Using SambaRobert Eckstein, David Collier-Brown, Peter Kelly1st Edition November 1999 1-56592-449-5, Order Number: 4495 416 pages, $34.95 |
2.2 Configuring Samba
The source distribution of Samba 2.0 and above doesn't initially have a makefile. Instead, one is generated through a GNU configure script, which is located in the samba-2.0.x /source/ directory. The configure script, which must be run as root, takes care of the machine-specific issues of building Samba. However, you still may want to decide on some global options. Global options can be set by passing options on the command-line:
# ./configure --with-sslFor example, this will configure the Samba makefile with support for the Secure Sockets Layer (SSL) encryption protocol. If you would like a complete list of options, type the following:
# ./configure --helpEach of these options enable or disable various features. You typically enable a feature by specifying the
--with-
feature
option, which will cause the feature to be compiled and installed. Likewise, if you specify a--without-
feature
option, the feature will be disabled. As of Samba 2.0.5, each of the following features is disabled by default:
--with-smbwrapper
Include SMB wrapper support, which allows executables on the Unix side to access SMB/CIFS filesystems as if they were regular Unix filesystems. We recommend using this option. However, at this time this book went to press, there were several incompatibilities between the smbwrapper package and the GNU libc version 2.1, and it would not compile on Red Hat 6.0. Look for more information on these incompatibilities on the Samba home page.
--with-afs
Include support of the Andrew Filesystem from Carnegie Mellon University. If you're going to serve AFS files via Samba, we recommend compiling Samba once first without enabling this feature to ensure that everything runs smoothly. Once that version is working smoothly, recompile Samba with this feature enabled and compare any errors you might receive against the previous setup.
--with-dfs
Include support for DFS, a later version of AFS, used by OSF/1 (Digital Unix). Note that this is not the same as Microsoft DFS, which is an entirely different filesystem. Again, we recommend compiling Samba once first without this feature to ensure that everything runs smoothly, then recompile with this feature to compare any errors against the previous setup.
--with-krb4
=base-directory
Include support for Kerberos version 4.0, explicitly specifying the base directory of the distribution. Kerberos is a network security protocol from MIT that uses private key cryptography to provide strong security between nodes. Incidentally, Microsoft has announced that Kerberos 5.0 will be the standard authentication mechanism for Microsoft Windows 2000 (NT 5.0). However, the Kerberos 5.0 authentication mechanisms are quite different from the Kerberos 4.0 security mechanisms. If you have Kerberos version 4 on your system, the Samba team recommends that you upgrade and use the
--with-krb5
option (see the next item). You can find more information on Kerberos at http://web.mit.edu/kerberos/www.--with-krb5
=base-directory
Include support for Kerberos version 5.0, explicitly specifying the base directory of the distribution. Microsoft has announced that Kerberos 5.0 will be the standard authentication mechanism for Microsoft Windows 2000 (NT 5.0). However, there is no guarantee that Microsoft will not extend Kerberos for their own needs in the future. Currently, Samba's Kerberos support only uses a plaintext password interface and not an encrypted one. You can find more information on Kerberos at its home page: http://web.mit.edu/kerberos/www.
--with-automount
Include support for automounter, a feature often used on sites that offer NFS.
--with-smbmount
Include smbmount support, which is for Linux only. This feature wasn't being maintained at the time the book was written, so the Samba team made it an optional feature and provided smbwrapper instead. The smbwrapper feature works on more Unix platforms than smbmount, so you'll usually want to use
--with-smbwrapper
instead of this option.--with-pam
Include support for pluggable authentication modules (PAM), an authentication feature common in the Linux operating system.
--with-ldap
Include support for the Lightweight Directory Access Protocol (LDAP). A future version of LDAP will be used in the Windows 2000 (NT 5.0) operating system; this Samba support is experimental. LDAP is a flexible client-server directory protocol that can carry information such as certificates and group memberships.[4]
[4] By directory, we don't mean a directory in a file system, but instead an indexed directory (such as a phone directory). Information is stored and can be easily retrieved in a public LDAP system.
