linux-from-scratch/glfs
1
0
Fork 0
mirror of https://github.com/Zeckmathederg/glfs.git synced 2025-01-26 08:42:12 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
79cbdc752b
glfs/server/major/samba3.xml
Randy McMurchy 0aeb69629f Added a comment to each file that may need a mention of a test suite added to it, this allows closing of bug #1697 
git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@5951 af4574ff-66df-0310-9fd7-8a98e5e911e0
2006-04-27 10:48:30 +00:00

1082 lines
41 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
<!ENTITY % general-entities SYSTEM "../../general.ent">
%general-entities;
<!-- Inserted as a reminder to do this. The mention of a test suite
is usually right before the root user installation commands. Please
delete these 12 (including one blank) lines after you are done.-->
<!-- Use one of the two mentions below about a test suite,
delete the line that is not applicable. Of course, if the
test suite uses syntax other than "make check", revise the
line to reflect the actual syntax to run the test suite -->
<!-- <para>This package does not come with a test suite.</para> -->
<!-- <para>To test the results, issue: <command>make check</command>.</para> -->
<!ENTITY samba3-download-http "http://us1.samba.org/samba/ftp/stable/samba-&samba3-version;.tar.gz">
<!ENTITY samba3-download-ftp "ftp://ftp.samba.org/pub/samba/samba-&samba3-version;.tar.gz">
<!ENTITY samba3-md5sum "5c39505af17cf5caf3d6ed8bab135036">
<!ENTITY samba3-size "17.5 MB">
<!ENTITY samba3-buildsize "199 MB">
<!ENTITY samba3-time "2.8 SBU">
]>
<sect1 id="samba3" xreflabel="Samba-&samba3-version;">
<?dbhtml filename="samba3.html"?>
<sect1info>
<othername>$LastChangedBy$</othername>
<date>$Date$</date>
<keywordset>
<keyword role="package">samba-&samba3-version;.tar</keyword>
<keyword role="ftpdir">samba</keyword>
</keywordset>
</sect1info>
<title>Samba-&samba3-version;</title>
<indexterm zone="samba3">
<primary sortas="a-Samba">Samba</primary>
</indexterm>
<sect2 role="package">
<title>Introduction to Samba</title>
<para>The <application>Samba</application> package provides file and print
services to SMB/CIFS clients and Windows networking to Linux clients.
<application>Samba</application> can also be configured as a Windows NT
4.0 Domain Controller replacement (with caveats working with NT PDC's and
BDC's), a file/print server acting as a member of a Windows NT 4.0 or
Active Directory domain and a NetBIOS (rfc1001/1002) nameserver (which
amongst other things provides LAN browsing support).</para>
<bridgehead renderas="sect3">Package Information</bridgehead>
<itemizedlist spacing="compact">
<listitem>
<para>Download (HTTP): <ulink url="&samba3-download-http;"/></para>
</listitem>
<listitem>
<para>Download (FTP): <ulink url="&samba3-download-ftp;"/></para>
</listitem>
<listitem>
<para>Download MD5 sum: &samba3-md5sum;</para>
</listitem>
<listitem>
<para>Download size: &samba3-size;</para>
</listitem>
<listitem>
<para>Estimated disk space required: &samba3-buildsize;</para>
</listitem>
<listitem>
<para>Estimated build time: &samba3-time;</para>
</listitem>
</itemizedlist>
<!--
<bridgehead renderas="sect3">Additional Downloads</bridgehead>
<itemizedlist spacing="compact">
<listitem>
<para>Required patch if you have <application>Heimdal</application>
installed: <ulink
url="&patch-root;/samba-&samba3-version;-heimdal-1.patch"/></para>
</listitem>
</itemizedlist>
-->
<bridgehead renderas="sect3">Samba Dependencies</bridgehead>
<bridgehead renderas="sect4">Optional</bridgehead>
<para role="optional"><xref linkend="popt"/>,
<xref linkend="linux-pam"/>,
<xref linkend="openldap"/>,
<xref linkend="cups"/>,
<xref linkend="heimdal"/> or <xref linkend="mitkrb"/>, and
<xref linkend="python"/> (to build Samba API bindings for the
<application>Python</application> installation)</para>
<!-- only used for the test suite which is not really functional
and
<ulink url="http://valgrind.kde.org/">Valgrind</ulink></para> -->
<bridgehead renderas="sect4">Optional
(To Build Experimental passdb Libraries</bridgehead>
<para><xref linkend="libxml2"/>,
<xref linkend="mysql"/>,
<xref linkend="postgresql"/></para>
<para condition="html" role="usernotes">User Notes:
<ulink url="&blfs-wiki;/samba3"/></para>
</sect2>
