From b5ad6a0a0b9a856e981b8bc46ba38fbc16a8d54c Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 20 Feb 2001 03:25:13 +0000 Subject: more autogen files from the latest SGML/DocBook checkins (This used to be commit c51efe6a2d88717d2d3186e21285e3dcdc242831) --- docs/htmldocs/nmbd.8.html | 888 +++++++++++++++++++++++------- docs/htmldocs/smbd.8.html | 1347 ++++++++++++++++++++++++++++++++------------- docs/manpages/nmbd.8 | 459 +++++++-------- docs/manpages/smbd.8 | 876 +++++++++++++++-------------- 4 files changed, 2347 insertions(+), 1223 deletions(-) diff --git a/docs/htmldocs/nmbd.8.html b/docs/htmldocs/nmbd.8.html index 12f8178cfa..41021bddb3 100644 --- a/docs/htmldocs/nmbd.8.html +++ b/docs/htmldocs/nmbd.8.html @@ -1,206 +1,682 @@ - - - - - - -nmbd - - - - - -
- -

nmbd

-

Samba

-

23 Oct 1998

- - - -

-

NAME

- nmbd - NetBIOS name server to provide NetBIOS over IP -naming services to clients -

-

SYNOPSIS

- -

nmbd [-D] [-a] [-o] [-h] [-V] [-H lmhosts file] [-d debuglevel] [-l log file basename] [-n primary NetBIOS name] [-p port number] [-s configuration file] -

-

DESCRIPTION

- -

This program is part of the Samba suite. -

nmbd is a server that understands and can reply to NetBIOS over IP -name service requests, like those produced by SMBD/CIFS clients such -as Windows 95/98, Windows NT and LanManager clients. It also -participates in the browsing protocols which make up the Windows -"Network Neighborhood" view. -

SMB/CIFS clients, when they start up, may wish to locate an SMB/CIFS -server. That is, they wish to know what IP number a specified host is -using. -

Amongst other services, nmbd will listen for such requests, -and if its own NetBIOS name is specified it will respond with the IP -number of the host it is running on. Its "own NetBIOS name" is by -default the primary DNS name of the host it is running on, but this -can be overridden with the -n option (see OPTIONS below). Thus -nmbd will reply to broadcast queries for its own name(s). Additional -names for nmbd to respond on can be set via parameters in the -smb.conf(5) configuration file. -

nmbd can also be used as a WINS (Windows Internet Name Server) -server. What this basically means is that it will act as a WINS -database server, creating a database from name registration requests -that it receives and replying to queries from clients for these names. -

In addition, nmbd can act as a WINS proxy, relaying broadcast queries -from clients that do not understand how to talk the WINS protocol to a -WIN server. -

-

OPTIONS

- -

-

-

-D
If specified, this parameter causes nmbd to operate -as a daemon. That is, it detaches itself and runs in the background, -fielding requests on the appropriate port. By default, nmbd will -NOT operate as a daemon. nmbd can also be operated from the inetd -meta-daemon, although this is not recommended. -

-

-a
If this parameter is specified, each new connection will -append log messages to the log file. This is the default. -

-

-o
If this parameter is specified, the log files will be -overwritten when opened. By default, the log files will be appended -to. -

-

-h
Prints the help information (usage) for nmbd. -

-

-V
Prints the version number for nmbd. -

-

-H filename
NetBIOS lmhosts file. -

The lmhosts file is a list of NetBIOS names to IP addresses that is -loaded by the nmbd server and used via the name resolution mechanism -name resolve order described in -smb.conf (5) to resolve any -NetBIOS name queries needed by the server. Note that the contents of -this file are NOT used by nmbd to answer any name queries. Adding -a line to this file affects name NetBIOS resolution from this host -ONLY. -

The default path to this file is compiled into Samba as part of the -build process. Common defaults are /usr/local/samba/lib/lmhosts, -/usr/samba/lib/lmhosts or /etc/lmhosts. See the -lmhosts (5) man page for details on the contents of this file. -

-

-d debuglevel
debuglevel is an integer from 0 to 10. -

The default value if this parameter is not specified is zero. -

The higher this value, the more detail will be logged to the log files -about the activities of the server. At level 0, only critical errors -and serious warnings will be logged. Level 1 is a reasonable level for -day to day running - it generates a small amount of information about -operations carried out. -

Levels above 1 will generate considerable amounts of log data, and -should only be used when investigating a problem. Levels above 3 are -designed for use only by developers and generate HUGE amounts of log -data, most of which is extremely cryptic. -

Note that specifying this parameter here will override the log -level parameter in the smb.conf -(5) file. -

-

-l logfile
The -l parameter specifies a path and base -filename into which operational data from the running nmbd server will -be logged. The actual log file name is generated by appending the -extension ".nmb" to the specified base name. For example, if the name -specified was "log" then the file log.nmb would contain the debugging -data. -

The default log file path is compiled into Samba as part of the -build process. Common defaults are /usr/local/samba/var/log.nmb, -/usr/samba/var/log.nmb or /var/log/log.nmb. -

-

-n primary NetBIOS name
This option allows you to override -the NetBIOS name that Samba uses for itself. This is identical to -setting the NetBIOS name parameter -in the smb.conf file -but will override the setting in the smb.conf file. -

-

-p UDP port number
UDP port number is a positive integer value. -

This option changes the default UDP port number (normally 137) that -nmbd responds to name queries on. Don't use this option unless you are -an expert, in which case you won't need help! -

-

-s configuration file
The default configuration file name is -set at build time, typically as /usr/local/samba/lib/smb.conf, but -this may be changed when Samba is autoconfigured. -

The file specified contains the configuration details required by the -server. See smb.conf (5) for more information. -

-

-

FILES

- -

/etc/inetd.conf -

If the server is to be run by the inetd meta-daemon, this file must -contain suitable startup information for the meta-daemon. -

/etc/rc -

(or whatever initialization script your system uses). -

If running the server as a daemon at startup, this file will need to -contain an appropriate startup sequence for the server. -

/usr/local/samba/lib/smb.conf -

This is the default location of the -smb.conf server configuration -file. Other common places that systems install this file are -/usr/samba/lib/smb.conf and /etc/smb.conf. -

When run as a WINS server (see the wins support -parameter in the smb.conf (5) man page), nmbd will -store the WINS database in the file wins.dat in the var/locks directory -configured under wherever Samba was configured to install itself. -

If nmbd is acting as a browse master (see the local master -parameter in the smb.conf (5) man page), nmbd will -store the browsing database in the file browse.dat in the var/locks directory -configured under wherever Samba was configured to install itself. -

-

SIGNALS

- -

To shut down an nmbd process it is recommended that SIGKILL (-9) -NOT be used, except as a last resort, as this may leave the name -database in an inconsistent state. The correct way to terminate -nmbd is to send it a SIGTERM (-15) signal and wait for it to die on -its own. -

nmbd will accept SIGHUP, which will cause it to dump out it's -namelists into the file namelist.debug in the -/usr/local/samba/var/locks directory (or the var/locks -directory configured under wherever Samba was configured to install -itself). This will also cause nmbd to dump out it's server database in -the log.nmb file. In addition, the debug log level of nmbd may be raised -by sending it a SIGUSR1 (kill -USR1 <nmbd-pid>) and lowered by sending it a -SIGUSR2 (kill -USR2 <nmbd-pid>). This is to allow transient -problems to be diagnosed, whilst still running at a normally low log -level. -

-

VERSION

- -

This man page is correct for version 2.0 of the Samba suite. -

-

SEE ALSO

- -

inetd (8), smbd (8), smb.conf -(5), smbclient (1), -testparm (1), testprns -(1), and the Internet RFC's rfc1001.txt, -rfc1002.txt. In addition the CIFS (formerly SMB) specification is -available as a link from the Web page : -http://samba.org/cifs/. -

-

AUTHOR

- -

The original Samba software and related utilities were created by -Andrew Tridgell samba@samba.org. Samba is now developed -by the Samba Team as an Open Source project similar to the way the -Linux kernel is developed. -

The original Samba man pages were written by Karl Auer. The man page -sources were converted to YODL format (another excellent piece of Open -Source software, available at -ftp://ftp.icce.rug.nl/pub/unix/) -and updated for the Samba2.0 release by Jeremy Allison. -samba@samba.org. -

See samba (7) to find out how to get a full -list of contributors and details on how to submit bug reports, -comments etc. - - +nmbd

nmbd

Name

nmbd -- NetBIOS name server to provide NetBIOS + over IP naming services to clients

Synopsis

smbd [-D] [-a] [-o] [-P] [-h] [-V] [-d <debug level>] [-H <lmhosts file>] [-l <log file>] [-n <primary netbios name>] [-p <port number>] [-s <configuration file>]

DESCRIPTION

This program is part of the Samba suite.

nmbd is a server that understands + and can reply to NetBIOS over IP name service requests, like + those produced by SMBD/CIFS clients such as Windows 95/98/ME, + Windows NT, Windows 2000, and LanManager clients. It also + participates in the browsing protocols which make up the + Windows "Network Neighborhood" view.

SMB/CIFS clients, when they start up, may wish to + locate an SMB/CIFS server. That is, they wish to know what + IP number a specified host is using.

Amongst other services, nmbd will + listen for such requests, and if its own NetBIOS name is + specified it will respond with the IP number of the host it + is running on. Its "own NetBIOS name" is by + default the primary DNS name of the host it is running on, + but this can be overridden with the -n + option (see OPTIONS below). Thus nmbd will + reply to broadcast queries for its own name(s). Additional + names for nmbd to respond on can be set + via parameters in the smb.conf(5) configuration file.

nmbd can also be used as a WINS + (Windows Internet Name Server) server. What this basically means + is that it will act as a WINS database server, creating a + database from name registration requests that it receives and + replying to queries from clients for these names.

In addition, nmbd can act as a WINS + proxy, relaying broadcast queries from clients that do + not understand how to talk the WINS protocol to a WIN + server.

OPTIONS

-D

If specified, this parameter causes + nmbd to operate as a daemon. That is, + it detaches itself and runs in the background, fielding + requests on the appropriate port. By default, nmbd + will operate as a daemon if launched from a command shell. + nmbd can also be operated from the inetd + meta-daemon, although this is not recommended. +

-a

If this parameter is specified, each new + connection will append log messages to the log file. + This is the default.

-o

If this parameter is specified, the + log files will be overwritten when opened. By default, + smbd will append entries to the log + files.

-h

Prints the help information (usage) + for nmbd.

-H <filename>

NetBIOS lmhosts file. The lmhosts + file is a list of NetBIOS names to IP addresses that + is loaded by the nmbd server and used via the name + resolution mechanism name resolve order described in smb.conf(5) + to resolve any NetBIOS name queries needed by the server. Note + that the contents of this file are NOT + used by nmbd to answer any name queries. + Adding a line to this file affects name NetBIOS resolution + from this host ONLY.

The default path to this file is compiled into + Samba as part of the build process. Common defaults + are /usr/local/samba/lib/lmhosts, + /usr/samba/lib/lmhosts or + /etc/lmhosts. See the lmhosts(5) man page for details on the + contents of this file.

-V

Prints the version number for + nmbd.

-d <debug level>

debuglevel is an integer + from 0 to 10. The default value if this parameter is + not specified is zero.

The higher this value, the more detail will + be logged to the log files about the activities of the + server. At level 0, only critical errors and serious + warnings will be logged. Level 1 is a reasonable level for + day to day running - it generates a small amount of + information about operations carried out.

Levels above 1 will generate considerable amounts + of log data, and should only be used when investigating + a problem. Levels above 3 are designed for use only by developers + and generate HUGE amounts of log data, most of which is extremely + cryptic.

Note that specifying this parameter here will override + the log level + parameter in the smb.conf file.

