diff options
Diffstat (limited to 'docs/htmldocs/smbd.8.html')
| -rw-r--r-- | docs/htmldocs/smbd.8.html | 1347 | 
1 files changed, 970 insertions, 377 deletions
| diff --git a/docs/htmldocs/smbd.8.html b/docs/htmldocs/smbd.8.html index 766de0853f..be5c02dd72 100644 --- a/docs/htmldocs/smbd.8.html +++ b/docs/htmldocs/smbd.8.html @@ -1,378 +1,971 @@ +<HTML +><HEAD +><TITLE +>smbd</TITLE +><META +NAME="GENERATOR" +CONTENT="Modular DocBook HTML Stylesheet Version 1.57"></HEAD +><BODY +CLASS="REFENTRY" +BGCOLOR="#FFFFFF" +TEXT="#000000" +LINK="#0000FF" +VLINK="#840084" +ALINK="#0000FF" +><H1 +><A +NAME="SMBD" +>smbd</A +></H1 +><DIV +CLASS="REFNAMEDIV" +><A +NAME="AEN5" +></A +><H2 +>Name</H2 +>smbd -- server to provide SMB/CIFS services to clients</DIV +><DIV +CLASS="REFSYNOPSISDIV" +><A +NAME="AEN8" +></A +><H2 +>Synopsis</H2 +><P +><B +CLASS="COMMAND" +>smbd</B +>  [-D] [-a] [-o] [-P] [-h] [-V] [-d <debug level>] [-l <log file>] [-p <port number>] [-O <socket option>] [-s <configuration file>]</P +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN22" +></A +><H2 +>DESCRIPTION</H2 +><P +>This program is part of the Samba suite.</P +><P +><B +CLASS="COMMAND" +>smbd</B +> is the server daemon that  +	provides filesharing and printing services to Windows clients.  +	The server provides filespace and printer services to +	clients using the SMB (or CIFS) protocol. This is compatible  +	with the LanManager protocol, and can service LanManager  +	clients.  These include MSCLIENT 3.0 for DOS, Windows for  +	Workgroups, Windows 95/98/ME, Windows NT, Windows 2000,  +	OS/2, DAVE for Macintosh, and smbfs for Linux.</P +><P +>An extensive description of the services that the  +	server can provide is given in the man page for the  +	configuration file controlling the attributes of those  +	services (see <A +HREF="smb.conf.5.html" +TARGET="_top" +><TT +CLASS="FILENAME" +>smb.conf(5) +	</TT +></A +>.  This man page will not describe the  +	services, but will concentrate on the administrative aspects  +	of running the server.</P +><P +>Please note that there are significant security  +	implications to running this server, and the <A +HREF="smb.conf.5.html" +TARGET="_top" +><TT +CLASS="FILENAME" +>smb.conf(5)</TT +></A +>  +	manpage should be regarded as mandatory reading before  +	proceeding with installation.</P +><P +>A session is created whenever a client requests one.  +	Each client gets a copy of the server for each session. This  +	copy then services all connections made by the client during  +	that session. When all connections from its client are closed,  +	the copy of the server for that client terminates.</P +><P +>The configuration file, and any files that it includes,  +	are automatically reloaded every minute, if they change.  You  +	can force a reload by sending a SIGHUP to the server.  Reloading  +	the configuration file will not affect connections to any service  +	that is already established.  Either the user will have to  +	disconnect from the service, or smbd killed and restarted.</P +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN35" +></A +><H2 +>OPTIONS</H2 +><P +></P +><DIV +CLASS="VARIABLELIST" +><DL +><DT +>-D</DT +><DD +><P +>If specified, this parameter causes  +		the server to operate as a daemon. That is, it detaches  +		itself and runs in the background, fielding requests  +		on the appropriate port. Operating the server as a +		daemon is the recommended way of running smbd for  +		servers that provide more than casual use file and  +		print services.  This switch is assumed is <B +CLASS="COMMAND" +>smbd +		</B +> is executed on the command line of a shell. +		</P +></DD +><DT +>-a</DT +><DD +><P +>If this parameter is specified, each new  +		connection will append log messages to the log file.   +		This is the default.</P +></DD +><DT +>-o</DT +><DD +><P +>If this parameter is specified, the  +		log files will be overwritten when opened.  By default,  +		<B +CLASS="COMMAND" +>smbd</B +> will append entries to the log  +		files.</P +></DD +><DT +>-P</DT +><DD +><P +>Passive option. Causes smbd not to  +		send any network traffic out. Used for debugging by  +		the developers only.</P +></DD +><DT +>-h</DT +><DD +><P +>Prints the help information (usage)  +		for <B +CLASS="COMMAND" +>smbd</B +>.</P +></DD +><DT +>-v</DT +><DD +><P +>Prints the version number for  +		<B +CLASS="COMMAND" +>smbd</B +>.</P +></DD +><DT +>-d <debug level></DT +><DD +><P +>debuglevel is an integer  +		from 0 to 10.  The default value if this parameter is  +		not specified is zero.</P +><P +>The higher this value, the more detail will be  +		logged to the log files about the activities of the  +		server. At level 0, only critical errors and serious  +		warnings will be logged. Level 1 is a reasonable level for +		day to day running - it generates a small amount of  +		information about operations carried out.</P +><P +>Levels above 1 will generate considerable  +		amounts of log data, and should only be used when  +		investigating a problem. Levels above 3 are designed for  +		use only by developers and generate HUGE amounts of log +		data, most of which is extremely cryptic.</P +><P +>Note that specifying this parameter here will  +		override the <A +HREF="smb.conf.5.html#loglevel" +TARGET="_top" +>log +		level</A +> parameter in the <A +HREF="smb.conf.5.html" +TARGET="_top" +>		<TT +CLASS="FILENAME" +>smb.conf(5)</TT +></A +> file.