diff options
Diffstat (limited to 'docs-xml/smbdotconf/base')
21 files changed, 498 insertions, 0 deletions
diff --git a/docs-xml/smbdotconf/base/additionaldnshostnames.xml b/docs-xml/smbdotconf/base/additionaldnshostnames.xml new file mode 100644 index 0000000..ddc04ee --- /dev/null +++ b/docs-xml/smbdotconf/base/additionaldnshostnames.xml @@ -0,0 +1,11 @@ +<samba:parameter name="additional dns hostnames" + context="G" + type="cmdlist" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> + <description> + <para> A list of additional DNS names by which this host can be identified + </para> +</description> +<value type="default"><comment>empty string (no additional dns names)</comment></value> +<value type="example"> host2.example.com host3.other.com </value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/bindinterfacesonly.xml b/docs-xml/smbdotconf/base/bindinterfacesonly.xml new file mode 100644 index 0000000..9a148f3 --- /dev/null +++ b/docs-xml/smbdotconf/base/bindinterfacesonly.xml @@ -0,0 +1,57 @@ +<samba:parameter name="bind interfaces only" + type="boolean" + context="G" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>This global parameter allows the Samba admin + to limit what interfaces on a machine will serve SMB requests. It + affects file service <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> and name service <citerefentry><refentrytitle>nmbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> in a slightly different ways.</para> + + <para> + For name service it causes <command moreinfo="none">nmbd</command> to bind to ports 137 and 138 on the + interfaces listed in the <smbconfoption name="interfaces"/> parameter. <command moreinfo="none">nmbd</command> + also binds to the "all addresses" interface (0.0.0.0) on ports 137 and 138 for the purposes of + reading broadcast messages. If this option is not set then <command moreinfo="none">nmbd</command> will + service name requests on all of these sockets. If <smbconfoption name="bind interfaces only"/> is set then + <command moreinfo="none">nmbd</command> will check the source address of any packets coming in on the + broadcast sockets and discard any that don't match the broadcast addresses of the interfaces in the + <smbconfoption name="interfaces"/> parameter list. As unicast packets are received on the other sockets it + allows <command moreinfo="none">nmbd</command> to refuse to serve names to machines that send packets that + arrive through any interfaces not listed in the <smbconfoption name="interfaces"/> list. IP Source address + spoofing does defeat this simple check, however, so it must not be used seriously as a security feature for + <command moreinfo="none">nmbd</command>. + </para> + + <para> + For file service it causes <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> to bind only to the interface list given in the <smbconfoption + name="interfaces"/> parameter. This restricts the networks that <command moreinfo="none">smbd</command> will + serve, to packets coming in on those interfaces. Note that you should not use this parameter for machines that + are serving PPP or other intermittent or non-broadcast network interfaces as it will not cope with + non-permanent interfaces. + </para> + + <para> + If <smbconfoption name="bind interfaces only"/> is set and the network address + <emphasis>127.0.0.1</emphasis> is not added to the <smbconfoption name="interfaces"/> parameter list + <citerefentry><refentrytitle>smbpasswd</refentrytitle> <manvolnum>8</manvolnum></citerefentry> may not + work as expected due to the reasons covered below. + </para> + + <para> + To change a users SMB password, the <command moreinfo="none">smbpasswd</command> by default connects to the + <emphasis>localhost - 127.0.0.1</emphasis> address as an SMB client to issue the password change request. If + <smbconfoption name="bind interfaces only"/> is set then unless the network address + <emphasis>127.0.0.1</emphasis> is added to the <smbconfoption name="interfaces"/> parameter list then <command + moreinfo="none"> smbpasswd</command> will fail to connect in it's default mode. <command + moreinfo="none">smbpasswd</command> can be forced to use the primary IP interface of the local host by using + its <citerefentry><refentrytitle>smbpasswd</refentrytitle> <manvolnum>8</manvolnum></citerefentry> <parameter + moreinfo="none">-r <replaceable>remote machine</replaceable></parameter> parameter, with <replaceable>remote + machine</replaceable> set to the IP name of the primary interface of the local host. + </para> + +</description> +<value type="default">no</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/comment.xml b/docs-xml/smbdotconf/base/comment.xml new file mode 100644 index 0000000..c5aba83 --- /dev/null +++ b/docs-xml/smbdotconf/base/comment.xml @@ -0,0 +1,18 @@ +<samba:parameter name="comment" + context="S" + type="string" + substitution="1" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>This is a text field that is seen next to a share + when a client does a queries the server, either via the network + neighborhood or via <command moreinfo="none">net view</command> to list what shares + are available.