-l <log file>

The -l parameter specifies a path + and base filename into which operational data from + the running nmbd server will + be logged. The actual log file name is generated by + appending the extension ".nmb" to the specified base + name. For example, if the name specified was "log" + then the file log.nmb would contain the debugging data.

The default log file path is compiled into Samba as + part of the build process. Common defaults are /usr/local/samba/var/log.nmb, /usr/samba/var/log.nmb or + /var/log/log.nmb.

-n <primary NetBIOS name>

This option allows you to override + the NetBIOS name that Samba uses for itself. This is identical + to setting the NetBIOS name parameter in the + smb.conf file. However, a command + line setting will take precedence over settings in + smb.conf.

-p <UDP port number>

UDP port number is a positive integer value. + This option changes the default UDP port number (normally 137) + that nmbd responds to name queries on. Don't + use this option unless you are an expert, in which case you + won't need help!

-s <configuration file>

The default configuration file name + is set at build time, typically as /usr/local/samba/lib/smb.conf, but + this may be changed when Samba is autoconfigured.

The file specified contains the configuration details + required by the server. See + smb.conf(5) for more information. +

FILES

/etc/inetd.conf

If the server is to be run by the + inetd meta-daemon, this file + must contain suitable startup information for the + meta-daemon. See the section INSTALLATION below. +

/etc/rc

or whatever initialization script your + system uses).

If running the server as a daemon at startup, + this file will need to contain an appropriate startup + sequence for the server. See the section INSTALLATION + below.

/etc/services

If running the server via the + meta-daemon inetd, this file + must contain a mapping of service name (e.g., netbios-ssn) + to service port (e.g., 139) and protocol type (e.g., tcp). + See the section INSTALLATION below.

/usr/local/samba/lib/smb.conf

This is the default location of the + smb.conf + server configuration file. Other common places that systems + install this file are /usr/samba/lib/smb.conf + and /etc/smb.conf.

When run as a WINS server (see the + wins support + parameter in the smb.conf(5) man page), nmbd + will store the WINS database in the file wins.dat + in the var/locks directory configured under + wherever Samba was configured to install itself.

If nmbd is acting as a browse master (see the local master + parameter in the smb.conf(5) man page), nmbd + will store the browsing database in the file browse.dat + in the var/locks directory + configured under wherever Samba was configured to install itself. +

SIGNALS

To shut down an nmbd process it is recommended + that SIGKILL (-9) NOT be used, except as a last + resort, as this may leave the name database in an inconsistent state. + The correct way to terminate nmbd is to send it + a SIGTERM (-15) signal and wait for it to die on its own.

nmbd will accept SIGHUP, which will cause + it to dump out it's namelists into the file namelist.debug + in the /usr/local/samba/var/locks + directory (or the var/locks directory configured + under wherever Samba was configured to install itself). This will also + cause nmbd to dump out it's server database in + the log.nmb file. In addition, the debug log level + of nmbd may be raised by sending it a SIGUSR1 (kill -USR1 + <nmbd-pid>) and lowered by sending it a + SIGUSR2 (kill -USR2 <nmbd-pid>). This is to + allow transient problems to be diagnosed, whilst still running at a + normally low log level.

VERSION

This man page is correct for version 2.2 of + the Samba suite.

SEE ALSO

inetd(8), smbd(8), + smb.conf(5) + , smbclient(1) + , testparm(1), testprns(1), and the Internet RFC's + rfc1001.txt, rfc1002.txt. + In addition the CIFS (formerly SMB) specification is available + as a link from the Web page + http://samba.org/cifs/.

AUTHOR

The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.

The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at + ftp://ftp.icce.rug.nl/pub/unix/) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter

\ No newline at end of file diff --git a/docs/htmldocs/smbd.8.html b/docs/htmldocs/smbd.8.html index 766de0853f..be5c02dd72 100644 --- a/docs/htmldocs/smbd.8.html +++ b/docs/htmldocs/smbd.8.html @@ -1,378 +1,971 @@ +smbd

smbd

Name

smbd -- server to provide SMB/CIFS services to clients

Synopsis

smbd [-D] [-a] [-o] [-P] [-h] [-V] [-d <debug level>] [-l <log file>] [-p <port number>] [-O <socket option>] [-s <configuration file>]

DESCRIPTION

This program is part of the Samba suite.

smbd is the server daemon that + provides filesharing and printing services to Windows clients. + The server provides filespace and printer services to + clients using the SMB (or CIFS) protocol. This is compatible + with the LanManager protocol, and can service LanManager + clients. These include MSCLIENT 3.0 for DOS, Windows for + Workgroups, Windows 95/98/ME, Windows NT, Windows 2000, + OS/2, DAVE for Macintosh, and smbfs for Linux.

An extensive description of the services that the + server can provide is given in the man page for the + configuration file controlling the attributes of those + services (see smb.conf(5) + . This man page will not describe the + services, but will concentrate on the administrative aspects + of running the server.

Please note that there are significant security + implications to running this server, and the smb.conf(5) + manpage should be regarded as mandatory reading before + proceeding with installation.

A session is created whenever a client requests one. + Each client gets a copy of the server for each session. This + copy then services all connections made by the client during + that session. When all connections from its client are closed, + the copy of the server for that client terminates.

The configuration file, and any files that it includes, + are automatically reloaded every minute, if they change. You + can force a reload by sending a SIGHUP to the server. Reloading + the configuration file will not affect connections to any service + that is already established. Either the user will have to + disconnect from the service, or smbd killed and restarted.

OPTIONS

-D

If specified, this parameter causes + the server to operate as a daemon. That is, it detaches + itself and runs in the background, fielding requests + on the appropriate port. Operating the server as a + daemon is the recommended way of running smbd for + servers that provide more than casual use file and + print services. This switch is assumed is smbd + is executed on the command line of a shell. +

-a

If this parameter is specified, each new + connection will append log messages to the log file. + This is the default.

-o

If this parameter is specified, the + log files will be overwritten when opened. By default, + smbd will append entries to the log + files.

-P

Passive option. Causes smbd not to + send any network traffic out. Used for debugging by + the developers only.

-h

Prints the help information (usage) + for smbd.

-v

Prints the version number for + smbd.

-d <debug level>

debuglevel is an integer + from 0 to 10. The default value if this parameter is + not specified is zero.

The higher this value, the more detail will be + logged to the log files about the activities of the + server. At level 0, only critical errors and serious + warnings will be logged. Level 1 is a reasonable level for + day to day running - it generates a small amount of + information about operations carried out.

Levels above 1 will generate considerable + amounts of log data, and should only be used when + investigating a problem. Levels above 3 are designed for + use only by developers and generate HUGE amounts of log + data, most of which is extremely cryptic.

Note that specifying this parameter here will + override the log + level parameter in the smb.conf(5) file.

-l <log file>

If specified, log file + specifies a log filename into which informational and debug + messages from the running server will be logged. The log + file generated is never removed by the server although + its size may be controlled by the max log size + option in the smb.conf(5) file. The default log + file name is specified at compile time.

-O <socket options>

See the socket options + parameter in the smb.conf(5) + file for details.

-p <port number>

port number is a positive integer + value. The default value if this parameter is not + specified is 139.

This number is the port number that will be + used when making connections to the server from client + software. The standard (well-known) port number for the + SMB over TCP is 139, hence the default. If you wish to + run the server as an ordinary user rather than + as root, most systems will require you to use a port + number greater than 1024 - ask your system administrator + for help if you are in this situation.

In order for the server to be useful by most + clients, should you configure it on a port other + than 139, you will require port redirection services + on port 139, details of which are outlined in rfc1002.txt + section 4.3.5.

This parameter is not normally specified except + in the above situation.

-s <configuration file>

The file specified contains the + configuration details required by the server. The + information in this file includes server-specific + information such as what printcap file to use, as well + as descriptions of all the services that the server is + to provide. See smb.conf(5) for more information. + The default configuration file name is determined at + compile time.

FILES

/etc/inetd.conf

If the server is to be run by the + inetd meta-daemon, this file + must contain suitable startup information for the + meta-daemon. See the section INSTALLATION below. +

/etc/rc

or whatever initialization script your + system uses).

If running the server as a daemon at startup, + this file will need to contain an appropriate startup + sequence for the server. See the section INSTALLATION + below.

/etc/services

If running the server via the + meta-daemon inetd, this file + must contain a mapping of service name (e.g., netbios-ssn) + to service port (e.g., 139) and protocol type (e.g., tcp). + See the section INSTALLATION below.

/usr/local/samba/lib/smb.conf

This is the default location of the + smb.conf + server configuration file. Other common places that systems + install this file are /usr/samba/lib/smb.conf + and /etc/smb.conf.

This file describes all the services the server + is to make available to clients. See smb.conf(5) for more information.

LIMITATIONS

On some systems smbd cannot change uid back + to root after a setuid() call. Such systems are called + "trapdoor" uid systems. If you have such a system, + you will be unable to connect from a client (such as a PC) as + two different users at once. Attempts to connect the + second user will result in "access denied" or + similar.

ENVIRONMENTVARIABLES

PRINTER

If no printer name is specified to + printable services, most systems will use the value of + this variable (or "lp" if this variable is + not defined) as the name of the printer to use. This + is not specific to the server, however.

INSTALLATION

The location of the server and its support files + is a matter for individual system administrators. The following + are thus suggestions only.

It is recommended that the server software be installed + under the /usr/local/samba/ hierarchy, + in a directory readable by all, writeable only by root. The server + program itself should be executable by all, as users may wish to + run the server themselves (in which case it will of course run + with their privileges). The server should NOT be setuid. On some + systems it may be worthwhile to make smbd setgid to an empty group. + This is because some systems may have a security hole where daemon + processes that become a user can be attached to with a debugger. + Making the smbd file setgid to an empty group may prevent + this hole from being exploited. This security hole and the suggested + fix has only been confirmed on old versions (pre-kernel 2.0) of Linux + at the time this was written. It is possible that this hole only + exists in Linux, as testing on other systems has thus far shown them + to be immune.

The server log files should be put in a directory readable and + writeable only by root, as the log files may contain sensitive + information.

The configuration file should be placed in a directory + readable and writeable only by root, as the configuration file + controls security for the services offered by the server. The + configuration file can be made readable by all if desired, but + this is not necessary for correct operation of the server and is + not recommended. A sample configuration file smb.conf.sample + is supplied with the source to the server - this may + be renamed to smb.conf and modified to suit + your needs.

The remaining notes will assume the following:

The server may be run either as a daemon by users + or at startup, or it may be run from a meta-daemon such as + inetd upon request. If run as a daemon, + the server will always be ready, so starting sessions will be + faster. If run from a meta-daemon some memory will be saved and + utilities such as the tcpd TCP-wrapper may be used for extra + security. For serious use as file server it is recommended + that smbd be run as a daemon.

When you've decided, continue with either

RUNNING THE SERVER AS A DAEMON

To run the server as a daemon from the command + line, simply put the -D option on the + command line. There is no need to place an ampersand at + the end of the command line - the -D + option causes the server to detach itself from the tty + anyway.

Any user can run the server as a daemon (execute + permissions permitting, of course). This is useful for + testing purposes, and may even be useful as a temporary + substitute for something like ftp. When run this way, however, + the server will only have the privileges of the user who ran + it.

To ensure that the server is run as a daemon whenever + the machine is started, and to ensure that it runs as root + so that it can serve multiple clients, you will need to modify + the system startup files. Wherever appropriate (for example, in + /etc/rc), insert the following line, + substituting port number, log file location, configuration file + location and debug level as desired:

/usr/local/samba/bin/smbd -D -l /var/adm/smblogs/log + -s /usr/local/samba/lib/smb.conf

(The above should appear in your initialization script + as a single line. Depending on your terminal characteristics, + it may not appear that way in this man page. If the above appears + as more than one line, please treat any newlines or indentation + as a single space or TAB character.)