</P +></DD +><DT +>-l <log file></DT +><DD +><P +>If specified, <I +CLASS="EMPHASIS" +>log file</I +>  +		specifies a log filename into which informational and debug  +		messages from the running server will be logged. The log  +		file generated is never removed by the server although  +		its size may be controlled by the <A +HREF="smb.conf.5.html#maxlogsize" +TARGET="_top" +>max log size</A +> +		option in the <A +HREF="smb.conf.5.html" +TARGET="_top" +><TT +CLASS="FILENAME" +>		smb.conf(5)</TT +></A +> file.  The default log  +		file name is specified at compile time.</P +></DD +><DT +>-O <socket options></DT +><DD +><P +>See the <A +HREF="smb.conf.5.html#socketoptions" +TARGET="_top" +>socket options</A +>  +		parameter in the <A +HREF="smb.conf.5.html" +TARGET="_top" +><TT +CLASS="FILENAME" +>smb.conf(5) +		</TT +></A +> file for details.</P +></DD +><DT +>-p <port number></DT +><DD +><P +>port number is a positive integer  +		value.  The default value if this parameter is not  +		specified is 139.</P +><P +>This number is the port number that will be  +		used when making connections to the server from client  +		software. The standard (well-known) port number for the  +		SMB over TCP is 139, hence the default. If you wish to  +		run the server as an ordinary user rather than +		as root, most systems will require you to use a port  +		number greater than 1024 - ask your system administrator  +		for help if you are in this situation.</P +><P +>In order for the server to be useful by most  +		clients, should you configure it on a port other  +		than 139, you will require port redirection services  +		on port 139, details of which are outlined in rfc1002.txt  +		section 4.3.5.</P +><P +>This parameter is not normally specified except  +		in the above situation.</P +></DD +><DT +>-s <configuration file></DT +><DD +><P +>The file specified contains the  +		configuration details required by the server.  The  +		information in this file includes server-specific +		information such as what printcap file to use, as well  +		as descriptions of all the services that the server is  +		to provide. See <A +HREF="smb.conf.5.html" +TARGET="_top" +><TT +CLASS="FILENAME" +>		smb.conf(5)</TT +></A +> for more information. +		The default configuration file name is determined at  +		compile time.</P +></DD +></DL +></DIV +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN104" +></A +><H2 +>FILES</H2 +><P +></P +><DIV +CLASS="VARIABLELIST" +><DL +><DT +><TT +CLASS="FILENAME" +>/etc/inetd.conf</TT +></DT +><DD +><P +>If the server is to be run by the  +		<B +CLASS="COMMAND" +>inetd</B +> meta-daemon, this file  +		must contain suitable startup information for the  +		meta-daemon. See the section INSTALLATION below. +		</P +></DD +><DT +><TT +CLASS="FILENAME" +>/etc/rc</TT +></DT +><DD +><P +>or whatever initialization script your  +		system uses).</P +><P +>If running the server as a daemon at startup,  +		this file will need to contain an appropriate startup  +		sequence for the server. See the section INSTALLATION  +		below.</P +></DD +><DT +><TT +CLASS="FILENAME" +>/etc/services</TT +></DT +><DD +><P +>If running the server via the  +		meta-daemon <B +CLASS="COMMAND" +>inetd</B +>, this file  +		must contain a mapping of service name (e.g., netbios-ssn)  +		to service port (e.g., 139) and protocol type (e.g., tcp).  +		See the section INSTALLATION below.</P +></DD +><DT +><TT +CLASS="FILENAME" +>/usr/local/samba/lib/smb.conf</TT +></DT +><DD +><P +>This is the default location of the  +		<A +HREF="smb.conf.5.html" +TARGET="_top" +><TT +CLASS="FILENAME" +>smb.conf</TT +></A +> +		server configuration file. Other common places that systems  +		install this file are <TT +CLASS="FILENAME" +>/usr/samba/lib/smb.conf</TT +>  +		and <TT +CLASS="FILENAME" +>/etc/smb.conf</TT +>.</P +><P +>This file describes all the services the server  +		is to make available to clients. See <A +HREF="smb.conf.5.html" +TARGET="_top" +>		<TT +CLASS="FILENAME" +>smb.conf(5)</TT +></A +>  for more information.</P +></DD +></DL +></DIV +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN137" +></A +><H2 +>LIMITATIONS</H2 +><P +>On some systems <B +CLASS="COMMAND" +>smbd</B +> cannot change uid back  +	to root after a setuid() call.  Such systems are called  +	"trapdoor" uid systems. If you have such a system,  +	you will be unable to connect from a client (such as a PC) as  +	two different users at once. Attempts to connect the +	second user will result in "access denied" or  +	similar.</P +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN141" +></A +><H2 +>ENVIRONMENTVARIABLES</H2 +><P +></P +><DIV +CLASS="VARIABLELIST" +><DL +><DT +>PRINTER</DT +><DD +><P +>If no printer name is specified to  +		printable services, most systems will use the value of  +		this variable (or "lp" if this variable is  +		not defined) as the name of the printer to use. This  +		is not specific to the server, however.</P +></DD +></DL +></DIV +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN148" +></A +><H2 +>INSTALLATION</H2 +><P +>The location of the server and its support files  +	is a matter for individual system administrators. The following  +	are thus suggestions only.</P +><P +>It is recommended that the server software be installed  +	under the <TT +CLASS="FILENAME" +>/usr/local/samba/</TT +> hierarchy,  +	in a directory readable by all, writeable only by root. The server  +	program itself should be executable by all, as users may wish to  +	run the server themselves (in which case it will of course run  +	with their privileges).  