</para> + + <para>If you want to set the string that is displayed next to the + machine name then see the <smbconfoption name="server string"/> parameter.</para> + +</description> +<value type="default"><comment>No comment</comment></value> +<value type="example">Fred's Files</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/configbackend.xml b/docs-xml/smbdotconf/base/configbackend.xml new file mode 100644 index 0000000..2237569 --- /dev/null +++ b/docs-xml/smbdotconf/base/configbackend.xml @@ -0,0 +1,26 @@ +<samba:parameter name="config backend" + context="G" + type="enum" + enumlist="enum_config_backend" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para> + This controls the backend for storing the configuration. + Possible values are <emphasis>file</emphasis> (the default) + and <emphasis>registry</emphasis>. + When <smbconfoption name="config backend">registry</smbconfoption> + is encountered while loading <emphasis>smb.conf</emphasis>, + the configuration read so far is dropped and the global + options are read from registry instead. So this triggers a + registry only configuration. Share definitions are not read + immediately but instead <parameter>registry + shares</parameter> is set to <emphasis>yes</emphasis>. + </para> + <para> + Note: This option can not be set inside the registry + configuration itself. + </para> +</description> +<value type="default">file</value> +<value type="example">registry</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/doscharset.xml b/docs-xml/smbdotconf/base/doscharset.xml new file mode 100644 index 0000000..ebd7586 --- /dev/null +++ b/docs-xml/smbdotconf/base/doscharset.xml @@ -0,0 +1,17 @@ +<samba:parameter name="dos charset" + type="string" + context="G" + handler="handle_dos_charset" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>DOS SMB clients assume the server has + the same charset as they do. This option specifies which + charset Samba should talk to DOS clients. + </para> + + <para>The default depends on which charsets you have installed. + Samba tries to use charset 850 but falls back to ASCII in + case it is not available. Run <citerefentry><refentrytitle>testparm</refentrytitle> + <manvolnum>1</manvolnum></citerefentry> to check the default on your system.</para> +</description> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/enablecorefiles.xml b/docs-xml/smbdotconf/base/enablecorefiles.xml new file mode 100644 index 0000000..9aa057f --- /dev/null +++ b/docs-xml/smbdotconf/base/enablecorefiles.xml @@ -0,0 +1,15 @@ +<samba:parameter name="enable core files" + context="G" + type="boolean" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> + +<description> + <para>This parameter specifies whether core dumps should be written + on internal exits. Normally set to <constant>yes</constant>. + You should never need to change this. + </para> +</description> + + <value type="default">yes</value> + <value type="example">no</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/interfaces.xml b/docs-xml/smbdotconf/base/interfaces.xml new file mode 100644 index 0000000..cbc2971 --- /dev/null +++ b/docs-xml/smbdotconf/base/interfaces.xml @@ -0,0 +1,87 @@ +<samba:parameter name="interfaces" + context="G" + type="cmdlist" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>This option allows you to override the default + network interfaces list that Samba will use for browsing, name + registration and other NetBIOS over TCP/IP (NBT) traffic. By default Samba will query + the kernel for the list of all active interfaces and use any + interfaces except 127.0.0.1 that are broadcast capable.</para> + + <para>The option takes a list of interface strings. Each string + can be in any of the following forms:</para> + + <itemizedlist> + <listitem><para>a network interface name (such as eth0). + This may include shell-like wildcards so eth* will match + any interface starting with the substring "eth"</para></listitem> + + <listitem><para>an IP address. In this case the netmask is + determined from the list of interfaces obtained from the + kernel</para></listitem> + + <listitem><para>an IP/mask pair. </para></listitem> + + <listitem><para>a broadcast/mask pair.</para></listitem> + </itemizedlist> + + <para>The "mask" parameters can either be a bit length (such + as 24 for a C class network) or a full netmask in dotted + decimal form.</para> + + <para>The "IP" parameters above can either be a full dotted + decimal IP address or a hostname which will be looked up via + the OS's normal hostname resolution mechanisms.