If the options used at compile time are appropriate for + your system, all parameters except -D may + be omitted. See the section OPTIONS above.

RUNNING THE SERVER ON REQUEST

If your system uses a meta-daemon such as inetd + , you can arrange to have the smbd server started + whenever a process attempts to connect to it. This requires several + changes to the startup files on the host machine. If you are + experimenting as an ordinary user rather than as root, you will + need the assistance of your system administrator to modify the + system files.

You will probably want to set up the NetBIOS name server + nmbd at + the same time as smbd. To do this refer to the + man page for nmbd(8) + .

First, ensure that a port is configured in the file + /etc/services. The well-known port 139 + should be used if possible, though any port may be used.

Ensure that a line similar to the following is in + /etc/services:

netbios-ssn 139/tcp

Note for NIS/YP users - you may need to rebuild the + NIS service maps rather than alter your local /etc/services + file.

Next, put a suitable line in the file /etc/inetd.conf + (in the unlikely event that you are using a meta-daemon + other than inetd, you are on your own). Note that the first item + in this line matches the service name in /etc/services + . Substitute appropriate values for your system + in this line (see inetd(8)):

netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd + -d1 -l/var/adm/smblogs/log -s/usr/local/samba/lib/smb.conf

(The above should appear in /etc/inetd.conf + as a single line. Depending on your terminal characteristics, it may + not appear that way in this man page. If the above appears as more + than one line, please treat any newlines or indentation as a single + space or TAB character.)

Note that there is no need to specify a port number here, + even if you are using a non-standard port number.

Lastly, edit the configuration file to provide suitable + services. To start with, the following two services should be + all you need:

		[homes]
+		writeable = yes
 
-
- 
-
-
-
-smbd (8)
-
-
-
-
-
-
- -

smbd (8)

-

Samba

-

23 Oct 1998

- - - -

-

NAME

- smbd - server to provide SMB/CIFS services to clients -

-

SYNOPSIS

- -

smbd [-D] [-a] [-o] [-P] [-h] [-V] [-d debuglevel] [-l log file] [-p port number] [-O socket options] [-s configuration file] -

-

DESCRIPTION

- -

This program is part of the Samba suite. -

smbd is the server daemon that provides filesharing and printing -services to -Windows clients. The server provides filespace and printer services to -clients using the SMB (or CIFS) protocol. This is compatible with the -LanManager protocol, and can service LanManager clients. These -include MSCLIENT 3.0 for DOS, Windows for Workgroups, Windows 95, -Windows NT, OS/2, DAVE for Macintosh, and smbfs for Linux. -

An extensive description of the services that the server can provide -is given in the man page for the configuration file controlling the -attributes of those services (see -smb.conf (5). This man page -will not describe the services, but will concentrate on the -administrative aspects of running the server. -

Please note that there are significant security implications to -running this server, and the -smb.conf (5) manpage should be -regarded as mandatory reading before proceeding with installation. -

A session is created whenever a client requests one. Each client gets -a copy of the server for each session. This copy then services all -connections made by the client during that session. When all -connections from its client are closed, the copy of the server for -that client terminates. -

The configuration file, and any files that it includes, are -automatically reloaded every minute, if they change. You can force a -reload by sending a SIGHUP to the server. Reloading the configuration -file will not affect connections to any service that is already -established. Either the user will have to disconnect from the -service, or smbd killed and restarted. -

-

OPTIONS

- -

-

-

-D
If specified, this parameter causes the server to operate as a -daemon. That is, it detaches itself and runs in the background, -fielding requests on the appropriate port. Operating the server as a -daemon is the recommended way of running smbd for servers that provide -more than casual use file and print services. -

By default, the server will NOT operate as a daemon. -

-

-a
If this parameter is specified, each new connection will -append log messages to the log file. This is the default. -

-

-o
If this parameter is specified, the log files will be -overwritten when opened. By default, the log files will be appended -to. -

-

-P
Passive option. Causes smbd not to send any network traffic -out. Used for debugging by the developers only. -

-

-h
Prints the help information (usage) for smbd. -

-

-V
Prints the version number for smbd. -

-

-d debuglevel
debuglevel is an integer from 0 to 10. -

The default value if this parameter is not specified is zero. -

The higher this value, the more detail will be logged to the log files -about the activities of the server. At level 0, only critical errors -and serious warnings will be logged. Level 1 is a reasonable level for -day to day running - it generates a small amount of information about -operations carried out. -

Levels above 1 will generate considerable amounts of log data, and -should only be used when investigating a problem. Levels above 3 are -designed for use only by developers and generate HUGE amounts of log -data, most of which is extremely cryptic. -

Note that specifying this parameter here will override the log -level parameter in the smb.conf -(5) file. -

-

-l log file
If specified, log file specifies -a log filename into which informational and debug messages from the -running server will be logged. The log file generated is never removed -by the server although its size may be controlled by the max -log size option in the smb.conf -(5) file. The default log file name is specified -at compile time. -

-

-O socket options
See the socket -options parameter in the -smb.conf (5) file for details. -

-

-p port number
port number is a positive integer value. The -default value if this parameter is not specified is 139. -

This number is the port number that will be used when making -connections to the server from client software. The standard -(well-known) port number for the SMB over TCP is 139, hence the -default. If you wish to run the server as an ordinary user rather than -as root, most systems will require you to use a port number greater -than 1024 - ask your system administrator for help if you are in this -situation. -

In order for the server to be useful by most clients, should you -configure it on a port other than 139, you will require port -redirection services on port 139, details of which are outlined in -rfc1002.txt section 4.3.5. -

This parameter is not normally specified except in the above -situation. -

-

-s configuration file
-The file specified contains the configuration details required by the -server. The information in this file includes server-specific -information such as what printcap file to use, as well as descriptions -of all the services that the server is to provide. See smb.conf -(5) for more information. -The default configuration file name is determined at compile time. -

-

-

FILES

- -

/etc/inetd.conf -

If the server is to be run by the inetd meta-daemon, this file must -contain suitable startup information for the meta-daemon. See the -section INSTALLATION below. -

/etc/rc -

(or whatever initialization script your system uses). -

If running the server as a daemon at startup, this file will need to -contain an appropriate startup sequence for the server. See the -section INSTALLATION below. -

/etc/services -

If running the server via the meta-daemon inetd, this file must -contain a mapping of service name (e.g., netbios-ssn) to service port -(e.g., 139) and protocol type (e.g., tcp). See the section -INSTALLATION below. -

/usr/local/samba/lib/smb.conf -

This is the default location of the smb.conf server configuration -file. Other common places that systems install this file are -/usr/samba/lib/smb.conf and /etc/smb.conf. -

This file describes all the services the server is to make available -to clients. See smb.conf (5) for more information. -

-

LIMITATIONS

- -

On some systems smbd cannot change uid back to root after a -setuid() call. Such systems are called "trapdoor" uid systems. If you -have such a system, you will be unable to connect from a client (such -as a PC) as two different users at once. Attempts to connect the -second user will result in "access denied" or similar. -

-

ENVIRONMENT VARIABLES

- -

PRINTER -

If no printer name is specified to printable services, most systems -will use the value of this variable (or "lp" if this variable is not -defined) as the name of the printer to use. This is not specific to -the server, however. -

-

INSTALLATION

- -

The location of the server and its support files is a matter for -individual system administrators. The following are thus suggestions -only. -

It is recommended that the server software be installed under the -/usr/local/samba hierarchy, in a directory readable by all, writeable -only by root. The server program itself should be executable by all, -as users may wish to run the server themselves (in which case it will -of course run with their privileges). The server should NOT be -setuid. On some systems it may be worthwhile to make smbd setgid to an -empty group. This is because some systems may have a security hole -where daemon processes that become a user can be attached to with a -debugger. Making the smbd file setgid to an empty group may prevent -this hole from being exploited. This security hole and the suggested -fix has only been confirmed on old versions (pre-kernel 2.0) of Linux -at the time this was written. It is possible that this hole only -exists in Linux, as testing on other systems has thus far shown them -to be immune. -

The server log files should be put in a directory readable and -writeable only by root, as the log files may contain sensitive -information. -

The configuration file should be placed in a directory readable and -writeable only by root, as the configuration file controls security for -the services offered by the server. The configuration file can be made -readable by all if desired, but this is not necessary for correct -operation of the server and is not recommended. A sample configuration -file "smb.conf.sample" is supplied with the source to the server - -this may be renamed to "smb.conf" and modified to suit your needs. -

The remaining notes will assume the following: -

-

  • smbd (the server program) installed in /usr/local/samba/bin -

  • smb.conf (the configuration file) installed in /usr/local/samba/lib -

  • log files stored in /var/adm/smblogs -

  • -

    The server may be run either as a daemon by users or at startup, or it -may be run from a meta-daemon such as inetd upon request. If run as a -daemon, the server will always be ready, so starting sessions will be -faster. If run from a meta-daemon some memory will be saved and -utilities such as the tcpd TCP-wrapper may be used for extra security. -For serious use as file server it is recommended that smbd be run -as a daemon. -

    When you've decided, continue with either -RUNNING THE SERVER AS A DAEMON or -RUNNING THE SERVER ON REQUEST. -

    -

    RUNNING THE SERVER AS A DAEMON

    - -

    To run the server as a daemon from the command line, simply put the --D option on the command line. There is no need to place an -ampersand at the end of the command line - the -D option causes -the server to detach itself from the tty anyway. -

    Any user can run the server as a daemon (execute permissions -permitting, of course). This is useful for testing purposes, and may -even be useful as a temporary substitute for something like ftp. When -run this way, however, the server will only have the privileges of the -user who ran it. -

    To ensure that the server is run as a daemon whenever the machine is -started, and to ensure that it runs as root so that it can serve -multiple clients, you will need to modify the system startup -files. Wherever appropriate (for example, in /etc/rc), insert the -following line, substituting port number, log file location, -configuration file location and debug level as desired: -

    /usr/local/samba/bin/smbd -D -l /var/adm/smblogs/log -s /usr/local/samba/lib/smb.conf -

    (The above should appear in your initialization script as a single line. -Depending on your terminal characteristics, it may not appear that way in -this man page. If the above appears as more than one line, please treat any -newlines or indentation as a single space or TAB character.) -

    If the options used at compile time are appropriate for your system, -all parameters except -D may be -omitted. See the section OPTIONS above. -

    -

    RUNNING THE SERVER ON REQUEST

    - -

    If your system uses a meta-daemon such as inetd, you can arrange to -have the smbd server started whenever a process attempts to connect to -it. This requires several changes to the startup files on the host -machine. If you are experimenting as an ordinary user rather than as -root, you will need the assistance of your system administrator to -modify the system files. -

    You will probably want to set up the NetBIOS name server nmbd at -the same time as smbd. To do this refer to the man page for -nmbd (8). -

    First, ensure that a port is configured in the file /etc/services. The -well-known port 139 should be used if possible, though any port may be -used. -

    Ensure that a line similar to the following is in /etc/services: -

    netbios-ssn 139/tcp -

    Note for NIS/YP users - you may need to rebuild the NIS service maps -rather than alter your local /etc/services file. -

    Next, put a suitable line in the file /etc/inetd.conf (in the unlikely -event that you are using a meta-daemon other than inetd, you are on -your own). Note that the first item in this line matches the service -name in /etc/services. Substitute appropriate values for your system -in this line (see inetd (8)): -

    netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd -d1 -l/var/adm/smblogs/log -s/usr/local/samba/lib/smb.conf -

    (The above should appear in /etc/inetd.conf as a single -line. Depending on your terminal characteristics, it may not appear -that way in this man page. If the above appears as more than one -line, please treat any newlines or indentation as a single space or -TAB character.) -