The server should NOT be setuid. On some  +	systems it may be worthwhile to make smbd setgid to an empty group.  +	This is because some systems may have a security hole where daemon  +	processes that become a user can be attached to with a debugger.  +	Making the smbd file setgid to an empty group may prevent +	this hole from being exploited. This security hole and the suggested +	fix has only been confirmed on old versions (pre-kernel 2.0) of Linux +	at the time this was written. It is possible that this hole only +	exists in Linux, as testing on other systems has thus far shown them +	to be immune.</P +><P +>The server log files should be put in a directory readable and +	writeable only by root, as the log files may contain sensitive +	information.</P +><P +>The configuration file should be placed in a directory  +	readable and writeable only by root, as the configuration file  +	controls security for the services offered by the server. The  +	configuration file can be made readable by all if desired, but  +	this is not necessary for correct operation of the server and is  +	not recommended. A sample configuration file <TT +CLASS="FILENAME" +>smb.conf.sample +	</TT +> is supplied with the source to the server - this may  +	be renamed to <TT +CLASS="FILENAME" +>smb.conf</TT +> and modified to suit  +	your needs.</P +><P +>The remaining notes will assume the following:</P +><P +></P +><UL +><LI +><P +><B +CLASS="COMMAND" +>smbd</B +> (the server program)  +		installed in <TT +CLASS="FILENAME" +>/usr/local/samba/bin</TT +></P +></LI +><LI +><P +><TT +CLASS="FILENAME" +>smb.conf</TT +> (the configuration  +		file) installed in <TT +CLASS="FILENAME" +>/usr/local/samba/lib</TT +></P +></LI +><LI +><P +>log files stored in <TT +CLASS="FILENAME" +>/var/adm/smblogs +		</TT +></P +></LI +></UL +><P +>The server may be run either as a daemon by users  +	or at startup, or it may be run from a meta-daemon such as  +	<B +CLASS="COMMAND" +>inetd</B +> upon request. If run as a daemon,  +	the server will always be ready, so starting sessions will be +	faster. If run from a meta-daemon some memory will be saved and +	utilities such as the tcpd TCP-wrapper may be used for extra  +	security.  For serious use as file server it is recommended  +	that <B +CLASS="COMMAND" +>smbd</B +> be run as a daemon.</P +><P +>When you've decided, continue with either</P +><P +></P +><UL +><LI +><P +>RUNNING THE SERVER AS A DAEMON or</P +></LI +><LI +><P +>RUNNING THE SERVER ON REQUEST.</P +></LI +></UL +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN179" +></A +><H2 +>RUNNING THE SERVER AS A DAEMON</H2 +><P +>To run the server as a daemon from the command  +	line, simply put the <I +CLASS="EMPHASIS" +>-D</I +> option on the  +	command line. There is no need to place an ampersand at  +	the end of the command line - the <I +CLASS="EMPHASIS" +>-D</I +>  +	option causes the server to detach itself from the tty  +	anyway.</P +><P +>Any user can run the server as a daemon (execute  +	permissions permitting, of course). This is useful for  +	testing purposes, and may even be useful as a temporary  +	substitute for something like ftp. When run this way, however,  +	the server will only have the privileges of the user who ran  +	it.</P +><P +>To ensure that the server is run as a daemon whenever  +	the machine is started, and to ensure that it runs as root  +	so that it can serve multiple clients, you will need to modify  +	the system startup files. Wherever appropriate (for example, in  +	<TT +CLASS="FILENAME" +>/etc/rc</TT +>), insert the following line,  +	substituting port number, log file location, configuration file  +	location and debug level as desired:</P +><P +><B +CLASS="COMMAND" +>/usr/local/samba/bin/smbd -D -l /var/adm/smblogs/log  +	-s /usr/local/samba/lib/smb.conf</B +></P +><P +>(The above should appear in your initialization script  +	as a single line.  Depending on your terminal characteristics,  +	it may not appear that way in this man page. If the above appears  +	as more than one line, please treat any newlines or indentation  +	as a single space or TAB character.)</P +><P +>If the options used at compile time are appropriate for  +	your system, all parameters except <I +CLASS="EMPHASIS" +>-D</I +> may  +	be omitted. See the section OPTIONS above.</P +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN192" +></A +><H2 +>RUNNING THE SERVER ON REQUEST</H2 +><P +>If your system uses a meta-daemon such as <B +CLASS="COMMAND" +>inetd +	</B +>, you can arrange to have the smbd server started  +	whenever a process attempts to connect to it. This requires several  +	changes to the startup files on the host machine. If you are  +	experimenting as an ordinary user rather than as root, you will  +	need the assistance of your system administrator to modify the  +	system files.</P +><P +>You will probably want to set up the NetBIOS name server  +	<A +HREF="nmbd.8.html" +TARGET="_top" +><B +CLASS="COMMAND" +>nmbd</B +></A +> at +	the same time as <B +CLASS="COMMAND" +>smbd</B +>. To do this refer to the  +	man page for <A +HREF="nmbd.8.html" +TARGET="_top" +><B +CLASS="COMMAND" +>nmbd(8)</B +> +	</A +>.</P +><P +>First, ensure that a port is configured in the file  +	<TT +CLASS="FILENAME" +>/etc/services</TT +>. The well-known port 139  +	should be used if possible, though any port may be used.