Editorial review of Samba chapter.
Sponsored by: iXsystems
This commit is contained in:
parent
690284f371
commit
0ba4b9a16e
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/head/; revision=44427
1 changed files with 68 additions and 68 deletions
|
@ -4967,16 +4967,33 @@ DocumentRoot /www/someotherdomain.tld
|
||||||
</indexterm>
|
</indexterm>
|
||||||
|
|
||||||
<para><application>Samba</application> is a popular open source
|
<para><application>Samba</application> is a popular open source
|
||||||
software package that provides file and print services for
|
software package that provides file and print services using the
|
||||||
µsoft.windows; clients. Such clients can connect to and
|
<acronym>SMB/CIFS</acronym> protocol. This protocol is built
|
||||||
use &os; filespace as if it was a local disk drive, or
|
into µsoft.windows; systems. It can be added to
|
||||||
&os; printers as if they were local printers.</para>
|
non-µsoft.windows; systems by installing the
|
||||||
|
<application>Samba</application> client libraries. The protocol
|
||||||
|
allows clients to access
|
||||||
|
shared data and printers. These shares can be mapped as a local disk drive and
|
||||||
|
shared printers can be used as if they were local printers.</para>
|
||||||
|
|
||||||
<para><application>Samba</application> software packages should
|
<para>On &os;, the <application>Samba</application> client
|
||||||
be included on the &os; installation media. If they were not
|
libraries can be installed using the
|
||||||
installed when first installing &os;, then they may be
|
<package>net/samba-libsmbclient</package> port or package. The
|
||||||
installed from the <package>net/samba36</package> port or
|
client provides the ability for a &os; system to access
|
||||||
package.</para>
|
<acronym>SMB/CIFS</acronym> shares in a µsoft.windows;
|
||||||
|
network.</para>
|
||||||
|
|
||||||
|
<para>A &os; system can also be configured to act as a
|
||||||
|
<application>Samba</application> server. This allows the
|
||||||
|
administrator to create <acronym>SMB/CIFS</acronym> shares on
|
||||||
|
the &os; system which can be accessed by clients running
|
||||||
|
µsoft.windows; or the <application>Samba</application>
|
||||||
|
client libraries. In order to configure a
|
||||||
|
<application>Samba</application> server on &os;, the
|
||||||
|
<package>net/samba36</package> port or
|
||||||
|
package must first be installed. The rest of this section
|
||||||
|
provides an overview of how to configure a
|
||||||
|
<application>Samba</application> server on &os;.</para>
|
||||||
|
|
||||||
<!-- mention LDAP, Active Directory, WinBIND, ACL, Quotas, PAM, .. -->
|
<!-- mention LDAP, Active Directory, WinBIND, ACL, Quotas, PAM, .. -->
|
||||||
|
|
||||||
|
@ -5006,10 +5023,9 @@ DocumentRoot /www/someotherdomain.tld
|
||||||
<para>The Samba Web Administration Tool (SWAT) runs as a
|
<para>The Samba Web Administration Tool (SWAT) runs as a
|
||||||
daemon from <application>inetd</application>. Therefore,
|
daemon from <application>inetd</application>. Therefore,
|
||||||
<application>inetd</application> must be enabled as shown in
|
<application>inetd</application> must be enabled as shown in
|
||||||
<xref linkend="network-inetd"/>, and the following line in
|
<xref linkend="network-inetd"/>. To enable
|
||||||
<filename>/etc/inetd.conf</filename> should be uncommented
|
<application>swat</application>, uncomment the following line in
|
||||||
before <application>swat</application> can be used to
|
<filename>/etc/inetd.conf</filename>:</para>
|
||||||
configure <application>Samba</application>:</para>
|
|
||||||
|
|
||||||
<programlisting>swat stream tcp nowait/400 root /usr/local/sbin/swat swat</programlisting>
|
<programlisting>swat stream tcp nowait/400 root /usr/local/sbin/swat swat</programlisting>
|
||||||
|
|
||||||
|
@ -5017,21 +5033,20 @@ DocumentRoot /www/someotherdomain.tld
|
||||||
the <application>inetd</application> configuration must be
|
the <application>inetd</application> configuration must be
|
||||||
reloaded after this configuration file is changed.</para>
|
reloaded after this configuration file is changed.</para>
|
||||||
|
|
||||||
<para>Once <application>swat</application> has been enabled in
|
<para>Once <application>swat</application> has been enabled,
|
||||||
<filename>inetd.conf</filename>, a web browser may be used
|
use a web browser
|
||||||
to connect to <uri
|
to connect to <uri
|
||||||
xlink:href="http://localhost:901">http://localhost:901</uri>.
