diff options
Diffstat (limited to 'docs/htmldocs/smb.conf.5.html')
-rw-r--r-- | docs/htmldocs/smb.conf.5.html | 262 |
1 files changed, 131 insertions, 131 deletions
diff --git a/docs/htmldocs/smb.conf.5.html b/docs/htmldocs/smb.conf.5.html index b1ff9dd3f2..a0c1eb82b3 100644 --- a/docs/htmldocs/smb.conf.5.html +++ b/docs/htmldocs/smb.conf.5.html @@ -3,7 +3,7 @@ -<html><head><title>smb.conf</title> +<html><head><title>smb.conf (5)</title> <link rev="made" href="mailto:samba-bugs@samba.anu.edu.au"> </head> @@ -11,7 +11,7 @@ <hr> -<h1>smb.conf</h1> +<h1>smb.conf (5)</h1> <h2>Samba</h2> <h2>23 Oct 1998</h2> @@ -81,7 +81,7 @@ them. The client provides the username. As older clients only provide passwords and not usernames, you may specify a list of usernames to check against the password using the <a href="smb.conf.5.html#user"><strong>"user="</strong></a> option in the share definition. For modern clients such as Windows 95/98 and -Windows NT, this should not be neccessary. +Windows NT, this should not be necessary. <p><br>Note that the access rights granted by the server are masked by the access rights granted to the specified or guest UNIX user by the host system. The server does not grant more access than the host system @@ -94,7 +94,7 @@ the share name "foo": [foo] path = /home/bar - writable = true + writeable = true </pre> @@ -159,7 +159,7 @@ following is a typical and suitable [homes] section: <p><br><pre> [homes] - writable = yes + writeable = yes </pre> @@ -197,14 +197,14 @@ given, the username is set to the located printer name. <p><br></ul> <p><br>Note that the [printers] service MUST be printable - if you specify otherwise, the server will refuse to load the configuration file. -<p><br>Typically the path specified would be that of a world-writable spool +<p><br>Typically the path specified would be that of a world-writeable spool directory with the sticky bit set on it. A typical [printers] entry would look like this: <p><br><pre> [printers] path = /usr/spool/public - writable = no + writeable = no guest ok = yes printable = yes @@ -221,7 +221,7 @@ this: <p><br>Each alias should be an acceptable printer name for your printing subsystem. In the <a href="smb.conf.5.html#global"><strong>[global]</strong></a> section, specify the new -file as your printcap. The server will then only recognise names +file as your printcap. The server will then only recognize names found in your pseudo-printcap, which of course can contain whatever aliases you like. The same technique could be used simply to limit access to a subset of your local printers. @@ -233,15 +233,15 @@ of a printcap record. Records are separated by newlines, components defined on the system you may be able to use <a href="smb.conf.5.html#printcapname"><strong>"printcap name = lpstat"</strong></a> to automatically obtain a list of printers. See the <a href="smb.conf.5.html#printcapname"><strong>"printcap name"</strong></a> option for -more detils. +more details. <p><br></ul> <p><br><a name="PARAMETERS"></a> <h2>PARAMETERS</h2> <p><br>Parameters define the specific attributes of sections. <p><br>Some parameters are specific to the <a href="smb.conf.5.html#global"><strong>[global]</strong></a> section -(eg., <a href="smb.conf.5.html#security"><strong>security</strong></a>). Some parameters are usable in -all sections (eg., <a href="smb.conf.5.html#createmode"><strong>create mode</strong></a>). All others are +(e.g., <a href="smb.conf.5.html#security"><strong>security</strong></a>). Some parameters are usable in +all sections (e.g., <a href="smb.conf.5.html#createmode"><strong>create mode</strong></a>). All others are permissible only in normal sections. For the purposes of the following descriptions the <a href="smb.conf.5.html#homes"><strong>[homes]</strong></a> and <a href="smb.conf.5.html#printers"><strong>[printers]</strong></a> sections will be considered normal. @@ -250,7 +250,7 @@ specific to the <a href="smb.conf.5.html#global"><strong>[global]</strong></a> s indicates that a parameter can be specified in a service specific section. Note that all <code>'S'</code> parameters can also be specified in the <a href="smb.conf.5.html#global"><strong>[global]</strong></a> section - in which case they will define -the default behaviour for all services. +the default behavior for all services. <p><br>Parameters are arranged here in alphabetical order - this may not create best bedfellows, but at least you can find them! Where there are synonyms, the preferred synonym is described, others refer to the @@ -308,8 +308,8 @@ negotiation. It can be one of CORE, COREPLUS, LANMAN1, LANMAN2 or NT1. <li > <strong>%d</strong> = The process id of the current server process. <p><br><a name="percenta"></a> <li > <strong>%a</strong> = the architecture of the remote -machine. Only some are recognised, and those may not be 100% -reliable. It currently recognises Samba, WfWg, WinNT and +machine. Only some are recognized, and those may not be 100% +reliable. It currently recognizes Samba, WfWg, WinNT and Win95. Anything else will be known as "UNKNOWN". If it gets it wrong then sending a level 3 log to <a href="mailto:samba-bugs@samba.anu.edu.au"><em>samba-bugs@samba.anu.edu.au</em></a> should allow it to be fixed. @@ -717,7 +717,7 @@ regardless if the owner of the file is the currently logged on user or not. <p><br>This specifies what type of server <a href="nmbd.8.html"><strong>nmbd</strong></a> will announce itself as, to a network neighborhood browse list. By default this is set to Windows NT. The valid options are : "NT", "Win95" or -"WfW" meaining Windows NT, Windows 95 and Windows for Workgroups +"WfW" meaning Windows NT, Windows 95 and Windows for Workgroups respectively. Do not change this parameter unless you have a specific need to stop Samba appearing as an NT server as this may prevent Samba servers from participating as browser servers correctly. @@ -784,7 +784,7 @@ the interface list given in the <a href="smb.conf.5.html#interfaces"><strong>'in parameter. This restricts the networks that <a href="smbd.8.html"><strong>smbd</strong></a> will serve to packets coming in those interfaces. Note that you should not use this parameter for machines that are serving PPP or -other intermittant or non-broadcast network interfaces as it will not +other intermittent or non-broadcast network interfaces as it will not cope with non-permanent interfaces. <p><br>In addition, to change a users SMB password, the <a href="smbpasswd.8.html"><strong>smbpasswd</strong></a> by default connects to the @@ -820,13 +820,8 @@ request immediately if the lock range cannot be obtained. <p><br><strong>Example:</strong> <code> blocking locks = False</code> <p><br><a name="browsable"></a> -<li><strong><strong>broweable (S)</strong></strong> -<p><br>This controls whether this share is seen in the list of available -shares in a net view and in the