<sect2 role="installation">
<title>Installation of Samba</title>
<!--
<para>A <application>Samba</application> <filename>include.h</filename>
header now does checks for C++ reserved names. The package will not build
if you have <application>Heimdal</application> installed as Heimdal uses
some of these reserved names inappropriately. If you have
<application>Heimdal</application> installed, apply the following patch to
disable these checks and allow the package to compile successfully:</para>
<screen><userinput>patch -Np1 -i ../samba-&samba3-version;-heimdal-1.patch</userinput></screen>
-->
<para>Install <application>Samba</application> by running the following
commands:</para>
<note>
<para>You may want to run <command>configure</command> with the
<option>--help</option> parameter. There may be other parameters
needed to take advantage of the optional dependencies.</para>
</note>
<screen><userinput>cd source &amp;&amp;
./configure \
--prefix=/usr \
--sysconfdir=/etc \
--localstatedir=/var \
--with-piddir=/var/run \
--with-fhs \
--with-smbmount &amp;&amp;
make</userinput></screen>
<para>This package does not come with a functional test suite.</para>
<para>Now, as the <systemitem class="username">root</systemitem> user:</para>
<!-- Commenting out the need for /var/cache/samba as my testing has
shown me that this directory is not used. Grepping the source
tree also turns up nothing about 'cache/samba'. -Randy
<screen role="root"><userinput>install -v -m755 -d /var/cache/samba &amp;&amp;
-->
<screen role="root"><userinput>make install &amp;&amp;
mv -v /usr/lib/samba/libsmbclient.so /usr/lib &amp;&amp;
ln -v -sf ../libsmbclient.so /usr/lib/samba &amp;&amp;
ln -v -sf libsmbclient.so /usr/lib/libsmbclient.so.0 &amp;&amp;
chmod -v 644 /usr/include/lib{smbclient,msrpc}.h &amp;&amp;
install -v -m755 nsswitch/libnss_win{s,bind}.so /lib &amp;&amp;
ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2 &amp;&amp;
ln -v -sf libnss_wins.so /lib/libnss_wins.so.2 &amp;&amp;
if [ -f nsswitch/pam_winbind.so ]; then
install -v -m755 nsswitch/pam_winbind.so /lib/security
fi &amp;&amp;
install -v -m644 ../examples/smb.conf.default /etc/samba &amp;&amp;
install -v -m755 -d /usr/share/doc/samba-&samba3-version; &amp;&amp;
install -v -m644 ../docs/*.pdf /usr/share/doc/samba-&samba3-version; &amp;&amp;
ln -v -s ../../samba/swat /usr/share/doc/samba-&samba3-version;</userinput></screen>
<para>If you passed the <option>--with-python</option> option to the
<command>configure</command> script, issue the following command as the
<systemitem class="username">root</systemitem> user to install the
<application>Python</application> extensions:</para>
<screen role="root"><userinput>make python_install</userinput></screen>
</sect2>
<sect2 role="commands">
<title>Command Explanations</title>
<para><parameter>--sysconfdir=/etc</parameter>: Sets the configuration
file directory to avoid the default of
<filename class="directory">/usr/etc</filename>.</para>
<para><parameter>--localstatedir=/var</parameter>: Sets the variable
data directory to avoid the default of
<filename class="directory">/usr/var</filename>.</para>
<para><parameter>--with-fhs</parameter>: Assigns all other file paths in
a manner compliant with the Filesystem Hierarchy Standard (FHS).</para>
<para><parameter>--with-smbmount</parameter>: Orders the creation of an
extra binary for use by the <command>mount</command> command so that
mounting remote SMB (Windows) shares becomes no more complex than
mounting remote NFS shares.</para>
<para><option>--with-pam</option>: Use this parameter to link
<application>Linux-PAM</application> into the build. This
also builds the <filename class='libraryfile'>pam_winbind.so</filename>
<application>PAM</application> module. You can find
instructions on how to configure and use the module by running
<command>man winbindd</command>.</para>
<!-- I am convinced that this command is no longer necessary. -Randy
<para><command>install -v -d /var/cache/samba</command>: This directory is
needed for proper operation of the <command>smbd</command> and
<command>nmbd</command> daemons.</para>
-->
<para><command>mv -v /usr/lib/samba/libsmbclient.so ...; ln -v -sf
../libsmbclient.so ...</command>: The