</P +><P +>Ensure that a line similar to the following is in  +	<TT +CLASS="FILENAME" +>/etc/services</TT +>:</P +><P +><B +CLASS="COMMAND" +>netbios-ssn	139/tcp</B +></P +><P +>Note for NIS/YP users - you may need to rebuild the  +	NIS service maps rather than alter your local <TT +CLASS="FILENAME" +>/etc/services +	</TT +> file.</P +><P +>Next, put a suitable line in the file <TT +CLASS="FILENAME" +>/etc/inetd.conf +	</TT +> (in the unlikely event that you are using a meta-daemon  +	other than inetd, you are on your own). Note that the first item  +	in this line matches the service name in <TT +CLASS="FILENAME" +>/etc/services +	</TT +>.  Substitute appropriate values for your system +	in this line (see <B +CLASS="COMMAND" +>inetd(8)</B +>):</P +><P +><B +CLASS="COMMAND" +>netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd  +	-d1 -l/var/adm/smblogs/log -s/usr/local/samba/lib/smb.conf</B +></P +><P +>(The above should appear in <TT +CLASS="FILENAME" +>/etc/inetd.conf</TT +>  +	as a single line. Depending on your terminal characteristics, it may  +	not appear that way in this man page.  If the above appears as more  +	than one line, please treat any newlines or indentation as a single  +	space or TAB character.)</P +><P +>Note that there is no need to specify a port number here,  +	even if you are using a non-standard port number.</P +><P +>Lastly, edit the configuration file to provide suitable  +	services. To start with, the following two services should be  +	all you need:</P +><PRE +CLASS="SCREEN" +>	<TT +CLASS="COMPUTEROUTPUT" +>	[homes] +		writeable = yes - -  - - - -<html><head><title>smbd (8)</title> - -<link rev="made" href="mailto:samba@samba.org"> -</head> -<body> - -<hr> - -<h1>smbd (8)</h1> -<h2>Samba</h2> -<h2>23 Oct 1998</h2> - - -     -<p><a name="NAME"></a> -<h2>NAME</h2> -    smbd - server to provide SMB/CIFS services to clients -<p><a name="SYNOPSIS"></a> -<h2>SYNOPSIS</h2> -     -<p><strong>smbd</strong> [<a href="smbd.8.html#minusD">-D</a>] [<a href="smbd.8.html#minusa">-a</a>] [<a href="smbd.8.html#minuso">-o</a>] [<a href="smbd.8.html#minusP">-P</a>] [<a href="smbd.8.html#minush">-h</a>] [<a href="smbd.8.html#minusV">-V</a>] [<a href="smbd.8.html#minusd">-d debuglevel</a>] [<a href="smbd.8.html#minusl">-l log file</a>] [<a href="smbd.8.html#minusp">-p port number</a>] [<a href="smbd.8.html#minusO">-O socket options</a>] [<a href="smbd.8.html#minuss">-s configuration file</a>] -<p><a name="DESCRIPTION"></a> -<h2>DESCRIPTION</h2> -     -<p>This program is part of the <strong>Samba</strong> suite. -<p><strong>smbd</strong> is the server daemon that provides filesharing and printing -services to -Windows clients. The server provides filespace and printer services to -clients using the SMB (or CIFS) protocol. This is compatible with the -LanManager protocol, and can service LanManager clients.  These -include MSCLIENT 3.0 for DOS, Windows for Workgroups, Windows 95, -Windows NT, OS/2, DAVE for Macintosh, and smbfs for Linux. -<p>An extensive description of the services that the server can provide -is given in the man page for the configuration file controlling the -attributes of those services (see  -<a href="smb.conf.5.html"><strong>smb.conf (5)</strong></a>.  This man page -will not describe the services, but will concentrate on the -administrative aspects of running the server. -<p>Please note that there are significant security implications to -running this server, and the  -<a href="smb.conf.5.html"><strong>smb.conf (5)</strong></a> manpage should be -regarded as mandatory reading before proceeding with installation. -<p>A session is created whenever a client requests one. Each client gets -a copy of the server for each session. This copy then services all -connections made by the client during that session. When all -connections from its client are closed, the copy of the server for -that client terminates. -<p>The configuration file, and any files that it includes, are -automatically reloaded every minute, if they change.  You can force a -reload by sending a SIGHUP to the server.  Reloading the configuration -file will not affect connections to any service that is already -established.  Either the user will have to disconnect from the -service, or smbd killed and restarted. -<p><a name="OPTIONS"></a> -<h2>OPTIONS</h2> -     -<p><dl> -<p><a name="minusD"></a> -<p></p><dt><strong><strong>-D</strong></strong><dd> If specified, this parameter causes the server to operate as a -daemon. That is, it detaches itself and runs in the background, -fielding requests on the appropriate port. Operating the server as a -daemon is the recommended way of running smbd for servers that provide -more than casual use file and print services. -<p>By default, the server will NOT operate as a daemon.  -<p><a name="minusa"></a> -<p></p><dt><strong><strong>-a</strong></strong><dd> If this parameter is specified, each new connection will -append log messages to the log file.  This is the default. -<p><a name="minuso"></a> -<p></p><dt><strong><strong>-o</strong></strong><dd> If this parameter is specified, the log files will be -overwritten when opened.  