browse list. -<p><br><strong>Default:</strong> -<code> browsable = Yes</code> -<p><br><strong>Example:</strong> -<code> browsable = No</code> +<li><strong><strong>browseable (S)</strong></strong> +<p><br>Synonym for <a href="smb.conf.5.html#browseable"><strong>browseable</strong></a>. <p><br><a name="browselist"></a> <li><strong><strong>browse list(G)</strong></strong> <p><br>This controls whether <a href="smbd.8.html"><strong>smbd</strong></a> will serve a browse @@ -836,7 +831,12 @@ should never need to change this. <code> browse list = Yes</code> <p><br><a name="browseable"></a> <li><strong><strong>browseable</strong></strong> -<p><br>Synonym for <a href="smb.conf.5.html#browsable"><strong>browsable</strong></a>. +<p><br>This controls whether this share is seen in the list of available +shares in a net view and in the browse list. +<p><br><strong>Default:</strong> +<code> browseable = Yes</code> +<p><br><strong>Example:</strong> +<code> browseable = No</code> <p><br><a name="casesensitive"></a> <li><strong><strong>case sensitive (G)</strong></strong> <p><br>See the discussion in the section <a href="smb.conf.5.html#NAMEMANGLING"><strong>NAME MANGLING</strong></a>. @@ -907,7 +907,7 @@ described more fully in the manual page <a href="make_smbcodepage.1.html"><stron (1)</strong></a>, tell <a href="smbd.8.html"><strong>smbd</strong></a> how to map lower to upper case characters to provide the case insensitivity of filenames that Windows clients expect. -<p><br>Samba currenly ships with the following code page files : +<p><br>Samba currently ships with the following code page files : <p><br><ul> <p><br><li > <strong>Code Page 437 - MS-DOS Latin US</strong> <p><br><li > <strong>Code Page 737 - Windows '95 Greek</strong> @@ -960,10 +960,10 @@ codes. Shift-JIS to JUNET code with different shift-in, shift out codes. <p><br><li > <strong>EUC</strong> Convert an incoming Shift-JIS character to EUC code. <p><br><li > <strong>HEX</strong> Convert an incoming Shift-JIS character to a 3 byte hex -representation, ie. <code>:AB</code>. +representation, i.e. <code>:AB</code>. <p><br><li > <strong>CAP</strong> Convert an incoming Shift-JIS character to the 3 byte hex -representation used by the Columbia Appletalk Program (CAP), -ie. <code>:AB</code>. This is used for compatibility between Samba and CAP. +representation used by the Columbia AppleTalk Program (CAP), +i.e. <code>:AB</code>. This is used for compatibility between Samba and CAP. <p><br></ul> <p><br><a name="comment"></a> <li><strong><strong>comment (S)</strong></strong> @@ -1005,7 +1005,7 @@ in the configuration file than the service doing the copying. <p><br><a name="createmask"></a> <li><strong><strong>create mask (S)</strong></strong> <p><br>A synonym for this parameter is <a href="smb.conf.5.html#createmode"><strong>'create mode'</strong></a>. -<p><br>When a file is created, the neccessary permissions are calculated +<p><br>When a file is created, the necessary permissions are calculated according to the mapping from DOS modes to UNIX permissions, and the resulting UNIX mode is then bit-wise 'AND'ed with this parameter. This parameter may be thought of as a bit-wise MASK for the UNIX modes @@ -1123,7 +1123,7 @@ you want. delete any files and directories within the vetoed directory. This can be useful for integration with file serving systems such as <strong>NetAtalk</strong>, which create meta-files within directories you might normally veto -DOS/Windows users from seeing (eg. <code>.AppleDouble</code>) +DOS/Windows users from seeing (e.g. <code>.AppleDouble</code>) <p><br>Setting <code>'delete veto files = True'</code> allows these directories to be transparently deleted when the parent directory is deleted (so long as the user has permissions to do so). @@ -1161,7 +1161,7 @@ second should be the number of available blocks. An optional third return value can give the block size in bytes. The default blocksize is 1024 bytes. <p><br>Note: Your script should <em>NOT</em> be setuid or setgid and should be -owned by (and writable only by) root! +owned by (and writeable only by) root! <p><br><strong>Default:</strong> <code> By default internal routines for determining the disk capacity and remaining space will be used.</code> @@ -1192,7 +1192,7 @@ path names on some systems. <li><strong><strong>directory mask (S)</strong></strong> <p><br>This parameter is the octal modes which are used when converting DOS modes to UNIX modes when creating UNIX directories. -<p><br>When a directory is created, the neccessary permissions are calculated +<p><br>When a directory is created, the necessary permissions are calculated according to the mapping from DOS modes to UNIX permissions, and the resulting UNIX mode is then bit-wise 'AND'ed with this parameter. This parameter may be thought of as a bit-wise MASK for the UNIX modes @@ -1203,7 +1203,7 @@ write bits from the UNIX mode, allowing only the user who owns the directory to modify it. <p><br>Following this Samba will bit-wise 'OR' the UNIX mode created from this parameter with the value of the "force directory mode" -parameter. This parameter is set to 000 by default (ie. no extra mode +parameter. This parameter is set to 000 by default (i.e. no extra mode bits are added). <p><br>See the <a href="smb.conf.5.html#forcedirectorymode"><strong>"force directory mode"</strong></a> parameter to cause particular mode bits to always be set on created directories. @@ -1236,7 +1236,7 @@ DNS name lookup requests, as doing a name lookup is a blocking action. <p><br>This is an <strong>EXPERIMENTAL</strong> parameter that is part of the unfinished Samba NT Domain Controller Code. It may be removed in a later release. To work with the latest code builds that may have more support for -Samba NT Domain Controller functionality please subscibe to the +Samba NT Domain Controller functionality please subscribe to the mailing list <strong>Samba-ntdom</strong> available by sending email to <a href="mailto:listproc@samba.anu.edu.au"><em>listproc@samba.anu.edu.au</em></a> <p><br><a name="domainadminusers"></a> @@ -1244,7 +1244,7 @@ mailing list <strong>Samba-ntdom</strong> available by sending email to <p><br>This is an <strong>EXPERIMENTAL</strong> parameter that is part of the unfinished Samba NT Domain Controller Code. It may be removed in a later release. To work with the latest code builds that may have more support for -Samba NT Domain Controller functionality please subscibe to the +Samba NT Domain Controller functionality please subscribe to the mailing list <strong>Samba-ntdom</strong> available by sending email to <a href="mailto:listproc@samba.anu.edu.au"><em>listproc@samba.anu.edu.au</em></a> <p><br><a name="domaincontroller"></a> @@ -1257,7 +1257,7 @@ files. It is left behind for compatibility reasons. <p><br>This is an <strong>EXPERIMENTAL</strong> parameter that is part of the unfinished