summaryrefslogtreecommitdiff
path: root/docs/htmldocs/smbd.8.html
diff options
context:
space:
mode:
Diffstat (limited to 'docs/htmldocs/smbd.8.html')
-rw-r--r--docs/htmldocs/smbd.8.html376
1 files changed, 376 insertions, 0 deletions
diff --git a/docs/htmldocs/smbd.8.html b/docs/htmldocs/smbd.8.html
new file mode 100644
index 0000000000..819fc39445
--- /dev/null
+++ b/docs/htmldocs/smbd.8.html
@@ -0,0 +1,376 @@
+
+
+
+
+
+<html><head><title>smbd</title>
+
+<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
+</head>
+<body>
+
+<hr>
+
+<h1>smbd</h1>
+<h2>Samba</h2>
+<h2>23 Oct 1998</h2>
+
+
+
+
+<p><br><a name="NAME"></a>
+<h2>NAME</h2>
+ smbd - server to provide SMB/CIFS services to clients
+<p><br><a name="SYNOPSIS"></a>
+<h2>SYNOPSIS</h2>
+
+<p><br><strong>smbd</strong> [<a href="smbd.8.html#minusD">-D</a>] [<a href="smbd.8.html#minusa">-a</a>] [<a href="smbd.8.html#minuso">-o</a>] [<a href="smbd.8.html#minusd">-d debuglevel</a>] [<a href="smbd.8.html#minusl">-l log file</a>] [<a href="smbd.8.html#minusp">-p port number</a>] [<a href="smbd.8.html#minusO">-O socket options</a>] [<a href="smbd.8.html#minuss">-s configuration file</a>] [<a href="smbd.8.html#minusi">-i scope</a>] [<a href="smbd.8.html#minusP">-P</a>] [<a href="smbd.8.html#minush">-h</a>]
+<p><br><a name="DESCRIPTION"></a>
+<h2>DESCRIPTION</h2>
+
+<p><br>This program is part of the <strong>Samba</strong> suite.
+<p><br><strong>smbd</strong> is the server daemon that provides filesharing services to
+Windows clients. The server provides filespace and printer services to
+clients using the SMB (or CIFS) protocol. This is compatible with the
+LanManager protocol, and can service LanManager clients. These
+include MSCLIENT 3.0 for DOS, Windows for Workgroups, Windows 95,
+Windows NT, OS/2, DAVE for Macintosh, and smbfs for Linux.
+<p><br>An extensive description of the services that the server can provide
+is given in the man page for the configuration file controlling the
+attributes of those services (see <strong>smb.conf (5)</strong>). This man page
+will not describe the services, but will concentrate on the
+administrative aspects of running the server.
+<p><br>Please note that there are significant security implications to
+running this server, and the <strong>smb.conf (5)</strong> manpage should be
+regarded as mandatory reading before proceeding with installation.
+<p><br>A session is created whenever a client requests one. Each client gets
+a copy of the server for each session. This copy then services all
+connections made by the client during that session. When all
+connections from its client are are closed, the copy of the server for
+that client terminates.
+<p><br>The configuration file, and any files that it includes, are
+automatically reloaded every minute, if they change. You can force a
+reload by sending a SIGHUP to the server. Reloading the configuration
+file will not affect connections to any service that is already
+established. Either the user will have to disconnect from the
+service, or smbd killed and restarted.
+<p><br><a name="OPTIONS"></a>
+<h2>OPTIONS</h2>
+
+<p><br><ul>
+<p><br><a name="minusD"></a>
+<li><strong><strong>-D</strong></strong> If specified, this parameter causes the server to operate as a
+daemon. That is, it detaches itself and runs in the background,
+fielding requests on the appropriate port. Operating the server as a
+daemon is the recommended way of running smbd for servers that provide
+more than casual use file and print services.
+<p><br>By default, the server will NOT operate as a daemon.
+<p><br><a name="minusa"></a>
+<li><strong><strong>-a</strong></strong> If this parameter is specified, each new connection will
+append log messages to the log file. This is the default.
+<p><br><a name="minuso"></a>
+<li><strong><strong>-o</strong></strong> If this parameter is specified, the log files will be
+overwritten when opened. By default, the log files will be appended
+to.