    Note that there is no need to specify a port number here, even if you -are using a non-standard port number. -

    Lastly, edit the configuration file to provide suitable services. To -start with, the following two services should be all you need: -

    -
    -
    -[homes]
    -  writeable = yes
    -
    -[printers]
    - writeable = no
    - printable = yes
    - path = /tmp
    - public = yes
    -
    -
    -
    - -

    This will allow you to connect to your home directory and print to any -printer supported by the host (user privileges permitting). -

    -

    TESTING THE INSTALLATION

    - -

    If running the server as a daemon, execute it before proceeding. If -using a meta-daemon, either restart the system or kill and restart the -meta-daemon. Some versions of inetd will reread their configuration -tables if they receive a HUP signal. -

    If your machine's name is "fred" and your name is "mary", you should -now be able to connect to the service \\fred\mary. -

    To properly test and experiment with the server, we recommend using -the smbclient program (see -smbclient (1)) and also going through -the steps outlined in the file DIAGNOSIS.txt in the docs/ -directory of your Samba installation. -

    -

    VERSION

    - -

    This man page is correct for version 2.0 of the Samba suite. -

    -

    DIAGNOSTICS

    - -

    Most diagnostics issued by the server are logged in a specified log -file. The log file name is specified at compile time, but may be -overridden on the command line. -

    The number and nature of diagnostics available depends on the debug -level used by the server. If you have problems, set the debug level to -3 and peruse the log files. -

    Most messages are reasonably self-explanatory. Unfortunately, at the time -this man page was created, there are too many diagnostics available -in the source code to warrant describing each and every diagnostic. At -this stage your best bet is still to grep the source code and inspect -the conditions that gave rise to the diagnostics you are seeing. -

    -

    SIGNALS

    - -

    Sending the smbd a SIGHUP will cause it to re-load its smb.conf -configuration file within a short period of time. -

    To shut down a users smbd process it is recommended that SIGKILL (-9) -NOT be used, except as a last resort, as this may leave the shared -memory area in an inconsistent state. The safe way to terminate an -smbd is to send it a SIGTERM (-15) signal and wait for it to die on -its own. -

    The debug log level of smbd may be raised -by sending it a SIGUSR1 (kill -USR1 <smbd-pid>) and lowered by -sending it a SIGUSR2 (kill -USR2 <smbd-pid>). This is to allow -transient problems to be diagnosed, whilst still running at a normally -low log level. -

    Note that as the signal handlers send a debug write, they are not -re-entrant in smbd. This you should wait until smbd is in a state of -waiting for an incoming smb before issuing them. It is possible to -make the signal handlers safe by un-blocking the signals before the -select call and re-blocking them after, however this would affect -performance. -

    -

    SEE ALSO

    - -

    hosts_access (5), inetd (8), nmbd (8), -smb.conf (5), smbclient -(1), testparm (1), -testprns (1), and the Internet RFC's -rfc1001.txt, rfc1002.txt. In addition the CIFS (formerly SMB) -specification is available as a link from the Web page : -http://samba.org/cifs/. -

    -

    AUTHOR

    - -

    The original Samba software and related utilities were created by -Andrew Tridgell samba@samba.org. Samba is now developed -by the Samba Team as an Open Source project similar to the way the -Linux kernel is developed. -

    The original Samba man pages were written by Karl Auer. The man page -sources were converted to YODL format (another excellent piece of Open -Source software, available at -ftp://ftp.icce.rug.nl/pub/unix/) -and updated for the Samba2.0 release by Jeremy Allison. -samba@samba.org. -

    See samba (7) to find out how to get a full list of contributors -and details on how to submit bug reports, comments etc. - - + [printers] + writeable = no + printable = yes + path = /tmp + public = yes + +

    This will allow you to connect to your home directory + and print to any printer supported by the host (user privileges + permitting).

    TESTING THE INSTALLATION

    If running the server as a daemon, execute it before + proceeding. If using a meta-daemon, either restart the system + or kill and restart the meta-daemon. Some versions of + inetd will reread their configuration + tables if they receive a HUP signal.

    If your machine's name is "fred" and your + name is "mary", you should now be able to connect + to the service \\fred\mary. +

    To properly test and experiment with the server, we + recommend using the smbclient program (see + smbclient(1)) + and also going through the steps outlined in the file + DIAGNOSIS.txt in the docs/ + directory of your Samba installation.

    VERSION

    This man page is correct for version 2.2 of + the Samba suite.

    DIAGNOSTICS

    Most diagnostics issued by the server are logged + in a specified log file. The log file name is specified + at compile time, but may be overridden on the command line.

    The number and nature of diagnostics available depends + on the debug level used by the server. If you have problems, set + the debug level to 3 and peruse the log files.

    Most messages are reasonably self-explanatory. Unfortunately, + at the time this man page was created, there are too many diagnostics + available in the source code to warrant describing each and every + diagnostic. At this stage your best bet is still to grep the + source code and inspect the conditions that gave rise to the + diagnostics you are seeing.

    SIGNALS

    Sending the smbd a SIGHUP will cause it to + re-load its smb.conf configuration + file within a short period of time.

    To shut down a users smbd process it is recommended + that SIGKILL (-9) NOT + be used, except as a last resort, as this may leave the shared + memory area in an inconsistent state. The safe way to terminate + an smbd is to send it a SIGTERM (-15) signal and wait for + it to die on its own.

    The debug log level of smbd may be raised by sending + it a SIGUSR1 (kill -USR1 <smbd-pid>) + and lowered by sending it a SIGUSR2 (kill -USR2 <smbd-pid> + ). This is to allow transient problems to be diagnosed, + whilst still running at a normally low log level.

    Note that as the signal handlers send a debug write, + they are not re-entrant in smbd. This you should wait until + smbd is in a state of waiting for an incoming smb before + issuing them. It is possible to make the signal handlers safe + by un-blocking the signals before the select call and re-blocking + them after, however this would affect performance.

    SEE ALSO

    hosts_access(5), inetd(8), + nmbd(8), + smb.conf(5) + , smbclient(1) + , testparm(1), testprns(1), and the Internet RFC's + rfc1001.txt, rfc1002.txt. + In addition the CIFS (formerly SMB) specification is available + as a link from the Web page + http://samba.org/cifs/.

    AUTHOR

    The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.

    The original Samba man pages were written by Karl Auer. + The man page sources were converted to YODL format (another + excellent piece of Open Source software, available at + ftp://ftp.icce.rug.nl/pub/unix/) and updated for the Samba 2.0 + release by Jeremy Allison. The conversion to DocBook for + Samba 2.2 was done by Gerald Carter

