summaryrefslogtreecommitdiff
path: root/docs/docbook/projdoc/UNIX_INSTALL.sgml
blob: 239ccd168ba487359ff4225b4767705645813eca (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
<chapter id="install">
<chapterinfo>
	&author.tridge;
	&author.jelmer;
	<author><firstname>Karl</firstname><surname>Auer</surname></author>
	<!-- Isn't some of this written by others as well? -->

</chapterinfo>

<title>How to Install and Test SAMBA</title>

<sect1>
	<title>Obtaining and installing samba</title>

	<para>Binary packages of samba are included in almost any Linux or 
	Unix distribution. There are also some packages available at 
	<ulink url="http://samba.org/">the samba homepage</ulink>.
	</para>

	<para>If you need to compile samba from source, check the 
	<link linkend="compiling">appropriate appendix chapter</link>.</para>
</sect1>

<sect1>
	<title>Configuring samba</title>

	<para>Samba's configuration is stored in the smb.conf file, 
	that usually resides in <filename>/etc/samba/smb.conf</filename> 
	or <filename>/usr/local/samba/lib/smb.conf</filename>. You can either 
	edit this file yourself or do it using one of the many graphical 
	tools that are available, such as the web-based interface swat, that 
	is included with samba.</para>
	
<sect2>
	<title>Editing the <filename>smb.conf</filename> file</title>
	
	<para>There are sample configuration files in the examples 
	subdirectory in the distribution. I suggest you read them 
	carefully so you can see how the options go together in 
	practice. See the man page for all the options.</para>

	<para>The simplest useful configuration file would be 
	something like this:</para>

	<para><programlisting>
[global]
	workgroup = MYGROUP

[homes]
	guest ok = no
	read only = no
	</programlisting></para>
	
	<para>which would allow connections by anyone with an 
	account on the server, using either their login name or 
	"<command>homes</command>" as the service name. (Note that I also set the 
	workgroup that Samba is part of. See BROWSING.txt for details)</para>
	
	<para>Make sure you put the <filename>smb.conf</filename> file in the same place 
	you specified in the<filename>Makefile</filename> (the default is to 
	look for it in <filename>/usr/local/samba/lib/</filename>).</para>

	<para>For more information about security settings for the 
	<command>[homes]</command> share please refer to the chapter 
	<link linkend="securing-samba">Securing Samba</link>.</para>

<sect3>
	<title>Test your config file with 
	<command>testparm</command></title>

	<para>It's important that you test the validity of your
	<filename>smb.conf</filename> file using the <application>testparm</application> program. 
	If testparm runs OK then it will list the loaded services. If 
	not it will give an error message.</para>

	<para>Make sure it runs OK and that the services look 
	reasonable before proceeding. </para>

	<para>Always run testparm again when you change 
	<filename>smb.conf</filename>!</para>

</sect3>
</sect2>

	<sect2>
	<title>SWAT</title>

	<para>
	SWAT is a web-based interface that helps you configure samba. 
	SWAT might not be available in the samba package on your platform, 
	but in a seperate package. Please read the swat manpage 
	on compiling, installing and configuring swat from source.
	</para>

	<para>To launch SWAT just run your favorite web browser and 
	point it at "http://localhost:901/". Replace <replaceable>localhost</replaceable> with the name of the computer you are running samba on if you 
	are running samba on a different computer then your browser.</para>

	<para>Note that you can attach to SWAT from any IP connected 
	machine but connecting from a remote machine leaves your 
	connection open to password sniffing as passwords will be sent 
	in the clear over the wire. </para>
	</sect2>
</sect1>

<sect1>
	<title>Try listing the shares available on your 
	server</title>

	<para><prompt>$ </prompt><userinput>smbclient -L 
	<replaceable>yourhostname</replaceable></userinput></para>

	<para>You should get back a list of shares available on 
	your server. If you don't then something is incorrectly setup. 
	Note that this method can also be used to see what shares 
	are available on other LanManager clients (such as WfWg).</para>

	<para>If you choose user level security then you may find 
	that Samba requests a password before it will list the shares. 
	See the <command>smbclient</command> man page for details. (you 
	can force it to list the shares without a password by
	adding the option -U% to the command line. This will not work 
	with non-Samba servers)</para>
</sect1>

<sect1>
	<title>Try connecting with the unix client</title>
	
	<para><prompt>$ </prompt><userinput>smbclient <replaceable>
	//yourhostname/aservice</replaceable></userinput></para>
	