+<p><br><a name="minusd"></a>
+<li><strong><strong>-d debuglevel</strong></strong> debuglevel is an integer from 0 to 10.
+<p><br>The default value if this parameter is not specified is zero.
+<p><br>The higher this value, the more detail will be logged to the log files
+about the activities of the server. At level 0, only critical errors
+and serious warnings will be logged. Level 1 is a reasonable level for
+day to day running - it generates a small amount of information about
+operations carried out.
+<p><br>Levels above 1 will generate considerable amounts of log data, and
+should only be used when investigating a problem. Levels above 3 are
+designed for use only by developers and generate HUGE amounts of log
+data, most of which is extremely cryptic.
+<p><br>Note that specifying this parameter here will override the <a href="smb.conf.5.html#loglevel"><strong>log
+level</strong></a> parameter in the <a href="smb.conf.5.html"><strong>smb.conf
+(5)</strong></a> file.
+<p><br><a name="minusl"></a>
+<li><strong><strong>-l log file</strong></strong> If specified, <em>log file</em> specifies
+a log filename into which informational and debug messages from the
+running server will be logged. The log file generated is never removed
+by the server although its size may be controlled by the <a href="smb.conf.5.html#maxlogsize"><strong>max
+log size</strong></a> option in the <a href="smb.conf.5.html"><strong>smb.conf
+(5)</strong></a> file. The default log file name is specified
+at compile time.
+<p><br><a name="minusO"></a>
+<li><strong><strong>-O socket options</strong></strong> See the <a href="smb.conf.5.html#socketoptions"><strong>socket
+options</strong></a> parameter in the
+<a href="smb.conf.5.html"><strong>smb.conf (5)</strong></a> file for details.
+<p><br><a name="minusp"></a>
+<li><strong><strong>-p port number</strong></strong> port number is a positive integer value. The
+default value if this parameter is not specified is 139.
+<p><br>This number is the port number that will be used when making
+connections to the server from client software. The standard
+(well-known) port number for the SMB over TCP is 139, hence the
+default. If you wish to run the server as an ordinary user rather than
+as root, most systems will require you to use a port number greater
+than 1024 - ask your system administrator for help if you are in this
+situation.
+<p><br>In order for the server to be useful by most clients, should you
+configure it on a port other than 139, you will require port
+redirection services on port 139, details of which are outlined in
+rfc1002.txt section 4.3.5.
+<p><br>This parameter is not normally specified except in the above
+situation.
+<p><br><a name="minuss"></a>
+<li><strong><strong>-s configuration file</strong></strong> The default configuration file name is
+determined at compile time.
+<p><br>The file specified contains the configuration details required by the
+server. The information in this file includes server-specific
+information such as what printcap file to use, as well as descriptions
+of all the services that the server is to provide. See <strong>smb.conf
+(5)</strong> for more information.
+<p><br><a name="minusi"></a>
+<li><strong><strong>-i scope</strong></strong> This specifies a NetBIOS scope that the server will use
+to communicate with when generating NetBIOS names. For details on the
+use of NetBIOS scopes, see rfc1001.txt and rfc1002.txt. NetBIOS scopes
+are <em>very</em> rarely used, only set this parameter if you are the
+system administrator in charge of all the NetBIOS systems you
+communicate with.
+<p><br><a name="minush"></a>
+<li><strong><strong>-h</strong></strong> Prints the help information (usage) for smbd.
+<p><br><a name="minusP"></a>
+<li><strong><strong>-P</strong></strong> Passive option. Causes smbd not to send any network traffic
+out. Used for debugging by the developers only.
+<p><br></ul>
+<p><br><a name="FILES"></a>
+<h2>FILES</h2>
+
+<p><br><strong>/etc/inetd.conf</strong>
+<p><br>If the server is to be run by the inetd meta-daemon, this file must
+contain suitable startup information for the meta-daemon. See the
+section <em>INSTALLATION</em> below.
+<p><br><strong>/etc/rc</strong>
+<p><br>(or whatever initialisation script your system uses).