    \ No newline at end of file diff --git a/docs/manpages/nmbd.8 b/docs/manpages/nmbd.8 index 55930f6629..fa5e406683 100644 --- a/docs/manpages/nmbd.8 +++ b/docs/manpages/nmbd.8 @@ -1,220 +1,243 @@ -.TH "nmbd" "8" "23 Oct 1998" "Samba" "SAMBA" -.PP -.SH "NAME" -nmbd \- NetBIOS name server to provide NetBIOS over IP -naming services to clients -.PP -.SH "SYNOPSIS" -.PP -\fBnmbd\fP [-D] [-a] [-o] [-h] [-V] [-H lmhosts file] [-d debuglevel] [-l log file basename] [-n primary NetBIOS name] [-p port number] [-s configuration file] -.PP -.SH "DESCRIPTION" -.PP -This program is part of the \fBSamba\fP suite\&. -.PP -\fBnmbd\fP is a server that understands and can reply to NetBIOS over IP -name service requests, like those produced by SMBD/CIFS clients such -as Windows 95/98, Windows NT and LanManager clients\&. It also -participates in the browsing protocols which make up the Windows -"Network Neighborhood" view\&. -.PP -SMB/CIFS clients, when they start up, may wish to locate an SMB/CIFS -server\&. That is, they wish to know what IP number a specified host is -using\&. -.PP -Amongst other services, \fBnmbd\fP will listen for such requests, -and if its own NetBIOS name is specified it will respond with the IP -number of the host it is running on\&. Its "own NetBIOS name" is by -default the primary DNS name of the host it is running on, but this -can be overridden with the \fB-n\fP option (see OPTIONS below)\&. Thus -\fBnmbd\fP will reply to broadcast queries for its own name(s)\&. Additional -names for \fBnmbd\fP to respond on can be set via parameters in the -\fBsmb\&.conf(5)\fP configuration file\&. -.PP -\fBnmbd\fP can also be used as a WINS (Windows Internet Name Server) -server\&. What this basically means is that it will act as a WINS -database server, creating a database from name registration requests -that it receives and replying to queries from clients for these names\&. -.PP -In addition, \fBnmbd\fP can act as a WINS proxy, relaying broadcast queries -from clients that do not understand how to talk the WINS protocol to a -WIN server\&. -.PP -.SH "OPTIONS" -.PP -.IP -.IP "\fB-D\fP" -If specified, this parameter causes \fBnmbd\fP to operate -as a daemon\&. That is, it detaches itself and runs in the background, -fielding requests on the appropriate port\&. By default, \fBnmbd\fP will -NOT operate as a daemon\&. nmbd can also be operated from the inetd -meta-daemon, although this is not recommended\&. -.IP -.IP "\fB-a\fP" -If this parameter is specified, each new connection will -append log messages to the log file\&. This is the default\&. -.IP -.IP "\fB-o\fP" -If this parameter is specified, the log files will be -overwritten when opened\&. By default, the log files will be appended -to\&. -.IP -.IP "\fB-h\fP" -Prints the help information (usage) for \fBnmbd\fP\&. -.IP -.IP "\fB-V\fP" -Prints the version number for \fBnmbd\fP\&. -.IP -.IP "\fB-H filename\fP" -NetBIOS lmhosts file\&. -.IP -The lmhosts file is a list of NetBIOS names to IP addresses that is -loaded by the nmbd server and used via the name resolution mechanism -\fBname resolve order\fP described in -\fBsmb\&.conf (5)\fP to resolve any -NetBIOS name queries needed by the server\&. Note that the contents of -this file are \fINOT\fP used by \fBnmbd\fP to answer any name queries\&. Adding -a line to this file affects name NetBIOS resolution from this host -\fIONLY\fP\&. -.IP -The default path to this file is compiled into Samba as part of the -build process\&. Common defaults are \fI/usr/local/samba/lib/lmhosts\fP, -\fI/usr/samba/lib/lmhosts\fP or \fI/etc/lmhosts\fP\&. See the -\fBlmhosts (5)\fP man page for details on the contents of this file\&. -.IP -.IP "\fB-d debuglevel\fP" -debuglevel is an integer from 0 to 10\&. -.IP -The default value if this parameter is not specified is zero\&. -.IP -The higher this value, the more detail will be logged to the log files -about the activities of the server\&. At level 0, only critical errors -and serious warnings will be logged\&. Level 1 is a reasonable level for -day to day running - it generates a small amount of information about -operations carried out\&. -.IP -Levels above 1 will generate considerable amounts of log data, and -should only be used when investigating a problem\&. Levels above 3 are -designed for use only by developers and generate HUGE amounts of log -data, most of which is extremely cryptic\&. -.IP -Note that specifying this parameter here will override the \fBlog -level\fP parameter in the \fBsmb\&.conf -(5)\fP file\&. -.IP -.IP "\fB-l logfile\fP" -The \fB-l\fP parameter specifies a path and base -filename into which operational data from the running nmbd server will -be logged\&. The actual log file name is generated by appending the -extension "\&.nmb" to the specified base name\&. For example, if the name -specified was "log" then the file log\&.nmb would contain the debugging -data\&. -.IP -The default log file path is compiled into Samba as part of the -build process\&. Common defaults are \fI/usr/local/samba/var/log\&.nmb\fP, -\fI/usr/samba/var/log\&.nmb\fP or \fI/var/log/log\&.nmb\fP\&. -.IP -.IP "\fB-n primary NetBIOS name\fP" +.\" This manpage has been automatically generated by docbook2man-spec +.\" from a DocBook document. docbook2man-spec can be found at: +.\" +.\" Please send any bug reports, improvements, comments, patches, +.\" etc. to Steve Cheng . +.TH "NMBD" "8" "19 February 2001" "" "" +.SH NAME +nmbd \- NetBIOS name server to provide NetBIOS over IP naming services to clients +.SH SYNOPSIS +.sp +\fBsmbd\fR [ \fB-D\fR ] [ \fB-a\fR ] [ \fB-o\fR ] [ \fB-P\fR ] [ \fB-h\fR ] [ \fB-V\fR ] [ \fB-d \fR ] [ \fB-H \fR ] [ \fB-l \fR ] [ \fB-n \fR ] [ \fB-p \fR ] [ \fB-s \fR ] +.SH "DESCRIPTION" +.PP +This program is part of the Samba suite. +.PP +\fBnmbd\fR is a server that understands +and can reply to NetBIOS over IP name service requests, like +those produced by SMBD/CIFS clients such as Windows 95/98/ME, +Windows NT, Windows 2000, and LanManager clients. It also +participates in the browsing protocols which make up the +Windows |[[quot ]]|Network Neighborhood|[[quot ]]| view. +.PP +SMB/CIFS clients, when they start up, may wish to +locate an SMB/CIFS server. That is, they wish to know what +IP number a specified host is using. +.PP +Amongst other services, \fBnmbd\fR will +listen for such requests, and if its own NetBIOS name is +specified it will respond with the IP number of the host it +is running on. Its |[[quot ]]|own NetBIOS name|[[quot ]]| is by +default the primary DNS name of the host it is running on, +but this can be overridden with the \fB-n\fR +option (see OPTIONS below). Thus \fBnmbd\fR will +reply to broadcast queries for its own name(s). Additional +names for \fBnmbd\fR to respond on can be set +via parameters in the \fI smb.conf(5)\fR configuration file. +.PP +\fBnmbd\fR can also be used as a WINS +(Windows Internet Name Server) server. What this basically means +is that it will act as a WINS database server, creating a +database from name registration requests that it receives and +replying to queries from clients for these names. +.PP +In addition, \fBnmbd\fR can act as a WINS +proxy, relaying broadcast queries from clients that do +not understand how to talk the WINS protocol to a WIN +server. +.SH "OPTIONS" +.TP +\fB-D\fR +If specified, this parameter causes +\fBnmbd\fR to operate as a daemon. That is, +it detaches itself and runs in the background, fielding +requests on the appropriate port. By default, \fBnmbd\fR +will operate as a daemon if launched from a command shell. +nmbd can also be operated from the \fBinetd\fR +meta-daemon, although this is not recommended. +.TP +\fB-a\fR +If this parameter is specified, each new +connection will append log messages to the log file. +This is the default. +.TP +\fB-o\fR +If this parameter is specified, the +log files will be overwritten when opened. By default, +\fBsmbd\fR will append entries to the log +files. +.TP +\fB-h\fR +Prints the help information (usage) +for \fBnmbd\fR. +.TP +\fB-H \fR +NetBIOS lmhosts file. The lmhosts +file is a list of NetBIOS names to IP addresses that +is loaded by the nmbd server and used via the name +resolution mechanism name resolve order described in \fIsmb.conf(5)\fR +to resolve any NetBIOS name queries needed by the server. Note +that the contents of this file are \fBNOT\fR +used by \fBnmbd\fR to answer any name queries. +Adding a line to this file affects name NetBIOS resolution +from this host \fBONLY\fR. + +The default path to this file is compiled into +Samba as part of the build process. Common defaults +are \fI/usr/local/samba/lib/lmhosts\fR, +\fI/usr/samba/lib/lmhosts\fR or +\fI/etc/lmhosts\fR. See the \fIlmhosts(5)\fR man page for details on the +contents of this file. +.TP +\fB-V\fR +Prints the version number for +\fBnmbd\fR. +.TP +\fB-d \fR +debuglevel is an integer +from 0 to 10. The default value if this parameter is +not specified is zero. + +The higher this value, the more detail will +be logged to the log files about the activities of the +server. At level 0, only critical errors and serious +warnings will be logged. Level 1 is a reasonable level for +day to day running - it generates a small amount of +information about operations carried out. + +Levels above 1 will generate considerable amounts +of log data, and should only be used when investigating +a problem. Levels above 3 are designed for use only by developers +and generate HUGE amounts of log data, most of which is extremely +cryptic. + +Note that specifying this parameter here will override +the log level +parameter in the \fI smb.conf\fR file. +.TP +\fB-l \fR +The -l parameter specifies a path +and base filename into which operational data from +the running \fBnmbd\fR server will +be logged. The actual log file name is generated by +appending the extension |[[quot ]]|.nmb|[[quot ]]| to the specified base +name. For example, if the name specified was |[[quot ]]|log|[[quot ]]| +then the file log.nmb would contain the debugging data. + +The default log file path is compiled into Samba as +part of the build process. Common defaults are \fI /usr/local/samba/var/log.nmb\fR, \fI /usr/samba/var/log.nmb\fR or +\fI/var/log/log.nmb\fR. +.TP +\fB-n \fR This option allows you to override -the NetBIOS name that Samba uses for itself\&. This is identical to -setting the \fBNetBIOS name\fP parameter -in the \fBsmb\&.conf\fP file -but will override the setting in the \fBsmb\&.conf\fP file\&. -.IP -.IP "\fB-p UDP port number\fP" -UDP port number is a positive integer value\&. -.IP -This option changes the default UDP port number (normally 137) that -\fBnmbd\fP responds to name queries on\&. Don\'t use this option unless you are -an expert, in which case you won\'t need help! -.IP -.IP "\fB-s configuration file\fP" -The default configuration file name is -set at build time, typically as \fI/usr/local/samba/lib/smb\&.conf\fP, but -this may be changed when Samba is autoconfigured\&. -.IP -The file specified contains the configuration details required by the -server\&. See \fBsmb\&.conf (5)\fP for more information\&. -.IP -.PP -.SH "FILES" -.PP -\fB/etc/inetd\&.conf\fP -.PP -If the server is to be run by the inetd meta-daemon, this file must -contain suitable startup information for the meta-daemon\&. -.PP -\fB/etc/rc\fP -.PP -(or whatever initialization script your system uses)\&. -.PP -If running the server as a daemon at startup, this file will need to -contain an appropriate startup sequence for the server\&. -.PP -\fB/usr/local/samba/lib/smb\&.conf\fP -.PP +the NetBIOS name that Samba uses for itself. This is identical +to setting the NetBIOS name parameter in the +\fIsmb.conf\fR file. However, a command +line setting will take precedence over settings in +\fIsmb.conf\fR. +.TP +\fB-p \fR +UDP port number is a positive integer value. +This option changes the default UDP port number (normally 137) +that \fBnmbd\fR responds to name queries on. Don't +use this option unless you are an expert, in which case you +won't need help! +.TP +\fB-s \fR +The default configuration file name +is set at build time, typically as \fI /usr/local/samba/lib/smb.conf\fR, but +this may be changed when Samba is autoconfigured. + +The file specified contains the configuration details +required by the server. See +\fIsmb.conf(5)\fR for more information. +.SH "FILES" +.TP +\fB\fI/etc/inetd.conf\fB\fR +If the server is to be run by the +\fBinetd\fR meta-daemon, this file +must contain suitable startup information for the +meta-daemon. See the section INSTALLATION below. +.TP +\fB\fI/etc/rc\fB\fR +or whatever initialization script your +system uses). + +If running the server as a daemon at startup, +this file will need to contain an appropriate startup +sequence for the server. See the section INSTALLATION +below. +.TP +\fB\fI/etc/services\fB\fR +If running the server via the +meta-daemon \fBinetd\fR, this file +must contain a mapping of service name (e.g., netbios-ssn) +to service port (e.g., 139) and protocol type (e.g., tcp). +See the section INSTALLATION below. +.TP +\fB\fI/usr/local/samba/lib/smb.conf\fB\fR This is the default location of the -\fBsmb\&.conf\fP server configuration -file\&. Other common places that systems install this file are -\fI/usr/samba/lib/smb\&.conf\fP and \fI/etc/smb\&.conf\fP\&. -.PP -When run as a \fBWINS\fP server (see the \fBwins support\fP -parameter in the \fBsmb\&.conf (5)\fP man page), \fBnmbd\fP will -store the