<filename class='libraryfile'>libsmbclient.so</filename> library is needed
by other packages. This command moves it to a location where other packages
can find it.</para>
<para><command>install -v -m755 nsswitch/libnss_win{s,bind}.so /lib</command>:
The nss libraries are not installed by default. If you intend to use
winbindd for domain auth, and/or WINS name resolution,
you need these libraries.</para>
<para><command>ln -v -sf libnss_winbind.so /lib/libnss_winbind.so.2</command>
and <command>ln -v -sf libnss_wins.so /lib/libnss_wins.so.2</command>:
These symlinks are required by glibc to use the NSS
libraries.</para>
<para><command>install -v -m644 ../examples/smb.conf.default
/etc/samba</command>: This copies a default <filename>smb.conf</filename>
file into <filename>/etc/samba</filename>. This sample configuration will
not work until you copy it to <filename>/etc/samba/smb.conf</filename> and
make the appropriate changes for your installation. See the configuration
section for minimum values which must be set.</para>
</sect2>
<sect2 role="configuration">
<title>Configuring Samba</title>
<sect3 id="samba3-config">
<title>Config Files</title>
<para>/etc/samba/smb.conf</para>
<indexterm zone="samba3 samba3-config">
<primary sortas="e-etc-samba-smb.conf">/etc/samba/smb.conf</primary>
</indexterm>
</sect3>
<sect3>
<title>Mounting Shares by Unprivileged Users</title>
<para>If it is desired for unprivileged users to directly mount (and
unmount) SMB shares, the <command>smbmnt</command> and
<command>smbumount</command> commands must be setuid
<systemitem class='username'>root</systemitem>. Note that users can
only mount SMB shares on a mount point owned by that user (requires
write access also). If desired, change these programs to setuid
<systemitem class='username'>root</systemitem> by issuing the following
command as the <systemitem class='username'>root</systemitem>
user:</para>
<screen role="root"><userinput>chmod -v 4755 /usr/bin/smb{mnt,umount}</userinput></screen>
</sect3>
<sect3>
<title>Printing to SMB Clients</title>
<para>If you use <application>CUPS</application> for print services,
and you wish to print to a printer attached to an SMB client, you
need to create an SMB backend device. To create the device, issue the
following command as the <systemitem class="username">root</systemitem>
user:</para>
<screen role="root"><userinput>ln -v -sf /usr/bin/smbspool /usr/lib/cups/backend/smb</userinput></screen>
</sect3>
<sect3>
<title>Configuration Information</title>
<para>Due to the complexity and the many various uses for
<application>Samba</application>, complete configuration for all the
package's capabilities is well beyond the scope of the BLFS book. This
section provides instructions to configure the
<filename>/etc/samba/smb.conf</filename> file for two common scenarios.
The complete contents of <filename>/etc/samba/smb.conf</filename> will
depend on the purpose of <application>Samba</application>
installation.</para>
<note>
<para>You may find it easier to copy the configuration parameters shown
below into an empty <filename>/etc/samba/smb.conf</filename> file
instead of copying and editing the default file as mentioned in the
<quote>Command Explanations</quote> section. How you create/edit the
<filename>/etc/samba/smb.conf</filename> file will be left up to
you. Do ensure the file is only writeable by the
<systemitem class="username">root</systemitem> user (mode 644).</para>
</note>
<sect4>
<title>Scenario 1: Minimal Standalone Client-Only Installation</title>
<para>Choose this variant if you only want to transfer files using
<command>smbclient</command>, mount Windows shares and print to Windows
printers, and don't want to share your files and printers to Windows
machines.</para>
<para>A <filename>/etc/samba/smb.conf</filename> file with the following
three parameters is sufficient:</para>
<screen role='root'><literal>[global]
workgroup = <replaceable>MYGROUP</replaceable>
dos charset = <replaceable>cp850</replaceable>
unix charset = <replaceable>ISO-8859-1</replaceable></literal></screen>
<para>The values in this example specify that the computer belongs to a
Windows workgroup named
<quote><replaceable>MYGROUP</replaceable></quote>, uses the
<quote><replaceable>cp850</replaceable></quote> character set on the
