From 99ef1fc0d4a32194d3d8d6eebb6d6b2cdbc072c1 Mon Sep 17 00:00:00 2001 From: Manuel Canales Esparcia Date: Wed, 18 May 2005 17:40:42 +0000 Subject: [PATCH] Tagged samba3.xml git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@4351 af4574ff-66df-0310-9fd7-8a98e5e911e0 --- server/major/samba3.xml | 1134 +++++++++++++++++++++------------------ 1 file changed, 608 insertions(+), 526 deletions(-) diff --git a/server/major/samba3.xml b/server/major/samba3.xml index a7e62e6fe9..305b6328b7 100644 --- a/server/major/samba3.xml +++ b/server/major/samba3.xml @@ -4,80 +4,85 @@ %general-entities; - - - - - - + + + + + + ]> - -$LastChangedBy$ -$Date$ - - -Samba-&samba3-version; - -Samba + - -Introduction to <application>Samba</application> + + $LastChangedBy$ + $Date$ + -The Samba package provides file and print -services to SMB/CIFS clients and -Windows networking to Linux clients. Samba can also -be configured as a Windows NT 4.0 Domain Controller replacement -(with caveats working with NT PDC's and -BDC's), a file/print server acting as a member of a -Windows NT 4.0 or Active Directory domain and a NetBIOS (rfc1001/1002) -nameserver (which amongst other things provides -LAN browsing support). + Samba-&samba3-version; -Package information - -Download (HTTP): - -Download (FTP): - -Download MD5 sum: -&samba3-md5sum; -Download size: -&samba3-size; -Estimated disk space required: -&samba3-buildsize; -Estimated build time: -&samba3-time; - + + Samba + - -<application>Samba</application> dependencies - -Optional -, -, -, -, - or , -, - or , -, -, -Valgrind and - (used to encrypt access to SWAT) - - + + Introduction to Samba - + The Samba package provides file and print + services to SMB/CIFS clients and Windows networking to Linux clients. + Samba can also be configured as a Windows NT + 4.0 Domain Controller replacement (with caveats working with NT PDC's and + BDC's), a file/print server acting as a member of a Windows NT 4.0 or + Active Directory domain and a NetBIOS (rfc1001/1002) nameserver (which + amongst other things provides LAN browsing support). - -Installation of <application>Samba</application> + Package Information + + + Download (HTTP): + + + Download (FTP): + + + Download MD5 sum: &samba3-md5sum; + + + Download size: &samba3-size; + + + Estimated disk space required: &samba3-buildsize; + + + Estimated build time: &samba3-time; + + -Install Samba by running the following -commands: + Samba Dependencies -cd source && + Optional + , + , + , + , + or , + , + or , + , + , + Valgrind and + (used to encrypt access to SWAT) + + + + + Installation of Samba + + Install Samba by running the following + commands: + +cd source && ./configure \ --prefix=/usr \ --sysconfdir=/etc \ @@ -85,11 +90,11 @@ commands: --with-piddir=/var/run \ --with-fhs \ --with-smbmount && -make +make -Now, as the root user: + Now, as the root user: -install -v -m755 -d /var/cache/samba && +install -v -m755 -d /var/cache/samba && make install && mv -v /usr/lib/samba/libsmbclient.so /usr/lib && ln -v -sf ../libsmbclient.so /usr/lib/samba && @@ -97,174 +102,185 @@ chmod -v 644 /usr/include/libsmbclient.h && install -v -m755 nsswitch/libnss_win{s,bind}.so /lib && ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2 && ln -v -sf libnss_wins.so /lib/libnss_wins.so.2 && -if [ -f nsswitch/pam_winbind.so ]; then +if [ -f nsswitch/pam_winbind.so ]; then install -v -m755 nsswitch/pam_winbind.so /lib/security fi && install -v -m644 ../examples/smb.conf.default /etc/samba && -install -v -m644 ../docs/*.pdf /usr/share/samba +install -v -m644 ../docs/*.pdf /usr/share/samba -You may want to run configure with the ---help parameter. There may be other parameters -needed to take advantage of the optional dependencies. + + You may want to run configure with the + parameter. There may be other parameters + needed to take advantage of the optional dependencies. + - + - -Command explanations + + Command Explanations ---sysconfdir=/etc: Sets the configuration -file directory to avoid the default of -/usr/etc. + --sysconfdir=/etc: Sets the configuration + file directory to avoid the default of + /usr/etc. ---localstatedir=/var: Sets the variable -data directory to avoid the default of -/usr/var. + --localstatedir=/var: Sets the variable + data directory to avoid the default of + /usr/var. -: Assigns all other file paths in a manner -compliant with the Filesystem Hierarchy Standard -(FHS). + --with-fhs: Assigns all other file paths