+<p><br>If running the server as a daemon at startup, this file will need to
+contain an appropriate startup sequence for the server. See the
+section <em>INSTALLATION</em> below.
+<p><br><strong>/etc/services</strong>
+<p><br>If running the server via the meta-daemon inetd, this file must
+contain a mapping of service name (eg., netbios-ssn) to service port
+(eg., 139) and protocol type (eg., tcp). See the section
+<em>INSTALLATION</em> below.
+<p><br><strong>/usr/local/samba/lib/smb.conf</strong>
+<p><br>This is the default location of the <em>smb.conf</em> server configuration
+file. Other common places that systems install this file are
+<em>/usr/samba/lib/smb.conf</em> and <em>/etc/smb.conf</em>.
+<p><br>This file describes all the services the server is to make available
+to clients. See <strong>smb.conf (5)</strong> for more information.
+<p><br><a name="LIMITATIONS"></a>
+<h2>LIMITATIONS</h2>
+
+<p><br>On some systems <strong>smbd</strong> cannot change uid back to root after a
+setuid() call. Such systems are called "trapdoor" uid systems. If you
+have such a system, you will be unable to connect from a client (such
+as a PC) as two different users at once. Attempts to connect the
+second user will result in "access denied" or similar.
+<p><br><a name="ENVIRONMENTVARIABLES"></a>
+<h2>ENVIRONMENT VARIABLES</h2>
+
+<p><br><strong>PRINTER</strong>
+<p><br>If no printer name is specified to printable services, most systems
+will use the value of this variable (or "lp" if this variable is not
+defined) as the name of the printer to use. This is not specific to
+the server, however.
+<p><br><a name="INSTALLATION"></a>
+<h2>INSTALLATION</h2>
+
+<p><br>The location of the server and its support files is a matter for
+individual system administrators. The following are thus suggestions
+only.
+<p><br>It is recommended that the server software be installed under the
+/usr/local/samba hierarchy, in a directory readable by all, writeable
+only by root. The server program itself should be executable by all,
+as users may wish to run the server themselves (in which case it will
+of course run with their privileges). The server should NOT be
+setuid. On some systems it may be worthwhile to make smbd setgid to an
+empty group. This is because some systems may have a security hole
+where daemon processes that become a user can be attached to with a
+debugger. Making the smbd file setgid to an empty group may prevent
+this hole from being exploited. This security hole and the suggested
+fix has only been confirmed on old versions (pre-kernel 2.0) of Linux
+at the time this was written. It is possible that this hole only
+exists in Linux, as testing on other systems has thus far shown them
+to be immune.
+<p><br>The server log files should be put in a directory readable and
+writable only by root, as the log files may contain sensitive
+information.
+<p><br>The configuration file should be placed in a directory readable and
+writable only by root, as the configuration file controls security for
+the services offered by the server. The configuration file can be made
+readable by all if desired, but this is not necessary for correct
+operation of the server and is not recommended. A sample configuration
+file "smb.conf.sample" is supplied with the source to the server -
+this may be renamed to "smb.conf" and modified to suit your needs.
+<p><br>The remaining notes will assume the following:
+<p><br><ul>
+<p><br><li > <strong>smbd</strong> (the server program) installed in /usr/local/samba/bin
+<p><br><li > <strong>smb.conf</strong> (the configuration file) installed in /usr/local/samba/lib
+<p><br><li > log files stored in /var/adm/smblogs
+<p><br></ul>
+<p><br>The server may be run either as a daemon by users or at startup, or it
+may be run from a meta-daemon such as inetd upon request. If run as a
+daemon, the server will always be ready, so starting sessions will be
+faster. If run from a meta-daemon some memory will be saved and
+utilities such as the tcpd TCP-wrapper may be used for extra security.
+For serious use as file server it is recommended that <strong>smbd</strong> be run
+as a daemon.
+<p><br>When you've decided, continue with either <em>RUNNING THE SERVER AS A
+DAEMON</em> or <em>RUNNING THE SERVER ON REQUEST</em>.