wire when talking to MS-DOS and MS Windows 9x, and that the filenames
are stored in the <quote><replaceable>ISO-8859-1</replaceable></quote>
encoding on the disk. Adjust these values appropriately for your
installation. The <quote>unix charset</quote> value must be the same as
the output of <command>locale charmap</command> when executed with the
<envar>LANG</envar> variable set to your preferred locale, otherwise the
<command>ls</command> command may not display correct filenames of
downloaded files.</para>
<para>There is no need to run any <application>Samba</application>
servers in this scenario, thus you don't need to install the provided
bootscripts.</para>
</sect4>
<sect4>
<title>Scenario 2: Standalone File/Print Server</title>
<para>Choose this variant if you want to share your files and printers
to Windows machines in your workgroup in addition to the capabilities
described in Scenario 1.</para>
<para>In this case, the <filename>/etc/samba/smb.conf.default</filename>
file may be a good template to start from. Also add
<quote>dos charset</quote> and <quote>unix charset</quote> parameters
to the <quote>[global]</quote> section as described in Scenario 1 in
order to prevent filename corruption.</para>
<para>The following configuration file creates a separate share for each
user's home directory and also makes all printers available to Windows
machines:</para>
<screen role='root'><literal>[global]
workgroup = <replaceable>MYGROUP</replaceable>
dos charset = <replaceable>cp850</replaceable>
unix charset = <replaceable>ISO-8859-1</replaceable>
[homes]
comment = Home Directories
browseable = no
writable = yes
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
printable = yes</literal></screen>
<para>Other parameters you may wish to customize in the
<quote>[global]</quote> section include:</para>
<screen role='root'><literal> server string =
security =
hosts allow =
load printers =
log file =
max log size =
socket options =
local master =</literal></screen>
<para>Reference the comments in the
<filename>/etc/samba/smb.conf.default</filename> file for information
regarding these parameters.</para>
<para>Since the <command>smbd</command> and <command>nmbd</command>
daemons are needed in this case, install the <filename>samba</filename>
bootscript. Be sure to run <command>smbpasswd</command> (with the
<option>-a</option> option to add users) to enable and
set passwords for all accounts that need
<application>Samba</application> access, or use the SWAT web interface
(see below) to do the same. Using the default
<application>Samba</application> passdb backend, any user you attempt
to add will also be required to exist in the
<filename>/etc/passwd</filename> file.</para>
</sect4>
<sect4>
<title>Advanced Requirements</title>
<para>More complex scenarios involving domain control or membership are
possible if the right flags are passed to the ./configure script when
the package is built. Such setups are advanced topics and cannot be
adequately covered in BLFS. Many complete books have been written on
these topics alone. It should be noted, however, that a
<application>Samba</application> BDC cannot be used as a fallback
for a Windows PDC, and conversely, a Windows BDC cannot be used as a
fallback for a <application>Samba</application> PDC. Also in some
domain membership scenarios, the <command>winbindd</command> daemon and
the corresponding bootscript are needed.</para>
<para>There is quite a bit of documentation available which covers many
of these advanced configurations. Point your web browser to the links
below to view some of the documentation included with the
<application>Samba</application> package:</para>
<itemizedlist spacing='compact'>
<listitem>
<para>Using Samba, 2nd Edition; a popular book published by O'Reilly
<ulink url="file:///usr/share/samba/swat/using_samba/toc.html"/></para>
</listitem>
<listitem>
<para>The Official Samba HOWTO and Reference Guide <ulink
url="file:///usr/share/samba/swat/help/Samba-HOWTO-Collection/index.html"/>
</para>
</listitem>
<listitem>
<para>Samba-3 by Example
<ulink url="file:///usr/share/samba/swat/help/Samba-Guide/index.html"/>
</para>
</listitem>
<listitem>
<para>The Samba-3 man Pages
