From 8daa83a594a2e98f39d764422bfbdbc62c9efd44 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 19:20:00 +0200 Subject: Adding upstream version 2:4.20.0+dfsg. Signed-off-by: Daniel Baumann --- docs-xml/smbdotconf/misc/addsharecommand.xml | 72 +++++++++++++++++++ docs-xml/smbdotconf/misc/afsshare.xml | 15 ++++ docs-xml/smbdotconf/misc/afstokenlifetime.xml | 14 ++++ docs-xml/smbdotconf/misc/afsusernamemap.xml | 19 +++++ .../smbdotconf/misc/allowinsecurewidelinks.xml | 37 ++++++++++ .../smbdotconf/misc/allowunsafeclusterupgrade.xml | 16 +++++ docs-xml/smbdotconf/misc/asyncsmbechohandler.xml | 15 ++++ docs-xml/smbdotconf/misc/auto_services.xml | 22 ++++++ docs-xml/smbdotconf/misc/available.xml | 14 ++++ docs-xml/smbdotconf/misc/cachedirectory.xml | 24 +++++++ docs-xml/smbdotconf/misc/changenotify.xml | 13 ++++ docs-xml/smbdotconf/misc/changesharecommand.xml | 80 ++++++++++++++++++++++ docs-xml/smbdotconf/misc/clusteraddresses.xml | 16 +++++ docs-xml/smbdotconf/misc/clustering.xml | 16 +++++ docs-xml/smbdotconf/misc/configfile.xml | 25 +++++++ docs-xml/smbdotconf/misc/copy.xml | 21 ++++++ docs-xml/smbdotconf/misc/ctdbdsocket.xml | 15 ++++ .../smbdotconf/misc/ctdblocktimewarnthreshold.xml | 27 ++++++++ docs-xml/smbdotconf/misc/ctdbtimeout.xml | 36 ++++++++++ docs-xml/smbdotconf/misc/defaultservice.xml | 31 +++++++++ docs-xml/smbdotconf/misc/deletereadonly.xml | 14 ++++ docs-xml/smbdotconf/misc/deletesharecommand.xml | 52 ++++++++++++++ docs-xml/smbdotconf/misc/dfreecachetime.xml | 26 +++++++ docs-xml/smbdotconf/misc/dfreecommand.xml | 62 +++++++++++++++++ docs-xml/smbdotconf/misc/dmapisupport.xml | 28 ++++++++ docs-xml/smbdotconf/misc/dontdescend.xml | 21 ++++++ docs-xml/smbdotconf/misc/dosfilemode.xml | 24 +++++++ docs-xml/smbdotconf/misc/dosfiletimeresolution.xml | 25 +++++++ docs-xml/smbdotconf/misc/dosfiletimes.xml | 20 ++++++ docs-xml/smbdotconf/misc/dsdbeventnotification.xml | 29 ++++++++ .../misc/dsdbgroupchangenotification.xml | 29 ++++++++ .../misc/dsdbpasswordeventnotification.xml | 29 ++++++++ docs-xml/smbdotconf/misc/elasticsearchaddress.xml | 14 ++++ .../misc/elasticsearchignoreunknownattribute.xml | 19 +++++ .../misc/elasticsearchignoreunknowntype.xml | 19 +++++ docs-xml/smbdotconf/misc/elasticsearchindex.xml | 16 +++++ docs-xml/smbdotconf/misc/elasticsearchmappings.xml | 14 ++++ .../smbdotconf/misc/elasticsearchmaxresults.xml | 15 ++++ docs-xml/smbdotconf/misc/elasticsearchport.xml | 14 ++++ docs-xml/smbdotconf/misc/elasticsearchusetls.xml | 14 ++++ .../smbdotconf/misc/fakedirectorycreatetimes.xml | 34 +++++++++ docs-xml/smbdotconf/misc/followsymlinks.xml | 20 ++++++ docs-xml/smbdotconf/misc/fssprunestale.xml | 15 ++++ docs-xml/smbdotconf/misc/fsssequencetimeout.xml | 15 ++++ docs-xml/smbdotconf/misc/fstype.xml | 16 +++++ .../smbdotconf/misc/honorchangenotifyprivilege.xml | 20 ++++++ docs-xml/smbdotconf/misc/include.xml | 31 +++++++++ docs-xml/smbdotconf/misc/kernelchangenotify.xml | 16 +++++ docs-xml/smbdotconf/misc/lockdirectory.xml | 24 +++++++ .../smbdotconf/misc/logwriteablefilesonexit.xml | 22 ++++++ docs-xml/smbdotconf/misc/magicoutput.xml | 19 +++++ docs-xml/smbdotconf/misc/magicscript.xml | 31 +++++++++ docs-xml/smbdotconf/misc/messagecommand.xml | 79 +++++++++++++++++++++ .../smbdotconf/misc/nbtclientsocketaddress.xml | 20 ++++++ docs-xml/smbdotconf/misc/ncalrpcdir.xml | 12 ++++ .../smbdotconf/misc/nmbdbindexplicitbroadcast.xml | 16 +++++ docs-xml/smbdotconf/misc/panicaction.xml | 17 +++++ docs-xml/smbdotconf/misc/perfcountmodule.xml | 13 ++++ docs-xml/smbdotconf/misc/piddirectory.xml | 13 ++++ docs-xml/smbdotconf/misc/postexec.xml | 21 ++++++ docs-xml/smbdotconf/misc/preexec.xml | 29 ++++++++ docs-xml/smbdotconf/misc/preexecclose.xml | 13 ++++ docs-xml/smbdotconf/misc/registryshares.xml | 23 +++++++ docs-xml/smbdotconf/misc/remoteannounce.xml | 42 ++++++++++++ docs-xml/smbdotconf/misc/remotebrowsesync.xml | 50 ++++++++++++++ docs-xml/smbdotconf/misc/resetonzerovc.xml | 28 ++++++++ docs-xml/smbdotconf/misc/rootpostexec.xml | 16 +++++ docs-xml/smbdotconf/misc/rootpreexec.xml | 18 +++++ docs-xml/smbdotconf/misc/rootpreexecclose.xml | 14 ++++ docs-xml/smbdotconf/misc/smbdasyncdosmode.xml | 13 ++++ .../smbdotconf/misc/smbdgetinfoasksharemode.xml | 14 ++++ docs-xml/smbdotconf/misc/smbdmaxasyncdosmode.xml | 12 ++++ docs-xml/smbdotconf/misc/smbdmaxxattrsize.xml | 28 ++++++++ docs-xml/smbdotconf/misc/smbdprofilinglevel.xml | 17 +++++ .../smbdotconf/misc/smbdsearchasksharemode.xml | 13 ++++ docs-xml/smbdotconf/misc/spotlight.xml | 31 +++++++++ docs-xml/smbdotconf/misc/spotlight_backend.xml | 30 ++++++++ docs-xml/smbdotconf/misc/statedirectory.xml | 21 ++++++ docs-xml/smbdotconf/misc/usershareallowguests.xml | 15 ++++ docs-xml/smbdotconf/misc/usersharemaxshares.xml | 13 ++++ docs-xml/smbdotconf/misc/usershareowneronly.xml | 18 +++++ docs-xml/smbdotconf/misc/usersharepath.xml | 32 +++++++++ .../smbdotconf/misc/usershareprefixallowlist.xml | 23 +++++++ .../smbdotconf/misc/usershareprefixdenylist.xml | 24 +++++++ .../smbdotconf/misc/usersharetemplateshare.xml | 23 +++++++ docs-xml/smbdotconf/misc/utmp.xml | 24 +++++++ docs-xml/smbdotconf/misc/utmpdirectory.xml | 20 ++++++ docs-xml/smbdotconf/misc/valid.xml | 20 ++++++ docs-xml/smbdotconf/misc/volume.xml | 13 ++++ docs-xml/smbdotconf/misc/volumeserialnumber.xml | 14 ++++ docs-xml/smbdotconf/misc/widelinks.xml | 27 ++++++++ docs-xml/smbdotconf/misc/wspproperties.xml | 55 +++++++++++++++ docs-xml/smbdotconf/misc/wtmpdirectory.xml | 22 ++++++ 93 files changed, 2221 insertions(+) create mode 100644 docs-xml/smbdotconf/misc/addsharecommand.xml create mode 100644 docs-xml/smbdotconf/misc/afsshare.xml create mode 100644 docs-xml/smbdotconf/misc/afstokenlifetime.xml create mode 100644 docs-xml/smbdotconf/misc/afsusernamemap.xml create mode 100644 docs-xml/smbdotconf/misc/allowinsecurewidelinks.xml create mode 100644 docs-xml/smbdotconf/misc/allowunsafeclusterupgrade.xml create mode 100644 docs-xml/smbdotconf/misc/asyncsmbechohandler.xml create mode 100644 docs-xml/smbdotconf/misc/auto_services.xml create mode 100644 docs-xml/smbdotconf/misc/available.xml create mode 100644 docs-xml/smbdotconf/misc/cachedirectory.xml create mode 100644 docs-xml/smbdotconf/misc/changenotify.xml create mode 100644 docs-xml/smbdotconf/misc/changesharecommand.xml create mode 100644 docs-xml/smbdotconf/misc/clusteraddresses.xml create mode 100644 docs-xml/smbdotconf/misc/clustering.xml create mode 100644 docs-xml/smbdotconf/misc/configfile.xml create mode 100644 docs-xml/smbdotconf/misc/copy.xml create mode 100644 docs-xml/smbdotconf/misc/ctdbdsocket.xml create mode 100644 docs-xml/smbdotconf/misc/ctdblocktimewarnthreshold.xml create mode 100644 docs-xml/smbdotconf/misc/ctdbtimeout.xml create mode 100644 docs-xml/smbdotconf/misc/defaultservice.xml create mode 100644 docs-xml/smbdotconf/misc/deletereadonly.xml create mode 100644 docs-xml/smbdotconf/misc/deletesharecommand.xml create mode 100644 docs-xml/smbdotconf/misc/dfreecachetime.xml create mode 100644 docs-xml/smbdotconf/misc/dfreecommand.xml create mode 100644 docs-xml/smbdotconf/misc/dmapisupport.xml create mode 100644 docs-xml/smbdotconf/misc/dontdescend.xml create mode 100644 docs-xml/smbdotconf/misc/dosfilemode.xml create mode 100644 docs-xml/smbdotconf/misc/dosfiletimeresolution.xml create mode 100644 docs-xml/smbdotconf/misc/dosfiletimes.xml create mode 100644 docs-xml/smbdotconf/misc/dsdbeventnotification.xml create mode 100644 docs-xml/smbdotconf/misc/dsdbgroupchangenotification.xml create mode 100644 docs-xml/smbdotconf/misc/dsdbpasswordeventnotification.xml create mode 100644 docs-xml/smbdotconf/misc/elasticsearchaddress.xml create mode 100644 docs-xml/smbdotconf/misc/elasticsearchignoreunknownattribute.xml create mode 100644 docs-xml/smbdotconf/misc/elasticsearchignoreunknowntype.xml create mode 100644 docs-xml/smbdotconf/misc/elasticsearchindex.xml create mode 100644 docs-xml/smbdotconf/misc/elasticsearchmappings.xml create mode 100644 docs-xml/smbdotconf/misc/elasticsearchmaxresults.xml create mode 100644 docs-xml/smbdotconf/misc/elasticsearchport.xml create mode 100644 docs-xml/smbdotconf/misc/elasticsearchusetls.xml create mode 100644 docs-xml/smbdotconf/misc/fakedirectorycreatetimes.xml create mode 100644 docs-xml/smbdotconf/misc/followsymlinks.xml create mode 100644 docs-xml/smbdotconf/misc/fssprunestale.xml create mode 100644 docs-xml/smbdotconf/misc/fsssequencetimeout.xml create mode 100644 docs-xml/smbdotconf/misc/fstype.xml create mode 100644 docs-xml/smbdotconf/misc/honorchangenotifyprivilege.xml create mode 100644 docs-xml/smbdotconf/misc/include.xml create mode 100644 docs-xml/smbdotconf/misc/kernelchangenotify.xml create mode 100644 docs-xml/smbdotconf/misc/lockdirectory.xml create mode 100644 docs-xml/smbdotconf/misc/logwriteablefilesonexit.xml create mode 100644 docs-xml/smbdotconf/misc/magicoutput.xml create mode 100644 docs-xml/smbdotconf/misc/magicscript.xml create mode 100644 docs-xml/smbdotconf/misc/messagecommand.xml create mode 100644 docs-xml/smbdotconf/misc/nbtclientsocketaddress.xml create mode 100644 docs-xml/smbdotconf/misc/ncalrpcdir.xml create mode 100644 docs-xml/smbdotconf/misc/nmbdbindexplicitbroadcast.xml create mode 100644 docs-xml/smbdotconf/misc/panicaction.xml create mode 100644 docs-xml/smbdotconf/misc/perfcountmodule.xml create mode 100644 docs-xml/smbdotconf/misc/piddirectory.xml create mode 100644 docs-xml/smbdotconf/misc/postexec.xml create mode 100644 docs-xml/smbdotconf/misc/preexec.xml create mode 100644 docs-xml/smbdotconf/misc/preexecclose.xml create mode 100644 docs-xml/smbdotconf/misc/registryshares.xml create mode 100644 docs-xml/smbdotconf/misc/remoteannounce.xml create mode 100644 docs-xml/smbdotconf/misc/remotebrowsesync.xml create mode 100644 docs-xml/smbdotconf/misc/resetonzerovc.xml create mode 100644 docs-xml/smbdotconf/misc/rootpostexec.xml create mode 100644 docs-xml/smbdotconf/misc/rootpreexec.xml create mode 100644 docs-xml/smbdotconf/misc/rootpreexecclose.xml create mode 100644 docs-xml/smbdotconf/misc/smbdasyncdosmode.xml create mode 100644 docs-xml/smbdotconf/misc/smbdgetinfoasksharemode.xml create mode 100644 docs-xml/smbdotconf/misc/smbdmaxasyncdosmode.xml create mode 100644 docs-xml/smbdotconf/misc/smbdmaxxattrsize.xml create mode 100644 docs-xml/smbdotconf/misc/smbdprofilinglevel.xml create mode 100644 