/bar - writeable = true + read only = no </computeroutput> </screen> @@ -124,9 +124,9 @@ <computeroutput> [aprinter] path = /usr/spool/public - writeable = false - printable = true - guest ok = true + read only = yes + printable = yes + guest ok = yes </computeroutput> </screen> </refsect1> @@ -195,7 +195,7 @@ <screen> <computeroutput> [homes] - writeable = yes + read only = no </computeroutput> </screen> @@ -334,29 +334,6 @@ <variablelist> <varlistentry> - <term>%S</term> - <listitem><para>the name of the current service, if any.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>%P</term> - <listitem><para>the root directory of the current service, - if any.</para></listitem> - </varlistentry> - - <varlistentry> - <term>%u</term> - <listitem><para>user name of the current service, if any.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>%g</term> - <listitem><para>primary group name of %u.</para></listitem> - </varlistentry> - - <varlistentry> <term>%U</term> <listitem><para>session user name (the user name that the client wanted, not necessarily the same as the one they got).</para></listitem> @@ -368,17 +345,6 @@ </varlistentry> <varlistentry> - <term>%H</term> - <listitem><para>the home directory of the user given - by %u.</para></listitem> - </varlistentry> - - <varlistentry> - <term>%v</term> - <listitem><para>the Samba version.</para></listitem> - </varlistentry> - - <varlistentry> <term>%h</term> <listitem><para>the Internet hostname that Samba is running on.</para></listitem> @@ -409,22 +375,6 @@ </varlistentry> <varlistentry> - <term>%N</term> - <listitem><para>the name of your NIS home directory server. - This is obtained from your NIS auto.map entry. If you have - not compiled Samba with the <emphasis>--with-automount</emphasis> - option then this value will be the same as %L.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>%p</term> - <listitem><para>the path of the service's home directory, - obtained from your NIS auto.map entry. The NIS auto.map entry - is split up as "%N:%p".</para></listitem> - </varlistentry> - - <varlistentry> <term>%R</term> <listitem><para>the selected protocol level after protocol negotiation. It can be one of CORE, COREPLUS, @@ -458,6 +408,11 @@ <term>%T</term> <listitem><para>the current date and time.</para></listitem> </varlistentry> + + <varlistentry> + <term>%D</term> + <listitem><para>Name of the domain or workgroup of the current user.</para></listitem> + </varlistentry> <varlistentry> <term>%$(<replaceable>envvar</replaceable>)</term> @@ -466,6 +421,56 @@ </varlistentry> </variablelist> + <para>The following substitutes apply only to some configuration options(only those + that are used when a connection has been established):</para> + + <variablelist> + <varlistentry> + <term>%S</term> + <listitem><para>the name of the current service, if any.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>%P</term> + <listitem><para>the root directory of the current service, + if any.</para></listitem> + </varlistentry> + + <varlistentry> + <term>%u</term> + <listitem><para>user name of the current service, if any.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>%g</term> + <listitem><para>primary group name of %u.</para></listitem> + </varlistentry> + + <varlistentry> + <term>%H</term> + <listitem><para>the home directory of the user given + by %u.</para></listitem> + </varlistentry> + + <varlistentry> + <term>%N</term> + <listitem><para>the name of your NIS home directory server. + This is obtained from your NIS auto.map entry. If you have + not compiled Samba with the <emphasis>--with-automount</emphasis> + option then this value will be the same as %L.</para> + </listitem> + </varlistentry> + + <varlistentry> + <term>%p</term> + <listitem><para>the path of the service's home directory, + obtained from your NIS auto.map entry. The NIS auto.map entry + is split up as "%N:%p".</para></listitem> + </varlistentry> + </variablelist> + <para>There are some quite creative things that can be done with these substitutions and other smb.conf options.</para </refsect1> @@ -528,7 +533,7 @@ </varlistentry> </variablelist> - <para>By default, Samba 2.2 has the same semantics as a Windows + <para>By default, Samba 3.0 has the same semantics as a Windows NT server, in that it is case insensitive but case preserving.