--with-nis
Include support for getting password-file information from NIS (network yellow pages).
--with-nisplus
Include support for obtaining password-file information from NIS+, the successor to NIS.
--with-ssl
Include experimental support for the Secure Sockets Layer (SSL), which is used to provide encrypted connections from client to server. Appendix A, Configuring Samba with SSL, describes setting up Samba with SSL support.
--with-nisplus-home
Include support for locating which server contains a particular user's home directory and telling the client to connect to it. Requires
--with-nis
and, usually,--with-automounter
.--with-mmap
Include experimental memory mapping code. This is not required for fast locking, which already uses mmap or System V shared memory.
--with-syslog
Include support for using the SYSLOG utility for logging information generated from the Samba server. There are a couple of Samba configuration options that you can use to enable SYSLOG support; Chapter 4, Disk Shares , discusses these options.
--with-netatalk
Include experimental support for interoperating with the (Macintosh) Netatalk file server.
--with-quotas
Include disk-quota support.
Because each of these options is disabled by default, none of these features are essential to Samba. However, you may want to come back and build a modified version of Samba if you discover that you need one at a later time.
In addition, Table 2.1 shows some other parameters that you can give the configure script if you wish to store parts of the Samba distribution in different places, perhaps to make use of multiple disks or partitions. Note that the defaults sometimes refer to a prefix specified earlier in the table.
Table 2.1: Additional Configure Options Option
Meaning
Default
--prefix
=directory
Install architecture-independent files at the base directory specified.
/usr/local/samba
--eprefix
=directory
Install architecture-dependent files at the base directory specified.
/usr/local/samba
--bindir
=directory
Install user executables in the directory specified.
eprefix
/bin
--sbindir
=directory
Install administrator executables in the directory specified.
eprefix
/bin
--libexecdir
=directory
Install program executables in the directory specified.
eprefix
/libexec
--datadir
=directory
Install read-only architecture independent data in the directory specified.
prefix
/share
--libdir
=directory
Install program libraries in the directory specified.
eprefix
/lib
--includedir
=directory
Install package include files in the directory specified.
prefix
/include
--infodir
=directory
Install additional information files in the directory specified.
prefix
/info
--mandir
=directory
Install manual pages in the directory specified.
prefix
/manAgain, before running the configure script, it is important that you are the root user on the system. Otherwise, you may get a warning such as:
configure: warning: running as non-root will disable some testsYou don't want any test to be disabled when the Samba makefile is being created; this leaves the potential for errors down the road when compiling or running Samba on your system.
Here is a sample execution of the configure script, which creates a Samba 2.0.4 makefile for the Linux platform. Note that you must run the configure script in the source directory, and that several lines from the middle of the excerpt have been omitted:
# cd samba-2.0.4b/source/ # ./configure | tee mylog loading cache ./config.cache checking for gcc... (cached) gcc checking whether the C compiler (gcc -O) works... yes checking whether the C compiler (gcc -O) is a cross-compiler... no checking whether we are using GNU C... (cached) yes checking whether gcc accepts -g... (cached) yes checking for a BSD compatible install... (cached) /usr/bin/install -c ...(content omitted)... checking configure summary configure OK creating ./config.status creating include/stamp-h creating Makefile creating include/config.hIn general, any message from configure that doesn't begin with the words
checking
orcreating
is an error; it often helps to redirect the output of the configure script to a file so you can quickly search for errors, as we did with thetee
command above. If there was an error during configuration, more detailed information about it can be found in the config.log file, which is written to the local directory by the configure script.If the configuration works, you'll see a
checking
configure
summary
message followed by aconfigure
OK
message and four or five file creation messages. So far, so good.... Next step: compiling.
© 1999, O'Reilly & Associates, Inc.