</para> + + <para> + By default Samba enables all active interfaces that are broadcast capable + except the loopback adaptor (IP address 127.0.0.1). + </para> + + <para> + In order to support SMB3 multi-channel configurations, smbd understands + some extra parameters which can be appended after the actual interface with + this extended syntax (note that the quoting is important in order to handle the ; and , + characters): + </para> + + <para> + "interface[;key1=value1[,key2=value2[...]]]" + </para> + + <para> + Known keys are speed, capability, and if_index. Speed is specified in + bits per second. Known capabilities are RSS and RDMA. The + if_index should be used with care: the values must not coincide with + indexes used by the kernel. + Note that these options are mainly intended for testing and + development rather than for production use. At least on Linux systems, + these values should be auto-detected, but the settings can serve + as last a resort when autodetection is not working or is not available. + The specified values overwrite the auto-detected values. + </para> + + <para> + The first two example below configures three network interfaces corresponding + to the eth0 device and IP addresses 192.168.2.10 and 192.168.3.10. + The netmasks of the latter two interfaces would be set to 255.255.255.0. + </para> + + <para> + The other examples show how per interface extra parameters can be specified. + Notice the possible usage of "," and ";", which makes + the double quoting necessary. + </para> +</description> +<related>bind interfaces only</related> + +<value type="example">eth0 192.168.2.10/24 192.168.3.10/255.255.255.0</value> +<value type="example">eth0, 192.168.2.10/24; 192.168.3.10/255.255.255.0</value> +<value type="example">"eth0;if_index=65,speed=1000000000,capability=RSS"</value> +<value type="example">"lo;speed=1000000000" "eth0;capability=RSS"</value> +<value type="example">"lo;speed=1000000000" , "eth0;capability=RSS"</value> +<value type="example">"eth0;capability=RSS" , "rdma1;capability=RDMA" ; "rdma2;capability=RSS,capability=RDMA"</value> + +<value type="default"/> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/mdnsname.xml b/docs-xml/smbdotconf/base/mdnsname.xml new file mode 100644 index 0000000..fba90ff --- /dev/null +++ b/docs-xml/smbdotconf/base/mdnsname.xml @@ -0,0 +1,19 @@ +<samba:parameter name="mdns name" + type="enum" + context="G" + enumlist="enum_mdns_name_values" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> + +<description> + <para>This parameter controls the name that multicast DNS + support advertises as its' hostname.</para> + + <para>The default is to use the NETBIOS name which is typically + the hostname in all capital letters. </para> + + <para>A setting of mdns will defer the hostname configuration + to the MDNS library that is used.</para> + +</description> +<value type="default">netbios</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/multicastdnsregister.xml b/docs-xml/smbdotconf/base/multicastdnsregister.xml new file mode 100644 index 0000000..2c330ab --- /dev/null +++ b/docs-xml/smbdotconf/base/multicastdnsregister.xml @@ -0,0 +1,14 @@ +<samba:parameter name="multicast dns register" + type="boolean" + context="G" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>If compiled with proper support for it, Samba will + announce itself with multicast DNS services like for example + provided by the Avahi daemon.</para> + + <para>This parameter allows disabling Samba to register + itself.</para> +</description> +<value type="default">yes</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/netbiosaliases.xml b/docs-xml/smbdotconf/base/netbiosaliases.xml new file mode 100644 index 0000000..b9b66b1 --- /dev/null +++ b/docs-xml/smbdotconf/base/netbiosaliases.xml @@ -0,0 +1,16 @@ +<samba:parameter name="netbios aliases" + context="G" + type="cmdlist" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> + <description> + <para>This is a list of NetBIOS names that nmbd will + advertise as additional names by which the Samba server is known. This allows one machine + to appear in browse lists under multiple names. If a machine is acting as a browse server + or logon server none of these names will be advertised as either browse server or logon + servers, only the primary name of the machine will be advertised with these capabilities. + </para> +</description> +<related>netbios name</related> +<value type="default"><comment>empty string (no additional names)</comment></value> +<value type="example">TEST TEST1 TEST2</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/netbiosname.xml b/docs-xml/smbdotconf/base/netbiosname.xml new file mode 100644 index 0000000..e9e0538 --- /dev/null +++ b/docs-xml/smbdotconf/base/netbiosname.xml @@ -0,0 +1,24 @@ +<samba:parameter name="netbios name" + context="G" + type="ustring" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para> + This sets the NetBIOS name by which a Samba server is known. By default it is the same as the first component + of the host's DNS name. If a machine is a browse server or logon server this name (or the first component of + the hosts DNS name) will be the name that these services are advertised under. + </para> + + <para>Note that the maximum length for a NetBIOS name is 15 characters.