docs-xml/smbdotconf/misc/smbdsearchasksharemode.xml create mode 100644 docs-xml/smbdotconf/misc/spotlight.xml create mode 100644 docs-xml/smbdotconf/misc/spotlight_backend.xml create mode 100644 docs-xml/smbdotconf/misc/statedirectory.xml create mode 100644 docs-xml/smbdotconf/misc/usershareallowguests.xml create mode 100644 docs-xml/smbdotconf/misc/usersharemaxshares.xml create mode 100644 docs-xml/smbdotconf/misc/usershareowneronly.xml create mode 100644 docs-xml/smbdotconf/misc/usersharepath.xml create mode 100644 docs-xml/smbdotconf/misc/usershareprefixallowlist.xml create mode 100644 docs-xml/smbdotconf/misc/usershareprefixdenylist.xml create mode 100644 docs-xml/smbdotconf/misc/usersharetemplateshare.xml create mode 100644 docs-xml/smbdotconf/misc/utmp.xml create mode 100644 docs-xml/smbdotconf/misc/utmpdirectory.xml create mode 100644 docs-xml/smbdotconf/misc/valid.xml create mode 100644 docs-xml/smbdotconf/misc/volume.xml create mode 100644 docs-xml/smbdotconf/misc/volumeserialnumber.xml create mode 100644 docs-xml/smbdotconf/misc/widelinks.xml create mode 100644 docs-xml/smbdotconf/misc/wspproperties.xml create mode 100644 docs-xml/smbdotconf/misc/wtmpdirectory.xml (limited to 'docs-xml/smbdotconf/misc') diff --git a/docs-xml/smbdotconf/misc/addsharecommand.xml b/docs-xml/smbdotconf/misc/addsharecommand.xml new file mode 100644 index 0000000..484b591 --- /dev/null +++ b/docs-xml/smbdotconf/misc/addsharecommand.xml @@ -0,0 +1,72 @@ + + + + Samba 2.2.0 introduced the ability to dynamically add and delete shares via the Windows NT 4.0 Server + Manager. The add share command is used to define an external program + or script which will add a new service definition to + smb.conf. + + + + In order to successfully execute the + add share command, + smbd requires that the administrator + connects using a root account (i.e. uid == 0) or has the + SeDiskOperatorPrivilege. + Scripts defined in the add share command + parameter are executed as root. + + + + When executed, smbd will automatically invoke the + add share command with five parameters. + + + + + configFile - the location of the global smb.conf file. + + + + + shareName - the name of the new share. + + + + + pathName - path to an **existing** + directory on disk. + + + + + comment - comment string to associate with the new + share. + + + + + max + connections + Number of maximum simultaneous connections to this + share. + + + + + + This parameter is only used to add file shares. To add printer shares, see the . + + + +change share command +delete share command + +/usr/local/bin/addshare + diff --git a/docs-xml/smbdotconf/misc/afsshare.xml b/docs-xml/smbdotconf/misc/afsshare.xml new file mode 100644 index 0000000..fe97b58 --- /dev/null +++ b/docs-xml/smbdotconf/misc/afsshare.xml @@ -0,0 +1,15 @@ + + + This parameter controls whether special AFS features are enabled + for this share. If enabled, it assumes that the directory exported via + the path parameter is a local AFS import. The + special AFS features include the attempt to hand-craft an AFS token + if you enabled --with-fake-kaserver in configure. + + + +no + diff --git a/docs-xml/smbdotconf/misc/afstokenlifetime.xml b/docs-xml/smbdotconf/misc/afstokenlifetime.xml new file mode 100644 index 0000000..9d6e13a --- /dev/null +++ b/docs-xml/smbdotconf/misc/afstokenlifetime.xml @@ -0,0 +1,14 @@ + + + This parameter controls the lifetime of tokens that the AFS + fake-kaserver claims. In reality these never expire but this lifetime + controls when the afs client will forget the token. + + Set this parameter to 0 to get NEVERDATE. + + +604800 + diff --git a/docs-xml/smbdotconf/misc/afsusernamemap.xml b/docs-xml/smbdotconf/misc/afsusernamemap.xml new file mode 100644 index 0000000..f3f7390 --- /dev/null +++ b/docs-xml/smbdotconf/misc/afsusernamemap.xml @@ -0,0 +1,19 @@ + + + If you are using the fake kaserver AFS feature, you might + want to hand-craft the usernames you are creating tokens for. + For example this is necessary if you have users from several domain + in your AFS Protection Database. One possible scheme to code users + as DOMAIN+User as it is done by winbind with the + as a separator. + + + The mapped user name must contain the cell name to log into, + so without setting this parameter there will be no token. + + + +%u@afs.samba.org + diff --git a/docs-xml/smbdotconf/misc/allowinsecurewidelinks.xml b/docs-xml/smbdotconf/misc/allowinsecurewidelinks.xml new file mode 100644 index 0000000..29c25fc --- /dev/null +++ b/docs-xml/smbdotconf/misc/allowinsecurewidelinks.xml @@ -0,0 +1,37 @@ + + + + In normal operation the option + which allows the server to follow symlinks outside of a share path + is automatically disabled when + are enabled on a Samba server. This is done for security purposes + to prevent UNIX clients creating symlinks to areas of the server + file system that the administrator does not wish to export. + + + Setting to + true disables the link between these two parameters, removing + this protection and allowing a site to configure + the server to follow symlinks (by setting + to "true") even when + is turned on. + + + It is not recommended to enable this option unless you + fully understand the implications of allowing the server to + follow symbolic links created by UNIX clients. For most + normal Samba configurations this would be considered a security + hole and setting this parameter is not recommended. + + + This option was added at the request of sites who had + deliberately set Samba up in this way and needed to continue + supporting this functionality without having to patch the + Samba code. + + +no + diff --git a/docs-xml/smbdotconf/misc/allowunsafeclusterupgrade.xml b/docs-xml/smbdotconf/misc/allowunsafeclusterupgrade.xml new file mode 100644 index 0000000..02398ff --- /dev/null +++ b/docs-xml/smbdotconf/misc/allowunsafeclusterupgrade.xml @@ -0,0 +1,16 @@ + + + If set to no (the default), smbd checks at startup if + other smbd versions are running in the cluster and refuses to + start if so. This is done to protect data corruption in + internal data structures due to incompatible Samba versions + running concurrently in the same cluster. Setting this + parameter to yes disables this + safety check. + + +no + diff --git a/docs-xml/smbdotconf/misc/asyncsmbechohandler.xml b/docs-xml/smbdotconf/misc/asyncsmbechohandler.xml new file mode 100644 index 0000000..26a4346 --- /dev/null +++ b/docs-xml/smbdotconf/misc/asyncsmbechohandler.xml @@ -0,0 +1,15 @@ + + + This parameter specifies whether Samba should fork the + async smb echo handler. It can be beneficial if your file + system can block syscalls for a very long time. In some + circumstances, it prolongs the timeout that Windows uses to + determine whether a connection is dead. This parameter is only for + SMB1. For SMB2 and above TCP keepalives can be used instead. + + +no + diff --git a/docs-xml/smbdotconf/misc/auto_services.xml b/docs-xml/smbdotconf/misc/auto_services.xml new file mode 100644 index 0000000..d843d88 --- /dev/null +++ b/docs-xml/smbdotconf/misc/auto_services.xml @@ -0,0 +1,22 @@ + +preload + + This is a list of services that you want to be + automatically added to the browse lists. This is most useful + for homes and printers services that would otherwise not be + visible. + + + Note that if you just want all printers in your + printcap file loaded then the + option is easier. + + + + +fred lp colorlp + diff --git a/docs-xml/smbdotconf/misc/available.xml b/docs-xml/smbdotconf/misc/available.xml new file mode 100644 index 0000000..6e3b70c --- /dev/null +++ b/docs-xml/smbdotconf/misc/available.xml @@ -0,0 +1,14 @@ + + + This parameter lets you "turn off" a service. If + available = no, then ALL + attempts to connect to the service will fail. Such failures are + logged. + + +yes + diff --git a/docs-xml/smbdotconf/misc/cachedirectory.xml b/docs-xml/smbdotconf/misc/cachedirectory.xml new file mode 100644 index 0000000..480f31b --- /dev/null +++ b/docs-xml/smbdotconf/misc/cachedirectory.xml @@ -0,0 +1,24 @@ + + + Usually, most of the TDB files are stored in the lock directory. Since Samba 3.4.0, it is + possible to differentiate between TDB files with persistent data and + TDB files with non-persistent data using the + state directory and the + cache directory options. + + + This option specifies the directory for storing TDB + files containing non-persistent data that will be kept across + service restarts. The directory should be placed on persistent + storage, but the data can be safely deleted by an + administrator. + + + +&pathconfig.CACHEDIR; +/var/run/samba/locks/cache + diff --git a/docs-xml/smbdotconf/misc/changenotify.xml b/docs-xml/smbdotconf/misc/changenotify.xml new file mode 100644 index 0000000..9ded7ec --- /dev/null +++ b/docs-xml/smbdotconf/misc/changenotify.xml @@ -0,0 +1,13 @@ + + + This parameter specifies whether Samba should reply + to a client's file change notify requests. + + + You should never need to change this parameter + +yes + diff --git a/docs-xml/smbdotconf/misc/changesharecommand.xml b/docs-xml/smbdotconf/misc/changesharecommand.xml new file mode 100644 index 0000000..4cc7451 --- /dev/null +++ b/docs-xml/smbdotconf/misc/changesharecommand.xml @@ -0,0 +1,80 @@ + + + + Samba 2.2.0 introduced the ability to dynamically add and delete shares via the Windows NT 4.0 Server +Manager. The change share command is used to define an external +program or script which will modify an existing service definition in smb.conf. + + + + In order to successfully execute the + change share command, + smbd requires that the administrator + connects using a root account (i.e. uid == 0) or has the + SeDiskOperatorPrivilege. + Scripts defined in the change share command + parameter are executed as root. + + + + When executed, smbd will automatically invoke the + change share command with six parameters. + + + + + configFile - the location + of the global smb.conf file. + + + + + shareName - the name of the new + share. + + + + + pathName - path to an **existing** + directory on disk. + + + + + comment - comment string to associate + with the new share. + + + + + max + connections + Number of maximum simultaneous connections to this + share. + + + + + CSC policy - client side caching + policy in string form. Valid values are: manual, documents, programs, disable. + + + + + + This