<ulink url="file:///usr/share/samba/swat/help/samba.7.html"/></para>
</listitem>
</itemizedlist>
</sect4>
</sect3>
<sect3 id="samba3-swat-config">
<title>Configuring SWAT</title>
<para>The built in SWAT (<application>Samba</application> Web
Administration Tool) utility can be used for basic configuration of
the <application>Samba</application> installation, but because it may
be inconvenient, undesirable or perhaps even impossible to gain
access to the console, BLFS recommends setting up access to SWAT using
<application>Stunnel</application>. Without
<application>Stunnel</application>, the
<systemitem class="username">root</systemitem> password is transmitted
in clear text over the wire, and is considered an unacceptable security
risk. After considering the security implications of using SWAT without
<application>Stunnel</application>, and you still wish to implement SWAT
without it, instructions are provided at this end of this section.</para>
<indexterm zone="samba3 samba3-swat-config">
<primary sortas="g-SWAT">SWAT</primary>
</indexterm>
<sect4>
<title>Setting up SWAT using Stunnel</title>
<para>First install, or ensure you have already installed, the
<xref linkend="stunnel"/> package.</para>
<para>Next you must add entries to <filename>/etc/services</filename>
and modify the <command>inetd</command>/<command>xinetd</command>
configuration.</para>
<indexterm zone="samba3 samba3-swat-config">
<primary sortas="e-etc-services">/etc/services</primary>
</indexterm>
<indexterm zone="samba3 samba3-swat-config">
<primary sortas="e-etc-inetd.conf">/etc/inetd.conf</primary>
</indexterm>
<indexterm zone="samba3 samba3-swat-config">
<primary sortas="e-etc-xinetd.conf">/etc/xinetd.conf</primary>
</indexterm>
<para>Add swat and swat_tunnel entries to
<filename>/etc/services</filename> with the following commands issued
as the <systemitem class="username">root</systemitem> user:</para>
<screen role="root"><userinput>echo "swat 901/tcp" &gt;&gt; /etc/services &amp;&amp;
echo "swat_tunnel 902/tcp" &gt;&gt; /etc/services</userinput></screen>
<para>If <command>inetd</command> is used, the following command will
add the swat_tunnel entry to <filename>/etc/inetd.conf</filename> (as
user <systemitem class="username">root</systemitem>):</para>
<screen role="root"><userinput>echo "swat_tunnel stream tcp nowait.400 root /usr/sbin/swat swat" \
&gt;&gt; /etc/inetd.conf</userinput></screen>
<para>Issue a <command>killall -HUP inetd</command> to reread the
changed <filename>inetd.conf</filename> file.</para>
<para>If you use <command>xinetd</command>, the following command will
create the <application>Samba</application> file as
<filename>/etc/xinetd.d/swat_tunnel</filename> (you may need to modify
or remove the <quote>only_from</quote> line to include the desired
host[s]):</para>
<screen role="root"><userinput>cat &gt;&gt; /etc/xinetd.d/swat_tunnel &lt;&lt; "EOF"
<literal># Begin /etc/xinetd.d/swat_tunnel
service swat_tunnel
{
port = 902
socket_type = stream
wait = no
only_from = 127.0.0.1
user = root
server = /usr/sbin/swat
log_on_failure += USERID
}
# End /etc/xinetd.d/swat_tunnel</literal>
EOF</userinput></screen>
<indexterm zone="samba3 samba3-swat-config">
<primary sortas="e-etc-xinetd.d-swat-tunnel">/etc/xinetd.d/swat_tunnel</primary>
</indexterm>
<para>Issue a <command>killall -HUP xinetd</command> to read the new
<filename>/etc/xinetd.d/swat_tunnel</filename> file.</para>
<para>Next, you must add an entry for the swat service to the
<filename>/etc/stunnel/stunnel.conf</filename> file (as user
<systemitem class="username">root</systemitem>):</para>
<indexterm zone="samba3 samba3-swat-config">
<primary sortas="e-etc-stunnel-stunnel.conf">/etc/stunnel/stunnel.conf</primary>
</indexterm>
<screen role="root"><userinput>cat &gt;&gt; /etc/stunnel/stunnel.conf &lt;&lt; "EOF"
<literal>[swat]
accept = 901
connect = 902
TIMEOUTclose = 1</literal>
EOF</userinput></screen>
<para>Restart the <command>stunnel</command> daemon using the following
command as the <systemitem class="username">root</systemitem> user:</para>
<screen role="root"><userinput>/etc/rc.d/init.d/stunnel restart</userinput></screen>
<para>SWAT can be launched by pointing your web browser to
<uri>https://<replaceable>&lt;CA_DN_field&gt;</replaceable>:901</uri>.