	<para>Typically the <replaceable>yourhostname</replaceable> 
	would be the name of the host where you installed &smbd;. 
	The <replaceable>aservice</replaceable> is 
	any service you have defined in the &smb.conf;
	file. Try your user name if you just have a <command>[homes]</command>
	section
	in &smb.conf;.</para>

	<para>For example if your unix host is <replaceable>bambi</replaceable>
	and your login name is <replaceable>fred</replaceable> you would type:</para>

	<para><prompt>$ </prompt><userinput>smbclient //<replaceable>bambi</replaceable>/<replaceable>fred</replaceable>
	</userinput></para>
</sect1>

<sect1>
	<title>Try connecting from a DOS, WfWg, Win9x, WinNT, 
	Win2k, OS/2, etc... client</title>
	
	<para>Try mounting disks. eg:</para>

	<para><prompt>C:\WINDOWS\> </prompt><userinput>net use d: \\servername\service
	</userinput></para>

	<para>Try printing. eg:</para>

	<para><prompt>C:\WINDOWS\> </prompt><userinput>net use lpt1:
	\\servername\spoolservice</userinput></para>

	<para><prompt>C:\WINDOWS\> </prompt><userinput>print filename
	</userinput></para>
</sect1>

<sect1>
	<title>What If Things Don't Work?</title>
	
	<para>Then you might read the file chapter 
	<link linkend="diagnosis">Diagnosis</link> and the 
	FAQ. If you are still stuck then try to follow 
	the <link linkend="problems">Analysing and Solving Problems chapter</link>
	Samba has been successfully installed at thousands of sites worldwide,
	so maybe someone else has hit your problem and has overcome it. </para>

	<sect2>
		<title>Scope IDs</title>

		<para>By default Samba uses a blank scope ID. This means 
		all your windows boxes must also have a blank scope ID. 
		If you really want to use a non-blank scope ID then you will 
		need to use the 'netbios scope' smb.conf option.
        All your PCs will need to have the same setting for 
		this to work. I do not recommend scope IDs.</para>
	</sect2>

	<sect2>
		<title>Locking</title>

		<para>One area which sometimes causes trouble is locking.</para>

		<para>There are two types of locking which need to be 
		performed by a SMB server. The first is "record locking" 
		which allows a client to lock a range of bytes in a open file. 
		The second is the "deny modes" that are specified when a file 
		is open.</para>

		<para>Record locking semantics under Unix is very
		different from record locking under Windows. Versions
		of Samba before 2.2 have tried to use the native
		fcntl() unix system call to implement proper record
		locking between different Samba clients. This can not
		be fully correct due to several reasons. The simplest
		is the fact that a Windows client is allowed to lock a
		byte range up to 2^32 or 2^64, depending on the client
		OS. The unix locking only supports byte ranges up to
		2^31. So it is not possible to correctly satisfy a
		lock request above 2^31. There are many more
		differences, too many to be listed here.</para>

		<para>Samba 2.2 and above implements record locking
		completely independent of the underlying unix
		system. If a byte range lock that the client requests
		happens to fall into the range 0-2^31, Samba hands
		this request down to the Unix system. All other locks
		can not be seen by unix anyway.</para>

		<para>Strictly a SMB server should check for locks before 
		every read and write call on a file. Unfortunately with the 
		way fcntl() works this can be slow and may overstress the 
		rpc.lockd. It is also almost always unnecessary as clients 
		are supposed to independently make locking calls before reads 
		and writes anyway if locking is important to them. By default 
		Samba only makes locking calls when explicitly asked
		to by a client, but if you set "strict locking = yes" then it will
		make lock checking calls on every read and write. </para>

		<para>You can also disable by range locking completely 
		using "locking = no". This is useful for those shares that 
		don't support locking or don't need it (such as cdroms). In 
		this case Samba fakes the return codes of locking calls to 
		tell clients that everything is OK.</para>

		<para>The second class of locking is the "deny modes". These 
		are set by an application when it opens a file to determine 
		what types of access should be allowed simultaneously with 
		its open. A client may ask for DENY_NONE, DENY_READ, DENY_WRITE 
		or DENY_ALL. There are also special compatibility modes called 
		DENY_FCB and  DENY_DOS.</para>

		<!-- FIXME: Sync this with oplocks.sgml -->
	</sect2>
</sect1>	
</chapter>