parameter is only used to modify existing file share definitions. + To modify printer shares, use the "Printers..." folder as seen + when browsing the Samba host. + + + +add share command +delete share command + +/usr/local/bin/changeshare + diff --git a/docs-xml/smbdotconf/misc/clusteraddresses.xml b/docs-xml/smbdotconf/misc/clusteraddresses.xml new file mode 100644 index 0000000..66878cd --- /dev/null +++ b/docs-xml/smbdotconf/misc/clusteraddresses.xml @@ -0,0 +1,16 @@ + + + With this parameter you can add additional addresses that + nmbd will register with a WINS server. Similarly, these + addresses will be registered by default when + net ads dns register is called with + yes + configured. + + + +10.0.0.1 10.0.0.2 10.0.0.3 + diff --git a/docs-xml/smbdotconf/misc/clustering.xml b/docs-xml/smbdotconf/misc/clustering.xml new file mode 100644 index 0000000..cf426ec --- /dev/null +++ b/docs-xml/smbdotconf/misc/clustering.xml @@ -0,0 +1,16 @@ + + + This parameter specifies whether Samba should contact + ctdb for accessing its tdb files and use ctdb as a backend + for its messaging backend. + + + Set this parameter to yes only if + you have a cluster setup with ctdb running. + + +no + diff --git a/docs-xml/smbdotconf/misc/configfile.xml b/docs-xml/smbdotconf/misc/configfile.xml new file mode 100644 index 0000000..3b67fb0 --- /dev/null +++ b/docs-xml/smbdotconf/misc/configfile.xml @@ -0,0 +1,25 @@ + + + This allows you to override the config file + to use, instead of the default (usually smb.conf). + There is a chicken and egg problem here as this option is set + in the config file! + + For this reason, if the name of the config file has changed + when the parameters are loaded then it will reload them from + the new config file. + + This option takes the usual substitutions, which can + be very useful. + + If the config file doesn't exist then it won't be loaded + (allowing you to special case the config files of just a few + clients). + +/usr/local/samba/lib/smb.conf.%m + diff --git a/docs-xml/smbdotconf/misc/copy.xml b/docs-xml/smbdotconf/misc/copy.xml new file mode 100644 index 0000000..53e899e --- /dev/null +++ b/docs-xml/smbdotconf/misc/copy.xml @@ -0,0 +1,21 @@ + + + This parameter allows you to "clone" service + entries. The specified service is simply duplicated under the + current service's name. Any parameters specified in the current + section will override those in the section being copied. + + This feature lets you set up a 'template' service and + create similar services easily. Note that the service being + copied must occur earlier in the configuration file than the + service doing the copying. + + + +otherservice + diff --git a/docs-xml/smbdotconf/misc/ctdbdsocket.xml b/docs-xml/smbdotconf/misc/ctdbdsocket.xml new file mode 100644 index 0000000..2bc118b --- /dev/null +++ b/docs-xml/smbdotconf/misc/ctdbdsocket.xml @@ -0,0 +1,15 @@ + + + If you set clustering=yes, + you need to tell Samba where ctdbd listens on its unix domain + socket. The default path as of ctdb 1.0 is /tmp/ctdb.socket which + you have to explicitly set for Samba in smb.conf. + + + +/tmp/ctdb.socket + diff --git a/docs-xml/smbdotconf/misc/ctdblocktimewarnthreshold.xml b/docs-xml/smbdotconf/misc/ctdblocktimewarnthreshold.xml new file mode 100644 index 0000000..f9da01f --- /dev/null +++ b/docs-xml/smbdotconf/misc/ctdblocktimewarnthreshold.xml @@ -0,0 +1,27 @@ + + + + + In a cluster environment using Samba and ctdb it is critical + that locks on central ctdb-hosted databases like locking.tdb + are not held for long. With the current Samba architecture + it happens that Samba takes a lock and while holding that + lock makes file system calls into the shared cluster file + system. This option makes Samba warn if it detects that it + has held locks for the specified number of milliseconds. If + this happens, smbd will emit a debug level 0 + message into its logs and potentially into syslog. The most likely + reason for such a log message is that an operation of the cluster + file system Samba exports is taking longer than expected. + The messages are meant as a debugging aid for potential + cluster problems. + + + The default value of 0 disables this logging. + + +0 + diff --git a/docs-xml/smbdotconf/misc/ctdbtimeout.xml b/docs-xml/smbdotconf/misc/ctdbtimeout.xml new file mode 100644 index 0000000..b02b2c8 --- /dev/null +++ b/docs-xml/smbdotconf/misc/ctdbtimeout.xml @@ -0,0 +1,36 @@ + + + This parameter specifies a timeout in milliseconds for the + connection between Samba and ctdb. It is only valid if you + have compiled Samba with clustering and if you have + set clustering=yes. + + When something in the cluster blocks, it can happen that + we wait indefinitely long for ctdb, just adding to the + blocking condition. In a well-running cluster this should + never happen, but there are too many components in a cluster + that might have hickups. Choosing the right balance for this + value is very tricky, because on a busy cluster long service + times to transfer something across the cluster might be + valid. Setting it too short will degrade the service your + cluster presents, setting it too long might make the cluster + itself not recover from something severely broken for too + long. + + + Be aware that if you set this parameter, this needs to be in + the file smb.conf, it is not really helpful to put this into + a registry configuration (typical on a cluster), because to + access the registry contact to ctdb is required. + + Setting ctdb timeout to n makes + any process waiting longer than n milliseconds for a reply by the + cluster panic. Setting it to 0 (the default) makes Samba + block forever, which is the highly recommended default. + + +0 + diff --git a/docs-xml/smbdotconf/misc/defaultservice.xml b/docs-xml/smbdotconf/misc/defaultservice.xml new file mode 100644 index 0000000..5420396 --- /dev/null +++ b/docs-xml/smbdotconf/misc/defaultservice.xml @@ -0,0 +1,31 @@ + +default + + This parameter specifies the name of a service + which will be connected to if the service actually requested cannot + be found. Note that the square brackets are NOT + given in the parameter value (see example below). + + There is no default value for this parameter. If this + parameter is not given, attempting to connect to a nonexistent + service results in an error. + + + Typically the default service would be a , service. Also note that the apparent service name will be changed to equal + that of the requested service, this is very useful as it allows you to use macros like %S to make a wildcard service. + + + Note also that any "_" characters in the name of the service + used in the default service will get mapped to a "/". This allows for + interesting things. + + +pub + diff --git a/docs-xml/smbdotconf/misc/deletereadonly.xml b/docs-xml/smbdotconf/misc/deletereadonly.xml new file mode 100644 index 0000000..84390ed --- /dev/null +++ b/docs-xml/smbdotconf/misc/deletereadonly.xml @@ -0,0 +1,14 @@ + + + This parameter allows readonly files to be deleted. + This is not normal DOS semantics, but is allowed by UNIX. + + This option may be useful for running applications such + as rcs, where UNIX file ownership prevents changing file + permissions, and DOS semantics prevent deletion of a read only file. + +no + diff --git a/docs-xml/smbdotconf/misc/deletesharecommand.xml b/docs-xml/smbdotconf/misc/deletesharecommand.xml new file mode 100644 index 0000000..f569cd2 --- /dev/null +++ b/docs-xml/smbdotconf/misc/deletesharecommand.xml @@ -0,0 +1,52 @@ + + + + Samba 2.2.0 introduced the ability to dynamically add and delete shares via the Windows NT 4.0 Server + Manager. The delete share command is used to define an external + program or script which will remove an existing service definition from + smb.conf. + + + In order to successfully execute the + delete share command, + smbd requires that the administrator + connects using a root account (i.e. uid == 0) or has the + SeDiskOperatorPrivilege. + Scripts defined in the delete share command + parameter are executed as root. + + + + When executed, smbd will automatically invoke the + delete share command with two parameters. + + + + + configFile - the location + of the global smb.conf file. + + + + + shareName - the name of + the existing service. + + + + + + This parameter is only used to remove file shares. To delete printer shares, + see the . + + + +add share command +change share command + +/usr/local/bin/delshare + diff --git a/docs-xml/smbdotconf/misc/dfreecachetime.xml b/docs-xml/smbdotconf/misc/dfreecachetime.xml new file mode 100644 index 0000000..9679763 --- /dev/null +++ b/docs-xml/smbdotconf/misc/dfreecachetime.xml @@ -0,0 +1,26 @@ + + + + + The dfree cache time should only be used on systems where a problem + occurs with the internal disk space calculations. This has been known to happen with Ultrix, but may occur + with other operating systems. The symptom that was seen was an error of "Abort Retry Ignore" at the + end of each directory listing. + + + + This is a new parameter introduced in Samba version 3.0.21. It specifies in seconds the time that smbd will + cache the output of a disk free query. If set to zero (the default) no caching is done. This allows a heavily + loaded server to prevent rapid spawning of scripts increasing the load. + + + + By default this parameter is zero, meaning no caching will be done. + + + +60 + diff --git a/docs-xml/smbdotconf/misc/dfreecommand.xml b/docs-xml/smbdotconf/misc/dfreecommand.xml new file mode 100644 index 0000000..b12ee0f --- /dev/null +++ b/docs-xml/smbdotconf/misc/dfreecommand.xml @@ -0,0 +1,62 @@ + + + + + The dfree command setting should only be used on systems where a + problem occurs with the internal disk space calculations. This has been known to happen with Ultrix, but may + occur with other operating systems. The symptom that was seen was an error of "Abort Retry Ignore" + at the end of each directory listing. + + + + This setting allows the replacement of the internal routines to calculate the total disk space and amount + available with an external routine. The example below gives a possible script that might fulfill this + function. + + + + In Samba version 3.0.21 this parameter has been changed to be a per-share parameter, and in addition the + parameter was added to allow the output of this script to be cached + for systems under heavy load. + + + + The external program will be passed a single parameter indicating a directory in the filesystem being queried. + This will typically consist of the string ./. The script should return + two integers in ASCII. The first should be the total disk space in blocks, and the second should be the number + of available blocks. An optional third return value can give the block size in bytes. The default blocksize is + 1024 bytes. + + + + Note: Your script should NOT be setuid or setgid and should be owned by (and writeable + only by) root! + + + + Where the script dfree (which must be made executable) could be: + +#!