</para> </refsect1> @@ -630,8 +635,6 @@ <listitem><para><link linkend="DISABLESPOOLSS"><parameter>disable spoolss</parameter></link></para></listitem> <listitem><para><link linkend="DISPLAYCHARSET"><parameter>display charset</parameter></link></para></listitem> <listitem><para><link linkend="DNSPROXY"><parameter>dns proxy</parameter></link></para></listitem> - <listitem><para><link linkend="DOMAINADMINGROUP"><parameter>domain admin group</parameter></link></para></listitem> - <listitem><para><link linkend="DOMAINGUESTGROUP"><parameter>domain guest group</parameter></link></para></listitem> <listitem><para><link linkend="DOMAINLOGONS"><parameter>domain logons</parameter></link></para></listitem> <listitem><para><link linkend="DOMAINMASTER"><parameter>domain master</parameter></link></para></listitem> <listitem><para><link linkend="DOSCHARSET"><parameter>dos charset</parameter></link></para></listitem> @@ -642,6 +645,7 @@ <listitem><para><link linkend="HIDELOCALUSERS"><parameter>hide local users</parameter></link></para></listitem> <listitem><para><link linkend="HIDEUNREADABLE"><parameter>hide unreadable</parameter></link></para></listitem> <listitem><para><link linkend="HIDEUNWRITEABLEFILES"><parameter>hide unwriteable files</parameter></link></para></listitem> + <listitem><para><link linkend="HIDESPECIALFILES"><parameter>hide special files</parameter></link></para></listitem> <listitem><para><link linkend="HOMEDIRMAP"><parameter>homedir map</parameter></link></para></listitem> <listitem><para><link linkend="HOSTMSDFS"><parameter>host msdfs</parameter></link></para></listitem> <listitem><para><link linkend="HOSTNAMELOOKUPS"><parameter>hostname lookups</parameter></link></para></listitem> @@ -763,6 +767,7 @@ <listitem><para><link linkend="UPDATEENCRYPTED"><parameter>update encrypted</parameter></link></para></listitem> <listitem><para><link linkend="USEMMAP"><parameter>use mmap</parameter></link></para></listitem> <listitem><para><link linkend="USERHOSTS"><parameter>use rhosts</parameter></link></para></listitem> + <listitem><para><link linkend="USESENDFILE"><parameter>use sendfile</parameter></link></para></listitem> <listitem><para><link linkend="USERNAMELEVEL"><parameter>username level</parameter></link></para></listitem> <listitem><para><link linkend="USERNAMEMAP"><parameter>username map</parameter></link></para></listitem> <listitem><para><link linkend="UTMP"><parameter>utmp</parameter></link></para></listitem> @@ -897,7 +902,6 @@ <listitem><para><link linkend="SETDIRECTORY"><parameter>set directory</parameter></link></para></listitem> <listitem><para><link linkend="SHAREMODES"><parameter>share modes</parameter></link></para></listitem> <listitem><para><link linkend="SHORTPRESERVECASE"><parameter>short preserve case</parameter></link></para></listitem> - <listitem><para><link linkend="STATUS"><parameter>status</parameter></link></para></listitem> <listitem><para><link linkend="STRICTALLOCATE"><parameter>strict allocate</parameter></link></para></listitem> <listitem><para><link linkend="STRICTLOCKING"><parameter>strict locking</parameter></link></para></listitem> <listitem><para><link linkend="STRICTSYNC"><parameter>strict sync</parameter></link></para></listitem> @@ -1394,12 +1398,12 @@ request has a time limit associated with it.</para> <para>If this parameter is set and the lock range requested - cannot be immediately satisfied, Samba 2.2 will internally + cannot be immediately satisfied, samba will internally queue the lock request, and periodically attempt to obtain the lock until the timeout period expires.</para> - <para>If this parameter is set to <constant>false</constant>, then - Samba 2.2 will behave as previous versions of Samba would and + <para>If this parameter is set to <constant>no</constant>, then + samba will behave as previous versions of Samba would and will fail the lock request immediately if the lock range cannot be obtained.</para> @@ -1447,7 +1451,7 @@ <listitem><para>This controls whether <ulink url="smbd.8.html"> <command>smbd(8)</command></ulink> will serve a browse list to a client doing a <command>NetServerEnum</command> call. Normally - set to <constant>true</constant>. You should never need to change + set to <constant>yes</constant>. You should never need to change this.</para> <para>Default: <command>browse list = yes</command></para></listitem> @@ -1747,7 +1751,7 @@ <varlistentry> <term><anchor id="DEBUGTIMESTAMP">debug timestamp (G)</term> - <listitem><para>Samba 2.2 debug log messages are timestamped + <listitem><para>Samba debug log messages are timestamped by default. If you are running at a high <link linkend="DEBUGLEVEL"> <parameter>debug level</parameter></link> these timestamps can be distracting. This boolean parameter allows timestamping @@ -2031,11 +2035,11 @@ <listitem><para>This option is used when Samba is attempting to delete a directory that contains one or more vetoed directories (see the <link linkend="VETOFILES"><parameter>veto files</parameter></link> - option). If this option is set to <constant>false</constant> (the default) then if a vetoed + option). If this option is set to <constant>no</constant> (the default) then if a vetoed directory contains any non-vetoed files or directories then the directory delete will fail. This is usually what you want.