+<p><br><a name="RUNNINGTHESERVERASADAEMON"></a>
+<h2>RUNNING THE SERVER AS A DAEMON</h2>
+
+<p><br>To run the server as a daemon from the command line, simply put the
+<a href="smbd.8.html#minusD"><strong>-D</strong></a> option on the command line. There is no need to place an
+ampersand at the end of the command line - the <a href="smbd.8.html#minusD"><strong>-D</strong></a> option causes
+the server to detach itself from the tty anyway.
+<p><br>Any user can run the server as a daemon (execute permissions
+permitting, of course). This is useful for testing purposes, and may
+even be useful as a temporary substitute for something like ftp. When
+run this way, however, the server will only have the privileges of the
+user who ran it.
+<p><br>To ensure that the server is run as a daemon whenever the machine is
+started, and to ensure that it runs as root so that it can serve
+multiple clients, you will need to modify the system startup
+files. Wherever appropriate (for example, in /etc/rc), insert the
+following line, substituting port number, log file location,
+configuration file location and debug level as desired:
+<p><br><code>/usr/local/samba/bin/smbd -D -l /var/adm/smblogs/log -s /usr/local/samba/lib/smb.conf</code>
+<p><br>(The above should appear in your initialisation script as a single line.
+Depending on your terminal characteristics, it may not appear that way in
+this man page. If the above appears as more than one line, please treat any
+newlines or indentation as a single space or TAB character.)
+<p><br>If the options used at compile time are appropriate for your system,
+all parameters except the desired debug level and <a href="smbd.8.html#minusD"><strong>-D</strong></a> may be
+omitted. See the section <em>OPTIONS</em> above.
+<p><br><a name="RUNNINGTHESERVERONREQUEST"></a>
+<h2>RUNNING THE SERVER ON REQUEST</h2>
+
+<p><br>If your system uses a meta-daemon such as inetd, you can arrange to
+have the smbd server started whenever a process attempts to connect to
+it. This requires several changes to the startup files on the host
+machine. If you are experimenting as an ordinary user rather than as
+root, you will need the assistance of your system administrator to
+modify the system files.
+<p><br>You will probably want to set up the NetBIOS name server <a href="nmbd.8.html"><strong>nmbd</strong></a> at
+the same time as <strong>smbd</strong>. To do this refer to the man page for
+<a href="nmbd.8.html"><strong>nmbd (8)</strong></a>.
+<p><br>First, ensure that a port is configured in the file /etc/services. The
+well-known port 139 should be used if possible, though any port may be
+used.
+<p><br>Ensure that a line similar to the following is in /etc/services:
+<p><br><code>netbios-ssn 139/tcp</code>
+<p><br>Note for NIS/YP users - you may need to rebuild the NIS service maps
+rather than alter your local /etc/services file.
+<p><br>Next, put a suitable line in the file /etc/inetd.conf (in the unlikely
+event that you are using a meta-daemon other than inetd, you are on
+your own). Note that the first item in this line matches the service
+name in /etc/services. Substitute appropriate values for your system
+in this line (see <strong>inetd (8)</strong>):
+<p><br><code>netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd -d1 -l/var/adm/smblogs/log -s/usr/local/samba/lib/smb.conf</code>
+<p><br>(The above should appear in /etc/inetd.conf as a single
+line. Depending on your terminal characteristics, it may not appear
+that way in this man page. If the above appears as more than one
+line, please treat any newlines or indentation as a single space or
+TAB character.)
+<p><br>Note that there is no need to specify a port number here, even if you
+are using a non-standard port number.
+<p><br>Lastly, edit the configuration file to provide suitable services. To
+start with, the following two services should be all you need:
+<p><br><pre>
+
+
+[homes]
+ writable = yes
+
+[printers]
+ writable = no
+ printable = yes
+ path = /tmp
+ public = yes
+
+
+</pre>
+
+<p><br>This will allow you to connect to your home directory and print to any
+printer supported by the host (user privileges permitting).
+<p><br><a name="TESTINGTHEINSTALLATION"></a>
+<h2>TESTING THE INSTALLATION</h2>
+
+<p><br>If running the server as a daemon, execute it before proceeding. If
+using a meta-daemon, either restart the system or kill and restart the
+meta-daemon. Some versions of inetd will reread their configuration
+tables if they receive a HUP signal.