in + a manner compliant with the Filesystem Hierarchy Standard (FHS). -: Orders the creation of an extra -binary for use by the mount command so that mounting remote -SMB (Windows) shares becomes no more complex than mounting -remote NFS shares. + --with-smbmount: Orders the creation of an + extra binary for use by the mount command so that + mounting remote SMB (Windows) shares becomes no more complex than + mounting remote NFS shares. -: Use this parameter to link -Linux-PAM into the build. This -also builds the pam_winbind.so -PAM module. You can find -instructions on how to configure and use the module by running -man winbindd. + : Use this parameter to link + Linux-PAM into the build. This + also builds the pam_winbind.so + PAM module. You can find + instructions on how to configure and use the module by running + man winbindd. -install -v -d /var/cache/samba: This directory is -needed for proper operation of the smbd and -nmbd daemons. + install -v -d /var/cache/samba: This directory is + needed for proper operation of the smbd and + nmbd daemons. -mv -v /usr/lib/samba/libsmbclient.so ...; ln -v -sf -../libsmbclient.so ...: The -libsmbclient.so library is needed -by other packages. This command moves it to a location where other packages -can find it. + mv -v /usr/lib/samba/libsmbclient.so ...; ln -v -sf + ../libsmbclient.so ...: The + libsmbclient.so library is needed + by other packages. This command moves it to a location where other packages + can find it. -install -v -m755 nsswitch/libnss_win{s,bind}.so /lib: -The nss libraries are not installed by default. If you intend to use -winbindd for domain auth, and/or WINS name resolution, -you need these libraries. + install -v -m755 nsswitch/libnss_win{s,bind}.so /lib: + The nss libraries are not installed by default. If you intend to use + winbindd for domain auth, and/or WINS name resolution, + you need these libraries. -ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2 -and ln -v -sf libnss_wins.so /lib/libnss_wins.so.2: -These symlinks are required by glibc to use the NSS -libraries. + ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2 + and ln -v -sf libnss_wins.so /lib/libnss_wins.so.2: + These symlinks are required by glibc to use the NSS + libraries. -install -v -m644 ../examples/smb.conf.default -/etc/samba: This copies a default smb.conf into -/etc/samba. This sample configuration will not -work unless edited for your site, and renamed -smb.conf. + install -v -m644 ../examples/smb.conf.default + /etc/samba: This copies a default smb.conf + into /etc/samba. This sample configuration will not + work unless edited for your site, and renamed + smb.conf. - + - -Configuring <application>Samba</application> + + Configuring Samba -Config files -/etc/samba/smb.conf - -/etc/samba/smb.conf - - + + Config Files -Configuration overview and available documentation + /etc/samba/smb.conf -Due to the complexity and the many various uses for -Samba, complete configuration is well beyond the -scope of the BLFS book. Advanced configurations including -setting up Primary and Backup Domain Controllers are advanced topics and -cannot be adequately covered in BLFS (it should be noted, -however, that a Samba BDC cannot -be used as a fallback for a -Windows PDC, and conversely, a -Windows BDC cannot be used as a -fallback for a Samba PDC). Many -complete books have been written on these topics alone. + + /etc/samba/smb.conf + -There is quite a bit of documentation available which covers many of -these advanced configurations. Point your web browser to the links below to -view some of the documentation included with the -Samba package: + - -Using Samba, 2nd Edition; a popular book published by O'Reilly - - + + Configuration Overview and Available Documentation -The Official Samba HOWTO and Reference Guide - - + Due to the complexity and the many various uses for + Samba, complete configuration is well beyond + the scope of the BLFS book. Advanced configurations including setting up + Primary and Backup Domain Controllers are advanced topics and cannot be + adequately covered in BLFS (it should be noted, however, that a + Samba BDC cannot be used as a fallback for a + Windows PDC, and conversely, a + Windows BDC cannot be used as a + fallback for a Samba PDC). Many + complete books have been written on these topics alone. -Samba-3 by Example - - + There is quite a bit of documentation available which covers many + of these advanced