</para> - <para>If this option is set to <constant>true</constant>, then Samba + <para>If this option is set to <constant>yes</constant>, then Samba will attempt to recursively delete any files and directories within the vetoed directory. This can be useful for integration with file serving systems such as NetAtalk which create meta-files within @@ -2291,56 +2295,9 @@ </varlistentry> - - <varlistentry> - <term><anchor id="DOMAINADMINGROUP">domain admin group (G)</term> - <listitem><para>This parameter is intended as a temporary solution - to enable users to be a member of the "Domain Admins" group when - a Samba host is acting as a PDC. A complete solution will be provided - by a system for mapping Windows NT/2000 groups onto UNIX groups. - Please note that this parameter has a somewhat confusing name. It - accepts a list of usernames and of group names in standard - <filename>smb.conf</filename> notation. - </para> - - <para>See also <link linkend="DOMAINGUESTGROUP"><parameter>domain - guest group</parameter></link>, <link linkend="DOMAINLOGONS"><parameter>domain - logons</parameter></link> - </para> - - <para>Default: <emphasis>no domain administrators</emphasis></para> - <para>Example: <command>domain admin group = root @wheel</command></para> - </listitem> - </varlistentry> - - - - - <varlistentry> - <term><anchor id="DOMAINGUESTGROUP">domain guest group (G)</term> - <listitem><para>This parameter is intended as a temporary solution - to enable users to be a member of the "Domain Guests" group when - a Samba host is acting as a PDC. A complete solution will be provided - by a system for mapping Windows NT/2000 groups onto UNIX groups. - Please note that this parameter has a somewhat confusing name. It - accepts a list of usernames and of group names in standard - <filename>smb.conf</filename> notation. - </para> - - <para>See also <link linkend="DOMAINADMINGROUP"><parameter>domain - admin group</parameter></link>, <link linkend="DOMAINLOGONS"><parameter>domain - logons</parameter></link> - </para> - - <para>Default: <emphasis>no domain guests</emphasis></para> - <para>Example: <command>domain guest group = nobody @guest</command></para> - </listitem> - </varlistentry> - - <varlistentry> <term><anchor id="DOMAINLOGONS">domain logons (G)</term> - <listitem><para>If set to <constant>true</constant>, the Samba server will serve + <listitem><para>If set to <constant>yes</constant>, the Samba server will serve Windows 95/98 Domain logons for the <link linkend="WORKGROUP"> <parameter>workgroup</parameter></link> it is in. Samba 2.2 also has limited capability to act as a domain controller for Windows @@ -2478,7 +2435,7 @@ default, Samba runs with POSIX semantics and refuses to change the timestamp on a file if the user <command>smbd</command> is acting on behalf of is not the file owner. Setting this option to <constant> - true</constant> allows DOS semantics and <ulink url="smbd.8.html">smbd</ulink> will change the file + yes</constant> allows DOS semantics and <ulink url="smbd.8.html">smbd</ulink> will change the file timestamp as DOS requires.</para> <para>Default: <command>dos filetimes = no</command></para></listitem> @@ -2870,7 +2827,7 @@ caching algorithm will be used to reduce the time taken for getwd() calls. This can have a significant impact on performance, especially when the <link linkend="WIDELINKS"><parameter>wide links</parameter> - </link>parameter is set to <constant>false</constant>.</para> + </link>parameter is set to <constant>no</constant>.