/bin/sh +df "$1" | tail -1 | awk '{print $(NF-4),$(NF-2)}' + + or perhaps (on Sys V based systems): + +#!/bin/sh +/usr/bin/df -k "$1" | tail -1 | awk '{print $3" "$5}' + + Note that you may have to replace the command names with full path names on some systems. + Also note the arguments passed into the script should be quoted inside the script in case they + contain special characters such as spaces or newlines. + + + + By default internal routines for determining the disk capacity and remaining space will be used. + + + +/usr/local/samba/bin/dfree + diff --git a/docs-xml/smbdotconf/misc/dmapisupport.xml b/docs-xml/smbdotconf/misc/dmapisupport.xml new file mode 100644 index 0000000..de284ee --- /dev/null +++ b/docs-xml/smbdotconf/misc/dmapisupport.xml @@ -0,0 +1,28 @@ + + + This parameter specifies whether Samba should use DMAPI to + determine whether a file is offline or not. This would typically + be used in conjunction with a hierarchical storage system that + automatically migrates files to tape. + + + Note that Samba infers the status of a file by examining the + events that a DMAPI application has registered interest in. This + heuristic is satisfactory for a number of hierarchical storage + systems, but there may be system for which it will fail. In this + case, Samba may erroneously report files to be offline. + + + This parameter is only available if a supported DMAPI + implementation was found at compilation time. It will only be used + if DMAPI is found to enabled on the system at run time. + + + + + +no + diff --git a/docs-xml/smbdotconf/misc/dontdescend.xml b/docs-xml/smbdotconf/misc/dontdescend.xml new file mode 100644 index 0000000..ca9c75f --- /dev/null +++ b/docs-xml/smbdotconf/misc/dontdescend.xml @@ -0,0 +1,21 @@ + + + There are certain directories on some systems + (e.g., the /proc tree under Linux) that are either not + of interest to clients or are infinitely deep (recursive). This + parameter allows you to specify a comma-delimited list of directories + that the server should always show as empty. + + Note that Samba can be very fussy about the exact format + of the "dont descend" entries. For example you may need + ./proc instead of just /proc. + Experimentation is the best policy :-) + + + +/proc,/dev + diff --git a/docs-xml/smbdotconf/misc/dosfilemode.xml b/docs-xml/smbdotconf/misc/dosfilemode.xml new file mode 100644 index 0000000..353f4bb --- /dev/null +++ b/docs-xml/smbdotconf/misc/dosfilemode.xml @@ -0,0 +1,24 @@ + + + The default behavior in Samba is to provide + UNIX-like behavior where only the owner of a file/directory is + able to change the permissions on it. However, this behavior + is often confusing to DOS/Windows users. Enabling this parameter + allows a user who has write access to the file (by whatever + means, including an ACL permission) to modify the permissions + (including ACL) on it. Note that a user belonging to the group + owning the file will not be allowed to change permissions if + the group is only granted read access. Ownership of the + file/directory may also be changed. + + Note that using the VFS modules acl_xattr or acl_tdb which store native + Windows as meta-data will automatically turn this option on for any + share for which they are loaded, as they require this option to emulate + Windows ACLs correctly. + + +no + diff --git a/docs-xml/smbdotconf/misc/dosfiletimeresolution.xml b/docs-xml/smbdotconf/misc/dosfiletimeresolution.xml new file mode 100644 index 0000000..ccdfa6d --- /dev/null +++ b/docs-xml/smbdotconf/misc/dosfiletimeresolution.xml @@ -0,0 +1,25 @@ + + + Under the DOS and Windows FAT filesystem, the finest + granularity on time resolution is two seconds. Setting this parameter + for a share causes Samba to round the reported time down to the + nearest two second boundary when a query call that requires one second + resolution is made to smbd + 8. + + This option is mainly used as a compatibility option for Visual + C++ when used against Samba shares. If oplocks are enabled on a + share, Visual C++ uses two different time reading calls to check if a + file has changed since it was last read. One of these calls uses a + one-second granularity, the other uses a two second granularity. As + the two second call rounds any odd second down, then if the file has a + timestamp of an odd number of seconds then the two timestamps will not + match and Visual C++ will keep reporting the file has changed. Setting + this option causes the two timestamps to match, and Visual C++ is + happy. + +no + diff --git a/docs-xml/smbdotconf/misc/dosfiletimes.xml b/docs-xml/smbdotconf/misc/dosfiletimes.xml new file mode 100644 index 0000000..17fadd2 --- /dev/null +++ b/docs-xml/smbdotconf/misc/dosfiletimes.xml @@ -0,0 +1,20 @@ + + + Under DOS and Windows, if a user can write to a + file they can change the timestamp on it. Under POSIX semantics, + only the owner of the file or root may change the timestamp. By + default, Samba emulates the DOS semantics and allows one to change the + timestamp on a file if the user smbd is acting + on behalf has write permissions. + Due to changes in Microsoft Office 2000 and beyond, + the default for this parameter has been changed from "no" to "yes" in Samba 3.0.14 + and above. Microsoft Excel will display dialog box warnings about the file being + changed by another user if this parameter is not set to "yes" and files are being + shared between users. + + +yes + diff --git a/docs-xml/smbdotconf/misc/dsdbeventnotification.xml b/docs-xml/smbdotconf/misc/dsdbeventnotification.xml new file mode 100644 index 0000000..279ac3d --- /dev/null +++ b/docs-xml/smbdotconf/misc/dsdbeventnotification.xml @@ -0,0 +1,29 @@ + + + When enabled, this option causes Samba (acting as an + Active Directory Domain Controller) to stream Samba database + events across the internal message bus. Scripts built using + Samba's python bindings can listen to these events by + registering as the service + dsdb_event. + + This is not needed for the audit + logging described in . + + Instead, this should instead be considered a developer + option (it assists in the Samba testsuite) rather than a + facility for external auditing, as message delivery is not + guaranteed (a feature that the testsuite works around). + + The Samba database events are also logged via the normal + logging methods when the is + set appropriately, say to + dsdb_json_audit:5. + + + +no + diff --git a/docs-xml/smbdotconf/misc/dsdbgroupchangenotification.xml b/docs-xml/smbdotconf/misc/dsdbgroupchangenotification.xml new file mode 100644 index 0000000..3972e72 --- /dev/null +++ b/docs-xml/smbdotconf/misc/dsdbgroupchangenotification.xml @@ -0,0 +1,29 @@ + + + When enabled, this option causes Samba (acting as an + Active Directory Domain Controller) to stream group membership change + events across the internal message bus. Scripts built using + Samba's python bindings can listen to these events by + registering as the service + dsdb_group_event. + + This is not needed for the audit + logging described in . + + Instead, this should instead be considered a developer + option (it assists in the Samba testsuite) rather than a + facility for external auditing, as message delivery is not + guaranteed (a feature that the testsuite works around). + + The Samba database events are also logged via the normal + logging methods when the is + set appropriately, say to + dsdb_group_json_audit:5. + + + +no + diff --git a/docs-xml/smbdotconf/misc/dsdbpasswordeventnotification.xml b/docs-xml/smbdotconf/misc/dsdbpasswordeventnotification.xml new file mode 100644 index 0000000..cd2cc98 --- /dev/null +++ b/docs-xml/smbdotconf/misc/dsdbpasswordeventnotification.xml @@ -0,0 +1,29 @@ + + + When enabled, this option causes Samba (acting as an + Active Directory Domain Controller) to stream password change + and reset events across the internal message bus. + Scripts built using Samba's python bindings can listen to these + events by registering as the service + password_event. + + This is not needed for the audit + logging described in . + + Instead, this should instead be considered a developer + option (it assists in the Samba testsuite) rather than a + facility for external auditing, as message delivery is not + guaranteed (a feature that the testsuite works around). + + The Samba database events are also logged via the normal + logging methods when the is + set appropriately, say to + dsdb_password_json_audit:5. + + + +no + diff --git a/docs-xml/smbdotconf/misc/elasticsearchaddress.xml b/docs-xml/smbdotconf/misc/elasticsearchaddress.xml new file mode 100644 index 0000000..6112546 --- /dev/null +++ b/docs-xml/smbdotconf/misc/elasticsearchaddress.xml @@ -0,0 +1,14 @@ + + + + Specifies the name of the Elasticsearch server to use for Spotlight + queries when using the Elasticsearch backend. + + + + localhost + needle.haystack.samba.org + diff --git a/docs-xml/smbdotconf/misc/elasticsearchignoreunknownattribute.xml b/docs-xml/smbdotconf/misc/elasticsearchignoreunknownattribute.xml new file mode 100644 index 0000000..86368d3 --- /dev/null +++ b/docs-xml/smbdotconf/misc/elasticsearchignoreunknownattribute.xml @@ -0,0 +1,19 @@ + + + + Ignore unknown Spotlight attributes in search queries. An example query + using the unsupported attribute + "kMDItemTopic" would be + kMDItemTopic=="hotstuff". By + default any query using such a type would completely fail. By enabling + this option, if the type match is a subexpression of a larger expression, + then this subexpression is just ignored. + + + + no + yes + diff --git a/docs-xml/smbdotconf/misc/elasticsearchignoreunknowntype.xml