|
xlink:href="http://localhost:901">http://localhost:901</uri>.
|
||||||
At first login, the system <systemitem
|
At first login, enter the credentials for <systemitem
|
||||||
class="username">root</systemitem> account must be
|
class="username">root</systemitem>.</para>
|
||||||
used.</para>
|
|
||||||
|
|
||||||
<!-- XXX screenshots go here, loader is creating them
|
<!-- XXX screenshots go here, loader is creating them
|
||||||
XXXTR: I'll believe it when I see it. -->
|
XXXTR: I'll believe it when I see it. -->
|
||||||
|
|
||||||
<para>Once successfully logging on to the main
|
<para>Once logged in, the main
|
||||||
<application>Samba</application> configuration page, the
|
<application>Samba</application> configuration page and the
|
||||||
system documentation will be available, or configuration may
|
system documentation will be available. Begin configuration
|
||||||
begin by clicking on the <guimenu>Globals</guimenu> tab.
|
by clicking on the <guimenu>Globals</guimenu> tab.
|
||||||
The <guimenu>Globals</guimenu> section corresponds to the
|
The <guimenu>Globals</guimenu> section corresponds to the
|
||||||
variables that are set in the <literal>[global]</literal>
|
variables that are set in the <literal>[global]</literal>
|
||||||
section of
|
section of
|
||||||
|
@ -5041,8 +5056,8 @@ DocumentRoot /www/someotherdomain.tld
|
||||||
<sect3>
|
<sect3>
|
||||||
<title>Global Settings</title>
|
<title>Global Settings</title>
|
||||||
|
|
||||||
<para>Whether <application>swat</application> is being used or
|
<para>Whether <application>swat</application> is used or
|
||||||
<filename>/usr/local/etc/smb.conf</filename> is being edited
|
<filename>/usr/local/etc/smb.conf</filename> is edited
|
||||||
directly, the first directives encountered when configuring
|
directly, the first directives encountered when configuring
|
||||||
<application>Samba</application> are:</para>
|
<application>Samba</application> are:</para>
|
||||||
|
|
||||||
|
@ -5051,7 +5066,7 @@ DocumentRoot /www/someotherdomain.tld
|
||||||
<term><literal>workgroup</literal></term>
|
<term><literal>workgroup</literal></term>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>NT Domain-Name or Workgroup-Name for the computers
|
<para>The domain name or workgroup name for the computers
|
||||||
that will be accessing this server.</para>
|
that will be accessing this server.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
@ -5060,7 +5075,7 @@ DocumentRoot /www/someotherdomain.tld
|
||||||
<term><literal>netbios name</literal></term>
|
<term><literal>netbios name</literal></term>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>This sets the NetBIOS name by which a
|
<para>The NetBIOS name by which a
|
||||||
<application>Samba</application> server is known.
|
<application>Samba</application> server is known.