</para> + + <para> + There is a bug in Samba that breaks operation of browsing and access to shares if the netbios name + is set to the literal name <literal>PIPE</literal>. To avoid this problem, do not name your Samba + server <literal>PIPE</literal>. + </para> +</description> + +<related>netbios aliases</related> +<value type="default"><comment>machine DNS name</comment></value> +<value type="example">MYNAME</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/netbiosscope.xml b/docs-xml/smbdotconf/base/netbiosscope.xml new file mode 100644 index 0000000..078697f --- /dev/null +++ b/docs-xml/smbdotconf/base/netbiosscope.xml @@ -0,0 +1,11 @@ +<samba:parameter name="netbios scope" + context="G" + type="ustring" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>This sets the NetBIOS scope that Samba will + operate under. This should not be set unless every machine + on your LAN also sets this value.</para> +</description> +<value type="default"></value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/path.xml b/docs-xml/smbdotconf/base/path.xml new file mode 100644 index 0000000..669c20d --- /dev/null +++ b/docs-xml/smbdotconf/base/path.xml @@ -0,0 +1,32 @@ +<samba:parameter name="path" + context="S" + type="string" + substitution="1" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<synonym>directory</synonym> +<description> + <para>This parameter specifies a directory to which + the user of the service is to be given access. In the case of + printable services, this is where print data will spool prior to + being submitted to the host for printing.</para> + + <para>For a printable service offering guest access, the service + should be readonly and the path should be world-writeable and + have the sticky bit set. This is not mandatory of course, but + you probably won't get the results you expect if you do + otherwise.</para> + + <para>Any occurrences of <parameter moreinfo="none">%u</parameter> in the path + will be replaced with the UNIX username that the client is using + on this connection. Any occurrences of <parameter moreinfo="none">%m</parameter> + will be replaced by the NetBIOS name of the machine they are + connecting from. These replacements are very useful for setting + up pseudo home directories for users.</para> + +<para>Note that this path will be based on <smbconfoption name="root dir"/> + if one was specified.</para> + </description> + + <value type="default"></value> + <value type="example">/home/fred</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/preforkbackoffincrement.xml b/docs-xml/smbdotconf/base/preforkbackoffincrement.xml new file mode 100644 index 0000000..2cb1cc3 --- /dev/null +++ b/docs-xml/smbdotconf/base/preforkbackoffincrement.xml @@ -0,0 +1,25 @@ +<samba:parameter name="prefork backoff increment" + context="G" + type="integer" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>This option specifies the number of seconds added to the delay + before a prefork master or worker process is restarted. The + restart is initially zero, the prefork backoff increment is + added to the delay on each restart up to the value specified by + "prefork maximum backoff". + </para> + + <para>Additionally the the backoff for an individual service by using + "prefork backoff increment: service name" + i.e. "prefork backoff increment:ldap = 2" to set the + backoff increment to 2.</para> + + <para>If the backoff increment is 2 and the maximum backoff is 5. + There will be a zero second delay for the first restart. A two + second delay for the second restart. A four second delay for the + third and any subsequent restarts</para> +</description> + +<value type="default">10</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/preforkchildren.xml b/docs-xml/smbdotconf/base/preforkchildren.xml new file mode 100644 index 0000000..1b9f8cf --- /dev/null +++ b/docs-xml/smbdotconf/base/preforkchildren.xml @@ -0,0 +1,26 @@ +<samba:parameter name="prefork children" + context="G" + type="integer" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>This option controls the number of worker processes that are + started for each service when prefork process model is enabled + (see <citerefentry><refentrytitle>samba</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> -M) + The prefork children are only started for those services that + support prefork (currently ldap, kdc and netlogon). + For processes that don't support preforking all requests are + handled by a single process for that service. + </para> + + <para>This should be set to a small multiple of the number of CPU's + available on the server</para> + + <para>Additionally the number of prefork children can be specified for + an individual service by using "prefork children: service name" + i.e. "prefork children:ldap = 8" to set the number of ldap + worker processes.