WINS database in the file \f(CWwins\&.dat\fP in the \f(CWvar/locks\fP directory -configured under wherever Samba was configured to install itself\&. -.PP -If \fBnmbd\fP is acting as a \fBbrowse master\fP (see the \fBlocal master\fP -parameter in the \fBsmb\&.conf (5)\fP man page), \fBnmbd\fP will -store the browsing database in the file \f(CWbrowse\&.dat\fP in the \f(CWvar/locks\fP directory -configured under wherever Samba was configured to install itself\&. -.PP -.SH "SIGNALS" -.PP -To shut down an \fBnmbd\fP process it is recommended that SIGKILL (-9) -\fINOT\fP be used, except as a last resort, as this may leave the name -database in an inconsistent state\&. The correct way to terminate -\fBnmbd\fP is to send it a SIGTERM (-15) signal and wait for it to die on -its own\&. -.PP -\fBnmbd\fP will accept SIGHUP, which will cause it to dump out it\'s -namelists into the file \f(CWnamelist\&.debug\fP in the -\fI/usr/local/samba/var/locks\fP directory (or the \fIvar/locks\fP -directory configured under wherever Samba was configured to install -itself)\&. This will also cause \fBnmbd\fP to dump out it\'s server database in -the log\&.nmb file\&. In addition, the debug log level of nmbd may be raised -by sending it a SIGUSR1 (\f(CWkill -USR1 \fP) and lowered by sending it a -SIGUSR2 (\f(CWkill -USR2 \fP)\&. This is to allow transient -problems to be diagnosed, whilst still running at a normally low log -level\&. -.PP -.SH "VERSION" -.PP -This man page is correct for version 2\&.0 of the Samba suite\&. -.PP -.SH "SEE ALSO" -.PP -\fBinetd (8)\fP, \fBsmbd (8)\fP, \fBsmb\&.conf -(5)\fP, \fBsmbclient (1)\fP, -\fBtestparm (1)\fP, \fBtestprns -(1)\fP, and the Internet RFC\'s \fBrfc1001\&.txt\fP, -\fBrfc1002\&.txt\fP\&. In addition the CIFS (formerly SMB) specification is -available as a link from the Web page : -http://samba\&.org/cifs/\&. -.PP -.SH "AUTHOR" -.PP -The original Samba software and related utilities were created by -Andrew Tridgell samba@samba\&.org\&. Samba is now developed -by the Samba Team as an Open Source project similar to the way the -Linux kernel is developed\&. -.PP -The original Samba man pages were written by Karl Auer\&. The man page -sources were converted to YODL format (another excellent piece of Open -Source software, available at -\fBftp://ftp\&.icce\&.rug\&.nl/pub/unix/\fP) -and updated for the Samba2\&.0 release by Jeremy Allison\&. -samba@samba\&.org\&. -.PP -See \fBsamba (7)\fP to find out how to get a full -list of contributors and details on how to submit bug reports, -comments etc\&. +\fIsmb.conf\fR +server configuration file. Other common places that systems +install this file are \fI/usr/samba/lib/smb.conf\fR +and \fI/etc/smb.conf\fR. + +When run as a WINS server (see the +wins support +parameter in the \fI smb.conf(5)\fR man page), \fBnmbd\fR +will store the WINS database in the file \fIwins.dat\fR +in the \fIvar/locks\fR directory configured under +wherever Samba was configured to install itself. + +If \fBnmbd\fR is acting as a \fB browse master\fR (see the local master +parameter in the \fI smb.conf(5)\fR man page), \fBnmbd\fR +will store the browsing database in the file \fIbrowse.dat +\fRin the \fIvar/locks\fR directory +configured under wherever Samba was configured to install itself. +.SH "SIGNALS" +.PP +To shut down an \fBnmbd\fR process it is recommended +that SIGKILL (-9) \fBNOT\fR be used, except as a last +resort, as this may leave the name database in an inconsistent state. +The correct way to terminate \fBnmbd\fR is to send it +a SIGTERM (-15) signal and wait for it to die on its own. +.PP +\fBnmbd\fR will accept SIGHUP, which will cause +it to dump out it's namelists into the file \fInamelist.debug +\fRin the \fI/usr/local/samba/var/locks\fR +directory (or the \fIvar/locks\fR directory configured +under wherever Samba was configured to install itself). This will also +cause \fBnmbd\fR to dump out it's server database in +the \fIlog.nmb\fR file. In addition, the debug log level +of nmbd may be raised by sending it a SIGUSR1 (\fBkill -USR1 +\fR) and lowered by sending it a +SIGUSR2 (\fBkill -USR2 \fR). This is to +allow transient problems to be diagnosed, whilst still running at a +normally low log level. +.SH "VERSION" +.PP +This man page is correct for version 2.2 of +the Samba suite. +.SH "SEE ALSO" +.PP +\fBinetd(8)\fR, \fBsmbd(8)\fR , +\fIsmb.conf(5)\fR + , \fBsmbclient(1) +\fR , \fB testparm(1)\fR , \fBtestprns(1)\fR , and the Internet RFC's +\fIrfc1001.txt\fR, \fIrfc1002.txt\fR. +In addition the CIFS (formerly SMB) specification is available +as a link from the Web page +http://samba.org/cifs/ . +.SH "AUTHOR" +.PP +The original Samba software and related utilities +were created by Andrew Tridgell. Samba is now developed +by the Samba Team as an Open Source project similar +to the way the Linux kernel is developed. +.PP +The original Samba man pages were written by Karl Auer. +The man page sources were converted to YODL format (another +excellent piece of Open Source software, available at +ftp://ftp.icce.rug.nl/pub/unix/ ) and updated for the Samba 2.0 +release by Jeremy Allison. The conversion to DocBook for +Samba 2.2 was done by Gerald Carter diff --git a/docs/manpages/smbd.8 b/docs/manpages/smbd.8 index 5ee6cd5308..ea09dee84f 100644 --- a/docs/manpages/smbd.8 +++ b/docs/manpages/smbd.8 @@ -1,430 +1,462 @@ -.TH "smbd " "8" "23 Oct 1998" "Samba" "SAMBA" -.PP -.SH "NAME" +.\" This manpage has been automatically generated by docbook2man-spec +.\" from a DocBook document. docbook2man-spec can be found at: +.\" +.\" Please send any bug reports, improvements, comments, patches, +.\" etc. to Steve Cheng . +.TH "SMBD" "8" "19 February 2001" "" "" +.SH NAME smbd \- server to provide SMB/CIFS services to clients -.PP -.SH "SYNOPSIS" -.PP -\fBsmbd\fP [-D] [-a] [-o] [-P] [-h] [-V] [-d debuglevel] [-l log file] [-p port number] [-O socket options] [-s configuration file] -.PP -.SH "DESCRIPTION" -.PP -This program is part of the \fBSamba\fP suite\&. -.PP -\fBsmbd\fP is the server daemon that provides filesharing and printing -services to -Windows clients\&. The server provides filespace and printer services to -clients using the SMB (or CIFS) protocol\&. This is compatible with the -LanManager protocol, and can service LanManager clients\&. These -include MSCLIENT 3\&.0 for DOS, Windows for Workgroups, Windows 95, -Windows NT, OS/2, DAVE for Macintosh, and smbfs for Linux\&. -.PP -An extensive description of the services that the server can provide -is given in the man page for the configuration file controlling the -attributes of those services (see -\fBsmb\&.conf (5)\fP\&. This man page -will not describe the services, but will concentrate on the -administrative aspects of running the server\&. -.PP -Please note that there are significant security implications to -running this server, and the -\fBsmb\&.conf (5)\fP manpage should be -regarded as mandatory reading before proceeding with installation\&. -.PP -A session is created whenever a client requests one\&. Each client gets -a copy of the server for each session\&. This copy then services all -connections made by the client during that session\&. When all -connections from its client are closed, the copy of the server for -that client terminates\&. -.PP -The configuration file, and any files that it includes, are -automatically reloaded every minute, if they change\&. You can force a -reload by sending a SIGHUP to the server\&. Reloading the configuration -file will not affect connections to any service that is already -established\&. Either the user will have to disconnect from the -service, or smbd killed and restarted\&. -.PP -.SH "OPTIONS" -.PP -.IP -.IP "\fB-D\fP" -If specified, this parameter causes the server to operate as a -daemon\&. That is, it detaches itself and runs in the background, -fielding requests on the appropriate port\&. Operating the server as a -daemon is the recommended way of running smbd for servers that provide -more than casual use file and print services\&. -.IP -By default, the server will NOT operate as a daemon\&. -.IP -.IP "\fB-a\fP" -If this parameter is specified, each new connection will -append log messages to the log file\&. This is the default\&. -.IP -.IP "\fB-o\fP" -If this parameter is specified, the log files will be -overwritten when opened\&. By default, the log files will be appended -to\&. -.IP -.IP "\fB-P\fP" -Passive option\&. Causes smbd not to send any network traffic -out\&. Used for debugging by the developers only\&. -.IP -.IP "\fB-h\fP" -Prints the help information (usage) for \fBsmbd\fP\&. -.IP -.IP "\fB-V\fP" -Prints the version number for \fBsmbd\fP\&. -.IP -.IP "\fB-d debuglevel\fP" -debuglevel is an integer from 0 to 10\&. -.IP -The default value if this parameter is not specified is zero\&. -.IP -The higher this value, the more detail will be logged to the log files -about the activities of the server\&. At level 0, only critical errors -and serious warnings will be logged\&. Level 1 is a reasonable level for -day to day running - it generates a small amount of information about -operations carried out\&. -.IP -Levels above 1 will generate considerable amounts of log data, and -should only be used when investigating a problem\&. Levels above 3 are -designed for use only by developers and generate HUGE amounts of log -data, most of which is extremely cryptic\&. -.IP -Note that specifying this parameter here will override the \fBlog -level\fP parameter in the \fBsmb\&.conf -(5)\fP file\&. -.IP -.IP "\fB-l log file\fP" -If specified, \fIlog file\fP specifies -a log filename into which informational and debug messages from the -running server will be logged\&. The log file generated is never removed -by the server although its size may be controlled by the \fBmax -log size\fP option in the \fBsmb\&.conf -(5)\fP file\&. The default log file name is specified -at compile time\&. -.IP -.IP "\fB-O socket options\fP" -See the \fBsocket -options\fP parameter in the -\fBsmb\&.conf (5)\fP file for details\&. -.IP -.IP "\fB-p port number\fP" -port number is a positive integer value\&. The -default value if this parameter is not specified is 139\&. -.IP -This number is the port number that will be used when making -connections to the server from client software\&. The standard -(well-known) port number for the SMB over TCP is 139, hence the -default\&. If you wish to run the server as an ordinary user rather than -as root, most systems will require you to use a port number greater -than 1024 - ask your system administrator for help if you are in this -situation\&. -.IP -In order for the server to be useful by most clients, should you -configure it on a port other than 139, you will require port -redirection services on port 139, details of which are outlined in -rfc1002\&.txt section 4\&.3\&.5\&. -.IP -This parameter is not normally specified except in the above -situation\&. -.IP -.IP "\fB-s configuration file\fP" -The file specified contains the configuration details required by the -server\&. The information in this file includes server-specific -information such as what printcap file to use, as well as descriptions -of all the services that the server is to provide\&. See \fBsmb\&.conf -(5)\fP for more information\&. -The default configuration file name is determined at compile time\&. -.IP -.PP -.SH "FILES" -.PP -\fB/etc/inetd\&.conf\fP -.PP -If the server is to be run by the inetd meta-daemon, this file must -contain suitable startup information for the meta-daemon\&. See the -section INSTALLATION below\&. -.PP -\fB/etc/rc\fP -.PP -(or whatever initialization script your system uses)\&. -.PP -If running the server as a daemon at startup, this file will need to -contain an appropriate startup sequence for the server\&. See the -section INSTALLATION below\&. -.PP -\fB/etc/services\fP -.PP -If running the server via the meta-daemon inetd, this file must -contain a mapping of service name (e\&.g\&., netbios-ssn) to service port -(e\&.g\&., 139) and protocol type (e\&.g\&., tcp)\&. See the section -INSTALLATION below\&. -.PP -\fB/usr/local/samba/lib/smb\&.conf\fP -.PP -This is the default location of the \fIsmb\&.conf\fP server configuration -file\&. Other common places that systems install this file are -\fI/usr/samba/lib/smb\&.conf\fP and \fI/etc/smb\&.conf\fP\&. -.PP -This file describes all the services the server is to make available -to clients\&. See \fBsmb\&.conf (5)\fP for more information\&. -.PP -.SH "LIMITATIONS" -.PP -On some systems \fBsmbd\fP cannot change uid back to root after a -setuid() call\&. Such systems are called "trapdoor" uid systems\&. If you -have such a system, you will be unable to connect from a client (such -as a PC) as two different users at once\&. Attempts to connect the -second user will result in "access denied" or similar\&. -.PP -.SH "ENVIRONMENT VARIABLES" -.PP -\fBPRINTER\fP -.PP -If no printer name is specified to printable services, most systems -will use the value of this variable (or "lp" if this variable is not -defined) as the name of the printer to use\&. This is not specific to -the server, however\&. -.PP -.SH "INSTALLATION" -.PP -The location of the server and its support files is a matter for -individual system administrators\&. The following are thus suggestions -only\&. -.PP -It is recommended that the server software be installed under the -/usr/local/samba hierarchy, in a directory readable by all, writeable -only by root\&. The