|
||||||
By default it is the same as the first component of
|
By default it is the same as the first component of
|
||||||
the host's <acronym>DNS</acronym> name.</para>
|
the host's <acronym>DNS</acronym> name.</para>
|
||||||
|
@ -5071,7 +5086,7 @@ DocumentRoot /www/someotherdomain.tld
|
||||||
<term><literal>server string</literal></term>
|
<term><literal>server string</literal></term>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>This sets the string that will be displayed with
|
<para>The string that will be displayed with
|
||||||
the <command>net view</command> command and some other
|
the <command>net view</command> command and some other
|
||||||
networking tools that seek to display descriptive text
|
networking tools that seek to display descriptive text
|
||||||
about the server.</para>
|
about the server.</para>
|
||||||
|
@ -5085,7 +5100,7 @@ DocumentRoot /www/someotherdomain.tld
|
||||||
|
|
||||||
<para>Two of the most important settings in
|
<para>Two of the most important settings in
|
||||||
<filename>/usr/local/etc/smb.conf</filename> are the
|
<filename>/usr/local/etc/smb.conf</filename> are the
|
||||||
security model chosen, and the backend password format for
|
security model and the backend password format for
|
||||||
client users. The following directives control these
|
client users. The following directives control these
|
||||||
options:</para>
|
options:</para>
|
||||||
|
|
||||||
|
@ -5094,11 +5109,11 @@ DocumentRoot /www/someotherdomain.tld
|
||||||
<term><literal>security</literal></term>
|
<term><literal>security</literal></term>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>The two most common options here are
|
<para>The two most common options are
|
||||||
<literal>security = share</literal> and
|
<literal>security = share</literal> and
|
||||||
<literal>security = user</literal>. If the clients
|
<literal>security = user</literal>. If the clients
|
||||||
use usernames that are the same as their usernames on
|
use usernames that are the same as their usernames on
|
||||||
the &os; machine then user level security should be
|
the &os; machine, user level security should be
|
||||||
used. This is the default security policy and it
|
used. This is the default security policy and it
|
||||||
requires clients to first log on before they can
|
requires clients to first log on before they can
|
||||||
access shared resources.</para>
|
access shared resources.</para>
|
||||||
|
@ -5133,74 +5148,59 @@ DocumentRoot /www/someotherdomain.tld
|
||||||
backend is used, the
|
backend is used, the
|
||||||
<filename>/usr/local/etc/samba/smbpasswd</filename> file
|
<filename>/usr/local/etc/samba/smbpasswd</filename> file
|
||||||
must be created to allow <application>Samba</application> to
|
must be created to allow <application>Samba</application> to
|
||||||
authenticate clients. To provide the &unix; user accounts
|
authenticate clients. To provide &unix; user accounts
|
||||||
access from &windows; clients, use the following
|
access from &windows; clients, use the following
|
||||||
command:</para>
|
command to add each required user to that file:</para>
|
||||||
|
|
||||||
<screen>&prompt.root; <userinput>smbpasswd -a username</userinput></screen>
|
<screen>&prompt.root; <userinput>smbpasswd -a <replaceable>username</replaceable></userinput></screen>
|
||||||
|
|
||||||
<note>
|
<note>
|
||||||
<para>The recommended backend is now
|
<para>The recommended backend is now
|
||||||
<literal>tdbsam</literal>, and the following command
|
<literal>tdbsam</literal>. If this backend is selected, use the following command
|
||||||
should be used to add user accounts:</para>
|
to add user accounts:</para>
|
||||||
|
|
||||||
<screen>&prompt.root; <userinput>pdbedit -a -u <replaceable>username</replaceable></userinput></screen>
|
<screen>&prompt.root; <userinput>pdbedit -a -u <replaceable>username</replaceable></userinput></screen>
|
||||||
</note>
|
</note>
|
||||||
|
|
||||||
<para>Please see the <link
|
<para>This section has only mentioned the most commonly used
|
||||||
|
settings. Refer to the <link
|
||||||
xlink:href="http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/">Official
|
xlink:href="http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/">Official
|
||||||
Samba HOWTO</link> for additional information about
|