</para> <para>Default: <command>getwd cache = yes</command></para> </listitem> @@ -3027,9 +2984,20 @@ </varlistentry> <varlistentry> + <term><anchor id="HIDESPECIALFILES">hide special files (G)</term> + <listitem><para>This parameter prevents clients from seeing + special files such as sockets, devices and fifo's in directory + listings. + </para> + + <para>Default: <command>hide special files = no</command></para> + </listitem> + </varlistentry> + + <varlistentry> <term><anchor id="HOMEDIRMAP">homedir map (G)</term> <listitem><para>If<link linkend="NISHOMEDIR"><parameter>nis homedir - </parameter></link> is <constant>true</constant>, and <ulink + </parameter></link> is <constant>yes</constant>, and <ulink url="smbd.8.html"><command>smbd(8)</command></ulink> is also acting as a Win95/98 <parameter>logon server</parameter> then this parameter specifies the NIS (or YP) map from which the server for the user's @@ -3603,7 +3571,7 @@ oplocks</parameter></link> are supported then level2 oplocks are not granted (even if this parameter is set to <constant>yes</constant>). Note also, the <link linkend="OPLOCKS"><parameter>oplocks</parameter> - </link> parameter must be set to <constant>true</constant> on this share in order for + </link> parameter must be set to <constant>yes</constant> on this share in order for this parameter to have any effect.</para> <para>See also the <link linkend="OPLOCKS"><parameter>oplocks</parameter> @@ -3624,10 +3592,10 @@ <command>nmbd(8)</command></ulink> will produce Lanman announce broadcasts that are needed by OS/2 clients in order for them to see the Samba server in their browse list. This parameter can have three - values, <constant>true</constant>, <constant>false</constant>, or + values, <constant>yes</constant>, <constant>no</constant>, or <constant>auto</constant>. The default is <constant>auto</constant>. - If set to <constant>false</constant> Samba will never produce these - broadcasts. If set to <constant>true</constant> Samba will produce + If set to <constant>no</constant> Samba will never produce these + broadcasts. If set to <constant>yes</constant> Samba will produce Lanman announce broadcasts at a frequency set by the parameter <parameter>lm interval</parameter>. If set to <constant>auto</constant> Samba will not send Lanman announce broadcasts by default but will @@ -3682,15 +3650,15 @@ <term><anchor id="LOCALMASTER">local master (G)</term> <listitem><para>This option allows <ulink url="nmbd.8.html"><command> nmbd(8)</command></ulink> to try and become a local master browser - on a subnet. If set to <constant>false</constant> then <command> + on a subnet. If set to <constant>no</constant> then <command> nmbd</command> will not attempt to become a local master browser on a subnet and will also lose in all browsing elections. By - default this value is set to <constant>true</constant>. Setting this value to <constant>true</constant> doesn't + default this value is set to <constant>yes</constant>. Setting this value to <constant>yes</constant> doesn't mean that Samba will <emphasis>become</emphasis> the local master browser on a subnet, just that <command>nmbd</command> will <emphasis> participate</emphasis> in elections for local master browser.</para> - <para>Setting this value to <constant>false</constant> will cause <command>nmbd</command> + <para>Setting this value to <constant>no</constant> will cause <command>nmbd</command> <emphasis>never</emphasis> to become a local master browser.</para> <para>Default: <command>local master = yes</command></para> @@ -4324,10 +4292,21 @@ a better algorithm (generates less collisions) in the names. However, many Win32 applications store the mangled names and so changing to the new algorithm must not be done - lightly as these applications may break unless reinstalled. - New installations of Samba may set the default to hash2.</para> - <para>Default: <command>mangling method = hash</command></para> - <para>Example: <command>mangling method = hash2</command></para> + lightly as these applications may break unless reinstalled.</para> + <para>Default: <command>mangling method = hash2</command></para> + <para>Example: <command>mangling method = hash</command></para> + </listitem> + </varlistentry> + + <varlistentry> + <term><anchor id="MANGLEPREFIX">mangle prefix (G)</term> + <listitem><para> controls the number of prefix + characters from the original name used when generating + the mangled names. A larger value will give a weaker + hash and therefore more name collisions. The minimum + value is 1 and the maximum value is 6.</para> + <para>Default: <command>mangle prefix = 1</command></para> + <para>Example: <command>mangle prefix = 4</command></para> </listitem> </varlistentry> @@ -5454,7 +5433,7 @@ if the expect string is a full stop then no string is expected.</para> <para>If the <link linkend="PAMPASSWORDCHANGE"><parameter>pam - password change</parameter></link> parameter is set to true, the chat pairs + password change</parameter></link> parameter is set to <constant>yes</constant>, the chat pairs may be matched in any order, and success is determined by the PAM result, not any particular output. The \n macro is ignored for PAM conversions. </para> @@ -5516,7 +5495,7 @@ it.