By default, the log files will be appended -to. -<p><a name="minusP"></a> -<p></p><dt><strong><strong>-P</strong></strong><dd> Passive option. Causes smbd not to send any network traffic -out. Used for debugging by the developers only. -<p><a name="minush"></a> -<p></p><dt><strong><strong>-h</strong></strong><dd> Prints the help information (usage) for <strong>smbd</strong>. -<p><a name="minusV"></a> -<p></p><dt><strong><strong>-V</strong></strong><dd> Prints the version number for <strong>smbd</strong>. -<p><a name="minusd"></a> -<p></p><dt><strong><strong>-d debuglevel</strong></strong><dd> debuglevel is an integer from 0 to 10. -<p>The default value if this parameter is not specified is zero. -<p>The higher this value, the more detail will be logged to the log files -about the activities of the server. At level 0, only critical errors -and serious warnings will be logged. Level 1 is a reasonable level for -day to day running - it generates a small amount of information about -operations carried out. -<p>Levels above 1 will generate considerable amounts of log data, and -should only be used when investigating a problem. Levels above 3 are -designed for use only by developers and generate HUGE amounts of log -data, most of which is extremely cryptic. -<p>Note that specifying this parameter here will override the <a href="smb.conf.5.html#loglevel"><strong>log -level</strong></a> parameter in the <a href="smb.conf.5.html"><strong>smb.conf -(5)</strong></a> file. -<p><a name="minusl"></a>  -<p></p><dt><strong><strong>-l log file</strong></strong><dd> If specified, <em>log file</em> specifies -a log filename into which informational and debug messages from the -running server will be logged. The log file generated is never removed -by the server although its size may be controlled by the <a href="smb.conf.5.html#maxlogsize"><strong>max -log size</strong></a> option in the <a href="smb.conf.5.html"><strong>smb.conf -(5)</strong></a> file.  The default log file name is specified -at compile time. -<p><a name="minusO"></a> -<p></p><dt><strong><strong>-O socket options</strong></strong><dd> See the <a href="smb.conf.5.html#socketoptions"><strong>socket -options</strong></a> parameter in the -<a href="smb.conf.5.html"><strong>smb.conf (5)</strong></a> file for details. -<p><a name="minusp"></a> -<p></p><dt><strong><strong>-p port number</strong></strong><dd> port number is a positive integer value.  The -default value if this parameter is not specified is 139. -<p>This number is the port number that will be used when making -connections to the server from client software. The standard -(well-known) port number for the SMB over TCP is 139, hence the -default. If you wish to run the server as an ordinary user rather than -as root, most systems will require you to use a port number greater -than 1024 - ask your system administrator for help if you are in this -situation. -<p>In order for the server to be useful by most clients, should you -configure it on a port other than 139, you will require port -redirection services on port 139, details of which are outlined in -rfc1002.txt section 4.3.5. -<p>This parameter is not normally specified except in the above -situation. -<p><a name="minuss"></a> -<p></p><dt><strong><strong>-s configuration file</strong></strong><dd> -The file specified contains the configuration details required by the -server.  The information in this file includes server-specific -information such as what printcap file to use, as well as descriptions -of all the services that the server is to provide. See <strong>smb.conf -(5)</strong> for more information. -The default configuration file name is determined at compile time. -<p></dl> -<p><a name="FILES"></a> -<h2>FILES</h2> -     -<p><strong>/etc/inetd.conf</strong> -<p>If the server is to be run by the inetd meta-daemon, this file must -contain suitable startup information for the meta-daemon. See the -section <a href="smbd.8.html#INSTALLATION">INSTALLATION</a> below. -<p><strong>/etc/rc</strong> -<p>(or whatever initialization script your system uses). -<p>If running the server as a daemon at startup, this file will need to -contain an appropriate startup sequence for the server. See the -section <a href="smbd.8.html#INSTALLATION">INSTALLATION</a> below. -<p><strong>/etc/services</strong> -<p>If running the server via the meta-daemon inetd, this file must -contain a mapping of service name (e.g., netbios-ssn) to service port -(e.g., 139) and protocol type (e.g., tcp). See the section -<a href="smbd.8.html#INSTALLATION">INSTALLATION</a> below. -<p><strong>/usr/local/samba/lib/smb.conf</strong> -<p>This is the default location of the <em>smb.conf</em> server configuration -file. Other common places that systems install this file are -<em>/usr/samba/lib/smb.conf</em> and <em>/etc/smb.conf</em>. -<p>This file describes all the services the server is to make available -to clients. See <a href="smb.conf.5.html"><strong>smb.conf (5)</strong></a> for more information. -<p><a name="LIMITATIONS"></a> -<h2>LIMITATIONS</h2> -     -<p>On some systems <strong>smbd</strong> cannot change uid back to root after a -setuid() call.  Such systems are called "trapdoor" uid systems. If you -have such a system, you will be unable to connect from a client (such -as a PC) as two different users at once. Attempts to connect the -second user will result in "access denied" or similar. -<p><a name="ENVIRONMENTVARIABLES"></a> -<h2>ENVIRONMENT VARIABLES</h2> -     -<p><strong>PRINTER</strong> -<p>If no printer name is specified to printable services, most systems -will use the value of this variable (or "lp" if this variable is not -defined) as the name of the printer to use. This is not specific to -the server, however. -<p><a name="INSTALLATION"></a> -<h2>INSTALLATION</h2> -     -<p>The location of the server and its support files is a matter for -individual system administrators. The following are thus suggestions -only. -<p>It is recommended that the server software be installed under the -/usr/local/samba hierarchy, in a directory readable by all, writeable -only by root. The server program itself should be executable by all, -as users may wish to run the server themselves (in which case it will -of course run with their privileges).  