Samba HOWTO</link> for additional information about the
|
||||||
configuration options. With the basics outlined here, the
|
available configuration options.</para>
|
||||||
minimal required start running
|
|
||||||
<application>Samba</application> will be explained. Other
|
|
||||||
documentation should be consulted in addition to the
|
|
||||||
information here.</para>
|
|
||||||
</sect3>
|
</sect3>
|
||||||
</sect2>
|
</sect2>
|
||||||
|
|
||||||
<sect2>
|
<sect2>
|
||||||
<title>Starting <application>Samba</application></title>
|
<title>Starting <application>Samba</application></title>
|
||||||
|
|
||||||
<para>The <package>net/samba36</package> port adds a new startup
|
<para>To enable
|
||||||
script, which can be used to control
|
<application>Samba</application> at boot time, add the following line to
|
||||||
<application>Samba</application>. To enable this script, so
|
<filename>/etc/rc.conf</filename>:</para>
|
||||||
that it can be used for example to start, stop or restart
|
|
||||||
<application>Samba</application>, add the following line to
|
|
||||||
the <filename>/etc/rc.conf</filename> file:</para>
|
|
||||||
|
|
||||||
<programlisting>samba_enable="YES"</programlisting>
|
<programlisting>samba_enable="YES"</programlisting>
|
||||||
|
|
||||||
<para>Or, for fine grain control:</para>
|
<para>Alternately, its services can be started separately:</para>
|
||||||
|
|
||||||
<programlisting>nmbd_enable="YES"</programlisting>
|
<programlisting>nmbd_enable="YES"</programlisting>
|
||||||
|
|
||||||
<programlisting>smbd_enable="YES"</programlisting>
|
<programlisting>smbd_enable="YES"</programlisting>
|
||||||
|
|
||||||
<note>
|
<para>To start
|
||||||
<para>This will also configure
|
<application>Samba</application> now:</para>
|
||||||
<application>Samba</application> to automatically start at
|
|
||||||
system boot time.</para>
|
|
||||||
</note>
|
|
||||||
|
|
||||||
<para>It is possible then to start
|
|
||||||
<application>Samba</application> at any time by typing:</para>
|
|
||||||
|
|
||||||
<screen>&prompt.root; <userinput>service samba start</userinput>
|
<screen>&prompt.root; <userinput>service samba start</userinput>
|
||||||
Starting SAMBA: removing stale tdbs :
|
Starting SAMBA: removing stale tdbs :
|
||||||
Starting nmbd.
|
Starting nmbd.
|
||||||
Starting smbd.</screen>
|
Starting smbd.</screen>
|
||||||
|
|
||||||
<para>Please refer to <xref linkend="configtuning-rcd"/> for
|
<para><application>Samba</application> consists of
|
||||||
more information about using rc scripts.</para>
|
three separate daemons. Both the
|
||||||
|
|
||||||
<para><application>Samba</application> actually consists of
|
|
||||||
three separate daemons. Notice that both the
|
|
||||||
<application>nmbd</application> and
|
<application>nmbd</application> and
|
||||||
<application>smbd</application> daemons are started by the
|
<application>smbd</application> daemons are started by
|
||||||
<filename>samba</filename> script. If winbind,
|
<varname>samba_enable</varname>. If winbind
|
||||||
name resolution services were enabled in
|
name resolution services are enabled in
|
||||||
<filename>smb.conf</filename>,
|
<filename>smb.conf</filename>,
|
||||||
the <application>winbindd</application> daemon will be
|
the <application>winbindd</application> daemon is
|
||||||
started as well.</para>
|
started as well.</para>
|
||||||
|
|
||||||
<para><application>Samba</application> may be stopped at any
|
<para><application>Samba</application> may be stopped at any
|
||||||
|
@ -5211,8 +5211,8 @@ Starting smbd.</screen>
|
||||||
<para><application>Samba</application> is a complex software
|
<para><application>Samba</application> is a complex software
|
||||||
suite with functionality that allows broad integration with
|
suite with functionality that allows broad integration with
|
||||||
µsoft.windows; networks. For more information about
|
µsoft.windows; networks. For more information about
|
||||||
functionality beyond the basic installation described here,
|
functionality beyond the basic configuration described here,
|
||||||
please see <uri
|
refer to <uri
|
||||||
xlink:href="http://www.samba.org">http://www.samba.org</uri>.</para>
|
xlink:href="http://www.samba.org">http://www.samba.org</uri>.</para>
|
||||||
</sect2>
|
</sect2>
|
||||||
</sect1>
|
</sect1>
|
||||||
|
|
Loading…
Reference in a new issue