diff options
Diffstat (limited to 'docs/smbdotconf/base')
| -rw-r--r-- | docs/smbdotconf/base/bindinterfacesonly.xml | 71 | ||||
| -rw-r--r-- | docs/smbdotconf/base/comment.xml | 19 | ||||
| -rw-r--r-- | docs/smbdotconf/base/displaycharset.xml | 15 | ||||
| -rw-r--r-- | docs/smbdotconf/base/doscharset.xml | 17 | ||||
| -rw-r--r-- | docs/smbdotconf/base/interfaces.xml | 49 | ||||
| -rw-r--r-- | docs/smbdotconf/base/netbiosaliases.xml | 17 | ||||
| -rw-r--r-- | docs/smbdotconf/base/netbiosname.xml | 17 | ||||
| -rw-r--r-- | docs/smbdotconf/base/netbiosscope.xml | 12 | ||||
| -rw-r--r-- | docs/smbdotconf/base/path.xml | 31 | ||||
| -rw-r--r-- | docs/smbdotconf/base/realm.xml | 15 | ||||
| -rw-r--r-- | docs/smbdotconf/base/serverstring.xml | 21 | ||||
| -rw-r--r-- | docs/smbdotconf/base/unixcharset.xml | 15 | ||||
| -rw-r--r-- | docs/smbdotconf/base/workgroup.xml | 15 |
13 files changed, 314 insertions, 0 deletions
diff --git a/docs/smbdotconf/base/bindinterfacesonly.xml b/docs/smbdotconf/base/bindinterfacesonly.xml new file mode 100644 index 0000000000..d124159657 --- /dev/null +++ b/docs/smbdotconf/base/bindinterfacesonly.xml @@ -0,0 +1,71 @@ +<samba:parameter name="bind interfaces only" + type="boolean" + context="G" + advanced="1" wizard="1" developer="1" + xmlns:samba="http://samba.org/common"> +<description> + <para>This global parameter allows the Samba admin + to limit what interfaces on a machine will serve SMB requests. It + affects file service <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> and name service <citerefentry><refentrytitle>nmbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> in a slightly different ways.</para> + + <para>For name service it causes <command moreinfo="none">nmbd</command> to bind + to ports 137 and 138 on the interfaces listed in + the <link linkend="INTERFACES">interfaces</link> parameter. <command moreinfo="none">nmbd</command> also + binds to the "all addresses" interface (0.0.0.0) + on ports 137 and 138 for the purposes of reading broadcast messages. + If this option is not set then <command moreinfo="none">nmbd</command> will service + name requests on all of these sockets. If <parameter moreinfo="none">bind interfaces + only</parameter> is set then <command moreinfo="none">nmbd</command> will check the + source address of any packets coming in on the broadcast sockets + and discard any that don't match the broadcast addresses of the + interfaces in the <parameter moreinfo="none">interfaces</parameter> parameter list. + As unicast packets are received on the other sockets it allows + <command moreinfo="none">nmbd</command> to refuse to serve names to machines that + send packets that arrive through any interfaces not listed in the + <parameter moreinfo="none">interfaces</parameter> list. IP Source address spoofing + does defeat this simple check, however, so it must not be used + seriously as a security feature for <command moreinfo="none">nmbd</command>.</para> + + <para>For file service it causes <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> to bind only to the interface list + given in the <link linkend="INTERFACES">interfaces</link> parameter. This + restricts the networks that <command moreinfo="none">smbd</command> will serve + to packets coming in those interfaces. Note that you should not use this parameter + for machines that are serving PPP or other intermittent or non-broadcast network + interfaces as it will not cope with non-permanent interfaces.</para> + + <para>If <parameter moreinfo="none">bind interfaces only</parameter> is set then + unless the network address <emphasis>127.0.0.1</emphasis> is added + to the <parameter moreinfo="none">interfaces</parameter> parameter + list <citerefentry><refentrytitle>smbpasswd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>swat</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> may not work as expected due + to the reasons covered below.