Samba NT Domain Controller Code. It may be removed in a later release. To work with the latest code builds that may have more support for -Samba NT Domain Controller functionality please subscibe to the +Samba NT Domain Controller functionality please subscribe to the mailing list <strong>Samba-ntdom</strong> available by sending email to <a href="mailto:listproc@samba.anu.edu.au"><em>listproc@samba.anu.edu.au</em></a> <p><br><a name="domainguestgroup"></a> @@ -1265,7 +1265,7 @@ mailing list <strong>Samba-ntdom</strong> available by sending email to <p><br>This is an <strong>EXPERIMENTAL</strong> parameter that is part of the unfinished Samba NT Domain Controller Code. It may be removed in a later release. To work with the latest code builds that may have more support for -Samba NT Domain Controller functionality please subscibe to the +Samba NT Domain Controller functionality please subscribe to the mailing list <strong>Samba-ntdom</strong> available by sending email to <a href="mailto:listproc@samba.anu.edu.au"><em>listproc@samba.anu.edu.au</em></a> <p><br><a name="domainguestusers"></a> @@ -1273,7 +1273,7 @@ mailing list <strong>Samba-ntdom</strong> available by sending email to <p><br>This is an <strong>EXPERIMENTAL</strong> parameter that is part of the unfinished Samba NT Domain Controller Code. It may be removed in a later release. To work with the latest code builds that may have more support for -Samba NT Domain Controller functionality please subscibe to the +Samba NT Domain Controller functionality please subscribe to the mailing list <strong>Samba-ntdom</strong> available by sending email to <a href="mailto:listproc@samba.anu.edu.au"><em>listproc@samba.anu.edu.au</em></a> <p><br><a name="domainlogons"></a> @@ -1284,7 +1284,7 @@ details on setting up this feature see the file DOMAINS.txt in the Samba documentation directory <code>docs/</code> shipped with the source code. <p><br>Note that Win95/98 Domain logons are <em>NOT</em> the same as Windows NT Domain logons. NT Domain logons require a Primary Domain Controller -(PDC) for the Domain. It is inteded that in a future release Samba +(PDC) for the Domain. It is intended that in a future release Samba will be able to provide this functionality for Windows NT clients also. <p><br><strong>Default:</strong> @@ -1292,7 +1292,7 @@ also. <p><br><a name="domainmaster"></a> <li><strong><strong>domain master (G)</strong></strong> <p><br>Tell <a href="nmbd.8.html"><strong>nmbd</strong></a> to enable WAN-wide browse list -collation.Setting this option causes <a href="nmbd.8.html"><strong>nmbd</strong></a> to +collation. Setting this option causes <a href="nmbd.8.html"><strong>nmbd</strong></a> to claim a special domain specific NetBIOS name that identifies it as a domain master browser for its given <a href="smb.conf.5.html#workgroup"><strong>workgroup</strong></a>. Local master browsers in the same @@ -1305,7 +1305,7 @@ list, instead of just the list for their broadcast-isolated subnet. <p><br>Note that Windows NT Primary Domain Controllers expect to be able to claim this <a href="smb.conf.5.html#workgroup"><strong>workgroup</strong></a> specific special NetBIOS name that identifies them as domain master browsers for that -<a href="smb.conf.5.html#workgroup"><strong>workgroup</strong></a> by default (ie. there is no way to +<a href="smb.conf.5.html#workgroup"><strong>workgroup</strong></a> by default (i.e. there is no way to prevent a Windows NT PDC from attempting to do this). This means that if this parameter is set and <a href="nmbd.8.html"><strong>nmbd</strong></a> claims the special name for a <a href="smb.conf.5.html#workgroup"><strong>workgroup</strong></a> before a Windows NT @@ -1315,7 +1315,7 @@ and may fail. <code> domain master = no</code> <p><br><a name="dontdescend"></a> <li><strong><strong>dont descend (S)</strong></strong> -<p><br>There are certain directories on some systems (eg., the <code>/proc</code> tree +<p><br>There are certain directories on some systems (e.g., the <code>/proc</code> tree under Linux) that are either not of interest to clients or are infinitely deep (recursive). This parameter allows you to specify a comma-delimited list of directories that the server should always show @@ -1329,7 +1329,7 @@ just <code>"/proc"</code>. Experimentation is the best policy :-) <code> dont descend = /proc,/dev</code> <p><br><a name="dosfiletimeresolution"></a> <li><strong><strong>dos filetime resolution (S)</strong></strong> -<p><br>Under the DOS and Windows FAT filesystem, the finest granulatity on +<p><br>Under the DOS and Windows FAT filesystem, the finest granularity on time resolution is two seconds. Setting this parameter for a share causes Samba to round the reported time down to the nearest two second boundary when a query call that requires one second resolution is made @@ -1355,7 +1355,7 @@ the timestamp on it. Under POSIX semantics, only the owner of the file or root may change the timestamp. By default, Samba runs with POSIX semantics and refuses to change the timestamp on a file if the user smbd is acting on behalf of is not the file owner. Setting this option -to True allows DOS semantics and smbd will change the file timstamp as +to True allows DOS semantics and smbd will change the file timestamp as DOS requires. <p><br><strong>Default:</strong> <code> dos filetimes = False</code> @@ -1435,16 +1435,16 @@ same time you can get data corruption. Use this option carefully! particular share. Setting this parameter to <em>"No"</em> prevents any file or directory that is a symbolic link from being followed (the user will get an error). This option is very useful to stop users from -adding a symbolic link to <code>/etc/pasword</code> in their home directory for +adding a symbolic link to <code>/etc/passwd</code> in their home directory for instance. However it will slow filename lookups down slightly. -<p><br>This option is enabled (ie. <a href="smbd.8.html"><strong>smbd</strong></a> will follow +<p><br>This option is enabled (i.e. <a href="smbd.8.html"><strong>smbd</strong></a> will follow symbolic links) by default. <p><br><a name="forcecreatemode"></a> <li><strong><strong>force create mode (S)</strong></strong> <p><br>This parameter specifies a set of UNIX mode bit permissions that will <em>*always*</em> be set on a file created by Samba. This is done by bitwise 'OR'ing these bits onto the mode bits of a file that is being -created. The default for this parameter is (in octel) 000. The modes +created. The default for this parameter is (in octal) 000. The modes in this parameter are bitwise 'OR'ed onto the file mode after the mask set in the <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a> parameter is applied. <p><br>See also the parameter <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a> for details @@ -1461,7 +1461,7 @@ the 'user'. <p><br>This parameter specifies