The server should NOT be -setuid. On some systems it may be worthwhile to make smbd setgid to an -empty group. This is because some systems may have a security hole -where daemon processes that become a user can be attached to with a -debugger. Making the smbd file setgid to an empty group may prevent -this hole from being exploited. This security hole and the suggested -fix has only been confirmed on old versions (pre-kernel 2.0) of Linux -at the time this was written. It is possible that this hole only -exists in Linux, as testing on other systems has thus far shown them -to be immune. -<p>The server log files should be put in a directory readable and -writeable only by root, as the log files may contain sensitive -information. -<p>The configuration file should be placed in a directory readable and -writeable only by root, as the configuration file controls security for -the services offered by the server. The configuration file can be made -readable by all if desired, but this is not necessary for correct -operation of the server and is not recommended. A sample configuration -file "smb.conf.sample" is supplied with the source to the server - -this may be renamed to "smb.conf" and modified to suit your needs. -<p>The remaining notes will assume the following: -<p><dl> -<p><li > <strong>smbd</strong> (the server program) installed in /usr/local/samba/bin -<p><li > <strong>smb.conf</strong> (the configuration file) installed in /usr/local/samba/lib -<p><li > log files stored in /var/adm/smblogs -<p></dl> -<p>The server may be run either as a daemon by users or at startup, or it -may be run from a meta-daemon such as inetd upon request. If run as a -daemon, the server will always be ready, so starting sessions will be -faster. If run from a meta-daemon some memory will be saved and -utilities such as the tcpd TCP-wrapper may be used for extra security. -For serious use as file server it is recommended that <strong>smbd</strong> be run -as a daemon. -<p>When you've decided, continue with either  -<a href="smbd.8.html#RUNNINGTHESERVERASADAEMON">RUNNING THE SERVER AS A DAEMON</a> or  -<a href="smbd.8.html#RUNNINGTHESERVERONREQUEST">RUNNING THE SERVER ON REQUEST</a>. -<p><a name="RUNNINGTHESERVERASADAEMON"></a> -<h2>RUNNING THE SERVER AS A DAEMON</h2> -     -<p>To run the server as a daemon from the command line, simply put the -<a href="smbd.8.html#minusD"><strong>-D</strong></a> option on the command line. There is no need to place an -ampersand at the end of the command line - the <a href="smbd.8.html#minusD"><strong>-D</strong></a> option causes -the server to detach itself from the tty anyway. -<p>Any user can run the server as a daemon (execute permissions -permitting, of course). This is useful for testing purposes, and may -even be useful as a temporary substitute for something like ftp. When -run this way, however, the server will only have the privileges of the -user who ran it. -<p>To ensure that the server is run as a daemon whenever the machine is -started, and to ensure that it runs as root so that it can serve -multiple clients, you will need to modify the system startup -files. Wherever appropriate (for example, in /etc/rc), insert the -following line, substituting port number, log file location, -configuration file location and debug level as desired: -<p><code>/usr/local/samba/bin/smbd -D -l /var/adm/smblogs/log -s /usr/local/samba/lib/smb.conf</code> -<p>(The above should appear in your initialization script as a single line.  -Depending on your terminal characteristics, it may not appear that way in -this man page. If the above appears as more than one line, please treat any  -newlines or indentation as a single space or TAB character.) -<p>If the options used at compile time are appropriate for your system, -all parameters except <a href="smbd.8.html#minusD"><strong>-D</strong></a> may be -omitted. See the section <a href="smbd.8.html#OPTIONS">OPTIONS</a> above. -<p><a name="RUNNINGTHESERVERONREQUEST"></a> -<h2>RUNNING THE SERVER ON REQUEST</h2> -     -<p>If your system uses a meta-daemon such as <strong>inetd</strong>, you can arrange to -have the smbd server started whenever a process attempts to connect to -it. This requires several changes to the startup files on the host -machine. If you are experimenting as an ordinary user rather than as -root, you will need the assistance of your system administrator to -modify the system files. -<p>You will probably want to set up the NetBIOS name server <a href="nmbd.8.html"><strong>nmbd</strong></a> at -the same time as <strong>smbd</strong>. To do this refer to the man page for -<a href="nmbd.8.html"><strong>nmbd (8)</strong></a>. -<p>First, ensure that a port is configured in the file <code>/etc/services</code>. The -well-known port 139 should be used if possible, though any port may be -used. -<p>Ensure that a line similar to the following is in <code>/etc/services</code>: -<p><code>netbios-ssn	139/tcp</code> -<p>Note for NIS/YP users - you may need to rebuild the NIS service maps -rather than alter your local <code>/etc/services file</code>. -<p>Next, put a suitable line in the file <code>/etc/inetd.conf</code> (in the unlikely -event that you are using a meta-daemon other than inetd, you are on -your own). Note that the first item in this line matches the service -name in <code>/etc/services</code>.  