configurations. Point your web browser to the links + below to view some of the documentation included with the + Samba package: -The Samba-3 man Pages - - - - + + + Using Samba, 2nd Edition; a popular book published by O'Reilly + + + + The Official Samba HOWTO and Reference Guide + + + + Samba-3 by Example + + + + + The Samba-3 man Pages + + + -Configuring SWAT + -The built in SWAT -(Samba Web Administration Tool) utility can be used -for basic configuration of the Samba installation, -but because it may be inconvenient, undesireable or perhaps even impossible -to gain access to the console, BLFS recommends setting up -access to SWAT using -Stunnel. - -SWAT + + Configuring SWAT -First you must add entries to /etc/services and -modify the inetd/xinetd -configuration. + The built in SWAT (Samba Web + Administration Tool) utility can be used for basic configuration of + the Samba installation, but because it may + be inconvenient, undesireable or perhaps even impossible to gain + access to the console, BLFS recommends setting up access to SWAT using + Stunnel. - - /etc/services - + + SWAT + - - /etc/inetd.conf - + First you must add entries to /etc/services + and modify the inetd/xinetd + configuration. - - /etc/xinetd.conf - + + /etc/services + -Add swat and swat_tunnel entries to -/etc/services with the following commands issued as the -root user: + + /etc/inetd.conf + -echo "swat 901/tcp" >> /etc/services && -echo "swat_tunnel 902/tcp" >> /etc/services + + /etc/xinetd.conf + -If inetd is used, the following command will add the -swat_tunnel entry to /etc/inetd.conf (as user -root): + Add swat and swat_tunnel entries to + /etc/services with the following commands issued + as the root user: -echo "swat_tunnel stream tcp nowait.400 root /usr/sbin/swat swat" \ - >> /etc/inetd.conf -Issue a killall -HUP inetd to reread the -changed inetd.conf file. +echo "swat 901/tcp" >> /etc/services && +echo "swat_tunnel 902/tcp" >> /etc/services -If you use xinetd, the following command will create -the Samba file as -/etc/xinetd.d/swat_tunnel (you may need to modify or -remove the only_from line to include the desired -host[s]): + If inetd is used, the following command will + add the swat_tunnel entry to /etc/inetd.conf (as + user root): -cat >> /etc/xinetd.d/swat_tunnel << "EOF" -# Begin /etc/xinetd.d/swat_tunnel +echo "swat_tunnel stream tcp nowait.400 root /usr/sbin/swat swat" \ + >> /etc/inetd.conf + + Issue a killall -HUP inetd to reread the + changed inetd.conf file. + + If you use xinetd, the following command will + create the Samba file as + /etc/xinetd.d/swat_tunnel (you may need to modify + or remove the only_from line to include the desired + host[s]): + +cat >> /etc/xinetd.d/swat_tunnel << "EOF" +# Begin /etc/xinetd.d/swat_tunnel service swat_tunnel { @@ -277,395 +293,461 @@ service swat_tunnel log_on_failure += USERID } -# End /etc/xinetd.d/swat_tunnel -EOF +# End /etc/xinetd.d/swat_tunnel +EOF - - /etc/xinetd.d/swat_tunnel - + + /etc/xinetd.d/swat_tunnel + -Issue a killall -HUP xinetd to reread the -changed xinetd.conf file. + Issue a killall -HUP xinetd to reread the + changed xinetd.conf file. -Next, you must add an entry for the swat service to the -/etc/stunnel/stunnel.conf file (as user root): + Next, you must add an entry for the swat service to the + /etc/stunnel/stunnel.conf file (as user + root): - - /etc/stunnel/stunnel.conf - + + /etc/stunnel/stunnel.conf + -cat >> /etc/stunnel/stunnel.conf << "EOF" -[swat] +cat >> /etc/stunnel/stunnel.conf << "EOF" +[swat] accept = 901 -connect = 902 +connect = 902 -EOF +EOF -Restart the stunnel daemon using the following -command as the root user: + Restart the stunnel daemon using the following + command as the root user: -/etc/rc.d/init.d/stunnel restart +/etc/rc.d/init.d/stunnel restart -SWAT can be launched by pointing your web browser to -https://[CA_DN_field]:901. -Substitute the hostname listed in the DN field of the -CA certificate used with -Stunnel for -[CA_DN_field]. + SWAT can be launched by pointing your web browser to + https://[CA_DN_field]:901. + Substitute the hostname listed in the DN field of the CA certificate + used with Stunnel for + [CA_DN_field]. -If you linked -Linux-PAM into the -Samba build, you'll need to create an -/etc/pam.d/samba file. + + If you linked Linux-PAM into the + Samba build, you'll need to create an + /etc/pam.d/samba file. + - - /etc/pam.d/samba - + + /etc/pam.d/samba + - + -Printing to <acronym>SMB</acronym> clients + + Printing to SMB Clients -If you use CUPS for print -services, and you wish to print to a printer attached to an -SMB client, you need to create an SMB -backend device. To create the device, issue the following command as the -root user: + If you use CUPS for print services, + and you wish to print to a printer attached to an SMB client, you + need to create an SMB backend device. To create the device, issue the + following command as the root + user: -ln -v -sf /usr/bin/smbspool /usr/lib/cups/backend/smb - +ln -v -sf /usr/bin/smbspool /usr/lib/cups/backend/smb -Installing bootscripts + -For your convenience, boot scripts have been provided for -Samba. There are two included in the - package. The first, -samba, will start the smbd and -nmbd daemons needed to provide -SMB/CIFS services. The second -script, winbind, starts the winbindd -daemon, used for providing Windows domain services to Linux clients. + + Boot Script - - samba - + For your convenience, boot scripts have been provided for + Samba. There are two included in the + package. The first, + samba, will start the smbd + and nmbd daemons needed to provide SMB/CIFS + services. The second script, winbind, starts + the winbindd daemon, used for providing Windows + domain services to Linux clients. - - winbind - + + samba + -Install the samba script with the following -command issued as the root user: + + winbind + -make install-samba + Install the samba script with the following + command issued as the root + user: -If you also need the winbind script: +make install-samba -make install-winbind - + If you also need the winbind + script: - +make install-winbind - -Contents + - -Installed Programs -Installed Libraries -Installed Directories + - -findsmb, mount.smbfs, net, nmbd, nmblookup, ntlm_auth, pdbedit, profiles, -rpcclient, smbcacls, smbclient, smbcontrol, smbcquotas, smbd, smbmnt, -smbmount, smbpasswd, smbspool, smbstatus, smbtar, smbtree, smbumount, swat, -tdbbackup, tdbdump, tdbtool, testparm, testprns, wbinfo and winbindd -libnss_winbind.so, libnss_wins.so, libsmbclient.so, the -pam_winbind.so PAM library and assorted character set, -filesystem and support modules. -/etc/samba, /usr/lib/samba, /usr/share/samba, /var/cache/samba and -/var/lib/samba - - + + Contents - -Short Descriptions - + + Installed Programs + Installed Libraries + Installed Directories - -findsmb -lists information about machines that respond to -SMB name queries on a subnet. - -findsmb - - + + findsmb, mount.smbfs, net, nmbd, nmblookup, ntlm_auth, pdbedit, + profiles, rpcclient, smbcacls, smbclient, smbcontrol, smbcquotas, smbd, + smbmnt, smbmount, smbpasswd, smbspool, smbstatus, smbtar, smbtree, + smbumount, swat, tdbbackup, tdbdump, tdbtool, testparm, testprns, + wbinfo, and winbindd + libnss_winbind.so, libnss_wins.so, libsmbclient.so, the + pam_winbind.so PAM library and assorted character set, + filesystem and support modules. + /etc/samba, /usr/lib/samba, /usr/share/samba, /var/cache/samba, + and /var/lib/samba + + - -mount.smbfs -is a symlink to mountsmb which provides -/bin/mount with a way to mount remote Windows (or -Samba) fileshares. - -mount.smbfs - - + + Short Descriptions + + - -net -is a tool for administration of -Samba and remote CIFS servers, -similar to the net utility for -DOS/Windows. - -net - - + + findsmb + + lists information about machines that respond to + SMB name queries on a subnet. + + findsmb + + + - -nmbd -is the Samba -NetBIOS name server. - -nmbd - - + + mount.smbfs + + is a symlink to mountsmb which provides + /bin/mount with a way to mount remote Windows + (or Samba) fileshares. + + mount.smbfs + + + - -nmblookup -is used to query NetBIOS names and map -them to IP addresses. - -nmblookup - - + + net + + is a tool for administration of + Samba and remote CIFS servers, similar + to the net utility for DOS/Windows. + + net + + + - -ntlm_auth -is a tool to allow external access to Winbind's -NTLM authentication function. - -ntlm_auth - - + + nmbd + + is the Samba + NetBIOS name server. + + nmbd + + + - -pdbedit -is a tool used to manage the SAM -database. - -pdbedit - - + + nmblookup + + is used to query NetBIOS names and map + them to IP addresses. + + nmblookup + + + - -profiles -is a utility that reports and changes SIDs -in Windows registry files. It currently only supports Windows NT. - -profiles - - + + ntlm_auth + + is a tool to allow external access to Winbind's + NTLM