a set of UNIX mode bit permissions that will <em>*always*</em> be set on a directory created by Samba. This is done by bitwise 'OR'ing these bits onto the mode bits of a directory that is -being created. The default for this parameter is (in octel) 0000 which +being created. The default for this parameter is (in octal) 0000 which will not add any extra permission bits to a created directory. This operation is done after the mode mask in the parameter <a href="smb.conf.5.html#directorymask"><strong>"directory mask"</strong></a> is applied. @@ -1516,7 +1516,7 @@ Windows NT but this can be changed to other strings such as "Samba" or <code> fstype = Samba</code> <p><br><a name="getwdcache"></a> <li><strong><strong>getwd cache (G)</strong></strong> -<p><br>This is a tuning option. When this is enabled a cacheing algorithm +<p><br>This is a tuning option. When this is enabled a caching algorithm will be used to reduce the time taken for getwd() calls. This can have a significant impact on performance, especially when the <a href="smb.conf.5.html#widelinks"><strong>widelinks</strong></a> parameter is set to False. @@ -1584,8 +1584,8 @@ directories that match. <p><br>Each entry in the list must be separated by a <code>'/'</code>, which allows spaces to be included in the entry. <code>'*'</code> and <code>'?'</code> can be used to specify multiple files or directories as in DOS wildcards. -<p><br>Each entry must be a unix path, not a DOS path and must not include the -unix directory separator <code>'/'</code>. +<p><br>Each entry must be a Unix path, not a DOS path and must not include the +Unix directory separator <code>'/'</code>. <p><br>Note that the case sensitivity option is applicable in hiding files. <p><br>Setting this parameter will affect the performance of Samba, as it will be forced to check all files and directories for a match as they @@ -1719,7 +1719,7 @@ parameter allows the use of them to be turned on or off. <p><br>Kernel oplocks support allows Samba <a href="smb.conf.5.html#oplocks"><strong>oplocks</strong></a> to be broken whenever a local UNIX process or NFS operation accesses a file that <a href="smbd.8.html"><strong>smbd</strong></a> has oplocked. This allows complete -data consistancy between SMB/CIFS, NFS and local file access (and is a +data consistency between SMB/CIFS, NFS and local file access (and is a <em>very</em> cool feature :-). <p><br>This parameter defaults to <em>"On"</em> on systems that have the support, and <em>"off"</em> on systems that don't. You should never need to touch @@ -1832,7 +1832,7 @@ will be loaded for browsing by default. See the <a href="smb.conf.5.html#printers"><strong>"printers"</strong></a> section for more details. <p><br><strong>Default:</strong> <code> load printers = yes</code> -<p><br>bg(Example:) +<p><br><strong>Example:</strong> <code> load printers = no</code> <p><br><a name="localmaster"></a> <li><strong><strong>local master (G)</strong></strong> @@ -1926,14 +1926,14 @@ preferences and directories to be loaded onto the Windows 95/98 client. The share must be writeable when the logs in for the first time, in order that the Windows 95/98 client can create the user.dat and other directories. -<p><br>Thereafter, the directories and any of contents can, if required, be -made read-only. It is not adviseable that the USER.DAT file be made +<p><br>Thereafter, the directories and any of the contents can, if required, be +made read-only. It is not advisable that the USER.DAT file be made read-only - rename it to USER.MAN to achieve the desired effect (a <em>MAN</em>datory profile). <p><br>Windows clients can sometimes maintain a connection to the [homes] share, even though there is no user logged in. Therefore, it is vital that the logon path does not include a reference to the homes share -(i.e setting this parameter to <code>\\%N\HOMES\profile_path</code> will cause +(i.e. setting this parameter to <code>\\%N\HOMES\profile_path</code> will cause problems). <p><br>This option takes the standard substitutions, allowing you to have separate logon scripts for each user or machine. @@ -1956,7 +1956,7 @@ file that will be downloaded is: <p><br><code>/usr/local/samba/netlogon/STARTUP.BAT</code> <p><br>The contents of the batch file is entirely your choice. A suggested command would be to add <code>NET TIME \\SERVER /SET /YES</code>, to force every -machine to synchronise clocks with the same time server. Another use +machine to synchronize clocks with the same time server. Another use would be to add <code>NET USE U: \\SERVER\UTILS</code> for commonly used utilities, or <code>NET USE Q: \\SERVER\ISO9001_QA</code> for example. <p><br>Note that it is particularly important not to allow write access to @@ -2010,7 +2010,7 @@ the <strong>lpq</strong> command in use. previous identical <strong>lpq</strong> command will be used if the cached data is less than 10 seconds old. A large value may be advisable if your <strong>lpq</strong> command is very slow. -<p><br>A value of 0 will disable cacheing completely. +<p><br>A value of 0 will disable caching completely. <p><br>See also the <a href="smb.conf.5.html#printing"><strong>"printing"</strong></a> parameter. <p><br><strong>Default:</strong> <code> lpq cache time = 10</code> @@ -2135,8 +2135,8 @@ end. <p><br>See the section on <a href="smb.conf.5.html#NAMEMANGLING"><strong>"NAME MANGLING"</strong></a>. <p><br><a name="mangledmap"></a> <li><strong><strong>mangled map (S)</strong></strong> -<p><br>This is for those who want to directly map UNIX file names which are -not representable on Windows/DOS. The mangling of names is not always +<p><br>This is for those who want to directly map UNIX file names which can +not be represented on Windows/DOS. The mangling of names is not always what is needed. In particular you may have documents with file extensions that differ between DOS and UNIX. For example, under UNIX it is common to use <code>".html"</code> for HTML files, whereas under @@ -2144,7 +2144,7 @@ Windows/DOS <code>".htm"</code> is more commonly used. <p><br>So to map <code>"html"</code> to <code>"htm"</code> you would use: <p><br><code> mangled map = (*.html *.htm)</code> <p><br>One very useful case is to remove the annoying <code>";1"</code> off the ends -of filenames on some CDROMS (only visible under some UNIXes). To do +of filenames on some CDROMS (only visible under some UNIXs). To do this use a map of (*;1 *). <p><br><strong>default:</strong> <code> no mangled map</code> @@ -2233,7 +2233,7 @@ becoming executable under UNIX. This can be quite annoying for shared source code, documents, etc... <p><br>Note that this requires the <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a> parameter to be set such that owner execute bit is not masked out -(ie. it must include 100). See the parameter <a href="smb.conf.5.html#createmask"><strong>"create +(i.e. it must include 