Substitute appropriate values for your system -in this line (see <strong>inetd (8)</strong>): -<p><code>netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd -d1 -l/var/adm/smblogs/log -s/usr/local/samba/lib/smb.conf</code> -<p>(The above should appear in <code>/etc/inetd.conf</code> as a single -line. Depending on your terminal characteristics, it may not appear -that way in this man page.  If the above appears as more than one -line, please treat any newlines or indentation as a single space or -TAB character.) -<p>Note that there is no need to specify a port number here, even if you -are using a non-standard port number. -<p>Lastly, edit the configuration file to provide suitable services. To -start with, the following two services should be all you need: -<p><pre> - - -[homes] -  writeable = yes - -[printers] - writeable = no - printable = yes - path = /tmp - public = yes - - -</pre> - -<p>This will allow you to connect to your home directory and print to any -printer supported by the host (user privileges permitting). -<p><a name="TESTINGTHEINSTALLATION"></a> -<h2>TESTING THE INSTALLATION</h2> -     -<p>If running the server as a daemon, execute it before proceeding. If -using a meta-daemon, either restart the system or kill and restart the -meta-daemon. Some versions of inetd will reread their configuration -tables if they receive a HUP signal. -<p>If your machine's name is "fred" and your name is "mary", you should -now be able to connect to the service <code>\\fred\mary</code>. -<p>To properly test and experiment with the server, we recommend using -the smbclient program (see  -<a href="smbclient.1.html"><strong>smbclient (1)</strong></a>) and also going through -the steps outlined in the file <em>DIAGNOSIS.txt</em> in the <em>docs/</em> -directory of your Samba installation. -<p><a name="VERSION"></a> -<h2>VERSION</h2> -     -<p>This man page is correct for version 2.0 of the Samba suite. -<p><a name="DIAGNOSTICS"></a> -<h2>DIAGNOSTICS</h2> -     -<p>Most diagnostics issued by the server are logged in a specified log -file. The log file name is specified at compile time, but may be -overridden on the command line. -<p>The number and nature of diagnostics available depends on the debug -level used by the server. If you have problems, set the debug level to -3 and peruse the log files. -<p>Most messages are reasonably self-explanatory. Unfortunately, at the time -this man page was created, there are too many diagnostics available -in the source code to warrant describing each and every diagnostic. At -this stage your best bet is still to grep the source code and inspect -the conditions that gave rise to the diagnostics you are seeing. -<p><a name="SIGNALS"></a> -<h2>SIGNALS</h2> -     -<p>Sending the smbd a SIGHUP will cause it to re-load its smb.conf -configuration file within a short period of time. -<p>To shut down a users smbd process it is recommended that SIGKILL (-9) -<em>NOT</em> be used, except as a last resort, as this may leave the shared -memory area in an inconsistent state. The safe way to terminate an -smbd is to send it a SIGTERM (-15) signal and wait for it to die on -its own. -<p>The debug log level of smbd may be raised -by sending it a SIGUSR1 <code>(kill -USR1 <smbd-pid>)</code> and lowered by -sending it a SIGUSR2 <code>(kill -USR2 <smbd-pid>)</code>. This is to allow -transient problems to be diagnosed, whilst still running at a normally -low log level. -<p>Note that as the signal handlers send a debug write, they are not -re-entrant in smbd. This you should wait until smbd is in a state of -waiting for an incoming smb before issuing them. It is possible to -make the signal handlers safe by un-blocking the signals before the -select call and re-blocking them after, however this would affect -performance. -<p><a name="SEEALSO"></a> -<h2>SEE ALSO</h2> -     -<p><strong>hosts_access (5)</strong>, <strong>inetd (8)</strong>, <a href="nmbd.8.html"><strong>nmbd (8)</strong></a>, -<a href="smb.conf.5.html"><strong>smb.conf (5)</strong></a>, <a href="smbclient.1.html"><strong>smbclient -(1)</strong></a>, <a href="testparm.1.html"><strong>testparm (1)</strong></a>, -<a href="testprns.1.html"><strong>testprns (1)</strong></a>, and the Internet RFC's -<strong>rfc1001.txt</strong>, <strong>rfc1002.txt</strong>. In addition the CIFS (formerly SMB) -specification is available as a link from the Web page : -<a href="http://samba.org/cifs/">http://samba.org/cifs/</a>. -<p><a name="AUTHOR"></a> -<h2>AUTHOR</h2> -     -<p>The original Samba software and related utilities were created by -Andrew Tridgell <a href="mailto:samba@samba.org"><em>samba@samba.org</em></a>. Samba is now developed -by the Samba Team as an Open Source project similar to the way the -Linux kernel is developed. -<p>The original Samba man pages were written by Karl Auer. The man page -sources were converted to YODL format (another excellent piece of Open -Source software, available at -<a href="ftp://ftp.icce.rug.nl/pub/unix/"><strong>ftp://ftp.icce.rug.nl/pub/unix/</strong></a>) -and updated for the Samba2.0 release by Jeremy Allison. -<a href="mailto:samba@samba.org"><em>samba@samba.org</em></a>. -<p>See <a href="samba.7.html"><strong>samba (7)</strong></a> to find out how to get a full list of contributors -and details on how to submit bug reports, comments etc. -</body> -</html> +	[printers] +		writeable = no +		printable = yes +		path = /tmp +		public = yes +	</TT +> +	</PRE +><P +>This will allow you to connect to your home directory  +	and print to any printer supported by the host (user privileges  +	permitting).