b/docs-xml/smbdotconf/misc/elasticsearchignoreunknowntype.xml new file mode 100644 index 0000000..ca1f873 --- /dev/null +++ b/docs-xml/smbdotconf/misc/elasticsearchignoreunknowntype.xml @@ -0,0 +1,19 @@ + + + + Ignore unknown Spotlight types in search queries. An example query using + the unsupported type "public.calendar-event" + would be + kMDItemContentType=="public.calendar-event". By + default any query using such a type would completely fail. By enabling + this option, if the type match is a subexpression of a larger expression, + then this subexpression is just ignored. + + + + no + yes + diff --git a/docs-xml/smbdotconf/misc/elasticsearchindex.xml b/docs-xml/smbdotconf/misc/elasticsearchindex.xml new file mode 100644 index 0000000..7f394b2 --- /dev/null +++ b/docs-xml/smbdotconf/misc/elasticsearchindex.xml @@ -0,0 +1,16 @@ + + + + Specifies the name of the Elasticsearch index to use for Spotlight queries + when using the Elasticsearch backend. The default value of "_all" is a + special Elasticsearch value that performs the search operation on all + indices. + + + + _all + spotlight + diff --git a/docs-xml/smbdotconf/misc/elasticsearchmappings.xml b/docs-xml/smbdotconf/misc/elasticsearchmappings.xml new file mode 100644 index 0000000..d2502a6 --- /dev/null +++ b/docs-xml/smbdotconf/misc/elasticsearchmappings.xml @@ -0,0 +1,14 @@ + + + + Path to a file specifying metadata attribute mappings in JSON format. Use + by the Elasticsearch backend of the Spotlight RPC service. + + + + &pathconfig.SAMBA_DATADIR;/elasticsearch_mappings.json + /usr/share/foo/mymappings.json + diff --git a/docs-xml/smbdotconf/misc/elasticsearchmaxresults.xml b/docs-xml/smbdotconf/misc/elasticsearchmaxresults.xml new file mode 100644 index 0000000..1086b89 --- /dev/null +++ b/docs-xml/smbdotconf/misc/elasticsearchmaxresults.xml @@ -0,0 +1,15 @@ + + + + Path to a file specifying metadata attribute mappings in JSON format. Used + by the Elasticsearch backend of the Spotlight RPC service. A value of 0 + means no limit. + + + + 100 + 10 + diff --git a/docs-xml/smbdotconf/misc/elasticsearchport.xml b/docs-xml/smbdotconf/misc/elasticsearchport.xml new file mode 100644 index 0000000..ea87daa --- /dev/null +++ b/docs-xml/smbdotconf/misc/elasticsearchport.xml @@ -0,0 +1,14 @@ + + + + Specifies the TCP port of the Elasticsearch server to use for Spotlight + queries when using the Elasticsearch backend. + + + + 9200 + 9201 + diff --git a/docs-xml/smbdotconf/misc/elasticsearchusetls.xml b/docs-xml/smbdotconf/misc/elasticsearchusetls.xml new file mode 100644 index 0000000..e1aa8a3 --- /dev/null +++ b/docs-xml/smbdotconf/misc/elasticsearchusetls.xml @@ -0,0 +1,14 @@ + + + + Specifies whether to use HTTPS when talking to the Elasticsearch server + used for Spotlight queries when using the Elasticsearch backend. + + + + no + yes + diff --git a/docs-xml/smbdotconf/misc/fakedirectorycreatetimes.xml b/docs-xml/smbdotconf/misc/fakedirectorycreatetimes.xml new file mode 100644 index 0000000..49f54a9 --- /dev/null +++ b/docs-xml/smbdotconf/misc/fakedirectorycreatetimes.xml @@ -0,0 +1,34 @@ + + + NTFS and Windows VFAT file systems keep a create + time for all files and directories. This is not the same as the + ctime - status change time - that Unix keeps, so Samba by default + reports the earliest of the various times Unix does keep. Setting + this parameter for a share causes Samba to always report midnight + 1-1-1980 as the create time for directories. + + This option is mainly used as a compatibility option for + Visual C++ when used against Samba shares. Visual C++ generated + makefiles have the object directory as a dependency for each object + file, and a make rule to create the directory. Also, when NMAKE + compares timestamps it uses the creation time when examining a + directory. Thus the object directory will be created if it does not + exist, but once it does exist it will always have an earlier + timestamp than the object files it contains. + + However, Unix time semantics mean that the create time + reported by Samba will be updated whenever a file is created + or deleted in the directory. NMAKE finds all object files in + the object directory. The timestamp of the last one built is then + compared to the timestamp of the object directory. If the + directory's timestamp if newer, then all object files + will be rebuilt. Enabling this option + ensures directories always predate their contents and an NMAKE build + will proceed as expected. + + +no + diff --git a/docs-xml/smbdotconf/misc/followsymlinks.xml b/docs-xml/smbdotconf/misc/followsymlinks.xml new file mode 100644 index 0000000..deca634 --- /dev/null +++ b/docs-xml/smbdotconf/misc/followsymlinks.xml @@ -0,0 +1,20 @@ + + + + This parameter allows the Samba administrator to stop smbd + 8 from following symbolic links in a particular share. Setting this + parameter to no prevents any file or directory that is a symbolic link from being + followed (the user will get an error). This option is very useful to stop users from adding a symbolic + link to /etc/passwd in their home directory for instance. However + it will slow filename lookups down slightly. + + + + This option is enabled (i.e. smbd will follow symbolic links) by default. + + +yes + diff --git a/docs-xml/smbdotconf/misc/fssprunestale.xml b/docs-xml/smbdotconf/misc/fssprunestale.xml new file mode 100644 index 0000000..722cff5 --- /dev/null +++ b/docs-xml/smbdotconf/misc/fssprunestale.xml @@ -0,0 +1,15 @@ + + + + When enabled, Samba's File Server Remote VSS Protocol (FSRVP) server + checks all FSRVP initiated snapshots on startup, and removes any + corresponding state (including share definitions) for nonexistent + snapshot paths. + + +no +yes + diff --git a/docs-xml/smbdotconf/misc/fsssequencetimeout.xml b/docs-xml/smbdotconf/misc/fsssequencetimeout.xml new file mode 100644 index 0000000..12f1854 --- /dev/null +++ b/docs-xml/smbdotconf/misc/fsssequencetimeout.xml @@ -0,0 +1,15 @@ + + + + The File Server Remote VSS Protocol (FSRVP) server includes a message + sequence timer to ensure cleanup on unexpected client disconnect. This + parameter overrides the default timeout between FSRVP operations. + FSRVP timeouts can be completely disabled via a value of 0. + + +180 or 1800, depending on operation +0 + diff --git a/docs-xml/smbdotconf/misc/fstype.xml b/docs-xml/smbdotconf/misc/fstype.xml new file mode 100644 index 0000000..437bd5c --- /dev/null +++ b/docs-xml/smbdotconf/misc/fstype.xml @@ -0,0 +1,16 @@ + + + + This parameter allows the administrator to configure the string that specifies the type of filesystem a share + is using that is reported by smbd 8 + when a client queries the filesystem type for a share. The default type is NTFS for compatibility + with Windows NT but this can be changed to other strings such as Samba or FAT + if required. + + +NTFS +Samba + diff --git a/docs-xml/smbdotconf/misc/honorchangenotifyprivilege.xml b/docs-xml/smbdotconf/misc/honorchangenotifyprivilege.xml new file mode 100644 index 0000000..a9c880c --- /dev/null +++ b/docs-xml/smbdotconf/misc/honorchangenotifyprivilege.xml @@ -0,0 +1,20 @@ + + + + This option can be used to make use of the change notify privilege. + By default notify results are not checked against the file system + permissions. + + + If "honor change notify privilege" is enabled, a user will only + receive notify results, if he has change notify privilege or + sufficient file system permissions. If a user has the change notify + privilege, he will receive all requested notify results, even if the + user does not have the permissions on the file system. + + +no + diff --git a/docs-xml/smbdotconf/misc/include.xml b/docs-xml/smbdotconf/misc/include.xml new file mode 100644 index 0000000..cbda1ed --- /dev/null +++ b/docs-xml/smbdotconf/misc/include.xml @@ -0,0 +1,31 @@ + + + + This allows you to include one config file inside another. The file is included literally, as though typed + in place. + + + + It takes the standard substitutions, except %u, + %P and %S. + + + + The parameter include = registry has + a special meaning: It does not include + a file named registry from the current working + directory, but instead reads the global configuration options + from the registry. See the section on registry-based + configuration for details. Note that this option + automatically activates registry shares. + + + + +/usr/local/samba/lib/admin_smb.conf + diff --git a/docs-xml/smbdotconf/misc/kernelchangenotify.xml b/docs-xml/smbdotconf/misc/kernelchangenotify.xml new file mode 100644 index 0000000..d5551a9 --- /dev/null +++ b/docs-xml/smbdotconf/misc/kernelchangenotify.xml @@ -0,0 +1,16 @@ + + + This parameter specifies whether Samba should ask the + kernel for change notifications in directories so that + SMB clients can refresh whenever the data on the server changes. + + + This parameter is only used when your kernel supports + change notification to user programs using the inotify interface. + + +yes + diff --git a/docs-xml/smbdotconf/misc/lockdirectory.xml b/docs-xml/smbdotconf/misc/lockdirectory.xml new file mode 100644 index 0000000..cf0ea2b --- /dev/null +++ b/docs-xml/smbdotconf/misc/lockdirectory.xml @@ -0,0 +1,24 @@ + +lock dir + + This option specifies the directory where lock + files will be placed. The lock files are used to implement the + option. + + + + Note: This option can not be set inside registry + configurations. + + The files placed in this directory are not required + across service restarts and can be safely placed on volatile + storage (e.g. tmpfs in Linux) + + + +&pathconfig.LOCKDIR; +/var/run/samba/locks + diff --git a/docs-xml/smbdotconf/misc/logwriteablefilesonexit.xml b/docs-xml/smbdotconf/misc/logwriteablefilesonexit.xml new file mode 100644 index 0000000..d95471a --- /dev/null +++ b/docs-xml/smbdotconf/misc/logwriteablefilesonexit.xml @@ -0,0 +1,22 @@ + + + + When the network connection between a CIFS client and Samba + dies, Samba has no option but to simply shut down the server + side of the network connection. If this happens, there is a + risk of data corruption because the Windows client did not + complete all write operations that the Windows application + requested. Setting this option to "yes" makes smbd log with + a level 0 message a list of all files that have been opened + for writing when the network