100). See the parameter <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a> for details. <p><br><strong>Default:</strong> <code> map archive = yes</code> @@ -2244,7 +2244,7 @@ mask"</strong></a> for details. <p><br>This controls whether DOS style hidden files should be mapped to the UNIX world execute bit. <p><br>Note that this requires the <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a> to be -set such that the world execute bit is not masked out (ie. it must +set such that the world execute bit is not masked out (i.e. it must include 001). See the parameter <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a> for details. <p><br><strong>Default:</strong> @@ -2256,7 +2256,7 @@ for details. <p><br>This controls whether DOS style system files should be mapped to the UNIX group execute bit. <p><br>Note that this requires the <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a> to be -set such that the group execute bit is not masked out (ie. it must +set such that the group execute bit is not masked out (i.e. it must include 010). See the parameter <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a> for details. <p><br><strong>Default:</strong> @@ -2266,7 +2266,7 @@ for details. <p><br><a name="maptoguest"></a> <li><strong><strong>map to guest (G)</strong></strong> <p><br>This parameter is only useful in <a href="smb.conf.5.html#security"><strong>security</strong></a> modes -other than <a href="smb.conf.5.html#securityequalshare"><strong>"security=share"</strong></a> - ie. user, +other than <a href="smb.conf.5.html#securityequalshare"><strong>"security=share"</strong></a> - i.e. user, server, and domain. <p><br>This parameter can take three different values, which tell <a href="smbd.8.html"><strong>smbd</strong></a> what to do with user login requests that @@ -2282,7 +2282,7 @@ account"</strong></a>. <p><br><li > <strong>"Bad Password"</strong> - Means user logins with an invalid password are treated as a guest login and mapped into the <a href="smb.conf.5.html#guestaccount"><strong>"guest account"</strong></a>. Note that this can -cause problems as it means that any user mistyping their +cause problems as it means that any user incorrectly typing their password will be silently logged on a <strong>"guest"</strong> - and will not know the reason they cannot access files they think they should - there will have been no message given to them @@ -2358,7 +2358,7 @@ never need to set this parameter. <p><br>This parameter limits the maximum number of open files that one <a href="smbd.8.html"><strong>smbd</strong></a> file serving process may have open for a client at any one time. The default for this parameter is set -very high (10,000) as Samba uses only one bit per un-opened file. +very high (10,000) as Samba uses only one bit per unopened file. <p><br>The limit of the number of open files is usually set by the UNIX per-process file descriptor limit rather than this parameter so you should never need to touch this parameter. @@ -2542,7 +2542,7 @@ system and the Samba server with this option must also be a <code> nis homedir = true</code> <p><br><a name="ntpipesupport"></a> <li><strong><strong>nt pipe support (G)</strong></strong> -<p><br>This boolean parameter controlls whether <a href="smbd.8.html"><strong>smbd</strong></a> +<p><br>This boolean parameter controls whether <a href="smbd.8.html"><strong>smbd</strong></a> will allow Windows NT clients to connect to the NT SMB specific <code>IPC$</code> pipes. This is a developer debugging option and can be left alone. @@ -2550,7 +2550,7 @@ alone. <code> nt pipe support = yes</code> <p><br><a name="ntsmbsupport"></a> <li><strong><strong>nt smb support (G)</strong></strong> -<p><br>This boolean parameter controlls whether <a href="smbd.8.html"><strong>smbd</strong></a> +<p><br>This boolean parameter controls whether <a href="smbd.8.html"><strong>smbd</strong></a> will negotiate NT specific SMB support with Windows NT clients. Although this is a developer debugging option and should be left alone, benchmarking has discovered that Windows NT clients give @@ -2607,14 +2607,14 @@ of the user. <li><strong><strong>oplocks (S)</strong></strong> <p><br>This boolean option tells smbd whether to issue oplocks (opportunistic locks) to file open requests on this share. The oplock code can -dramatically (approx 30% or more) improve the speed of access to files -on Samba servers. It allows the clients to agressively cache files +dramatically (approx. 30% or more) improve the speed of access to files +on Samba servers. It allows the clients to aggressively cache files locally and you may want to disable this option for unreliable network environments (it is turned on by default in Windows NT Servers). For more information see the file Speed.txt in the Samba docs/ directory. <p><br>Oplocks may be selectively turned off on certain files on a per share basis. -See the 'veto oplock files' parameter. On some systems oplocks are recognised -by the underlying operating system. This allows data synchronisation between +See the 'veto oplock files' parameter. On some systems oplocks are recognized +by the underlying operating system. This allows data synchronization between all access to oplocked files, whether it be via Samba or NFS or a local UNIX process. See the <a href="smb.conf.5.html#kerneloplocks"><strong>kernel oplocks</strong></a> parameter for details. @@ -2645,7 +2645,7 @@ old <strong>smb.conf</strong> files. <p><br>This is a Samba developer option that allows a system command to be called when either <a href="smbd.8.html"><strong>smbd</strong></a> or <a href="nmbd.8.html"><strong>nmbd</strong></a> crashes. This is usually used to draw -attention to the fact that a problem occured. +attention to the fact that a problem occurred. <p><br><strong>Default:</strong> <code> panic action = <empty string></code> <p><br><a name="passwdchat"></a> @@ -2710,7 +2710,7 @@ program"</strong></a>. <li><strong><strong>passwd program (G)</strong></strong> <p><br>The name of a program that can be used to set UNIX user passwords. Any occurrences of <a href="smb.conf.5.html#percentu"><strong>%u</strong></a> will be replaced with the -user name. The user name is checked for existance before calling the +user name. The user name is checked for existence before calling the password changing program. <p><br>Also note that many passwd programs insist in <em>"reasonable"</em> passwords, such as a minimum length, or the inclusion of mixed case @@ -2719,7 +2719,7 @@ Windows for Workgroups) uppercase the password before sending it. <p><br><em>Note</em> that if the <a href="smb.conf.5.html#unixpasswordsync"><strong>"unix password sync"</strong></a> parameter is set to <code>"True"</code> then this program is called <em>*AS ROOT*</em> before the SMB password in the -<a href="smbpasswd.5.html"><strong>smbpassswd</strong></a> file is changed. If