1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
|
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
<refentry id="testparm.1">
<refmeta>
<refentrytitle>testparm</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="source">Samba</refmiscinfo>
<refmiscinfo class="manual">User Commands</refmiscinfo>
<refmiscinfo class="version">&doc.version;</refmiscinfo>
</refmeta>
<refnamediv>
<refname>testparm</refname>
<refpurpose>check an smb.conf configuration file for
internal correctness</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>testparm</command>
<arg choice="opt">-s|--suppress-prompt</arg>
<arg choice="opt">-v|--verbose</arg>
<arg choice="opt">-?|--help</arg>
<arg choice="opt">--usage</arg>
<arg choice="opt">-d|--debuglevel=DEBUGLEVEL</arg>
<arg choice="opt">--debug-stdout</arg>
<arg choice="req">config filename</arg>
<arg choice="opt">hostname hostIP</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>DESCRIPTION</title>
<para>This tool is part of the <citerefentry><refentrytitle>samba</refentrytitle>
<manvolnum>7</manvolnum></citerefentry> suite.</para>
<para><command>testparm</command> is a very simple test program
to check an <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> configuration file for
internal correctness. If this program reports no problems, you
can use the configuration file with confidence that <command>smbd
</command> will successfully load the configuration file.</para>
<para>Note that this is <emphasis>NOT</emphasis> a guarantee that
the services specified in the configuration file will be
available or will operate as expected. </para>
<para>If the optional host name and host IP address are
specified on the command line, this test program will run through
the service entries reporting whether the specified host
has access to each service. </para>
<para>If <command>testparm</command> finds an error in the <filename>
smb.conf</filename> file it returns an exit code of 1 to the calling
program, else it returns an exit code of 0. This allows shell scripts
to test the output from <command>testparm</command>.</para>
</refsect1>
<refsect1>
<title>OPTIONS</title>
<variablelist>
<varlistentry>
<term>-s|--suppress-prompt</term>
<listitem><para>Without this option, <command>testparm</command>
will prompt for a carriage return after printing the service
names and before dumping the service definitions.</para></listitem>
</varlistentry>
<varlistentry>
<term>-v|--verbose</term>
<listitem><para>If this option is specified, testparm
will also output all options that were not used in <citerefentry>
<refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum>
</citerefentry> and are thus set to their defaults.</para></listitem>
</varlistentry>
<varlistentry>
<term>--parameter-name parametername</term>
<listitem><para>
Dumps the named parameter. If no section-name is set the view
is limited by default to the global section.
It is also possible to dump a parametrical option. Therefore
the option has to be separated by a colon from the
parametername.
</para></listitem>
</varlistentry>
<varlistentry>
<term>--section-name sectionname</term>
<listitem><para>
Dumps the named section.
</para></listitem>
</varlistentry>
<varlistentry>
<term>--show-all-parameters</term>
<listitem><para>
Show the parameters, type, possible values.
</para></listitem>
</varlistentry>
<varlistentry>
<term>-l|--skip-logic-checks</term>
<listitem><para>
Skip the global checks.
</para></listitem>
</varlistentry>
&popt.autohelp;
&cmdline.common.debug.client;
&cmdline.common.config.client;
&cmdline.common.option;
&cmdline.version;
<varlistentry>
<term>configfilename</term>
<listitem><para>This is the name of the configuration file
to check. If this parameter is not present then the
default <citerefentry><refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum>
</citerefentry> file will be checked.
</para></listitem>
</varlistentry>
<varlistentry>
<term>hostname</term>
<listitem><para>If this parameter and the following are
specified, then <command>testparm</command> will examine the <parameter>hosts
allow</parameter> and <parameter>hosts deny</parameter>
parameters in the <citerefentry>
<refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum>
</citerefentry> file to
determine if the hostname with this IP address would be
allowed access to the <command>smbd</command> server. If
this parameter is supplied, the hostIP parameter must also
be supplied.</para></listitem>
</varlistentry>
<varlistentry>
<term>hostIP</term>
<listitem><para>This is the IP address of the host specified
in the previous parameter. This address must be supplied
if the hostname parameter is supplied. </para></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><citerefentry><refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum>
</citerefentry></term>
<listitem><para>This is usually the name of the configuration
file used by <citerefentry><refentrytitle>smbd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>.
</para></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>DIAGNOSTICS</title>
<para>The program will issue a message saying whether the
configuration file loaded OK or not. This message may be preceded by
errors and warnings if the file did not load. If the file was
loaded OK, the program then dumps all known service details
to stdout. </para>
<para>For certain use cases, SMB protocol requires use of
cryptographic algorithms which are known to be weak and already
broken. DES and ARCFOUR (RC4) ciphers and the SHA1 and MD5 hash
algorithms are considered weak but they are required for backward
compatibility. The testparm utility shows whether the Samba tools
will fall back to these weak crypto algorithms if it is not possible
to use strong cryptography by default.
In FIPS mode weak crypto cannot be enabled.</para>
</refsect1>
<refsect1>
<title>VERSION</title>
<para>This man page is part of version &doc.version; of
the Samba suite.</para>
</refsect1>
<refsect1>
<title>SEE ALSO</title>
<para><citerefentry>
<refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>, <citerefentry>
<refentrytitle>smbd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry></para>
</refsect1>
<refsect1>
<title>AUTHOR</title>
<para>The original Samba software and related utilities
were created by Andrew Tridgell. Samba is now developed
by the Samba Team as an Open Source project similar
to the way the Linux kernel is developed.</para>
</refsect1>
</refentry>
|