</para> + + <para>To change a users SMB password, the <command moreinfo="none">smbpasswd</command> + by default connects to the <emphasis>localhost - 127.0.0.1</emphasis> + address as an SMB client to issue the password change request. If + <parameter moreinfo="none">bind interfaces only</parameter> is set then unless the + network address <emphasis>127.0.0.1</emphasis> is added to the + <parameter moreinfo="none">interfaces</parameter> parameter list then <command moreinfo="none"> + smbpasswd</command> will fail to connect in it's default mode. + <command moreinfo="none">smbpasswd</command> can be forced to use the primary IP interface + of the local host by using its <citerefentry><refentrytitle>smbpasswd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> <parameter moreinfo="none">-r <replaceable>remote machine</replaceable></parameter> + parameter, with <replaceable>remote machine</replaceable> set + to the IP name of the primary interface of the local host.</para> + + <para>The <command moreinfo="none">swat</command> status page tries to connect with + <command moreinfo="none">smbd</command> and <command moreinfo="none">nmbd</command> at the address + <emphasis>127.0.0.1</emphasis> to determine if they are running. + Not adding <emphasis>127.0.0.1</emphasis> will cause <command moreinfo="none"> + smbd</command> and <command moreinfo="none">nmbd</command> to always show + "not running" even if they really are. This can prevent <command moreinfo="none"> + swat</command> from starting/stopping/restarting <command moreinfo="none">smbd</command> + and <command moreinfo="none">nmbd</command>.</para> + +</description> +<value type="default">no</value> +</samba:parameter> diff --git a/docs/smbdotconf/base/comment.xml b/docs/smbdotconf/base/comment.xml new file mode 100644 index 0000000000..8633811fa4 --- /dev/null +++ b/docs/smbdotconf/base/comment.xml @@ -0,0 +1,19 @@ +<samba:parameter name="comment" + context="S" + type="string" + basic="1" advanced="1" share="1" print="1" developer="1" + xmlns:samba="http://samba.org/common"> +<description> + <para>This is a text field that is seen next to a share + when a client does a queries the server, either via the network + neighborhood or via <command moreinfo="none">net view</command> to list what shares + are available.</para> + + <para>If you want to set the string that is displayed next to the + machine name then see the <link linkend="SERVERSTRING"><parameter moreinfo="none"> + server string</parameter></link> parameter.</para> + +</description> +<value type="default"><comment>No comment</comment></value> +<value type="example">Fred's Files</value> +</samba:parameter> diff --git a/docs/smbdotconf/base/displaycharset.xml b/docs/smbdotconf/base/displaycharset.xml new file mode 100644 index 0000000000..1d059821f1 --- /dev/null +++ b/docs/smbdotconf/base/displaycharset.xml @@ -0,0 +1,15 @@ +<samba:parameter name="display charset" + type="string" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<description> + <para>Specifies the charset that samba will use + to print messages to stdout and stderr and SWAT will use. + Should generally be the same as the <command moreinfo="none">unix charset</command>. +</para> +</description> + +<value type="default">ASCII</value> +<value type="example">UTF8</value> +</samba:parameter> diff --git a/docs/smbdotconf/base/doscharset.xml b/docs/smbdotconf/base/doscharset.xml new file mode 100644 index 0000000000..e360e4f671 --- /dev/null +++ b/docs/smbdotconf/base/doscharset.xml @@ -0,0 +1,17 @@ +<samba:parameter name="dos charset" + type="string" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<description> + <para>DOS SMB clients assume the server has + the same charset as they do. This option specifies which + charset Samba should talk to DOS clients. + </para> + + <para>The default depends on which charsets you have installed. + Samba tries to use charset 850 but falls back to ASCII in + case it is not available. Run <citerefentry><refentrytitle>testparm</refentrytitle> + <manvolnum>1</manvolnum></citerefentry> to check the default on your system.</para> +</description> +</samba:parameter> diff --git a/docs/smbdotconf/base/interfaces.xml b/docs/smbdotconf/base/interfaces.xml new file mode 100644 index 0000000000..e6d9d6c3ec --- /dev/null +++ b/docs/smbdotconf/base/interfaces.xml @@ -0,0 +1,49 @@ +<samba:parameter name="interfaces" + context="G" + type="list" + basic="1" advanced="1" wizard="1" developer="1" + xmlns:samba="http://samba.org/common"> +<description> + <para>This option allows you to override the default + network interfaces list that Samba will use for browsing, name + registration and other NBT traffic. By default Samba will query + the kernel for the list of all active interfaces and use any + interfaces except 127.0.0.1 that are broadcast capable.