this UNIX +<a href="smbpasswd.5.html"><strong>smbpasswd</strong></a> file is changed. If this UNIX password change fails, then <a href="smbd.8.html"><strong>smbd</strong></a> will fail to change the SMB password also (this is by design). <p><br>If the <a href="smb.conf.5.html#unixpasswordsync"><strong>"unix password sync"</strong></a> parameter is @@ -2789,8 +2789,8 @@ better restrict them with hosts allow! <p><br>If the <a href="smb.conf.5.html#security"><strong>"security"</strong></a> parameter is set to <strong>"domain"</strong>, then the list of machines in this option must be a list of Primary or Backup Domain controllers for the -<a href="smb.conf.5.html#workgroup"><strong>Domain</strong></a>, as the Samba server is cryptographically -in that domain, and will use crpytographically authenticated RPC calls +<a href="smb.conf.5.html#workgroup"><strong>Domain</strong></a>, as the Samba server is cryptographicly +in that domain, and will use cryptographicly authenticated RPC calls to authenticate the user logging on. The advantage of using <a href="smb.conf.5.html#securityequaldomain"><strong>"security=domain"</strong></a> is that if you list several hosts in the <strong>"password server"</strong> option then @@ -2827,7 +2827,7 @@ is to be given access. In the case of printable services, this is where print data will spool prior to being submitted to the host for printing. <p><br>For a printable service offering guest access, the service should be -readonly and the path should be world-writable and have the sticky bit +readonly and the path should be world-writeable and have the sticky bit set. This is not mandatory of course, but you probably won't get the results you expect if you do otherwise. <p><br>Any occurrences of <a href="smb.conf.5.html#percentu"><strong>%u</strong></a> in the path will be replaced @@ -2948,11 +2948,11 @@ have its own print command specified. <p><br>If there is neither a specified print command for a printable service nor a global print command, spool files will be created but not processed and (most importantly) not removed. -<p><br>Note that printing may fail on some UNIXes from the <code>"nobody"</code> +<p><br>Note that printing may fail on some UNIXs from the <code>"nobody"</code> account. If this happens then create an alternative guest account that can print and set the <a href="smb.conf.5.html#guestaccount"><strong>"guest account"</strong></a> in the <a href="smb.conf.5.html#global"><strong>"[global]"</strong></a> section. -<p><br>You can form quite complex print commands by realising that they are +<p><br>You can form quite complex print commands by realizing that they are just passed to a shell. For example the following will log a print job, print the file, then remove it. Note that <code>';'</code> is the usual separator for command in shell scripts. @@ -3144,7 +3144,7 @@ command as the PATH may not be available to the server. <li><strong><strong>queueresume command (S)</strong></strong> <p><br>This parameter specifies the command to be executed on the server host in order to resume the printerqueue. It is the command to undo the -behaviour that is caused by the previous parameter +behavior that is caused by the previous parameter (<a href="smb.conf.5.html#queuepausecommand"><strong>"queuepause command</strong></a>). <p><br>This command should be a program or script which takes a printer name as its only parameter and resumes the printerqueue, such that queued @@ -3182,8 +3182,8 @@ the <a href="smb.conf.5.html#invalidusers"><strong>"invalid users"</strong></a> <p><br><a name="readonly"></a> <li><strong><strong>read only (S)</strong></strong> <p><br>Note that this is an inverted synonym for -<a href="smb.conf.5.html#writable"><strong>"writable"</strong></a> and <a href="smb.conf.5.html#writeok"><strong>"write ok"</strong></a>. -<p><br>See also <a href="smb.conf.5.html#writable"><strong>"writable"</strong></a> and <a href="smb.conf.5.html#writeok"><strong>"write +<a href="smb.conf.5.html#writeable"><strong>"writeable"</strong></a> and <a href="smb.conf.5.html#writeok"><strong>"write ok"</strong></a>. +<p><br>See also <a href="smb.conf.5.html#writeable"><strong>"writeable"</strong></a> and <a href="smb.conf.5.html#writeok"><strong>"write ok"</strong></a>. <p><br><a name="readprediction"></a> <li><strong><strong>read prediction (G)</strong></strong> @@ -3256,7 +3256,7 @@ browse masters if your network config is that stable. <p><br><a name="remotebrowsesync"></a> <li><strong><strong>remote browse sync (G)</strong></strong> <p><br>This option allows you to setup <a href="nmbd.8.html"><strong>nmbd</strong></a> to -periodically request synchronisation of browse lists with the master +periodically request synchronization of browse lists with the master browser of a samba server that is on a remote segment. This option will allow you to gain browse lists for multiple workgroups across routed networks. This is done in a manner that does not work with any @@ -3268,7 +3268,7 @@ send IP packets to. <p><br>For example: <p><br><code> remote browse sync = 192.168.2.255 192.168.4.255</code> <p><br>the above line would cause <a href="nmbd.8.html"><strong>nmbd</strong></a> to request the -master browser on the specified subnets or addresses to synchronise +master browser on the specified subnets or addresses to synchronize their browse lists with the local server. <p><br>The IP addresses you choose would normally be the broadcast addresses of the remote networks, but can also be the IP addresses of known @@ -3304,7 +3304,7 @@ automatic access as the same username. <p><br>Synonym for <a href="smb.conf.5.html#rootdirectory"><strong>"root directory"</strong></a>. <p><br><a name="rootdirectory"></a> <li><strong><strong>root directory (G)</strong></strong> -<p><br>The server will <code>"chroot()"</code> (ie. Change it's root directory) to +<p><br>The server will <code>"chroot()"</code> (i.e. Change it's root directory) to this directory on startup. This is not strictly necessary for secure operation. Even without it the server will deny access to files not in one of the service entries. It may also check for, and deny access to, @@ -3335,7 +3335,7 @@ filesystems (such as cdroms) after a connection is closed. <li><strong><strong>root preexec (S)</strong></strong> <p><br>This is the same as the <a href="smb.conf.5.html#preexec"><strong>"preexec"</strong></a> parameter except that the command is run as root. This is useful for mounting -filesystems (such as cdroms) before a connection is finalised. +filesystems (such as cdroms) before a connection is finalized. <p><br>See also <a href="smb.conf.5.html#preexec"><strong>"preexec"</strong></a>. <p><br><a name="security"></a> <li><strong><strong>security (G)</strong></strong> @@ -3356,7 +3356,7 @@ PREVIOUS VERSIONS OF SAMBA *******</em>. <p><br>In previous versions of Samba the default was <a