connection died. Those are the + files that are potentially corrupted. It is meant as an aid + for the administrator to give him a list of files to do + consistency checks on. + + + +no + diff --git a/docs-xml/smbdotconf/misc/magicoutput.xml b/docs-xml/smbdotconf/misc/magicoutput.xml new file mode 100644 index 0000000..17b3c67 --- /dev/null +++ b/docs-xml/smbdotconf/misc/magicoutput.xml @@ -0,0 +1,19 @@ + + + + This parameter specifies the name of a file which will contain output created by a magic script (see the + parameter below). + + + If two clients use the same magic script + in the same directory the output file content is undefined. + + + +<magic script name>.out +myfile.txt + diff --git a/docs-xml/smbdotconf/misc/magicscript.xml b/docs-xml/smbdotconf/misc/magicscript.xml new file mode 100644 index 0000000..614f5ae --- /dev/null +++ b/docs-xml/smbdotconf/misc/magicscript.xml @@ -0,0 +1,31 @@ + + + This parameter specifies the name of a file which, + if opened, will be executed by the server when the file is closed. + This allows a UNIX script to be sent to the Samba host and + executed on behalf of the connected user. + + Scripts executed in this way will be deleted upon + completion assuming that the user has the appropriate level + of privilege and the file permissions allow the deletion. + + If the script generates output, output will be sent to + the file specified by the + parameter (see above). + + Note that some shells are unable to interpret scripts + containing CR/LF instead of CR as + the end-of-line marker. Magic scripts must be executable + as is on the host, which for some hosts and + some shells will require filtering at the DOS end. + + Magic scripts are EXPERIMENTAL and + should NOT be relied upon. + + +user.csh + diff --git a/docs-xml/smbdotconf/misc/messagecommand.xml b/docs-xml/smbdotconf/misc/messagecommand.xml new file mode 100644 index 0000000..ba39b9f --- /dev/null +++ b/docs-xml/smbdotconf/misc/messagecommand.xml @@ -0,0 +1,79 @@ + + + This specifies what command to run when the + server receives a WinPopup style message. + + This would normally be a command that would + deliver the message somehow. How this is to be done is + up to your imagination. + + An example is: + +message command = csh -c 'xedit %s;rm %s' & + + + + This delivers the message using xedit, then + removes it afterwards. NOTE THAT IT IS VERY IMPORTANT + THAT THIS COMMAND RETURN IMMEDIATELY. That's why I + have the '&' on the end. If it doesn't return immediately then + your PCs may freeze when sending messages (they should recover + after 30 seconds, hopefully). + + All messages are delivered as the global guest user. + The command takes the standard substitutions, although + %u won't work (%U may be better + in this case). + + Apart from the standard substitutions, some additional + ones apply. In particular: + + + + %s = the filename containing + the message. + + + + %t = the destination that + the message was sent to (probably the server name). + + + + %f = who the message + is from. + + + + You could make this command send mail, or whatever else + takes your fancy. Please let us know of any really interesting + ideas you have. + + + Here's a way of sending the messages as mail to root: + +message command = /bin/mail -s 'message from %f on %m' root < %s; rm %s + + + + If you don't have a message command then the message + won't be delivered and Samba will tell the sender there was + an error. Unfortunately WfWg totally ignores the error code + and carries on regardless, saying that the message was delivered. + + + + If you want to silently delete it then try: + +message command = rm %s + + + + + +csh -c 'xedit %s; rm %s' & + diff --git a/docs-xml/smbdotconf/misc/nbtclientsocketaddress.xml b/docs-xml/smbdotconf/misc/nbtclientsocketaddress.xml new file mode 100644 index 0000000..12815dc --- /dev/null +++ b/docs-xml/smbdotconf/misc/nbtclientsocketaddress.xml @@ -0,0 +1,20 @@ + +socket address + + This option allows you to control what address Samba + will send NBT client packets from, and process replies using, + including in nmbd. + Setting this option should never be necessary on usual Samba + servers running only one nmbd. + + By default Samba will send UDP packets from the OS default address for the destination, and accept replies on 0.0.0.0. + This parameter is deprecated. See Yes and for the previous behaviour of controlling the normal listening sockets. + + +0.0.0.0 +192.168.2.20 + diff --git a/docs-xml/smbdotconf/misc/ncalrpcdir.xml b/docs-xml/smbdotconf/misc/ncalrpcdir.xml new file mode 100644 index 0000000..4bbd222 --- /dev/null +++ b/docs-xml/smbdotconf/misc/ncalrpcdir.xml @@ -0,0 +1,12 @@ + + + This directory will hold a series of named pipes to allow RPC over inter-process communication. + This will allow Samba and other unix processes to interact over DCE/RPC without using TCP/IP. Additionally a sub-directory 'np' has restricted permissions, and allows a trusted communication channel between Samba processes + + +&pathconfig.NCALRPCDIR; +/var/run/samba/ncalrpc + diff --git a/docs-xml/smbdotconf/misc/nmbdbindexplicitbroadcast.xml b/docs-xml/smbdotconf/misc/nmbdbindexplicitbroadcast.xml new file mode 100644 index 0000000..fd72f06 --- /dev/null +++ b/docs-xml/smbdotconf/misc/nmbdbindexplicitbroadcast.xml @@ -0,0 +1,16 @@ + + + + This option causes nmbd + 8 to explicitly bind to the + broadcast address of the local subnets. This is needed to make nmbd + work correctly in combination with the option. + You should not need to unset this option. + + + +yes + diff --git a/docs-xml/smbdotconf/misc/panicaction.xml b/docs-xml/smbdotconf/misc/panicaction.xml new file mode 100644 index 0000000..01a97c3 --- /dev/null +++ b/docs-xml/smbdotconf/misc/panicaction.xml @@ -0,0 +1,17 @@ + + + This is a Samba developer option that allows a + system command to be called when either smbd + 8 or nmbd + 8 crashes. This is usually used to + draw attention to the fact that a problem occurred. + + + + +/bin/sleep 90000 + diff --git a/docs-xml/smbdotconf/misc/perfcountmodule.xml b/docs-xml/smbdotconf/misc/perfcountmodule.xml new file mode 100644 index 0000000..e25105f --- /dev/null +++ b/docs-xml/smbdotconf/misc/perfcountmodule.xml @@ -0,0 +1,13 @@ + + + This parameter specifies the perfcount backend to be used when monitoring SMB + operations. Only one perfcount module may be used, and it must implement all of the + apis contained in the smb_perfcount_handler structure defined in smb.h. + + + + diff --git a/docs-xml/smbdotconf/misc/piddirectory.xml b/docs-xml/smbdotconf/misc/piddirectory.xml new file mode 100644 index 0000000..d006372 --- /dev/null +++ b/docs-xml/smbdotconf/misc/piddirectory.xml @@ -0,0 +1,13 @@ + + + + This option specifies the directory where pid files will be placed. + + + +&pathconfig.PIDDIR; +/var/run/ + diff --git a/docs-xml/smbdotconf/misc/postexec.xml b/docs-xml/smbdotconf/misc/postexec.xml new file mode 100644 index 0000000..ca15221 --- /dev/null +++ b/docs-xml/smbdotconf/misc/postexec.xml @@ -0,0 +1,21 @@ + + + This option specifies a command to be run + whenever the service is disconnected. It takes the usual + substitutions. The command may be run as the root on some + systems. + + An interesting example may be to unmount server + resources: + +postexec = /etc/umount /cdrom + +preexec + + +echo \"%u disconnected from %S from %m (%I)\" >> /tmp/log + diff --git a/docs-xml/smbdotconf/misc/preexec.xml b/docs-xml/smbdotconf/misc/preexec.xml new file mode 100644 index 0000000..7faf89a --- /dev/null +++ b/docs-xml/smbdotconf/misc/preexec.xml @@ -0,0 +1,29 @@ + +exec + + This option specifies a command to be run whenever + the service is connected to. It takes the usual substitutions. + + An interesting example is to send the users a welcome + message every time they log in. Maybe a message of the day? Here + is an example: + + + preexec = csh -c 'echo \"Welcome to %S!\" | + /usr/local/samba/bin/smbclient -M %m -I %I' & + + + Of course, this could get annoying after a while :-) + + + See also and . + + + + +echo \"%u connected to %S from %m (%I)\" >> /tmp/log + diff --git a/docs-xml/smbdotconf/misc/preexecclose.xml b/docs-xml/smbdotconf/misc/preexecclose.xml new file mode 100644 index 0000000..3d184e1 --- /dev/null +++ b/docs-xml/smbdotconf/misc/preexecclose.xml @@ -0,0 +1,13 @@ + + + + This boolean option controls whether a non-zero return code from + should close the service being connected to. + + + +no + diff --git a/docs-xml/smbdotconf/misc/registryshares.xml b/docs-xml/smbdotconf/misc/registryshares.xml new file mode 100644 index 0000000..0bdb1f6 --- /dev/null +++ b/docs-xml/smbdotconf/misc/registryshares.xml @@ -0,0 +1,23 @@ + + + + This turns on or off support for share definitions read from + registry. Shares defined in smb.conf take + precedence over shares with the same name defined in + registry. See the section on registry-based configuration + for details. + + + + Note that this parameter defaults to no, + but it is set to yes when + config backend is set + to registry. + + +no +yes + diff --git a/docs-xml/smbdotconf/misc/remoteannounce.xml b/docs-xml/smbdotconf/misc/remoteannounce.xml new file mode 100644 index 0000000..0436898 --- /dev/null +++ b/docs-xml/smbdotconf/misc/remoteannounce.xml @@ -0,0 +1,42 @@ + + + + This option allows you to setup nmbd + 8 to periodically announce itself + to arbitrary IP addresses with an arbitrary workgroup name. + + + + This is useful if you want your Samba server to appear in a remote workgroup for + which the normal browse propagation rules don't work. The remote workgroup can be + anywhere that you can send IP packets to. + + + + For example: + +remote announce = 192.168.2.255/SERVERS 192.168.4.255/STAFF + + the above line would cause nmbd to announce itself + to the two given IP addresses using the given workgroup names. If you leave out the + workgroup name, then the one given in the parameter + is used instead. + + + + The IP addresses you choose would normally be the broadcast addresses of the remote + networks, but can also be the IP addresses of known browse masters if your network + config is that stable. + + + + See the chapter on Network Browsing in the Samba-HOWTO book. + + + + + diff --git a/docs-xml/smbdotconf/misc/remotebrowsesync.xml b/docs-xml/smbdotconf/misc/remotebrowsesync.xml new file mode 