diff options
Diffstat (limited to 'docs/docbook/projdoc')
-rw-r--r-- | docs/docbook/projdoc/VFS.sgml | 200 | ||||
-rw-r--r-- | docs/docbook/projdoc/pdb_mysql.sgml | 138 |
2 files changed, 338 insertions, 0 deletions
diff --git a/docs/docbook/projdoc/VFS.sgml b/docs/docbook/projdoc/VFS.sgml new file mode 100644 index 0000000000..66b9be1dbd --- /dev/null +++ b/docs/docbook/projdoc/VFS.sgml @@ -0,0 +1,200 @@ +<chapter id="VFS"> +<chapterinfo> + <author><firstname>Jelmer</firstname><surname>Vernooij</surname></author> + <author><firstname>Alexander</firstname><surname>Bokovoy</surname></author> + <author><firstname>Tim</firstname><surname>Potter</surname></author> + <author><firstname>Simo</firstname><surname>Sorce</surname></author> +</chapterinfo> +<title>Stackable VFS modules</title> + +<sect1> +<title>Introduction and configuration</title> + +<para> +Since samba 3.0, samba supports stackable VFS(Virtual File System) modules. +Samba passes each request to access the unix file system thru the loaded VFS modules. +This chapter covers all the modules that come with the samba source and references to +some external modules. +</para> + +<para> +You may have problems to compile these modules, as shared libraries are +compiled and linked in different ways on different systems. +They currently have been tested against GNU/linux and IRIX. +</para> + +<para> +To use the VFS modules, create a share similar to the one below. The +important parameter is the <command>vfs object</command> parameter which must point to +the exact pathname of the shared library objects. For example, to log all access +to files and use a recycle bin: + +<programlisting> + [audit] + comment = Audited /data directory + path = /data + vfs object = /path/to/audit.so /path/to/recycle.so + writeable = yes + browseable = yes +</programlisting> +</para> + +<para> +The modules are used in the order they are specified. +</para> + +<para> +Further documentation on writing VFS modules for Samba can be found in +the Samba Developers Guide. +</para> + +</sect1> + +<sect1> +<title>Included modules</title> + +<sect2> +<title>audit</title> +<para>A simple module to audit file access to the syslog +facility. The following operations are logged: +<simplelist> +<member>share</member> +<member>connect/disconnect</member> +<member>directory opens/create/remove</member> +<member>file open/close/rename/unlink/chmod</member> +</simplelist> +</para> +</sect2> + +<sect2> +<title>recycle</title> +<para> +A recycle-bin like modules. When used any unlink call +will be intercepted and files moved to the recycle +directory instead of beeing deleted. +</para> + +<para>Supported options: +<variablelist> + <varlistentry> + <term>vfs_recycle_bin:repository</term> + <listitem><para>FIXME</para></listitem> + </varlistentry> + + <varlistentry> + <term>vfs_recycle_bin:keeptree</term> + <listitem><para>FIXME</para></listitem> + </varlistentry> + + <varlistentry> + <term>vfs_recycle_bin:versions</term> + <listitem><para>FIXME</para></listitem> + </varlistentry> + + <varlistentry> + <term>vfs_recycle_bin:touch</term> + <listitem><para>FIXME</para></listitem> + </varlistentry> + + <varlistentry> + <term>vfs_recycle_bin:maxsize</term> + <listitem><para>FIXME</para></listitem> + </varlistentry> + + <varlistentry> + <term>vfs_recycle_bin:exclude</term> + <listitem><para>FIXME</para></listitem> + </varlistentry> + + <varlistentry> + <term>vfs_recycle_bin:exclude_dir</term> + <listitem><para>FIXME</para></listitem> + </varlistentry> + + <varlistentry> + <term>vfs_recycle_bin:noversions</term> + <listitem><para>FIXME</para></listitem> + </varlistentry> +</variablelist> +</para> + +</sect2> + +<sect2> +<title>netatalk</title> +<para> +A netatalk module, that will ease co-existence of samba and +netatalk file sharing services. +</para> + +<para>Advantages compared to the old netatalk module: +<simplelist> +<member>it doesn't care about creating of .AppleDouble forks, just keeps ones in sync</member> +<member>if share in smb.conf doesn't contain .AppleDouble item in hide or veto list, it will be added automatically</member> +</simplelist> +</para> + +</sect2> + +</sect1> + +<sect1> +<title>VFS modules available elsewhere</title> + +<para> +This section contains a listing of various other VFS modules that +have been posted but don't currently reside in the Samba CVS +tree for one reason ot another (e.g. it is easy for the maintainer +to have his or her own CVS tree). +</para> + +<para> +No statemets about the stability or functionality any module +should be implied due to its presence here. +</para> + +<sect2> +<title>DatabaseFS</title> + +<para> +URL: <ulink url="http://www.css.tayloru.edu/~elorimer/databasefs/index.php">http://www.css.tayloru.edu/~elorimer/databasefs/index.php</ulink> +</para> + +<para>By <ulink url="mailto:elorimer@css.tayloru.edu">Eric Lorimer</ulink>.