</para> +</description> + +<value type="default">4</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/preforkmaximumbackoff.xml b/docs-xml/smbdotconf/base/preforkmaximumbackoff.xml new file mode 100644 index 0000000..17e530d --- /dev/null +++ b/docs-xml/smbdotconf/base/preforkmaximumbackoff.xml @@ -0,0 +1,13 @@ +<samba:parameter name="prefork maximum backoff" + context="G" + type="integer" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>This option controls the maximum delay before a failed pre-fork + process is restarted. + </para> + +</description> + +<value type="default">120</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/realm.xml b/docs-xml/smbdotconf/base/realm.xml new file mode 100644 index 0000000..dd39c1b --- /dev/null +++ b/docs-xml/smbdotconf/base/realm.xml @@ -0,0 +1,15 @@ +<samba:parameter name="realm" + context="G" + type="string" + handler="handle_realm" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>This option specifies the kerberos realm to use. The realm is + used as the ADS equivalent of the NT4 <command moreinfo="none">domain</command>. It + is usually set to the DNS name of the kerberos server. + </para> +</description> + +<value type="default"></value> +<value type="example">mysambabox.mycompany.com</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/serverservices.xml b/docs-xml/smbdotconf/base/serverservices.xml new file mode 100644 index 0000000..dba65e9 --- /dev/null +++ b/docs-xml/smbdotconf/base/serverservices.xml @@ -0,0 +1,17 @@ +<samba:parameter name="server services" + context="G" + type="list" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>This option contains the services that the Samba daemon will + run.</para> + + <para>An entry in the <filename>smb.conf</filename> file can either + override the previous value completely or entries can be removed from + or added to it by prefixing them with <constant>+</constant> or + <constant>-</constant>. </para> +</description> + +<value type="default">s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns</value> +<value type="example">-s3fs, +smb</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/serverstring.xml b/docs-xml/smbdotconf/base/serverstring.xml new file mode 100644 index 0000000..4088295 --- /dev/null +++ b/docs-xml/smbdotconf/base/serverstring.xml @@ -0,0 +1,22 @@ +<samba:parameter name="server string" + context="G" + type="string" + substitution="1" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>This controls what string will show up in the printer comment box in print + manager and next to the IPC connection in <command moreinfo="none">net view</command>. It + can be any string that you wish to show to your users.</para> + + <para>It also sets what will appear in browse lists next + to the machine name.</para> + + <para>A <parameter moreinfo="none">%v</parameter> will be replaced with the Samba + version number.</para> + + <para>A <parameter moreinfo="none">%h</parameter> will be replaced with the + hostname.</para> +</description> +<value type="default">Samba %v</value> +<value type="example">University of GNUs Samba Server</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/unixcharset.xml b/docs-xml/smbdotconf/base/unixcharset.xml new file mode 100644 index 0000000..23c4f1e --- /dev/null +++ b/docs-xml/smbdotconf/base/unixcharset.xml @@ -0,0 +1,19 @@ +<samba:parameter name="unix charset" + context="G" + type="string" + handler="handle_charset" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>Specifies the charset the unix machine + Samba runs on uses. Samba needs to know this in order to be able to + convert text to the charsets other SMB clients use. + </para> + + <para>This is also the charset Samba will use when specifying arguments + to scripts that it invokes. + </para> +</description> + +<value type="default">UTF-8</value> +<value type="example">ASCII</value> +</samba:parameter> diff --git a/docs-xml/smbdotconf/base/workgroup.xml b/docs-xml/smbdotconf/base/workgroup.xml new file mode 100644 index 0000000..1408147 --- /dev/null +++ b/docs-xml/smbdotconf/base/workgroup.xml @@ -0,0 +1,14 @@ +<samba:parameter name="workgroup" + context="G" + type="ustring" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>This controls what workgroup your server will + appear to be in when queried by clients. Note that this parameter + also controls the Domain name used with + the <smbconfoption name="security">domain</smbconfoption> + setting.</para> +</description> +<value type="default">WORKGROUP</value> +<value type="example">MYGROUP</value> +</samba:parameter> |