</para> <para><emphasis>Note</emphasis> that if the <parameter>unix - password sync</parameter> parameter is set to <constant>true + password sync</parameter> parameter is set to <constant>yes </constant> then this program is called <emphasis>AS ROOT</emphasis> before the SMB password in the <ulink url="smbpasswd.5.html">smbpasswd(5) </ulink> file is changed. If this UNIX password change fails, then @@ -5527,7 +5506,7 @@ is set this parameter <emphasis>MUST USE ABSOLUTE PATHS</emphasis> for <emphasis>ALL</emphasis> programs called, and must be examined for security implications. Note that by default <parameter>unix - password sync</parameter> is set to <constant>false</constant>.</para> + password sync</parameter> is set to <constant>no</constant>.</para> <para>See also <link linkend="UNIXPASSWORDSYNC"><parameter>unix password sync</parameter></link>.</para> @@ -5816,7 +5795,7 @@ url="nmbd.8.html">nmbd(8)</ulink> is a preferred master browser for its workgroup.</para> - <para>If this is set to <constant>true</constant>, on startup, <command>nmbd</command> + <para>If this is set to <constant>yes</constant>, on startup, <command>nmbd</command> will force an election, and it will have a slight advantage in winning the election. It is recommended that this parameter is used in conjunction with <command><link linkend="DOMAINMASTER"><parameter> @@ -5849,7 +5828,7 @@ <varlistentry> - <term><anchor id="PRELOAD">preload</term> + <term><anchor id="PRELOAD">preload (G)</term> <listitem><para>This is a list of services that you want to be automatically added to the browse lists. This is most useful for homes and printers services that would otherwise not be @@ -5990,7 +5969,7 @@ <para>Note that a printable service will ALWAYS allow writing to the service path (user privileges permitting) via the spooling - of print data. The <link linkend="WRITEABLE"><parameter>writeable + of print data. The <link linkend="READONLY"><parameter>read only </parameter></link> parameter controls only non-printing access to the resource.</para> @@ -6356,7 +6335,7 @@ <listitem><para>This is a list of users that are given read-only access to a service. If the connecting user is in this list then they will not be given write access, no matter what the <link - linkend="WRITEABLE"><parameter>writeable</parameter></link> + linkend="READONLY"><parameter>read only</parameter></link> option is set to. The list can include group names using the syntax described in the <link linkend="INVALIDUSERS"><parameter> invalid users</parameter></link> parameter.</para> @@ -6375,8 +6354,18 @@ <varlistentry> <term><anchor id="READONLY">read only (S)</term> - <listitem><para>Note that this is an inverted synonym for <link - linkend="WRITEABLE"><parameter>writeable</parameter></link>.</para> + <listitem><para>An inverted synonym is <link linkend="WRITEABLE"> + <parameter>writeable</parameter></link>.</para> + + <para>If this parameter is <constant>yes</constant>, then users + of a service may not create or modify files in the service's + directory.</para> + + <para>Note that a printable service (<command>printable = yes</command>) + will <emphasis>ALWAYS</emphasis> allow writing to the directory + (user privileges permitting), but only via spooling operations.</para> + + <para>Default: <command>read only = yes</command></para> </listitem> </varlistentry> @@ -6521,10 +6510,10 @@ <varlistentry> <term><anchor id="RESTRICTANONYMOUS">restrict anonymous (G)</term> - <listitem><para>This is a boolean parameter. If it is <constant>true</constant>, then + <listitem><para>This is a boolean parameter. If it is <constant>yes</constant>, then anonymous access to the server will be restricted, namely in the case where the server is expecting the client to send a username, - but it doesn't. Setting it to <constant>true</constant> will force these anonymous + but it doesn't. Setting it to <constant>yes</constant> will force these anonymous connections to be denied, and the client will be required to always supply a username and password when connecting. Use of this parameter is only recommended for homogeneous NT client environments.</para> @@ -6534,7 +6523,7 @@ likes to use anonymous connections when refreshing the share list, and this is a way to work around that.