+<p><br>If your machine's name is "fred" and your name is "mary", you should
+now be able to connect to the service <code>\\fred\mary</code>.
+<p><br>To properly test and experiment with the server, we recommend using
+the smbclient program (see <strong>smbclient (1)</strong>) and also going through
+the steps outlined in the file <em>DIAGNOSIS.txt</em> in the <em>docs/</em>
+directory of your Samba installation.
+<p><br><a name="VERSION"></a>
+<h2>VERSION</h2>
+
+<p><br>This man page is correct for version 2.0 of the Samba suite.
+<p><br><a name="DIAGNOSTICS"></a>
+<h2>DIAGNOSTICS</h2>
+
+<p><br>Most diagnostics issued by the server are logged in a specified log
+file. The log file name is specified at compile time, but may be
+overridden on the command line.
+<p><br>The number and nature of diagnostics available depends on the debug
+level used by the server. If you have problems, set the debug level to
+3 and peruse the log files.
+<p><br>Most messages are reasonably self-explanatory. Unfortunately, at time
+of creation of this man page there are too many diagnostics available
+in the source code to warrant describing each and every diagnostic. At
+this stage your best bet is still to grep the source code and inspect
+the conditions that gave rise to the diagnostics you are seeing.
+<p><br><a name="SIGNALS"></a>
+<h2>SIGNALS</h2>
+
+<p><br>Sending the smbd a SIGHUP will cause it to re-load its smb.conf
+configuration file within a short period of time.
+<p><br>To shut down a users smbd process it is recommended that SIGKILL (-9)
+<em>NOT</em> be used, except as a last resort, as this may leave the shared
+memory area in an inconsistant state. The safe way to terminate an
+smbd is to send it a SIGTERM (-15) signal and wait for it to die on
+its own.
+<p><br>The debug log level of smbd may be raised
+by sending it a SIGUSR1 <code>(kill -USR1 &lt;smbd-pid&gt;)</code> and lowered by
+sending it a SIGUSR2 <code>(kill -USR2 &lt;smbd-pid&gt;)</code>. This is to allow
+transient problems to be diagnosed, whilst still running at a normally
+low log level.
+<p><br>Note that as the signal handlers send a debug write, they are not
+re-entrant in smbd. This you should wait until smbd is in a state of
+waiting for an incoming smb before issuing them. It is possible to
+make the signal handlers safe by un-blocking the signals before the
+select call and re-blocking them after, however this would affect
+performance.
+<p><br><a name="SEEALSO"></a>
+<h2>SEE ALSO</h2>
+
+<p><br><strong>hosts_access (5)</strong>, <strong>inetd (8)</strong>, <a href="nmbd.8.html"><strong>nmbd (8)</strong></a>,
+<a href="smb.conf.5.html"><strong>smb.conf (5)</strong></a>, <a href="smbclient.1.html"><strong>smbclient
+(1)</strong></a>, <a href="testparm.1.html"><strong>testparm (1)</strong></a>,
+<a href="testprns.1.html"><strong>testprns (1)</strong></a>, and the Internet RFC's
+<strong>rfc1001.txt</strong>, <strong>rfc1002.txt</strong>. In addition the CIFS (formerly SMB)
+specification is available as a link from the Web page :
+<a href="http://samba.anu.edu.au/cifs/">http://samba.anu.edu.au/cifs/</a>.
+<p><br><a name="AUTHOR"></a>
+<h2>AUTHOR</h2>
+
+<p><br>The original Samba software and related utilities were created by
+Andrew Tridgell (samba-bugs@samba.anu.edu.au). Samba is now developed
+by the Samba Team as an Open Source project similar to the way the
+Linux kernel is developed.
+<p><br>The original Samba man pages were written by Karl Auer. The man page
+sources were converted to YODL format (another excellent piece of Open
+Source software) and updated for the Samba2.0 release by Jeremy
+Allison, <a href="mailto:samba-bugs@samba.anu.edu.au"><em>samba-bugs@samba.anu.edu.au</em></a>.
+<p><br>See <a href="samba.7.html"><strong>samba (7)</strong></a> to find out how to get a full list of contributors
+and details on how to submit bug reports, comments etc.
+</body>
+</html>