Substitute the hostname listed in the DN field of the CA certificate
used with <application>Stunnel</application> for
<replaceable>&lt;CA_DN_field&gt;</replaceable>.</para>
</sect4>
<sect4>
<title>Setting up SWAT without Stunnel</title>
<warning>
<para>BLFS does not recommend using these procedures because of the
security risk involved. However, in a home network environment and
disclosure of the <systemitem class='username'>root</systemitem>
password is an acceptable risk, the following
instructions are provided for your convenience.</para>
</warning>
<para>Add a swat entry to <filename>/etc/services</filename> with the
following command issued as the
<systemitem class='username'>root</systemitem> user:</para>
<screen role='root'><userinput>echo "swat 901/tcp" &gt;&gt; /etc/services</userinput></screen>
<para>If <command>inetd</command> is used, the following command
issued as the <systemitem class='username'>root</systemitem> user will
add a swat entry to the <filename>/etc/inetd.conf</filename> file:</para>
<screen role='root'><userinput>echo "swat stream tcp nowait.400 root /usr/sbin/swat swat" \
&gt;&gt; /etc/inetd.conf</userinput></screen>
<para>Issue a <command>killall -HUP inetd</command> to reread the
changed <filename>inetd.conf</filename> file.</para>
<para>If <command>xinetd</command> is used, the following command
issued as the <systemitem class='username'>root</systemitem> user
will create an <filename>/etc/xinetd.d/swat</filename> file:</para>
<screen role='root'><userinput>cat &gt;&gt; /etc/xinetd.d/swat &lt;&lt; "EOF"
<literal># Begin /etc/xinetd.d/swat
service swat
{
port = 901
socket_type = stream
wait = no
only_from = 127.0.0.1
user = root
server = /usr/sbin/swat
log_on_failure += USERID
}
# End /etc/xinetd.d/swat</literal>
EOF</userinput></screen>
<para>Issue a <command>killall -HUP xinetd</command> to read the
new <filename>/etc/xinetd.d/swat</filename> file.</para>
<para>SWAT can be launched by pointing your web browser to
http://localhost:901.</para>
</sect4>
</sect3>
<sect3>
<title/>
<note>
<para>If you linked <application>Linux-PAM</application> into the
<application>Samba</application> build, you'll need to create an
<filename>/etc/pam.d/samba</filename> file.</para>
</note>
<indexterm zone="samba3 samba3-swat-config">
<primary sortas="e-etc-pam.d-samba">/etc/pam.d/samba</primary>
</indexterm>
</sect3>
<sect3 id="samba3-init">
<title>Boot Script</title>
<para>For your convenience, boot scripts have been provided for
<application>Samba</application>. There are two included in the
<xref linkend="bootscripts"/> package. The first,
<filename>samba</filename>, will start the <command>smbd</command>
and <command>nmbd</command> daemons needed to provide SMB/CIFS
services. The second script, <filename>winbind</filename>, starts
the <command>winbindd</command> daemon, used for providing Windows
domain services to Linux clients.</para>
<indexterm zone="samba3 samba3-init">
<primary sortas="f-samba">samba</primary>
</indexterm>
<indexterm zone="samba3 samba3-init">
<primary sortas="f-winbind">winbind</primary>
</indexterm>
<para>The default <application>Samba</application> installation uses the
<systemitem class='username'>nobody</systemitem> user for guest access
to the server. This can be overridden by setting the
<option>guest account =</option> parameter in the
<filename>/etc/samba/smb.conf</filename> file. If you utilize the
<option>guest account =</option> parameter, ensure this user exists in
the <filename>/etc/passwd</filename> file. To use the default user,
issue the following commands as the
<systemitem class='username'>root</systemitem> user:</para>
<screen><userinput>groupadd -g 99 nogroup &amp;&amp;
useradd -c "Unprivileged Nobody" -d /dev/null -g nogroup \
-s /bin/false -u 99 nobody</userinput></screen>
<para>Install the <filename>samba</filename> script with the following
command issued as the <systemitem class="username">root</systemitem>
user:</para>
<screen role="root"><userinput>make install-samba</userinput></screen>
<para>If you also need the <filename>winbind</filename>
script:</para>
<screen role="root"><userinput>make install-winbind</userinput></screen>
</sect3>
</sect2>
<sect2 role="content">
<title>Contents</title>
<segmentedlist>
<segtitle>Installed Programs</segtitle>
<segtitle>Installed Libraries</segtitle>
<segtitle>Installed Directories</segtitle>
<!--newprogs: eventlogadm smbget-->
<seglistitem>
<seg>eventlogadm, findsmb, mount.smbfs, net, nmbd, nmblookup,
ntlm_auth, pdbedit, profiles, rpcclient, smbcacls, smbclient,
smbcontrol, smbcquotas, smbd, smbget, smbmnt, smbmount, smbpasswd,
smbspool, smbstatus, smbtar, smbtree, smbumount, swat, tdbbackup,
tdbdump, tdbtool, testparm, testprns, wbinfo, and winbindd</seg>
<seg>libnss_winbind.so, libnss_wins.so, libsmbclient.so, libmsrpc.so,
the pam_winbind.so PAM library and assorted character set, filesystem
and support modules.</seg>