100644 index 0000000..c0b106e --- /dev/null +++ b/docs-xml/smbdotconf/misc/remotebrowsesync.xml @@ -0,0 +1,50 @@ + + + + This option allows you to setup nmbd + 8 to periodically request + synchronization of browse lists with the master browser of a Samba + server that is on a remote segment. This option will allow you to + gain browse lists for multiple workgroups across routed networks. This + is done in a manner that does not work with any non-Samba servers. + + + + This is useful if you want your Samba server and all local + clients to appear in a remote workgroup for which the normal browse + propagation rules don't work. The remote workgroup can be anywhere + that you can send IP packets to. + + + + For example: + +remote browse sync = 192.168.2.255 192.168.4.255 + + the above line would cause nmbd to request the master browser on the + specified subnets or addresses to synchronize their browse lists with + the local server. + + + + The IP addresses you choose would normally be the broadcast + addresses of the remote networks, but can also be the IP addresses + of known browse masters if your network config is that stable. If + a machine IP address is given Samba makes NO attempt to validate + that the remote machine is available, is listening, nor that it + is in fact the browse master on its segment. + + + + The may be used on networks + where there is no WINS server, and may be used on disjoint networks where + each network has its own WINS server. + + + + + diff --git a/docs-xml/smbdotconf/misc/resetonzerovc.xml b/docs-xml/smbdotconf/misc/resetonzerovc.xml new file mode 100644 index 0000000..a991733 --- /dev/null +++ b/docs-xml/smbdotconf/misc/resetonzerovc.xml @@ -0,0 +1,28 @@ + + + + This boolean option controls whether an incoming SMB1 session setup + should kill other connections coming from the same IP. This matches + the default Windows 2003 behaviour. + + Setting this parameter to yes becomes necessary when you have a flaky + network and windows decides to reconnect while the old connection + still has files with share modes open. These files become inaccessible + over the new connection. + + The client sends a zero VC on the new connection, and Windows 2003 + kills all other connections coming from the same IP. This way the + locked files are accessible again. + + Please be aware that enabling this option will kill + connections behind a masquerading router, and will not trigger + for clients that only use SMB2 or SMB3. + + + + +no + diff --git a/docs-xml/smbdotconf/misc/rootpostexec.xml b/docs-xml/smbdotconf/misc/rootpostexec.xml new file mode 100644 index 0000000..4e74fc8 --- /dev/null +++ b/docs-xml/smbdotconf/misc/rootpostexec.xml @@ -0,0 +1,16 @@ + + + + This is the same as the postexec + parameter except that the command is run as root. This is useful for + unmounting filesystems (such as CDROMs) after a connection is closed. + + + +postexec + + diff --git a/docs-xml/smbdotconf/misc/rootpreexec.xml b/docs-xml/smbdotconf/misc/rootpreexec.xml new file mode 100644 index 0000000..32c4ef7 --- /dev/null +++ b/docs-xml/smbdotconf/misc/rootpreexec.xml @@ -0,0 +1,18 @@ + + + + This is the same as the preexec + parameter except that the command is run as root. This is useful for + mounting filesystems (such as CDROMs) when a connection is opened. + + + +preexec +preexec close + + + diff --git a/docs-xml/smbdotconf/misc/rootpreexecclose.xml b/docs-xml/smbdotconf/misc/rootpreexecclose.xml new file mode 100644 index 0000000..35fd883 --- /dev/null +++ b/docs-xml/smbdotconf/misc/rootpreexecclose.xml @@ -0,0 +1,14 @@ + + + This is the same as the preexec close + parameter except that the command is run as root. + + +preexec +preexec close + +no + diff --git a/docs-xml/smbdotconf/misc/smbdasyncdosmode.xml b/docs-xml/smbdotconf/misc/smbdasyncdosmode.xml new file mode 100644 index 0000000..03d902c --- /dev/null +++ b/docs-xml/smbdotconf/misc/smbdasyncdosmode.xml @@ -0,0 +1,13 @@ + + + + This parameter control whether the fileserver will use sync or async + methods for fetching the DOS attributes when doing a directory listing. By default sync methods will be + used. + + +no + diff --git a/docs-xml/smbdotconf/misc/smbdgetinfoasksharemode.xml b/docs-xml/smbdotconf/misc/smbdgetinfoasksharemode.xml new file mode 100644 index 0000000..1bef948 --- /dev/null +++ b/docs-xml/smbdotconf/misc/smbdgetinfoasksharemode.xml @@ -0,0 +1,14 @@ + + + + This parameter allows disabling fetching file write time from the open + file handle database locking.tdb when a client requests file or + directory metadata. It's a performance optimisation at the expense of + protocol correctness. + + +yes + diff --git a/docs-xml/smbdotconf/misc/smbdmaxasyncdosmode.xml b/docs-xml/smbdotconf/misc/smbdmaxasyncdosmode.xml new file mode 100644 index 0000000..b375298 --- /dev/null +++ b/docs-xml/smbdotconf/misc/smbdmaxasyncdosmode.xml @@ -0,0 +1,12 @@ + + + + This parameter controls how many async operations to fetch the DOS + attributes the fileserver will queue when doing directory listings. + + +aio max threads * 2 + diff --git a/docs-xml/smbdotconf/misc/smbdmaxxattrsize.xml b/docs-xml/smbdotconf/misc/smbdmaxxattrsize.xml new file mode 100644 index 0000000..3ae91a3 --- /dev/null +++ b/docs-xml/smbdotconf/misc/smbdmaxxattrsize.xml @@ -0,0 +1,28 @@ + + + + This parameter controls the maximum size of extended attributes + that may be written to the server as EAs or as alternate data + streams if vfs_streams_xattr is enabled. The maximum size of + extended attributes depends on the Samba server's operating system + and the underlying filesystem. The Linux VFS currently sets an + upper boundary of 64 KiB per extended attribute. FreeBSD does not + set a practical upper limit, but since pread() and pwrite() are not + possible via the extattr on FreeBSD, it is not recommended to + increase this value above a few MiB. + + If a client attempts to write an overly-large alternate datastream, + the Samba server will return STATUS_FILESYSTEM_LIMITATION. + If this error is encountered, users may try increasing the maximum + size supported for xattr writes. If this is not possible, and + writes are from a MacOS client and to an AFP_Resource extended + attribute, the user may enable the vfs_fruit module and configure + to allow stream writes for AFP_Resource to an alternative storage + location. See vfs_fruit documentation for further details. + + +65536 + diff --git a/docs-xml/smbdotconf/misc/smbdprofilinglevel.xml b/docs-xml/smbdotconf/misc/smbdprofilinglevel.xml new file mode 100644 index 0000000..54dccf0 --- /dev/null +++ b/docs-xml/smbdotconf/misc/smbdprofilinglevel.xml @@ -0,0 +1,17 @@ + + + + This parameter allows the administrator to enable profiling support. + + + Possible values are off, + count and on. + + +off +on + diff --git a/docs-xml/smbdotconf/misc/smbdsearchasksharemode.xml b/docs-xml/smbdotconf/misc/smbdsearchasksharemode.xml new file mode 100644 index 0000000..de78818 --- /dev/null +++ b/docs-xml/smbdotconf/misc/smbdsearchasksharemode.xml @@ -0,0 +1,13 @@ + + + + This parameter allows disabling fetching file write time from the open + file handle database locking.tdb. It's a performance optimisation at + the expense of protocol correctness. + + +yes + diff --git a/docs-xml/smbdotconf/misc/spotlight.xml b/docs-xml/smbdotconf/misc/spotlight.xml new file mode 100644 index 0000000..04631d3 --- /dev/null +++ b/docs-xml/smbdotconf/misc/spotlight.xml @@ -0,0 +1,31 @@ + + + + This parameter controls whether Samba allows Spotlight + queries on a share. For controlling indexing of filesystems + you also have to use Tracker's own configuration system. + + + + Spotlight has several prerequisites: + + + + + Samba must be configured and built with Spotlight support. + + + Tracker integration must be setup and the + share must be indexed by Tracker. + + + For a detailed set of instructions please see https://wiki.samba.org/index.php/Spotlight. + + + +no + diff --git a/docs-xml/smbdotconf/misc/spotlight_backend.xml b/docs-xml/smbdotconf/misc/spotlight_backend.xml new file mode 100644 index 0000000..0643fc1 --- /dev/null +++ b/docs-xml/smbdotconf/misc/spotlight_backend.xml @@ -0,0 +1,30 @@ + + + + Spotlight search backend. Available backends: + + + noindex - + a backend that returns no results. + + + + + + tracker - + Gnome Tracker. + + + elasticsearch - + a backend that uses JSON and REST over HTTP(s) to query an + Elasticsearch server. + + + + +noindex + diff --git a/docs-xml/smbdotconf/misc/statedirectory.xml b/docs-xml/smbdotconf/misc/statedirectory.xml new file mode 100644 index 0000000..12481fc --- /dev/null +++ b/docs-xml/smbdotconf/misc/statedirectory.xml @@ -0,0 +1,21 @@ + + + Usually, most of the TDB files are stored in the + lock directory. Since + Samba 3.4.0, it is possible to differentiate between TDB files + with persistent data and TDB files with non-persistent data using + the state directory and the + cache directory options. + + + This option specifies the directory where TDB files containing + important persistent data will be stored. + + + +&pathconfig.STATEDIR; +/var/run/samba/locks/state + diff --git a/docs-xml/smbdotconf/misc/usershareallowguests.xml b/docs-xml/smbdotconf/misc/usershareallowguests.xml new file mode 100644 index 0000000..be210bf --- /dev/null +++ b/docs-xml/smbdotconf/misc/usershareallowguests.xml @@ -0,0 +1,15 @@ + + + This parameter controls whether user defined shares are allowed + to be accessed by non-authenticated users or not. It is the equivalent + of allowing people who can create a share the option of setting + guest ok = yes in a share + definition. Due to its security sensitive nature, the default + is set to off. + + +no + diff --git a/docs-xml/smbdotconf/misc/usersharemaxshares.xml b/docs-xml/smbdotconf/misc/usersharemaxshares.xml new file mode 100644 index 0000000..0d69bb8 --- /dev/null +++ b/docs-xml/smbdotconf/misc/usersharemaxshares.xml @@ -0,0 +1,13 @@ + + + This parameter specifies the number of user defined shares + that are allowed to be created by users belonging to the group owning the + usershare directory. If set to zero (the default) user defined shares are ignored. + + + +0 + diff --git a/docs-xml/smbdotconf/misc/usershareowneronly.xml b/docs-xml/smbdotconf/misc/usershareowneronly.xml new file mode 100644 index 0000000..5b33492 --- /dev/null +++ b/docs-xml/smbdotconf/misc/usershareowneronly.xml @@ -0,0 +1,18 @@ + + + This parameter controls whether the pathname exported by + a user defined shares must be owned by the user creating the + user defined share or not. If set to True (the default) then + smbd checks that the directory path being shared is owned by + the user who owns the usershare file defining this share and + refuses to create the share if not. If set to False then no + such check is performed and any directory path may be exported + regardless of who owns it. + + + +yes + diff --git a/docs-xml/smbdotconf/misc/usersharepath.xml b/docs-xml/smbdotconf/misc/usersharepath.xml new file mode 100644 index 0000000..99fea94 --- /dev/null +++ b/docs-xml/smbdotconf/misc/usersharepath.xml @@ -0,0 +1,32 @@ + + + This parameter specifies the absolute path of the directory on the + filesystem used to store the user defined share definition files. + This directory must be owned by root, and have no access for + other, and be writable only by the group owner. In addition the + "sticky" bit must also be set, restricting rename and delete to + owners of a file (in the same way the /tmp directory is usually configured). + Members of the group owner of this directory are the users allowed to create + usershares. + + + For example, a valid usershare directory might be /usr/local/samba/lib/usershares, + set up as follows. + + + + ls -ld /usr/local/samba/lib/usershares/ + drwxrwx--T 2 root power_users 4096 2006-05-05 12:27 /usr/local/samba/lib/usershares/ + + + + In this case, only members of the group "power_users" can create user defined shares. + + + +&pathconfig.STATEDIR;/usershares + diff --git a/docs-xml/smbdotconf/misc/usershareprefixallowlist.xml b/docs-xml/smbdotconf/misc/usershareprefixallowlist.xml new file mode 100644 index 0000000..4c236fe --- /dev/null +++ b/docs-xml/smbdotconf/misc/usershareprefixallowlist.xml @@ -0,0 +1,23 @@ + + + This parameter specifies a list of absolute pathnames + the root of which are allowed to be exported by user defined share definitions. + If the pathname to be exported doesn't start with one of the strings in this + list, the user defined share will not be allowed. This allows the Samba + administrator to restrict the directories on the system that can be + exported by user defined shares. + + + If there is a "usershare prefix deny list" and also a + "usershare prefix allow list" the deny list is processed + first, followed by the allow list, thus leading to the most + restrictive interpretation. + + + + +/home /data /space + diff --git a/docs-xml/smbdotconf/misc/usershareprefixdenylist.xml b/docs-xml/smbdotconf/misc/usershareprefixdenylist.xml new file mode 100644 index 0000000..c0e18a7 --- /dev/null +++ b/docs-xml/smbdotconf/misc/usershareprefixdenylist.xml @@ -0,0 +1,24 @@ + + + This parameter specifies a list of absolute pathnames + the root of which are NOT allowed to be exported by user defined share definitions. + If the pathname exported starts with one of the strings in this + list the user defined share will not be allowed. Any pathname not + starting with one of these strings will be allowed to be exported + as a usershare. This allows the Samba administrator to restrict the + directories on the system that can be exported by user defined shares. + + + If there is a "usershare prefix deny list" and also a + "usershare prefix allow list" the deny list is processed + first, followed by the allow list, thus leading to the most + restrictive interpretation. + + + + +/etc /dev /private + diff --git a/docs-xml/smbdotconf/misc/usersharetemplateshare.xml b/docs-xml/smbdotconf/misc/usersharetemplateshare.xml new file mode 100644 index 0000000..3a74dcb --- /dev/null +++ b/docs-xml/smbdotconf/misc/usersharetemplateshare.xml @@ -0,0 +1,23 @@ + + + User defined shares only have limited possible parameters + such as path, guest ok, etc. This parameter allows usershares to + "cloned" from an existing share. If "usershare template share" + is set to the name of an existing share, then all usershares + created have their defaults set from the parameters set on this + share. + + + The target share may be set to be invalid for real file + sharing by setting the parameter "-valid = False" on the template + share definition. This causes it not to be seen as a real exported + share but to be able to be used as a template for usershares. + + + + +template_share + diff --git a/docs-xml/smbdotconf/misc/utmp.xml b/docs-xml/smbdotconf/misc/utmp.xml new file mode 100644 index 0000000..6382d46 --- /dev/null +++ b/docs-xml/smbdotconf/misc/utmp.xml @@ -0,0 +1,24 @@ + + + + This boolean parameter is only available if Samba has been configured and compiled + with the option --with-utmp. If set to + yes then Samba will attempt to add utmp or utmpx records + (depending on the UNIX system) whenever a connection is made to a Samba server. + Sites may use this to record the user connecting to a Samba share. + + + + Due to the requirements of the utmp record, we are required to create a unique + identifier for the incoming user. Enabling this option creates an n^2 algorithm + to find this number. This may impede performance on large installations. + + + +utmp directory + +no + diff --git a/docs-xml/smbdotconf/misc/utmpdirectory.xml b/docs-xml/smbdotconf/misc/utmpdirectory.xml new file mode 100644 index 0000000..96b45db --- /dev/null +++ b/docs-xml/smbdotconf/misc/utmpdirectory.xml @@ -0,0 +1,20 @@ + + + This parameter is only available if Samba has + been configured and compiled with the option + --with-utmp. It specifies a directory pathname that is + used to store the utmp or utmpx files (depending on the UNIX system) that + record user connections to a Samba server. By default this is + not set, meaning the system will use whatever utmp file the + native system is set to use (usually + /var/run/utmp on Linux). + + +utmp + +Determined automatically +/var/run/utmp + diff --git a/docs-xml/smbdotconf/misc/valid.xml b/docs-xml/smbdotconf/misc/valid.xml new file mode 100644 index 0000000..8d86f9c --- /dev/null +++ b/docs-xml/smbdotconf/misc/valid.xml @@ -0,0 +1,20 @@ + + + This parameter indicates whether a share is + valid and thus can be used. When this parameter is set to false, + the share will be in no way visible nor accessible. + + + + This option should not be + used by regular users but might be of help to developers. + Samba uses this option internally to mark shares as deleted. + + +yes + diff --git a/docs-xml/smbdotconf/misc/volume.xml b/docs-xml/smbdotconf/misc/volume.xml new file mode 100644 index 0000000..4f1be6a --- /dev/null +++ b/docs-xml/smbdotconf/misc/volume.xml @@ -0,0 +1,13 @@ + + + This allows you to override the volume label + returned for a share. Useful for CDROMs with installation programs + that insist on a particular volume label. + + +the name of the share + diff --git a/docs-xml/smbdotconf/misc/volumeserialnumber.xml b/docs-xml/smbdotconf/misc/volumeserialnumber.xml new file mode 100644 index 0000000..41cf2c2 --- /dev/null +++ b/docs-xml/smbdotconf/misc/volumeserialnumber.xml @@ -0,0 +1,14 @@ + + + This allows to override the volume serial number + (a 32bit value) reported for a share. + The special value -1 (default) stands for + a unique number that is calculated for each share. + + +-1 +0xabcdefgh + diff --git a/docs-xml/smbdotconf/misc/widelinks.xml b/docs-xml/smbdotconf/misc/widelinks.xml new file mode 100644 index 0000000..09f8aa5 --- /dev/null +++ b/docs-xml/smbdotconf/misc/widelinks.xml @@ -0,0 +1,27 @@ + + + This parameter controls whether or not links + in the UNIX file system may be followed by the server. Links + that point to areas within the directory tree exported by the + server are always allowed; this parameter controls access only + to areas that are outside the directory tree being exported. + + Note: Turning this parameter on when UNIX extensions are enabled + will allow UNIX clients to create symbolic links on the share that + can point to files or directories outside restricted path exported + by the share definition. This can cause access to areas outside of + the share. Due to this problem, this parameter will be automatically + disabled (with a message in the log file) if the + option is on. + + + See the parameter + if you wish to change this coupling between the two parameters. + + + +no + diff --git a/docs-xml/smbdotconf/misc/wspproperties.xml b/docs-xml/smbdotconf/misc/wspproperties.xml new file mode 100644 index 0000000..45c420c --- /dev/null +++ b/docs-xml/smbdotconf/misc/wspproperties.xml @@ -0,0 +1,55 @@ + + + + parameter. + This parameter specifies the file where additional WSP Windows Search Protocol properties + are stored. The format of the file is a csv consisting of 10 comma separated columns. The + first 3 columns are required, the other columns are desirable but not necessary. + + + + Property Name + A property name e.g. System.ItemUrl. + + + GUID + A guid that identifies the propertyset the property belongs to. + + + prop ID + A number that together with the GUID uniquely identifies the property. + + + inInverted Index + Set to TRUE is the property is indexed. + + + isColumn + Set to TRUE if the property is one that can be returned in rows returned from WSP query. + + + type + One of + Boolean,Buffer,Byte,DateTime,Double,Int32,String,UInt16,UInt32,UInt64 + + + MaxSize + maximum size when stored. + + + Vector Property + TRUE if this is a multivalue property. + + + Description + Description of what the property is used for. + + + + + + + diff --git a/docs-xml/smbdotconf/misc/wtmpdirectory.xml b/docs-xml/smbdotconf/misc/wtmpdirectory.xml new file mode 100644 index 0000000..f1b5359 --- /dev/null +++ b/docs-xml/smbdotconf/misc/wtmpdirectory.xml @@ -0,0 +1,22 @@ + + + + This parameter is only available if Samba has been configured and compiled with the option + --with-utmp. It specifies a directory pathname that is used to store the wtmp or wtmpx files (depending on + the UNIX system) that record user connections to a Samba server. The difference with the utmp directory is the fact + that user info is kept after a user has logged out. + + + + By default this is not set, meaning the system will use whatever utmp file the native system is set to use (usually + /var/run/wtmp on Linux). + + + +utmp + +/var/log/wtmp + -- cgit v1.2.3