</para> - <para>When restrict anonymous is <constant>true</constant>, all anonymous connections + <para>When restrict anonymous is <constant>yes</constant>, all anonymous connections are denied no matter what they are for. This can effect the ability of a machine to access the Samba Primary Domain Controller to revalidate its machine account after someone else has logged on the client @@ -6838,7 +6827,7 @@ url="smbpasswd.8.html">smbpasswd(8)</ulink> has been used to add this machine into a Windows NT Domain. It expects the <link linkend="ENCRYPTPASSWORDS"><parameter>encrypted passwords</parameter> - </link> parameter to be set to <constant>true</constant>. In this + </link> parameter to be set to <constant>yes</constant>. In this mode Samba will try to validate the username/password by passing it to a Windows NT Primary or Backup Domain Controller, in exactly the same way that a Windows NT Server would do.</para> @@ -7258,22 +7247,6 @@ <varlistentry> - <term><anchor id="STATUS">status (G)</term> - <listitem><para>This enables or disables logging of connections - to a status file that <ulink url="smbstatus.1.html">smbstatus(1)</ulink> - can read.</para> - - <para>With this disabled <command>smbstatus</command> won't be able - to tell you what connections are active. You should never need to - change this parameter.</para> - - <para>Default: <command>status = yes</command></para> - </listitem> - </varlistentry> - - - - <varlistentry> <term><anchor id="STRICTALLOCATE">strict allocate (S)</term> <listitem><para>This is a boolean that controls the handling of disk space allocation in the server. When this is set to <constant>yes</constant> @@ -7357,10 +7330,10 @@ <term><anchor id="SYNCALWAYS">sync always (S)</term> <listitem><para>This is a boolean parameter that controls whether writes will always be written to stable storage before - the write call returns. If this is <constant>false</constant> then the server will be + the write call returns. If this is <constant>no</constant> then the server will be guided by the client's request in each write call (clients can set a bit indicating that a particular write should be synchronous). - If this is <constant>true</constant> then every write will be followed by a <command>fsync() + If this is <constant>yes</constant> then every write will be followed by a <command>fsync() </command> call to ensure the data is written to disk. Note that the <parameter>strict sync</parameter> parameter must be set to <constant>yes</constant> in order for this parameter to have @@ -7532,7 +7505,7 @@ <listitem><para>This boolean parameter controls whether Samba attempts to synchronize the UNIX password with the SMB password when the encrypted SMB password in the smbpasswd file is changed. - If this is set to <constant>true</constant> the program specified in the <parameter>passwd + If this is set to <constant>yes</constant> the program specified in the <parameter>passwd program</parameter>parameter is called <emphasis>AS ROOT</emphasis> - to allow the new UNIX password to be set without access to the old UNIX password (as the SMB password change code has no @@ -7622,7 +7595,7 @@ <listitem><para>This global parameter determines if the tdb internals of Samba can depend on mmap working correctly on the running system. Samba requires a coherent mmap/read-write system memory cache. Currently only HPUX does not have such a - coherent cache, and so this parameter is set to <constant>false</constant> by + coherent cache, and so this parameter is set to <constant>no</constant> by default on HPUX. On all other systems this parameter should be left alone. This parameter is provided to help the Samba developers track down problems with the tdb internal code. @@ -7637,7 +7610,7 @@ <varlistentry> <term><anchor id="USERHOSTS">use rhosts (G)</term> - <listitem><para>If this global parameter is <constant>true</constant>, it specifies + <listitem><para>If this global parameter is <constant>yes</constant>, it specifies that the UNIX user's <filename>.rhosts</filename> file in their home directory will be read to find the names of hosts and users who will be allowed access without specifying a password.</para> @@ -7786,28 +7759,28 @@ <para>If any line begins with a '#' or a ';' then it is ignored</para> - <para>If any line begins with an '!' then the processing - will stop after that line if a mapping was done by the line. - Otherwise mapping continues with every line being processed. - Using '!' is most useful when you have a wildcard mapping line + <para>If any line begins with an '!' then the processing + will stop after that line if a mapping was done by the line. + Otherwise mapping continues with every line being processed. + Using '!' is most useful when you have a wildcard mapping line later in the file.