authentication function. + + ntlm_auth + + + - -rpcclient -is used to execute MS-RPC client side -functions. - -rpcclient - - + + pdbedit + + is a tool used to manage the SAM database. + + pdbedit + + + - -smbcacls -is used to manipulate Windows NT access control lists. - -smbcacls - - + + profiles + + is a utility that reports and changes SIDs in Windows + registry files. It currently only supports Windows NT. + + profiles + + + - -smbclient -is a SMB/CIFS access -utility, similar to FTP. - -smbclient - - + + rpcclient + + is used to execute MS-RPC client side functions. + + rpcclient + + + - -smbcontrol -is used to control running smbd, -nmbd and winbindd daemons. - -smbcontrol - - + + smbcacls + + is used to manipulate Windows NT access control lists. + + smbcacls + + + - -smbcquotas -is used to manipulate Windows NT quotas on -SMB file shares. - -smbcquotas - - + + smbclient + + is a SMB/CIFS access utility, similar to FTP. + + smbclient + + + - -smbd -is the main Samba daemon which -provides SMB/CIFS services to -clients. - -smbd - - + + smbcontrol + + is used to control running smbd, + nmbd and winbindd + daemons. + + smbcontrol + + + - -smbmnt -is a helper application used by the -smbmount program to do the actual mounting of -SMB shares. It can be installed setuid root if you want -normal users to be able to mount their SMB shares. - -smbmnt - - + + smbcquotas + + is used to manipulate Windows NT quotas on + SMB file shares. + + smbcquotas + + + - -smbmount -is usually invoked as mount.smbfs by the -mount command when using the --t smbfs option, mounts a Linux SMB -filesystem. - -smbmount - - + + smbd + + is the main Samba daemon which + provides SMB/CIFS services to clients. + + smbd + + + - -smbpasswd -changes a user's Samba -password. - -smbpasswd - - + + smbmnt + + is a helper application used by the + smbmount program to do the actual mounting of + SMB shares. It can be installed setuid root if you want + normal users to be able to mount their SMB shares. + + smbmnt + + + - -smbspool -sends a print job to an SMB printer. - -smbspool - - + + smbmount + + is usually invoked as mount.smbfs by the + mount command when using the + -t smbfs option, mounts a Linux SMB + filesystem. + + smbmount + + + - -smbstatus -reports current Samba -connections. - -smbstatus - - + + smbpasswd + + changes a user's Samba + password. + + smbpasswd + + + - -smbtar -is a shell script used for backing up -SMB/CIFS shares directly to Linux tape -drives or a file. - -smbtar - - + + smbspool + + sends a print job to an SMB printer. + + smbspool + + + - -smbtree -is a text-based SMB network browser. - -smbtree - - + + smbstatus + + reports current Samba + connections. + + smbstatus + + + - -smbumount -is used by normal users to unmount SMB -filesystems, provided that it is setuid root. - -smbumount - - + + smbtar + + is a shell script used for backing up SMB/CIFS shares + directly to Linux tape drives or a file. + + smbtar + + + - -swat -is the Samba Web Administration -Tool. - -swat - - + + smbtree + + is a text-based SMB network browser. + + smbtree + + + - -tdbbackup -is a tool for backing up or validating the integrity of -Samba .tdb files. - -tdbbackup - - + + smbumount + + is used by normal users to unmount SMB filesystems, + provided that it is setuid root. + + smbumount + + + - -tdbdump - is a tool used to print the contents of a -Samba .tdb file. - -tdbdump - - + + swat + + is the Samba Web Administration + Tool. + + swat + + + - -tdbtool -is a tool which allows simple database manipulation from the -command line. - -tdbtool - - + + tdbbackup + + is a tool for backing up or validating the integrity of + Samba .tdb + files. + + tdbbackup + + + - -testparm -checks an smb.conf file for proper -syntax. - -testparm - - + + tdbdump + + is a tool used to print the contents of a + Samba .tdb + file. + + tdbdump + + + - -testprns -tests printer names. - -testprns - - + + tdbtool + + is a tool which allows simple database manipulation from the + command line. + + tdbtool + + + - -wbinfo -queries a running winbindd daemon. - -wbinfo - - + + testparm + + checks an smb.conf file for proper + syntax. + + testparm + + + - -winbindd -resolves names from Windows NT servers. - -winbindd - - - + + testprns + + tests printer names. + + testprns + + + - + + wbinfo + + queries a running winbindd daemon. + + wbinfo + + + + + + winbindd + + resolves names from Windows NT servers. + + winbindd + + + + + + + -