</P +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN223" +></A +><H2 +>TESTING THE INSTALLATION</H2 +><P +>If running the server as a daemon, execute it before  +	proceeding. If using a meta-daemon, either restart the system  +	or kill and restart the meta-daemon. Some versions of  +	<B +CLASS="COMMAND" +>inetd</B +> will reread their configuration +	tables if they receive a HUP signal.</P +><P +>If your machine's name is "fred" and your  +	name is "mary", you should now be able to connect  +	to the service <TT +CLASS="FILENAME" +>\\fred\mary</TT +>. +	</P +><P +>To properly test and experiment with the server, we  +	recommend using the <B +CLASS="COMMAND" +>smbclient</B +> program (see  +	<A +HREF="smbclient.1.html" +TARGET="_top" +><B +CLASS="COMMAND" +>smbclient(1)</B +></A +>)  +	and also going through the steps outlined in the file  +	<TT +CLASS="FILENAME" +>DIAGNOSIS.txt</TT +> in the <TT +CLASS="FILENAME" +>docs/</TT +> +	directory of your Samba installation.</P +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN235" +></A +><H2 +>VERSION</H2 +><P +>This man page is correct for version 2.2 of  +	the Samba suite.</P +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN238" +></A +><H2 +>DIAGNOSTICS</H2 +><P +>Most diagnostics issued by the server are logged  +	in a specified log file. The log file name is specified  +	at compile time, but may be overridden on the command line.</P +><P +>The number and nature of diagnostics available depends  +	on the debug level used by the server. If you have problems, set  +	the debug level to 3 and peruse the log files.</P +><P +>Most messages are reasonably self-explanatory. Unfortunately,  +	at the time this man page was created, there are too many diagnostics  +	available in the source code to warrant describing each and every  +	diagnostic. At this stage your best bet is still to grep the  +	source code and inspect the conditions that gave rise to the  +	diagnostics you are seeing.</P +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN243" +></A +><H2 +>SIGNALS</H2 +><P +>Sending the smbd a SIGHUP will cause it to  +	re-load its <TT +CLASS="FILENAME" +>smb.conf</TT +> configuration  +	file within a short period of time.</P +><P +>To shut down a users smbd process it is recommended  +	that <B +CLASS="COMMAND" +>SIGKILL (-9)</B +> <I +CLASS="EMPHASIS" +>NOT</I +>  +	be used, except as a last resort, as this may leave the shared +	memory area in an inconsistent state. The safe way to terminate  +	an smbd is to send it a SIGTERM (-15) signal and wait for  +	it to die on its own.</P +><P +>The debug log level of smbd may be raised by sending  +	it a SIGUSR1 (<B +CLASS="COMMAND" +>kill -USR1 <smbd-pid></B +>) +	and lowered by sending it a SIGUSR2 (<B +CLASS="COMMAND" +>kill -USR2 <smbd-pid> +	</B +>). This is to allow transient problems to be diagnosed,  +	whilst still running at a normally low log level.</P +><P +>Note that as the signal handlers send a debug write,  +	they are not re-entrant in smbd. This you should wait until  +	smbd is in a state of waiting for an incoming smb before  +	issuing them. It is possible to make the signal handlers safe  +	by un-blocking the signals before the select call and re-blocking  +	them after, however this would affect performance.</P +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN254" +></A +><H2 +>SEE ALSO</H2 +><P +>hosts_access(5), <B +CLASS="COMMAND" +>inetd(8)</B +>,  +	<A +HREF="nmbd.8.html" +TARGET="_top" +><B +CLASS="COMMAND" +>nmbd(8)</B +></A +>,  +	<A +HREF="smb.conf.5.html" +TARGET="_top" +><TT +CLASS="FILENAME" +>smb.conf(5)</TT +> +	</A +>, <A +HREF="smbclient.1.html" +TARGET="_top" +><B +CLASS="COMMAND" +>smbclient(1) +	</B +></A +>, <A +HREF="testparm.1.html" +TARGET="_top" +><B +CLASS="COMMAND" +>	testparm(1)</B +></A +>, <A +HREF="testprns.1.html" +TARGET="_top" +>	<B +CLASS="COMMAND" +>testprns(1)</B +></A +>, and the Internet RFC's +	<TT +CLASS="FILENAME" +>rfc1001.txt</TT +>, <TT +CLASS="FILENAME" +>rfc1002.txt</TT +>.  +	In addition the CIFS (formerly SMB) specification is available  +	as a link from the Web page <A +HREF="http://samba.org/cifs/" +TARGET="_top" +>  +	http://samba.org/cifs/</A +>.</P +></DIV +><DIV +CLASS="REFSECT1" +><A +NAME="AEN271" +></A +><H2 +>AUTHOR</H2 +><P +>The original Samba software and related utilities  +	were created by Andrew Tridgell. Samba is now developed +	by the Samba Team as an Open Source project similar  +	to the way the Linux kernel is developed.</P +><P +>The original Samba man pages were written by Karl Auer.  +	The man page sources were converted to YODL format (another  +	excellent piece of Open Source software, available at +	<A +HREF="ftp://ftp.icce.rug.nl/pub/unix/" +TARGET="_top" +>	ftp://ftp.icce.rug.nl/pub/unix/</A +>) and updated for the Samba 2.0  +	release by Jeremy Allison.  The conversion to DocBook for  +	Samba 2.2 was done by Gerald Carter</P +></DIV +></BODY +></HTML +>
\ No newline at end of file | 