</para> - - <para>For example to map from the name <constant>admin</constant> + + <para>For example to map from the name <constant>admin</constant> or <constant>administrator</constant> to the UNIX name <constant> root</constant> you would use:</para> <para><command>root = admin administrator</command></para> - <para>Or to map anyone in the UNIX group <constant>system</constant> + <para>Or to map anyone in the UNIX group <constant>system</constant> to the UNIX name <constant>sys</constant> you would use:</para> <para><command>sys = @system</command></para> - <para>You can have as many mappings as you like in a username + <para>You can have as many mappings as you like in a username map file.</para> - - - <para>If your system supports the NIS NETGROUP option then + + + <para>If your system supports the NIS NETGROUP option then the netgroup database is checked before the <filename>/etc/group </filename> database for matching groups.</para> @@ -7816,12 +7789,12 @@ <para><command>tridge = "Andrew Tridgell"</command></para> - <para>would map the windows username "Andrew Tridgell" to the + <para>would map the windows username "Andrew Tridgell" to the unix username "tridge".</para> - <para>The following example would map mary and fred to the - unix user sys, and map the rest to guest. Note the use of the - '!' to tell Samba to stop processing if it gets a match on + <para>The following example would map mary and fred to the + unix user sys, and map the rest to guest. Note the use of the + '!' to tell Samba to stop processing if it gets a match on that line.</para> <para><programlisting> @@ -7829,20 +7802,20 @@ guest = * </programlisting></para> - <para>Note that the remapping is applied to all occurrences + <para>Note that the remapping is applied to all occurrences of usernames. Thus if you connect to \\server\fred and <constant> - fred</constant> is remapped to <constant>mary</constant> then you - will actually be connecting to \\server\mary and will need to - supply a password suitable for <constant>mary</constant> not - <constant>fred</constant>. The only exception to this is the + fred</constant> is remapped to <constant>mary</constant> then you + will actually be connecting to \\server\mary and will need to + supply a password suitable for <constant>mary</constant> not + <constant>fred</constant>. The only exception to this is the username passed to the <link linkend="PASSWORDSERVER"><parameter> - password server</parameter></link> (if you have one). The password - server will receive whatever username the client supplies without + password server</parameter></link> (if you have one). The password + server will receive whatever username the client supplies without modification.</para> - <para>Also note that no reverse mapping is done. The main effect - this has is with printing. Users who have been mapped may have - trouble deleting print jobs as PrintManager under WfWg will think + <para>Also note that no reverse mapping is done. The main effect + this has is with printing. Users who have been mapped may have + trouble deleting print jobs as PrintManager under WfWg will think they don't own the print job.</para> <para>Default: <emphasis>no username map</emphasis></para> @@ -7851,13 +7824,29 @@ </listitem> </varlistentry> + + <varlistentry> + <term><anchor id="USESENDFILE">use sendfile (S)</term> + <listitem><para>If this parameter is <constant>yes</constant>, and Samba + was built with the --with-sendfile-support option, and the underlying operating + system supports sendfile system call, then some SMB read calls (mainly ReadAndX + and ReadRaw) will use the more efficient sendfile system call for files that + are exclusively oplocked. This may make more efficient use of the system CPU's + and cause Samba to be faster. This is off by default as it's effects are unknown + as yet. + </para> + + <para>Default: <command>use sendfile = no</command></para> + </listitem> + </varlistentry> + <varlistentry> <term><anchor id="UTMP">utmp (G)</term> - <listitem><para>This boolean parameter is only available if + <listitem><para>This boolean parameter is only available if Samba has been configured and compiled with the option <command> - --with-utmp</command>. If set to <constant>true</constant> then Samba will attempt + --with-utmp</command>. If set to <constant>yes</constant> then Samba will attempt to add utmp or utmpx records (depending on the UNIX system) whenever a connection is made to a Samba server. Sites may use this to record the user connecting to a Samba share.