href="smb.conf.5.html#securityequalshare"><strong>"security=share"</strong></a> mainly because that was the only option at one stage. -<p><br>There is a bug in WfWg that has relevence to this setting. When in +<p><br>There is a bug in WfWg that has relevance to this setting. When in user or server level security a WfWg client will totally ignore the password you type in the "connect drive" dialog box. This makes it very difficult (if not impossible) to connect to a Samba service as @@ -3371,7 +3371,7 @@ shares). This is commonly used for a shared printer server. It is more difficult to setup guest shares with <a href="smb.conf.5.html#securityequaluser"><strong>security=user</strong></a>, see the <a href="smb.conf.5.html#maptoguest"><strong>"map to guest"</strong></a>parameter for details. -<p><br>It is possible to use <a href="smbd.8.html"><strong>smbd</strong></a> in a <em>"hybred +<p><br>It is possible to use <a href="smbd.8.html"><strong>smbd</strong></a> in a <em>"hybrid mode"</em> where it is offers both user and share level security under different <a href="smb.conf.5.html#netbiosaliases"><strong>NetBIOS aliases</strong></a>. See the <a href="smb.conf.5.html#netbiosaliases"><strong>NetBIOS aliases</strong></a> and the @@ -3436,7 +3436,7 @@ be used in this security mode. Parameters such as are then applied and may change the UNIX user to use on this connection, but only after the user has been successfully authenticated. -<p><br><em>Note</em> that the the name of the resource being requested is +<p><br><em>Note</em> that the name of the resource being requested is <em>*not*</em> sent to the server until after the server has successfully authenticated the client. This is why guest shares don't work in user level security without allowing the server to automatically map unknown @@ -3458,7 +3458,7 @@ directory ENCRYPTION.txt for details on how to set this up. the same as <a href="smb.conf.5.html#securityequaluser"><strong>"security=user"</strong></a>. It only affects how the server deals with the authentication, it does not in any way affect what the client sees. -<p><br><em>Note</em> that the the name of the resource being requested is +<p><br><em>Note</em> that the name of the resource being requested is <em>*not*</em> sent to the server until after the server has successfully authenticated the client. This is why guest shares don't work in server level security without allowing the server to automatically map unknown @@ -3485,7 +3485,7 @@ UNIX account to map file access to. the same as <a href="smb.conf.5.html#securityequaluser"><strong>"security=user"</strong></a>. It only affects how the server deals with the authentication, it does not in any way affect what the client sees. -<p><br><em>Note</em> that the the name of the resource being requested is +<p><br><em>Note</em> that the name of the resource being requested is <em>*not*</em> sent to the server until after the server has successfully authenticated the client. This is why guest shares don't work in domain level security without allowing the server to automatically map unknown @@ -3497,7 +3497,7 @@ doing this. set usernames. The communication with a Domain Controller must be done in UNICODE and Samba currently does not widen multi-byte user names to UNICODE correctly, thus a multi-byte -username will not be recognised correctly at the Domain Controller. +username will not be recognized correctly at the Domain Controller. This issue will be addressed in a future release. <p><br>See also the section <a href="smb.conf.5.html#NOTEABOUTUSERNAMEPASSWORDVALIDATION"><strong>"NOTE ABOUT USERNAME/PASSWORD VALIDATION"</strong></a>. @@ -3533,7 +3533,7 @@ client. See the Pathworks documentation for details. <code> set directory = yes</code> <p><br><a name="sharemodes"></a> <li><strong><strong>share modes (S)</strong></strong> -<p><br>This enables or disables the honouring of the <code>"share modes"</code> during a +<p><br>This enables or disables the honoring of the <code>"share modes"</code> during a file open. These modes are used by clients to gain exclusive read or write access to a file. <p><br>These open modes are not directly supported by UNIX, so they are @@ -3611,9 +3611,9 @@ experiment and choose them yourself. We strongly suggest you read the appropriate documentation for your operating system first (perhaps <strong>"man setsockopt"</strong> will help). <p><br>You may find that on some systems Samba will say "Unknown socket -option" when you supply an option. This means you either mis-typed it -or you need to add an include file to includes.h for your OS. If the -latter is the case please send the patch to +option" when you supply an option. This means you either incorrectly +typed it or you need to add an include file to includes.h for your OS. +If the latter is the case please send the patch to <a href="mailto:samba-bugs@samba.anu.edu.au"><em>samba-bugs@samba.anu.edu.au</em></a>. <p><br>Any of the supported socket options may be combined in any way you like, as long as your OS allows it. @@ -3673,7 +3673,7 @@ option <code>"--with-ssl"</code> was given at configure time. <p><br><em>Note</em> that for export control reasons this code is <em>**NOT**</em> enabled by default in any current binary version of Samba. <p><br>This variable defines where to look up the Certification -Autorities. The given directory should contain one file for each CA +Authorities. The given directory should contain one file for each CA that samba will trust. The file name must be the hash value over the "Distinguished Name" of the CA. How this directory is set up is explained later in this document. All files within the directory that @@ -3692,7 +3692,7 @@ enabled by default in any current binary version of Samba. certificates of the trusted CAs are collected in one big file and this variable points to the file. You will probably only use one of the two ways to define your CAs. The first choice is preferable if you have -many CAs or want to be flexible, the second is perferable if you only +many CAs or want to be flexible, the second is preferable if you only have one CA and want to keep things simple (you won't need to create the hashed file names). You don't need this variable if you don't verify client certificates. @@ -3868,7 +3868,7 @@ change this parameter. <p><br><strong>Default:</strong> status = yes <p><br><a name="strictlocking"></a> -dir(<strong>strict locking (S)</strong>) +<li><strong><strong>strict locking (S)</strong></strong> <p><br>This is a boolean that controls the handling of file locking in the server. When this is set to <code>"yes"</code> the server will check every read and write access for file locks, and deny access if locks exist. This can @@ -3888,7 +3888,7 @@ preferable. seem to confuse flushing buffer contents to disk with doing a sync to disk. Under UNIX, a sync call forces the process to be suspended