</para> + + <para>The option takes a list of interface strings. Each string + can be in any of the following forms:</para> + + <itemizedlist> + <listitem><para>a network interface name (such as eth0). + This may include shell-like wildcards so eth* will match + any interface starting with the substring "eth"</para></listitem> + + <listitem><para>an IP address. In this case the netmask is + determined from the list of interfaces obtained from the + kernel</para></listitem> + + <listitem><para>an IP/mask pair. </para></listitem> + + <listitem><para>a broadcast/mask pair.</para></listitem> + </itemizedlist> + + <para>The "mask" parameters can either be a bit length (such + as 24 for a C class network) or a full netmask in dotted + decimal form.</para> + + <para>The "IP" parameters above can either be a full dotted + decimal IP address or a hostname which will be looked up via + the OS's normal hostname resolution mechanisms.</para> + +</description> + +<value type="example"> + <comment>This would configure three network interfaces corresponding + to the eth0 device and IP addresses 192.168.2.10 and 192.168.3.10. + The netmasks of the latter two interfaces would be set to 255.255.255.0.</comment> + eth0 192.168.2.10/24 192.168.3.10/255.255.255.0 +</value> + +<related>bind interfaces only</related> +<value type="default"><comment>all active interfaces except 127.0.0.1 that are broadcast capable</comment></value> +</samba:parameter> diff --git a/docs/smbdotconf/base/netbiosaliases.xml b/docs/smbdotconf/base/netbiosaliases.xml new file mode 100644 index 0000000000..92341f2510 --- /dev/null +++ b/docs/smbdotconf/base/netbiosaliases.xml @@ -0,0 +1,17 @@ +<samba:parameter name="netbios aliases" + context="G" + type="list" + advanced="1" wizard="1" developer="1" + xmlns:samba="http://samba.org/common"> + <description> + <para>This is a list of NetBIOS names that nmbd will + advertise as additional names by which the Samba server is known. This allows one machine + to appear in browse lists under multiple names. If a machine is acting as a browse server + or logon server none of these names will be advertised as either browse server or logon + servers, only the primary name of the machine will be advertised with these capabilities. + </para> +</description> +<related>netbios name</related> +<value type="default"><comment>empty string (no additional names)</comment></value> +<value type="example">TEST TEST1 TEST2</value> +</samba:parameter> diff --git a/docs/smbdotconf/base/netbiosname.xml b/docs/smbdotconf/base/netbiosname.xml new file mode 100644 index 0000000000..48685066c9 --- /dev/null +++ b/docs/smbdotconf/base/netbiosname.xml @@ -0,0 +1,17 @@ +<samba:parameter name="netbios name" + context="G" + basic="1" advanced="1" wizard="1" developer="1" + xmlns:samba="http://samba.org/common"> +<description> + <para>This sets the NetBIOS name by which a Samba + server is known. By default it is the same as the first component + of the host's DNS name. If a machine is a browse server or + logon server this name (or the first component + of the hosts DNS name) will be the name that these services are + advertised under.</para> +</description> + +<related>netbios aliases</related> +<value type="default"><comment>machine DNS name</comment></value> +<value type="example">MYNAME</value> +</samba:parameter> diff --git a/docs/smbdotconf/base/netbiosscope.xml b/docs/smbdotconf/base/netbiosscope.xml new file mode 100644 index 0000000000..eee80f7cd5 --- /dev/null +++ b/docs/smbdotconf/base/netbiosscope.xml @@ -0,0 +1,12 @@ +<samba:parameter name="netbios scope" + context="G" + type="string" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<description> + <para>This sets the NetBIOS scope that Samba will + operate under. This should not be set unless every machine + on your LAN also sets this value.</para> +</description> +<value type="default"></value> +</samba:parameter> diff --git a/docs/smbdotconf/base/path.xml b/docs/smbdotconf/base/path.xml new file mode 100644 index 0000000000..ca99405878 --- /dev/null +++ b/docs/smbdotconf/base/path.xml @@ -0,0 +1,31 @@ +<samba:parameter name="path" + context="S" + basic="1" advanced="1" share="1" print="1" developer="1" + xmlns:samba="http://samba.org/common"> +<synonym>directory</synonym> +<description> + <para>This parameter specifies a directory to which + the user of the service is to be given access. In the case of + printable services, this is where print data will spool prior to + being submitted to the host for printing.