</para> + +<para> +I have created a VFS module which implements a fairly complete read-only +filesystem. It presents information from a database as a filesystem in +a modular and generic way to allow different databases to be used +(originally designed for organizing MP3s under directories such as +"Artists," "Song Keywords," etc... I have since applied it to a student +roster database very easily). The directory structure is stored in the +database itself and the module makes no assumptions about the database +structure beyond the table it requires to run. +</para> + +<para> +Any feedback would be appreciated: comments, suggestions, patches, +etc... If nothing else, hopefully it might prove useful for someone +else who wishes to create a virtual filesystem. +</para> + +</sect2> + +<sect2> +<title>vscan</title> +<para>URL: <ulink url="http://www.openantivirus.org/">http://www.openantivirus.org/</ulink></para> + +<para> +samba-vscan is a proof-of-concept module for Samba, which +uses the VFS (virtual file system) features of Samba 2.2.x/3.0 +alphaX. Of couse, Samba has to be compiled with VFS support. +samba-vscan supports various virus scanners and is maintained +by Rainer Link. +</para> + +</sect2> + +</sect1> + +</chapter> diff --git a/docs/docbook/projdoc/pdb_mysql.sgml b/docs/docbook/projdoc/pdb_mysql.sgml new file mode 100644 index 0000000000..05262ebe10 --- /dev/null +++ b/docs/docbook/projdoc/pdb_mysql.sgml @@ -0,0 +1,138 @@ +<chapter id="pdb-mysql"> +<chapterinfo> + <author> + <firstname>Jelmer</firstname><surname>Vernooij</surname> + <affiliation> + <orgname>The Samba Team</orgname> + <address><email>jelmer@samba.org</email></address> + </affiliation> + </author> + <pubdate>November 2002</pubdate> +</chapterinfo> + +<title>Passdb MySQL plugin</title> + +<sect1> +<title>Building</title> + +<para>To build the plugin, run <command>make bin/pdb_mysql.so</command> +in the <filename>source/</filename> directory of samba distribution. +</para> + +<para>Next, copy pdb_mysql.so to any location you want. I +strongly recommend installing it in $PREFIX/lib or /usr/lib/samba/</para> + +</sect1> + +<sect1> +<title>Configuring</title> + +<para>This plugin lacks some good documentation, but here is some short info:</para> + +<para>Add a the following to the <command>passdb backend</command> variable in your <filename>smb.conf</filename>: +<programlisting> +passdb backend = [other-plugins] plugin:/location/to/pdb_mysql.so:identifier [other-plugins] +</programlisting> +</para> + +<para>The identifier can be any string you like, as long as it doesn't collide with +the identifiers of other plugins or other instances of pdb_mysql. If you +specify multiple pdb_mysql.so entries in 'passdb backend', you also need to +use different identifiers! +</para> + +<para> +Additional options can be given thru the smb.conf file in the [global] section. +</para> + +<para><programlisting> +identifier:mysql host - host name, defaults to 'localhost' +identifier:mysql password +identifier:mysql user - defaults to 'samba' +identifier:mysql database - defaults to 'samba' +identifier:mysql port - defaults to 3306 +identifier:table - Name of the table containing users +</programlisting></para> + +<para>Names of the columns in this table(I've added column types those columns should have first):</para> + +<para><programlisting> +identifier:logon time column - int(9) +identifier:logoff time column - int(9) +identifier:kickoff time column - int(9) +identifier:pass last set time column - int(9) +identifier:pass can change time column - int(9) +identifier:pass must change time column - int(9) +identifier:username column - varchar(255) - unix username +identifier:domain column - varchar(255) - NT domain user is part of +identifier:nt username column - varchar(255) - NT username +identifier:fullname column - varchar(255) - Full name of user +identifier:home dir column - varchar(255) - Unix homedir path +identifier:dir drive column - varchar(2) - Directory drive path (eg: 'H:') +identifier:logon script column - varchar(255) - Batch file to run on client side when logging on +identifier:profile path column - varchar(255) - Path of profile +identifier:acct desc column - varchar(255) - Some ASCII NT user data +identifier:workstations column - varchar(255) - Workstations user can logon to (or NULL for all) +identifier:unknown string column - varchar(255) - unknown string +identifier:munged dial column - varchar(255) - ? +identifier:uid column - int(9) - Unix user ID (uid) +identifier:gid column - int(9) - Unix user group (gid) +identifier:user sid column - varchar(255) - NT user SID +identifier:group sid column - varchar(255) - NT group ID +identifier:lanman pass column - varchar(255) - encrypted lanman password +identifier:nt pass column - varchar(255) - encrypted nt passwd +identifier:plain pass column - varchar(255) - plaintext password +identifier:acct control column - int(9) - nt user data +identifier:unknown 3 column - int(9) - unknown +identifier:logon divs column - int(9) - ? +identifier:hours len column - int(9) - ? +identifier:unknown 5 column - int(9) - unknown +identifier:unknown 6 column - int(9) - unknown +</programlisting></para> + +<para> +Eventually, you can put a colon (:) after the name of each column, which +should specify the column to update when updating the table. You can also +specify nothing behind the colon - then the data from the field will not be +updated. +</para> + +</sect1> + +<sect1> +<title>Using plaintext passwords or encrypted password</title> + +<para> +I strongly discourage the use of plaintext passwords, however, you can use them: +</para> + +<para> +If you would like to use plaintext passwords, set 'identifier:lanman pass column' and 'identifier:nt pass column' to 'NULL' (without the quotes) and 'identifier:plain pass column' to the name of the column containing the plaintext passwords. +</para> + +<para> +If you use encrypted passwords, set the 'identifier:plain pass column' to 'NULL' (without the quotes). This is the default. +</para> + +</sect1> + +<sect1> +<title>Getting non-column data from the table</title> + +<para> +It is possible to have not all data in the database and making some 'constant'. +</para> + +<para> +For example, you can set 'identifier:fullname column' to : +<command>CONCAT(First_name,' ',Sur_name)</command> +</para> + +<para> +Or, set 'identifier:workstations column' to : +<command>NULL</command></para> + +<para>See the MySQL documentation for more language constructs.</para> + +</sect1> +</chapter> |