until the kernel has ensured that all outstanding data in kernel disk -buffers has been safely stored onto stable storate. This is very slow +buffers has been safely stored onto stable storage. This is very slow and should only be done rarely. Setting this parameter to "no" (the default) means that smbd ignores the Windows applications requests for a sync call. There is only a possibility of losing data if the @@ -3923,16 +3923,16 @@ set to <code>"yes"</code> in order for this parameter to have any affect. <p><br>See also the <a href="smb.conf.5.html#strictsync"><strong>"strict sync"</strong></a> parameter. <p><br><strong>Default:</strong> <code> sync always = no</code> -<p><br><strong>xample:</strong> +<p><br><strong>Example:</strong> <code> sync always = yes</code> <p><br><a name="syslog"></a> <li><strong><strong>syslog (G)</strong></strong> <p><br>This parameter maps how Samba debug messages are logged onto the system syslog logging levels. Samba debug level zero maps onto syslog LOG_ERR, debug level one maps onto LOG_WARNING, debug level two maps -to LOG_NOTICE, debug level three maps onto LOG_INFO. The paramter +to LOG_NOTICE, debug level three maps onto LOG_INFO. The parameter sets the threshold for doing the mapping, all Samba debug messages -above this threashold are mapped to syslog LOG_DEBUG messages. +above this threshold are mapped to syslog LOG_DEBUG messages. <p><br><strong>Default:</strong> <code> syslog = 1</code> <p><br><a name="syslogonly"></a> @@ -3969,7 +3969,7 @@ parameter allows the timestamping to be turned off. <code> timestamp logs = False</code> <p><br><a name="unixpasswordsync"></a> <li><strong><strong>unix password sync (G)</strong></strong> -<p><br>This boolean parameter controlls whether Samba attempts to synchronise +<p><br>This boolean parameter controls whether Samba attempts to synchronize the UNIX password with the SMB password when the encrypted SMB password in the smbpasswd file is changed. If this is set to true the program specified in the <a href="smb.conf.5.html#passwdprogram"><strong>"passwd program"</strong></a> @@ -4095,7 +4095,7 @@ as many DOS clients send an all-uppercase username. By default Samba tries all lowercase, followed by the username with the first letter capitalized, and fails if the username is not found on the UNIX machine. -<p><br>If this parameter is set to non-zero the behaviour changes. This +<p><br>If this parameter is set to non-zero the behavior changes. This parameter is a number that specifies the number of uppercase combinations to try whilst trying to determine the UNIX user name. The higher the number the more combinations will be tried, but the slower @@ -4107,7 +4107,7 @@ strange usernames on your UNIX machine, such as <code>"AstrangeUser"</code>. <code> username level = 5</code> <p><br><a name="usernamemap"></a> <li><strong><strong>username map (G)</strong></strong> -<p><br>This option allows you to to specify a file containing a mapping of +<p><br>This option allows you to specify a file containing a mapping of usernames from the clients to the server. This can be used for several purposes. The most common is to map usernames that users use on DOS or Windows machines to those that the UNIX box uses. The other is to map @@ -4206,13 +4206,13 @@ overwritten. <pre> Samba defaults to using a reasonable set of valid characters - for english systems + for English systems </pre> <p><br><strong>Example</strong> <code> valid chars = 0345:0305 0366:0326 0344:0304</code> -<p><br>The above example allows filenames to have the swedish characters in +<p><br>The above example allows filenames to have the Swedish characters in them. <p><br>NOTE: It is actually quite difficult to correctly produce a <strong>"valid chars"</strong> line for a particular system. To automate the process @@ -4354,32 +4354,16 @@ network. <p><br><a name="workgroup"></a> <li><strong><strong>workgroup (G)</strong></strong> <p><br>This controls what workgroup your server will appear to be in when -queried by clients. Note that this parameter also controlls the Domain +queried by clients. Note that this parameter also controls the Domain name used with the <a href="smb.conf.5.html#securityequaldomain"><strong>"security=domain"</strong></a> setting. <p><br><strong>Default:</strong> <code> set at compile time to WORKGROUP</code> -<p><br>.B Example: +<p><br><strong>Example:</strong> workgroup = MYGROUP <p><br><a name="writable"></a> <li><strong><strong>writable (S)</strong></strong> -<p><br>An inverted synonym is <a href="smb.conf.5.html#readonly"><strong>"read only"</strong></a>. -<p><br>If this parameter is <code>"no"</code>, then users of a service may not create -or modify files in the service's directory. -<p><br>Note that a printable service <a href="smb.conf.5.html#printable"><strong>("printable = yes")</strong></a> -will <em>*ALWAYS*</em> allow writing to the directory (user privileges -permitting), but only via spooling operations. -<p><br><strong>Default:</strong> -<code> writable = no</code> -<p><br><strong>Examples:</strong> -<pre> - - read only = no - writable = yes - write ok = yes - -</pre> - +<p><br>Synonym for <a href="smb.conf.5.html#writeable"><strong>"writeable"</strong></a> for people who can't spell :-). <p><br><a name="writelist"></a> <li><strong><strong>write list (S)</strong></strong> <p><br>This is a list of users that are given read-write access to a @@ -4396,7 +4380,7 @@ they will be given write access. <code> write list = admin, root, @staff</code> <p><br><a name="writeok"></a> <li><strong><strong>write ok (S)</strong></strong> -<p><br>Synonym for <a href="smb.conf.5.html#writable"><strong>writable</strong></a>. +<p><br>Synonym for <a href="smb.conf.5.html#writeable"><strong>writeable</strong></a>. <p><br><a name="writeraw"></a> <li><strong><strong>write raw (G)</strong></strong> <p><br>This parameter controls whether or not the server will support raw @@ -4406,7 +4390,23 @@ need to change this parameter. <code> write raw = yes</code> <p><br><a name="writeable"></a> <li><strong><strong>writeable</strong></strong> -<p><br>Synonym for <a href="smb.conf.5.html#writable"><strong>"writable"</strong></a> for people who can't spell :-). +<p><br>An inverted synonym is <a href="smb.conf.5.html#readonly"><strong>"read only"</strong></a>. +<p><br>If this parameter is <code>"no"</code>, then users of a service may not create +or modify files in the service's directory. +<p><br>Note that a printable service <a href="smb.conf.5.html#printable"><strong>("printable = yes")</strong></a> +will <em>*ALWAYS*</em> allow writing to the directory (user privileges +permitting), but only via spooling operations. +<p><br><strong>Default:</strong> +<code> writeable = no</code> +<p><br><strong>Examples:</strong> +<pre> + + read only = no + writeable = yes + write ok = yes + +</pre> + <p><br><a name="WARNINGS"></a> <h2>WARNINGS</h2> |