</para> + + <para>For a printable service offering guest access, the service + should be readonly and the path should be world-writeable and + have the sticky bit set. This is not mandatory of course, but + you probably won't get the results you expect if you do + otherwise.</para> + + <para>Any occurrences of <parameter moreinfo="none">%u</parameter> in the path + will be replaced with the UNIX username that the client is using + on this connection. Any occurrences of <parameter moreinfo="none">%m</parameter> + will be replaced by the NetBIOS name of the machine they are + connecting from. These replacements are very useful for setting + up pseudo home directories for users.</para> + + <para>Note that this path will be based on <link linkend="ROOTDIR"> + <parameter moreinfo="none">root dir</parameter></link> if one was specified.</para> + </description> + + <value type="default"></value> + <value type="example">/home/fred</value> +</samba:parameter> diff --git a/docs/smbdotconf/base/realm.xml b/docs/smbdotconf/base/realm.xml new file mode 100644 index 0000000000..9610295dbf --- /dev/null +++ b/docs/smbdotconf/base/realm.xml @@ -0,0 +1,15 @@ +<samba:parameter name="realm" + context="G" + type="string" + basic="1" advanced="1" wizard="1" developer="1" + xmlns:samba="http://samba.org/common"> +<description> + <para>This option specifies the kerberos realm to use. The realm is + used as the ADS equivalent of the NT4 <command moreinfo="none">domain</command>. It + is usually set to the DNS name of the kerberos server. + </para> +</description> + +<value type="default"></value> +<value type="example">mysambabox.mycompany.com</value> +</samba:parameter> diff --git a/docs/smbdotconf/base/serverstring.xml b/docs/smbdotconf/base/serverstring.xml new file mode 100644 index 0000000000..9b121347ae --- /dev/null +++ b/docs/smbdotconf/base/serverstring.xml @@ -0,0 +1,21 @@ +<samba:parameter name="server string" + context="G" + basic="1" advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<description> + <para>This controls what string will show up in the printer comment box in print + manager and next to the IPC connection in <command moreinfo="none">net view</command>. It + can be any string that you wish to show to your users.</para> + + <para>It also sets what will appear in browse lists next + to the machine name.</para> + + <para>A <parameter moreinfo="none">%v</parameter> will be replaced with the Samba + version number.</para> + + <para>A <parameter moreinfo="none">%h</parameter> will be replaced with the + hostname.</para> +</description> +<value type="default">Samba %v</value> +<value type="example">University of GNUs Samba Server</value> +</samba:parameter> diff --git a/docs/smbdotconf/base/unixcharset.xml b/docs/smbdotconf/base/unixcharset.xml new file mode 100644 index 0000000000..143b6cb2a7 --- /dev/null +++ b/docs/smbdotconf/base/unixcharset.xml @@ -0,0 +1,15 @@ +<samba:parameter name="unix charset" + context="G" + type="string" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<description> + <para>Specifies the charset the unix machine + Samba runs on uses. Samba needs to know this in order to be able to + convert text to the charsets other SMB clients use. +</para> +</description> + +<value type="default">UTF8</value> +<value type="example">ASCII</value> +</samba:parameter> diff --git a/docs/smbdotconf/base/workgroup.xml b/docs/smbdotconf/base/workgroup.xml new file mode 100644 index 0000000000..6ada22867f --- /dev/null +++ b/docs/smbdotconf/base/workgroup.xml @@ -0,0 +1,15 @@ +<samba:parameter name="workgroup" + context="G" + type="string" + basic="1" advanced="1" wizard="1" developer="1" + xmlns:samba="http://samba.org/common"> +<description> + <para>This controls what workgroup your server will + appear to be in when queried by clients. Note that this parameter + also controls the Domain name used with + the <link linkend="SECURITYEQUALSDOMAIN"><command moreinfo="none">security = domain</command></link> + setting.</para> +</description> +<value type="default">WORKGROUP</value> +<value type="example">MYGROUP</value> +</samba:parameter> |