server program itself should be executable by all, -as users may wish to run the server themselves (in which case it will -of course run with their privileges)\&. The server should NOT be -setuid\&. On some systems it may be worthwhile to make smbd setgid to an -empty group\&. This is because some systems may have a security hole -where daemon processes that become a user can be attached to with a -debugger\&. Making the smbd file setgid to an empty group may prevent -this hole from being exploited\&. This security hole and the suggested -fix has only been confirmed on old versions (pre-kernel 2\&.0) of Linux -at the time this was written\&. It is possible that this hole only -exists in Linux, as testing on other systems has thus far shown them -to be immune\&. -.PP -The server log files should be put in a directory readable and -writeable only by root, as the log files may contain sensitive -information\&. -.PP -The configuration file should be placed in a directory readable and -writeable only by root, as the configuration file controls security for -the services offered by the server\&. The configuration file can be made -readable by all if desired, but this is not necessary for correct -operation of the server and is not recommended\&. A sample configuration -file "smb\&.conf\&.sample" is supplied with the source to the server - -this may be renamed to "smb\&.conf" and modified to suit your needs\&. -.PP -The remaining notes will assume the following: -.PP -.IP -.IP o -\fBsmbd\fP (the server program) installed in /usr/local/samba/bin -.IP -.IP o -\fBsmb\&.conf\fP (the configuration file) installed in /usr/local/samba/lib -.IP -.IP o -log files stored in /var/adm/smblogs -.IP -.PP -The server may be run either as a daemon by users or at startup, or it -may be run from a meta-daemon such as inetd upon request\&. If run as a -daemon, the server will always be ready, so starting sessions will be -faster\&. If run from a meta-daemon some memory will be saved and -utilities such as the tcpd TCP-wrapper may be used for extra security\&. -For serious use as file server it is recommended that \fBsmbd\fP be run -as a daemon\&. -.PP -When you\'ve decided, continue with either -RUNNING THE SERVER AS A DAEMON or -RUNNING THE SERVER ON REQUEST\&. -.PP -.SH "RUNNING THE SERVER AS A DAEMON" -.PP -To run the server as a daemon from the command line, simply put the -\fB-D\fP option on the command line\&. There is no need to place an -ampersand at the end of the command line - the \fB-D\fP option causes -the server to detach itself from the tty anyway\&. -.PP -Any user can run the server as a daemon (execute permissions -permitting, of course)\&. This is useful for testing purposes, and may -even be useful as a temporary substitute for something like ftp\&. When -run this way, however, the server will only have the privileges of the -user who ran it\&. -.PP -To ensure that the server is run as a daemon whenever the machine is -started, and to ensure that it runs as root so that it can serve -multiple clients, you will need to modify the system startup -files\&. Wherever appropriate (for example, in /etc/rc), insert the -following line, substituting port number, log file location, -configuration file location and debug level as desired: -.PP -\f(CW/usr/local/samba/bin/smbd -D -l /var/adm/smblogs/log -s /usr/local/samba/lib/smb\&.conf\fP -.PP -(The above should appear in your initialization script as a single line\&. -Depending on your terminal characteristics, it may not appear that way in -this man page\&. If the above appears as more than one line, please treat any -newlines or indentation as a single space or TAB character\&.) -.PP -If the options used at compile time are appropriate for your system, -all parameters except \fB-D\fP may be -omitted\&. See the section OPTIONS above\&. -.PP -.SH "RUNNING THE SERVER ON REQUEST" -.PP -If your system uses a meta-daemon such as \fBinetd\fP, you can arrange to -have the smbd server started whenever a process attempts to connect to -it\&. This requires several changes to the startup files on the host -machine\&. If you are experimenting as an ordinary user rather than as -root, you will need the assistance of your system administrator to -modify the system files\&. -.PP -You will probably want to set up the NetBIOS name server \fBnmbd\fP at -the same time as \fBsmbd\fP\&. To do this refer to the man page for -\fBnmbd (8)\fP\&. -.PP -First, ensure that a port is configured in the file \f(CW/etc/services\fP\&. The -well-known port 139 should be used if possible, though any port may be -used\&. -.PP -Ensure that a line similar to the following is in \f(CW/etc/services\fP: -.PP -\f(CWnetbios-ssn 139/tcp\fP -.PP -Note for NIS/YP users - you may need to rebuild the NIS service maps -rather than alter your local \f(CW/etc/services file\fP\&. -.PP -Next, put a suitable line in the file \f(CW/etc/inetd\&.conf\fP (in the unlikely -event that you are using a meta-daemon other than inetd, you are on -your own)\&. Note that the first item in this line matches the service -name in \f(CW/etc/services\fP\&. Substitute appropriate values for your system -in this line (see \fBinetd (8)\fP): -.PP -\f(CWnetbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd -d1 -l/var/adm/smblogs/log -s/usr/local/samba/lib/smb\&.conf\fP -.PP -(The above should appear in \f(CW/etc/inetd\&.conf\fP as a single -line\&. Depending on your terminal characteristics, it may not appear -that way in this man page\&. If the above appears as more than one -line, please treat any newlines or indentation as a single space or -TAB character\&.) -.PP -Note that there is no need to specify a port number here, even if you -are using a non-standard port number\&. -.PP -Lastly, edit the configuration file to provide suitable services\&. To -start with, the following two services should be all you need: -.PP +.SH SYNOPSIS +.sp +\fBsmbd\fR [ \fB-D\fR ] [ \fB-a\fR ] [ \fB-o\fR ] [ \fB-P\fR ] [ \fB-h\fR ] [ \fB-V\fR ] [ \fB-d \fR ] [ \fB-l \fR ] [ \fB-p \fR ] [ \fB-O \fR ] [ \fB-s \fR ] +.SH "DESCRIPTION" +.PP +This program is part of the Samba suite. +.PP +\fBsmbd\fR is the server daemon that +provides filesharing and printing services to Windows clients. +The server provides filespace and printer services to +clients using the SMB (or CIFS) protocol. This is compatible +with the LanManager protocol, and can service LanManager +clients. These include MSCLIENT 3.0 for DOS, Windows for +Workgroups, Windows 95/98/ME, Windows NT, Windows 2000, +OS/2, DAVE for Macintosh, and smbfs for Linux. +.PP +An extensive description of the services that the +server can provide is given in the man page for the +configuration file controlling the attributes of those +services (see \fIsmb.conf(5) +\fR . This man page will not describe the +services, but will concentrate on the administrative aspects +of running the server. +.PP +Please note that there are significant security +implications to running this server, and the \fIsmb.conf(5)\fR +manpage should be regarded as mandatory reading before +proceeding with installation. +.PP +A session is created whenever a client requests one. +Each client gets a copy of the server for each session. This +copy then services all connections made by the client during +that session. When all connections from its client are closed, +the copy of the server for that client terminates. +.PP +The configuration file, and any files that it includes, +are automatically reloaded every minute, if they change. You +can force a reload by sending a SIGHUP to the server. Reloading +the configuration file will not affect connections to any service +that is already established. Either the user will have to +disconnect from the service, or smbd killed and restarted. +.SH "OPTIONS" +.TP +\fB-D\fR +If specified, this parameter causes +the server to operate as a daemon. That is, it detaches +itself and runs in the background, fielding requests +on the appropriate port. Operating the server as a +daemon is the recommended way of running smbd for +servers that provide more than casual use file and +print services. This switch is assumed is \fBsmbd +\fRis executed on the command line of a shell. +.TP +\fB-a\fR +If this parameter is specified, each new +connection will append log messages to the log file. +This is the default. +.TP +\fB-o\fR +If this parameter is specified, the +log files will be overwritten when opened. By default, +\fBsmbd\fR will append entries to the log +files. +.TP +\fB-P\fR +Passive option. Causes smbd not to +send any network traffic out. Used for debugging by +the developers only. +.TP +\fB-h\fR +Prints the help information (usage) +for \fBsmbd\fR. +.TP +\fB-v\fR +Prints the version number for +\fBsmbd\fR. +.TP +\fB-d \fR +debuglevel is an integer +from 0 to 10. The default value if this parameter is +not specified is zero. + +The higher this value, the more detail will be +logged to the log files about the activities of the +server. At level 0, only critical errors and serious +warnings will be logged. Level 1 is a reasonable level for +day to day running - it generates a small amount of +information about operations carried out. -.nf - +Levels above 1 will generate considerable +amounts of log data, and should only be used when +investigating a problem. Levels above 3 are designed for +use only by developers and generate HUGE amounts of log +data, most of which is extremely cryptic. +Note that specifying this parameter here will +override the log +level parameter in the \fIsmb.conf(5)\fR file. +.TP +\fB-l \fR +If specified, \fBlog file\fR +specifies a log filename into which informational and debug +messages from the running server will be logged. The log +file generated is never removed by the server although +its size may be controlled by the max log size +option in the \fI smb.conf(5)\fR file. The default log +file name is specified at compile time. +.TP +\fB-O \fR +See the socket options +parameter in the \fIsmb.conf(5) +\fR file for details. +.TP +\fB-p \fR +port number is a positive integer +value. The default value if this parameter is not +specified is 139. -[homes] - writeable = yes +This number is the port number that will be +used when making connections to the server from client +software. The standard (well-known) port number for the +SMB over TCP is 139, hence the default. If you wish to +run the server as an ordinary user rather than +as root, most systems will require you to use a port +number greater than 1024 - ask your system administrator +for help if you are in this situation. -[printers] - writeable = no - printable = yes - path = /tmp - public = yes +In order for the server to be useful by most +clients, should you configure it on a port other +than 139, you will require port redirection services +on port 139, details of which are outlined in rfc1002.txt +section 4.3.5. +This parameter is not normally specified except +in the above situation. +.TP +\fB-s \fR +The file specified contains the +configuration details required by the server. The +information in this file includes server-specific +information such as what printcap file to use, as well +as descriptions of all the services that the server is +to provide. See \fI smb.conf(5)\fR for more information. +The default configuration file name is determined at +compile time. +.SH "FILES" +.TP +\fB\fI/etc/inetd.conf\fB\fR +If the server is to be run by the +\fBinetd\fR meta-daemon, this file +must contain suitable startup information for the +meta-daemon. See the section INSTALLATION below. +.TP +\fB\fI/etc/rc\fB\fR +or whatever initialization script your +system uses). -.fi - +If running the server as a daemon at startup, +this file will need to contain an appropriate startup +sequence for the server. See the section INSTALLATION +below. +.TP +\fB\fI/etc/services\fB\fR +If running the server via the +meta-daemon \fBinetd\fR, this file +must contain a mapping of service name (e.g., netbios-ssn) +to service port (e.g., 139) and protocol type (e.g., tcp). +See the section INSTALLATION below. +.TP +\fB\fI/usr/local/samba/lib/smb.conf\fB\fR +This is the default location of the +\fIsmb.conf\fR +server configuration file. Other common places that systems +install this file are \fI/usr/samba/lib/smb.conf\fR +and \fI/etc/smb.conf\fR. + +This file describes all the services the server +is to make available to clients. See \fIsmb.conf(5)\fR for more information. +.SH "LIMITATIONS" +.PP +On some systems \fBsmbd\fR cannot change uid back +to root after a setuid() call. Such systems are called +|[[quot ]]|trapdoor|[[quot ]]| uid systems. If you have such a system, +you will be unable to connect from a client (such as a PC) as +two different users at once. Attempts to connect the +second user will result in |[[quot ]]|access denied|[[quot ]]| or +similar. +.SH "ENVIRONMENTVARIABLES" +.TP +\fBPRINTER\fR +If no printer name is specified to +printable services, most systems will use the value of +this variable (or |[[quot ]]|lp|[[quot ]]| if this variable is +not defined) as the name of the printer to use. This +is not specific to the server, however. +.SH "INSTALLATION" +.PP +The location of the server and its support files +is a matter for individual system administrators. The following +are thus suggestions only. +.PP +It is recommended that the server software be installed +under the \fI/usr/local/samba/\fR hierarchy, +in a directory readable by all, writeable only by