<seg>/etc/samba, /usr/lib/python2.4/site-packages/samba,
/usr/lib/samba, /usr/share/doc/samba-&samba3-version;,
/usr/share/samba, /var/lib/samba and /var/log/samba</seg>
</seglistitem>
</segmentedlist>
<variablelist>
<bridgehead renderas="sect3">Short Descriptions</bridgehead>
<?dbfo list-presentation="list"?>
<?dbhtml list-presentation="table"?>
<varlistentry id="eventlogadm">
<term><command>eventlogadm</command></term>
<listitem>
<para>is used to write records to eventlogs from STDIN, add the
specified source and DLL eventlog registry entries and display the
active eventlog names (from <filename>smb.conf</filename>).</para>
<indexterm zone="samba3 eventlogadm">
<primary sortas="b-eventlogadm">eventlogadm</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="findsmb">
<term><command>findsmb</command></term>
<listitem>
<para>lists information about machines that respond to
SMB name queries on a subnet.</para>
<indexterm zone="samba3 findsmb">
<primary sortas="b-findsmb">findsmb</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="mount.smbfs">
<term><command>mount.smbfs</command></term>
<listitem>
<para>is a symlink to <command>smbmount</command> which provides
<command>/bin/mount</command> with a way to mount remote Windows
(or <application>Samba</application>) fileshares.</para>
<indexterm zone="samba3 mount.smbfs">
<primary sortas="b-mount.smbfs">mount.smbfs</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="net">
<term><command>net</command></term>
<listitem>
<para>is a tool for administration of
<application>Samba</application> and remote CIFS servers, similar
to the <command>net</command> utility for DOS/Windows.</para>
<indexterm zone="samba3 net">
<primary sortas="b-net">net</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="nmbd">
<term><command>nmbd</command></term>
<listitem>
<para>is the <application>Samba</application>
NetBIOS name server.</para>
<indexterm zone="samba3 nmbd">
<primary sortas="b-nmbd">nmbd</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="nmblookup">
<term><command>nmblookup</command></term>
<listitem>
<para>is used to query NetBIOS names and map
them to IP addresses.</para>
<indexterm zone="samba3 nmblookup">
<primary sortas="b-nmblookup">nmblookup</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="ntlm_auth">
<term><command>ntlm_auth</command></term>
<listitem>
<para>is a tool to allow external access to Winbind's
NTLM authentication function.</para>
<indexterm zone="samba3 ntlm_auth">
<primary sortas="b-ntlm_auth">ntlm_auth</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="pdbedit">
<term><command>pdbedit</command></term>
<listitem>
<para>is a tool used to manage the SAM database.</para>
<indexterm zone="samba3 pdbedit">
<primary sortas="b-pdbedit">pdbedit</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="profiles">
<term><command>profiles</command></term>
<listitem>
<para>is a utility that reports and changes SIDs in Windows
registry files. It currently only supports Windows NT.</para>
<indexterm zone="samba3 profiles">
<primary sortas="b-profiles">profiles</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="rpcclient">
<term><command>rpcclient</command></term>
<listitem>
<para>is used to execute MS-RPC client side functions.</para>
<indexterm zone="samba3 rpcclient">
<primary sortas="b-rpcclient">rpcclient</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="smbcacls">
<term><command>smbcacls</command></term>
<listitem>
<para>is used to manipulate Windows NT access control lists.</para>
<indexterm zone="samba3 smbcacls">
<primary sortas="b-smbcacls">smbcacls</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="smbclient">
<term><command>smbclient</command></term>
<listitem>
<para>is a SMB/CIFS access utility, similar to FTP.</para>
<indexterm zone="samba3 smbclient">
<primary sortas="b-smbclient">smbclient</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="smbcontrol">
<term><command>smbcontrol</command></term>
<listitem>
<para>is used to control running <command>smbd</command>,
<command>nmbd</command> and <command>winbindd</command>
daemons.</para>
<indexterm zone="samba3 smbcontrol">
<primary sortas="b-smbcontrol">smbcontrol</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="smbcquotas">
<term><command>smbcquotas</command></term>
<listitem>
<para>is used to manipulate Windows NT quotas on
SMB file shares.</para>
<indexterm zone="samba3 smbcquotas">
<primary sortas="b-smbcquotas">smbcquotas</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="smbd">
<term><command>smbd</command></term>
<listitem>
<para>is the main <application>Samba</application> daemon which
provides SMB/CIFS services to clients.</para>
<indexterm zone="samba3 smbd">
<primary sortas="b-smbd">smbd</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="smbget">
<term><command>smbget</command></term>
<listitem>
<para>is a simple utility with <command>wget</command>-like