</para> @@ -8109,7 +8098,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ <command>getpwent()</command> and <command>endpwent()</command> group of system calls. If the <parameter>winbind enum users</parameter> parameter is - false, calls to the <command>getpwent</command> system call + <constant>no</constant>, calls to the <command>getpwent</command> system call will not return any data. </para> <para><emphasis>Warning:</emphasis> Turning off user @@ -8131,7 +8120,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ <command>getgrent()</command> and <command>endgrent()</command> group of system calls. If the <parameter>winbind enum groups</parameter> parameter is - false, calls to the <command>getgrent()</command> system + <constant>no</constant>, calls to the <command>getgrent()</command> system call will not return any data. </para> <para><emphasis>Warning:</emphasis> Turning off group @@ -8199,7 +8188,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ <varlistentry> <term>winbind use default domain</term> - <term><anchor id="WINBINDUSEDEFAULTDOMAIN">winbind use default domain</term> + <term><anchor id="WINBINDUSEDEFAULTDOMAIN">winbind use default domain (G)</term> <listitem><para>This parameter specifies whether the <ulink url="winbindd.8.html"> winbindd(8)</ulink> daemon should operate on users without domain component in their username. @@ -8207,9 +8196,9 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ own domain. While this does not benifit Windows users, it makes SSH, FTP and e-mail function in a way much closer to the way they would in a native unix system.</para> - <para>Default: <command>winbind use default domain = <falseg> + <para>Default: <command>winbind use default domain = <no> </command></para> - <para>Example: <command>winbind use default domain = true</command></para> + <para>Example: <command>winbind use default domain = yes</command></para> </listitem> </varlistentry> @@ -8304,9 +8293,9 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ <term><anchor id="WINSSUPPORT">wins support (G)</term> <listitem><para>This boolean controls if the <ulink url="nmbd.8.html"> nmbd(8)</ulink> process in Samba will act as a WINS server. You should - not set this to <constant>true</constant> unless you have a multi-subnetted network and + not set this to <constant>yes</constant> unless you have a multi-subnetted network and you wish a particular <command>nmbd</command> to be your WINS server. - Note that you should <emphasis>NEVER</emphasis> set this to <constant>true</constant> + Note that you should <emphasis>NEVER</emphasis> set this to <constant>yes</constant> on more than one machine in your network.</para> <para>Default: <command>wins support = no</command></para> @@ -8377,7 +8366,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ <listitem><para>This is a list of users that are given read-write access to a service. If the connecting user is in this list then they will be given write access, no matter what the <link - linkend="WRITEABLE"><parameter>writeable</parameter></link> + linkend="READONLY"><parameter>read only</parameter></link> option is set to. The list can include group names using the @group syntax.</para> @@ -8415,8 +8404,8 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ <varlistentry> <term><anchor id="WRITEOK">write ok (S)</term> - <listitem><para>Synonym for <link linkend="WRITEABLE"><parameter> - writeable</parameter></link>.</para> + <listitem><para>Inverted synonym for <link linkend="READONLY"><parameter> + read only</parameter></link>.</para> </listitem> </varlistentry> @@ -8436,18 +8425,8 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ <varlistentry> <term><anchor id="WRITEABLE">writeable (S)</term> - <listitem><para>An inverted synonym is <link linkend="READONLY"> - <parameter>read only</parameter></link>.</para> - - <para>If this parameter is <constant>no</constant>, then users - of a service may not create or modify files in the service's - directory.</para> - - <para>Note that a printable service (<command>printable = yes</command>) - will <emphasis>ALWAYS</emphasis> allow writing to the directory - (user privileges permitting), but only via spooling operations.</para> - - <para>Default: <command>writeable = no</command></para> + <listitem><para>Inverted synonym for <link linkend="READONLY"><parameter> + read only</parameter></link>.</para> </listitem> </varlistentry> @@ -8481,7 +8460,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ <refsect1> <title>VERSION</title> - <para>This man page is correct for version 2.2 of + <para>This man page is correct for version 3.0 of the Samba suite.</para> </refsect1> |