root. The server +program itself should be executable by all, as users may wish to +run the server themselves (in which case it will of course run +with their privileges). The server should NOT be setuid. On some +systems it may be worthwhile to make smbd setgid to an empty group. +This is because some systems may have a security hole where daemon +processes that become a user can be attached to with a debugger. +Making the smbd file setgid to an empty group may prevent +this hole from being exploited. This security hole and the suggested +fix has only been confirmed on old versions (pre-kernel 2.0) of Linux +at the time this was written. It is possible that this hole only +exists in Linux, as testing on other systems has thus far shown them +to be immune. +.PP +The server log files should be put in a directory readable and +writeable only by root, as the log files may contain sensitive +information. +.PP +The configuration file should be placed in a directory +readable and writeable only by root, as the configuration file +controls security for the services offered by the server. The +configuration file can be made readable by all if desired, but +this is not necessary for correct operation of the server and is +not recommended. A sample configuration file \fIsmb.conf.sample +\fRis supplied with the source to the server - this may +be renamed to \fIsmb.conf\fR and modified to suit +your needs. +.PP +The remaining notes will assume the following: +.TP 0.2i +\(bu +\fBsmbd\fR (the server program) +installed in \fI/usr/local/samba/bin\fR +.TP 0.2i +\(bu +\fIsmb.conf\fR (the configuration +file) installed in \fI/usr/local/samba/lib\fR +.TP 0.2i +\(bu +log files stored in \fI/var/adm/smblogs +\fR.PP +The server may be run either as a daemon by users +or at startup, or it may be run from a meta-daemon such as +\fBinetd\fR upon request. If run as a daemon, +the server will always be ready, so starting sessions will be +faster. If run from a meta-daemon some memory will be saved and +utilities such as the tcpd TCP-wrapper may be used for extra +security. For serious use as file server it is recommended +that \fBsmbd\fR be run as a daemon. +.PP +.PP +When you've decided, continue with either +.PP +.TP 0.2i +\(bu +RUNNING THE SERVER AS A DAEMON or +.TP 0.2i +\(bu +RUNNING THE SERVER ON REQUEST. +.SH "RUNNING THE SERVER AS A DAEMON" +.PP +To run the server as a daemon from the command +line, simply put the \fB-D\fR option on the +command line. There is no need to place an ampersand at +the end of the command line - the \fB-D\fR +option causes the server to detach itself from the tty +anyway. +.PP +Any user can run the server as a daemon (execute +permissions permitting, of course). This is useful for +testing purposes, and may even be useful as a temporary +substitute for something like ftp. When run this way, however, +the server will only have the privileges of the user who ran +it. +.PP +To ensure that the server is run as a daemon whenever +the machine is started, and to ensure that it runs as root +so that it can serve multiple clients, you will need to modify +the system startup files. Wherever appropriate (for example, in +\fI/etc/rc\fR), insert the following line, +substituting port number, log file location, configuration file +location and debug level as desired: +.PP +\fB/usr/local/samba/bin/smbd -D -l /var/adm/smblogs/log +-s /usr/local/samba/lib/smb.conf\fR +.PP +(The above should appear in your initialization script +as a single line. Depending on your terminal characteristics, +it may not appear that way in this man page. If the above appears +as more than one line, please treat any newlines or indentation +as a single space or TAB character.) +.PP +If the options used at compile time are appropriate for +your system, all parameters except \fB-D\fR may +be omitted. See the section OPTIONS above. +.SH "RUNNING THE SERVER ON REQUEST" +.PP +If your system uses a meta-daemon such as \fBinetd +\fR, you can arrange to have the smbd server started +whenever a process attempts to connect to it. This requires several +changes to the startup files on the host machine. If you are +experimenting as an ordinary user rather than as root, you will +need the assistance of your system administrator to modify the +system files. +.PP +You will probably want to set up the NetBIOS name server +\fBnmbd\fR at +the same time as \fBsmbd\fR. To do this refer to the +man page for \fBnmbd(8)\fR + . +.PP +First, ensure that a port is configured in the file +\fI/etc/services\fR. The well-known port 139 +should be used if possible, though any port may be used. +.PP +Ensure that a line similar to the following is in +\fI/etc/services\fR: +.PP +\fBnetbios-ssn 139/tcp\fR +.PP +Note for NIS/YP users - you may need to rebuild the +NIS service maps rather than alter your local \fI/etc/services +\fRfile. +.PP +Next, put a suitable line in the file \fI/etc/inetd.conf +\fR(in the unlikely event that you are using a meta-daemon +other than inetd, you are on your own). Note that the first item +in this line matches the service name in \fI/etc/services +\fR\&. Substitute appropriate values for your system +in this line (see \fBinetd(8)\fR): +.PP +\fBnetbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd +-d1 -l/var/adm/smblogs/log -s/usr/local/samba/lib/smb.conf\fR +.PP +(The above should appear in \fI/etc/inetd.conf\fR +as a single line. Depending on your terminal characteristics, it may +not appear that way in this man page. If the above appears as more +than one line, please treat any newlines or indentation as a single +space or TAB character.) +.PP +Note that there is no need to specify a port number here, +even if you are using a non-standard port number. +.PP +Lastly, edit the configuration file to provide suitable +services. To start with, the following two services should be +all you need: +.sp +.nf + [homes] + writeable = yes -.PP -This will allow you to connect to your home directory and print to any -printer supported by the host (user privileges permitting)\&. -.PP -.SH "TESTING THE INSTALLATION" -.PP -If running the server as a daemon, execute it before proceeding\&. If -using a meta-daemon, either restart the system or kill and restart the -meta-daemon\&. Some versions of inetd will reread their configuration -tables if they receive a HUP signal\&. -.PP -If your machine\'s name is "fred" and your name is "mary", you should -now be able to connect to the service \f(CW\e\efred\emary\fP\&. -.PP -To properly test and experiment with the server, we recommend using -the smbclient program (see -\fBsmbclient (1)\fP) and also going through -the steps outlined in the file \fIDIAGNOSIS\&.txt\fP in the \fIdocs/\fP -directory of your Samba installation\&. -.PP -.SH "VERSION" -.PP -This man page is correct for version 2\&.0 of the Samba suite\&. -.PP -.SH "DIAGNOSTICS" -.PP -Most diagnostics issued by the server are logged in a specified log -file\&. The log file name is specified at compile time, but may be -overridden on the command line\&. -.PP -The number and nature of diagnostics available depends on the debug -level used by the server\&. If you have problems, set the debug level to -3 and peruse the log files\&. -.PP -Most messages are reasonably self-explanatory\&. Unfortunately, at the time -this man page was created, there are too many diagnostics available -in the source code to warrant describing each and every diagnostic\&. At -this stage your best bet is still to grep the source code and inspect -the conditions that gave rise to the diagnostics you are seeing\&. -.PP -.SH "SIGNALS" -.PP -Sending the smbd a SIGHUP will cause it to re-load its smb\&.conf -configuration file within a short period of time\&. -.PP -To shut down a users smbd process it is recommended that SIGKILL (-9) -\fINOT\fP be used, except as a last resort, as this may leave the shared -memory area in an inconsistent state\&. The safe way to terminate an -smbd is to send it a SIGTERM (-15) signal and wait for it to die on -its own\&. -.PP -The debug log level of smbd may be raised -by sending it a SIGUSR1 \f(CW(kill -USR1 )\fP and lowered by -sending it a SIGUSR2 \f(CW(kill -USR2 )\fP\&. This is to allow -transient problems to be diagnosed, whilst still running at a normally -low log level\&. -.PP -Note that as the signal handlers send a debug write, they are not -re-entrant in smbd\&. This you should wait until smbd is in a state of -waiting for an incoming smb before issuing them\&. It is possible to -make the signal handlers safe by un-blocking the signals before the -select call and re-blocking them after, however this would affect -performance\&. -.PP -.SH "SEE ALSO" -.PP -\fBhosts_access (5)\fP, \fBinetd (8)\fP, \fBnmbd (8)\fP, -\fBsmb\&.conf (5)\fP, \fBsmbclient -(1)\fP, \fBtestparm (1)\fP, -\fBtestprns (1)\fP, and the Internet RFC\'s -\fBrfc1001\&.txt\fP, \fBrfc1002\&.txt\fP\&. In addition the CIFS (formerly SMB) -specification is available as a link from the Web page : -http://samba\&.org/cifs/\&. -.PP -.SH "AUTHOR" -.PP -The original Samba software and related utilities were created by -Andrew Tridgell samba@samba\&.org\&. Samba is now developed -by the Samba Team as an Open Source project similar to the way the -Linux kernel is developed\&. -.PP -The original Samba man pages were written by Karl Auer\&. The man page -sources were converted to YODL format (another excellent piece of Open -Source software, available at -\fBftp://ftp\&.icce\&.rug\&.nl/pub/unix/\fP) -and updated for the Samba2\&.0 release by Jeremy Allison\&. -samba@samba\&.org\&. -.PP -See \fBsamba (7)\fP to find out how to get a full list of contributors -and details on how to submit bug reports, comments etc\&. + [printers] + writeable = no + printable = yes + path = /tmp + public = yes + + +.sp +.fi +.PP +This will allow you to connect to your home directory +and print to any printer supported by the host (user privileges +permitting). +.SH "TESTING THE INSTALLATION" +.PP +If running the server as a daemon, execute it before +proceeding. If using a meta-daemon, either restart the system +or kill and restart the meta-daemon. Some versions of +\fBinetd\fR will reread their configuration +tables if they receive a HUP signal. +.PP +If your machine's name is |[[quot ]]|fred|[[quot ]]| and your +name is |[[quot ]]|mary|[[quot ]]|, you should now be able to connect +to the service \fI|[[bsol ]]||[[bsol ]]|fred|[[bsol ]]|mary\fR. +.PP +To properly test and experiment with the server, we +recommend using the \fBsmbclient\fR program (see +\fBsmbclient(1)\fR ) +and also going through the steps outlined in the file +\fIDIAGNOSIS.txt\fR in the \fIdocs/\fR +directory of your Samba installation. +.SH "VERSION" +.PP +This man page is correct for version 2.2 of +the Samba suite. +.SH "DIAGNOSTICS" +.PP +Most diagnostics issued by the server are logged +in a specified log file. The log file name is specified +at compile time, but may be overridden on the command line. +.PP +The number and nature of diagnostics available depends +on the debug level used by the server. If you have problems, set +the debug level to 3 and peruse the log files. +.PP +Most messages are reasonably self-explanatory. Unfortunately, +at the time this man page was created, there are too many diagnostics +available in the source code to warrant describing each and every +diagnostic. At this stage your best bet is still to grep the +source code and inspect the conditions that gave rise to the +diagnostics you are seeing. +.SH "SIGNALS" +.PP +Sending the smbd a SIGHUP will cause it to +re-load its \fIsmb.conf\fR configuration +file within a short period of time. +.PP +To shut down a users smbd process it is recommended +that \fBSIGKILL (-9)\fR \fBNOT\fR +be used, except as a last resort, as this may leave the shared +memory area in an inconsistent state. The safe way to terminate +an smbd is to send it a SIGTERM (-15) signal and wait for +it to die on its own. +.PP +The debug log level of smbd may be raised by sending +it a SIGUSR1 (\fBkill -USR1 \fR) +and lowered by sending it a SIGUSR2 (\fBkill -USR2 +\fR). This is to allow transient problems to be diagnosed, +whilst still running at a normally low log level. +.PP +Note that as the signal handlers send a debug write, +they are not re-entrant in smbd. This you should wait until +smbd is in a state of waiting for an incoming smb before +issuing them. It is possible to make the signal handlers safe +by un-blocking the signals before the select call and re-blocking +them after, however this would affect performance. +.SH "SEE ALSO" +.PP +hosts_access(5), \fBinetd(8)\fR, +\fBnmbd(8)\fR , +\fIsmb.conf(5)\fR + , \fBsmbclient(1) +\fR , \fB testparm(1)\fR , \fBtestprns(1)\fR , and the Internet RFC's +\fIrfc1001.txt\fR, \fIrfc1002.txt\fR. +In addition the CIFS (formerly SMB) specification is available +as a link from the Web page +http://samba.org/cifs/ . +.SH "AUTHOR" +.PP +The original Samba software and related utilities +were created by Andrew Tridgell. Samba is now developed +by the Samba Team as an Open Source project similar +to the way the Linux kernel is developed. +.PP +The original Samba man pages were written by Karl Auer. +The man page sources were converted to YODL format (another +excellent piece of Open Source software, available at +ftp://ftp.icce.rug.nl/pub/unix/ ) and updated for the Samba 2.0 +release by Jeremy Allison. The conversion to DocBook for +Samba 2.2 was done by Gerald Carter -- cgit