semantics, that can download files from SMB servers. You can specify
the files you would like to download on the command-line.</para>
<indexterm zone="samba3 smbget">
<primary sortas="b-smbget">smbget</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="smbmnt">
<term><command>smbmnt</command></term>
<listitem>
<para>is a helper application used by the
<command>smbmount</command> program to do the actual mounting of
SMB shares. It can be installed setuid
<systemitem class='username'>root</systemitem> if you want
unprivileged users to be able to mount their SMB shares.</para>
<indexterm zone="samba3 smbmnt">
<primary sortas="b-smbmnt">smbmnt</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="smbmount">
<term><command>smbmount</command></term>
<listitem>
<para>is usually invoked as <command>mount.smbfs</command> by the
<command>mount</command> command when using the
<parameter>-t smbfs</parameter> option, mounts a Linux SMB
filesystem.</para>
<indexterm zone="samba3 smbmount">
<primary sortas="b-smbmount">smbmount</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="smbpasswd">
<term><command>smbpasswd</command></term>
<listitem>
<para>changes a user's <application>Samba</application>
password.</para>
<indexterm zone="samba3 smbpasswd">
<primary sortas="b-smbpasswd">smbpasswd</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="smbspool">
<term><command>smbspool</command></term>
<listitem>
<para>sends a print job to an SMB printer.</para>
<indexterm zone="samba3 smbspool">
<primary sortas="b-smbspool">smbspool</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="smbstatus">
<term><command>smbstatus</command></term>
<listitem>
<para>reports current <application>Samba</application>
connections.</para>
<indexterm zone="samba3 smbstatus">
<primary sortas="b-smbstatus">smbstatus</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="smbtar">
<term><command>smbtar</command></term>
<listitem>
<para>is a shell script used for backing up SMB/CIFS shares
directly to Linux tape drives or a file.</para>
<indexterm zone="samba3 smbtar">
<primary sortas="b-smbtar">smbtar</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="smbtree">
<term><command>smbtree</command></term>
<listitem>
<para>is a text-based SMB network browser.</para>
<indexterm zone="samba3 smbtree">
<primary sortas="b-smbtree">smbtree</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="smbumount">
<term><command>smbumount</command></term>
<listitem>
<para>is used by unprivileged users to unmount SMB filesystems,
provided that it is setuid root.</para>
<indexterm zone="samba3 smbumount">
<primary sortas="b-smbumount">smbumount</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="swat">
<term><command>swat</command></term>
<listitem>
<para>is the <application>Samba</application> Web Administration
Tool.</para>
<indexterm zone="samba3 swat">
<primary sortas="b-swat">swat</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="tdbbackup">
<term><command>tdbbackup</command></term>
<listitem>
<para>is a tool for backing up or validating the integrity of
<application>Samba</application> <filename>.tdb</filename>
files.</para>
<indexterm zone="samba3 tdbbackup">
<primary sortas="b-tdbbackup">tdbbackup</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="tdbdump">
<term><command>tdbdump</command></term>
<listitem>
<para> is a tool used to print the contents of a
<application>Samba</application> <filename>.tdb</filename>
file.</para>
<indexterm zone="samba3 tdbdump">
<primary sortas="b-tdbdump">tdbdump</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="tdbtool">
<term><command>tdbtool</command></term>
<listitem>
<para>is a tool which allows simple database manipulation from the
command line.</para>
<indexterm zone="samba3 tdbtool">
<primary sortas="b-tdbtool">tdbtool</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="testparm">
<term><command>testparm</command></term>
<listitem>
<para>checks an <filename>smb.conf</filename> file for proper
syntax.</para>
<indexterm zone="samba3 testparm">
<primary sortas="b-testparm">testparm</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="testprns">
<term><command>testprns</command></term>
<listitem>
<para>tests printer names.</para>
<indexterm zone="samba3 testprns">
<primary sortas="b-testprns">testprns</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="wbinfo">
<term><command>wbinfo</command></term>
<listitem>
<para>queries a running <command>winbindd</command> daemon.</para>
<indexterm zone="samba3 wbinfo">
<primary sortas="b-wbinfo">wbinfo</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="winbindd">
<term><command>winbindd</command></term>
<listitem>
<para>resolves names from Windows NT servers.</para>
<indexterm zone="samba3 winbindd">
<primary sortas="b-winbindd">winbindd</primary>
</indexterm>
</listitem>
</varlistentry>
</variablelist>
</sect2>
</sect1>
Reference in New Issue View Git Blame Copy Permalink