summaryrefslogtreecommitdiff
path: root/docs/docbook/projdoc
diff options
context:
space:
mode:
Diffstat (limited to 'docs/docbook/projdoc')
-rw-r--r--docs/docbook/projdoc/NetworkBrowsing.xml14
-rw-r--r--docs/docbook/projdoc/Samba-PDC-HOWTO.xml8
-rw-r--r--docs/docbook/projdoc/UNIX_INSTALL.xml12
-rw-r--r--docs/docbook/projdoc/printer_driver2.xml1
-rw-r--r--docs/docbook/projdoc/securing-samba.xml61
5 files changed, 94 insertions, 2 deletions
diff --git a/docs/docbook/projdoc/NetworkBrowsing.xml b/docs/docbook/projdoc/NetworkBrowsing.xml
index 70e4210443..971963579b 100644
--- a/docs/docbook/projdoc/NetworkBrowsing.xml
+++ b/docs/docbook/projdoc/NetworkBrowsing.xml
@@ -1506,5 +1506,19 @@ This may take a long time on some networks (months).
</para>
</sect2>
+
+<sect1>
+<title>My client reports "This server is not configured to list shared resources"</title>
+
+<para>
+Your guest account is probably invalid for some reason. Samba uses the
+guest account for browsing in smbd. Check that your guest account is
+valid.
+</para>
+
+<para>See also <parameter>guest account</parameter> in the &smb.conf; man page.</para>
+
+</sect2>
+
</sect1>
</chapter>
diff --git a/docs/docbook/projdoc/Samba-PDC-HOWTO.xml b/docs/docbook/projdoc/Samba-PDC-HOWTO.xml
index 05d0131f94..af05b32e4a 100644
--- a/docs/docbook/projdoc/Samba-PDC-HOWTO.xml
+++ b/docs/docbook/projdoc/Samba-PDC-HOWTO.xml
@@ -903,5 +903,13 @@ Enable the user accounts with <userinput>smbpasswd -e <replaceable>username</rep
</para>
</sect2>
+
+<sect2>
+ <title>Until a few minutes after samba has started, clients get the error "Domain Controller Unavailable"</title>
+ <para>
+ A domain controller has to announce on the network who it is. This usually takes a while.
+ </para>
+</sect2>
+
</sect1>
</chapter>
diff --git a/docs/docbook/projdoc/UNIX_INSTALL.xml b/docs/docbook/projdoc/UNIX_INSTALL.xml
index a169bea558..f305686915 100644
--- a/docs/docbook/projdoc/UNIX_INSTALL.xml
+++ b/docs/docbook/projdoc/UNIX_INSTALL.xml
@@ -212,15 +212,19 @@ The following questions and issues get raised on the samba mailing list over and
<title>Why are so many smbd processes eating memory?</title>
<para>
+<quote>
Site that is running Samba on an AIX box. They are sharing out about 2 terabytes using samba.
Samba was installed using smitty and the binaries. We seem to be experiencing a memory problem
with this box. When I do a <command>svmon -Pu</command> the monitoring program shows that &smbd; has several
processes of smbd running:
+</quote>
</para>
<para>
+ <quote>
Is samba suppose to start this many different smbd processes? Or does it run as one smbd process? Also
is it normal for it to be taking up this much memory?
+</quote>
</para>
<para>
@@ -256,7 +260,7 @@ Inuse * 4096 = amount of memory being used by this process
<para>
-<emphasis>ANSWER:</emphasis> Samba consists on three core programs:
+Samba consists on three core programs:
&nmbd;, &smbd;, &winbindd;. &nmbd; is the name server message daemon,
&smbd; is the server message daemon, &winbindd; is the daemon that
handles communication with Domain Controllers.
@@ -279,6 +283,12 @@ run in "split mode" (in which case there will be two instances).
</para>
</sect2>
+
+ <sect2>
+ <title>I'm getting "open_oplock_ipc: Failed to get local UDP socket for address 100007f. Error was Cannot assign requested" in the logs</title>
+ <para>Your loopback device isn't working correctly. Make sure it's running. </para>
+ </sect2>
+
</sect1>
</chapter>
diff --git a/docs/docbook/projdoc/printer_driver2.xml b/docs/docbook/projdoc/printer_driver2.xml
index 1a5f514a33..f730b238bd 100644
--- a/docs/docbook/projdoc/printer_driver2.xml
+++ b/docs/docbook/projdoc/printer_driver2.xml
@@ -335,7 +335,6 @@ as shown above:
</para>
<para><screen>
-
transmeta: # testparm -v | egrep "(lp|print|spool|driver|ports|\[)"
Load smb config files from /etc/samba/smb.conf.simpleprinting
diff --git a/docs/docbook/projdoc/securing-samba.xml b/docs/docbook/projdoc/securing-samba.xml
index 1004260394..b137a05ec9 100644
--- a/docs/docbook/projdoc/securing-samba.xml
+++ b/docs/docbook/projdoc/securing-samba.xml
@@ -304,5 +304,66 @@ out to be a security problem request are totally convinced that the problem is w
</sect2>
+ <sect2>
+ <title>Why can users access home directories of other users?</title>
+
+ <para>
+ <quote>
+ We are unable to keep individual users from mapping to any other user's
+ home directory once they have supplied a valid password! They only need
+ to enter their own password. I have not found *any* method that I can
+ use to configure samba to enforce that only a user may map their own
+ home directory.
+ </quote>
+ </para>
+
+ <para><quote>
+ User xyzzy can map his home directory. Once mapped user xyzzy can also map
+ *anyone* elses home directory!
+ </quote></para>
+
+ <para>
+ This is not a security flaw, it is by design. Samba allows
+ users to have *exactly* the same access to the UNIX filesystem
+ as they would if they were logged onto the UNIX box, except
+ that it only allows such views onto the file system as are
+ allowed by the defined shares.
+ </para>
+
+ <para>
+ This means that if your UNIX home directories are set up
+ such that one user can happily cd into another users
+ directory and do an ls, the UNIX security solution is to
+ change the UNIX file permissions on the users home directories
+ such that the cd and ls would be denied.
+ </para>
+
+ <para>
+ Samba tries very hard not to second guess the UNIX administrators
+ security policies, and trusts the UNIX admin to set
+ the policies and permissions he or she desires.
+ </para>
+
+ <para>
+ Samba does allow the setup you require when you have set the
+ <parameter>only user = yes</parameter> option on the share, is that you have not set the
+ valid users list for the share.
+ </para>
+
+ <para>
+ Note that only user works in conjunction with the users= list,
+ so to get the behavior you require, add the line :
+ <programlisting>
+ users = %S
+ </programlisting>
+ this is equivalent to:
+ <programlisting>
+ valid users = %S
+ </programlisting>
+ to the definition of the <parameter>[homes]</parameter> share, as recommended in
+ the &smb.conf; man page.
+ </para>
+ </sect2>
+
</sect1>
</chapter>