Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-doc-cvs

From: Lukasz Damentko <rane@×××××××××××.org>
To: gentoo-doc-cvs@l.g.o
Subject: [gentoo-doc-cvs] cvs commit: samba-p2.xml
Date: Sun, 09 Oct 2005 18:31:54
Message-Id: 200510091822.j99IMmIl014643@robin.gentoo.org
1 rane 05/10/09 18:31:43
2
3 Modified: xml/htdocs/doc/en/articles samba-p1.xml
4 Added: xml/htdocs/doc/en/articles samba-p2.xml samba-p3.xml
5 Log:
6 #106233, two new articles
7
8 Revision Changes Path
9 1.2 +1 -13 xml/htdocs/doc/en/articles/samba-p1.xml
10
11 file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/samba-p1.xml?rev=1.2&content-type=text/x-cvsweb-markup&cvsroot=gentoo
12 plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/samba-p1.xml?rev=1.2&content-type=text/plain&cvsroot=gentoo
13 diff : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/samba-p1.xml.diff?r1=1.1&r2=1.2&cvsroot=gentoo
14
15 Index: samba-p1.xml
16 ===================================================================
17 RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/samba-p1.xml,v
18 retrieving revision 1.1
19 retrieving revision 1.2
20 diff -u -r1.1 -r1.2
21 --- samba-p1.xml 9 Oct 2005 11:26:57 -0000 1.1
22 +++ samba-p1.xml 9 Oct 2005 18:31:43 -0000 1.2
23 @@ -1,6 +1,6 @@
24 <?xml version="1.0" encoding="UTF-8"?>
25 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
26 -<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/samba-p1.xml,v 1.1 2005/10/09 11:26:57 rane Exp $ -->
27 +<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/samba-p1.xml,v 1.2 2005/10/09 18:31:43 rane Exp $ -->
28
29 <guide link="/doc/en/articles/samba-p1.xml" disclaimer="articles">
30 <title>Introduction to Samba, Part 1</title>
31 @@ -399,10 +399,6 @@
32
33 <ul>
34 <li>The main <uri link="http://fi.samba.org">Samba</uri> web site</li>
35 - <li>
36 - <uri link="http://www.kampsax.dtu.dk/~rask/Samba/mailinglist/">Amiga
37 - Samba</uri> mailing list
38 - </li>
39 <li><uri link="http://linuxguy.net/samba.htm">Samba</uri> by Ed Weinberg</li>
40 <li>
41 <e><uri link="http://www.amazon.com/exec/obidos/ASIN/0672318628/">Samba
42 @@ -413,20 +409,12 @@
43 (O'Reilly Publishing; 1999)
44 </li>
45 <li>
46 - <uri link="http://www.mdb.ku.dk/tarvin/samba/">Samba Notes</uri> on Samba
47 - and Redhat
48 - </li>
49 - <li>
50 <uri link="http://jazz.external.hp.com/src/samba/">Samba/iX</uri>: Samba
51 support on MPE/iX 6.0
52 </li>
53 <li>
54 The <uri link="http://fi.samba.org/docs/swat_ssl.html">SWAT</uri> main page
55 </li>
56 - <li>
57 - <uri link="http://www.cs.wisc.edu/">GhostScript</uri> at the University of
58 - Wisconsin.
59 - </li>
60 </ul>
61
62 </body>
63
64
65
66 1.1 xml/htdocs/doc/en/articles/samba-p2.xml
67
68 file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/samba-p2.xml?rev=1.1&content-type=text/x-cvsweb-markup&cvsroot=gentoo
69 plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/samba-p2.xml?rev=1.1&content-type=text/plain&cvsroot=gentoo
70
71 Index: samba-p2.xml
72 ===================================================================
73 <?xml version="1.0" encoding="UTF-8"?>
74 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
75 <!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/samba-p2.xml,v 1.1 2005/10/09 18:31:43 rane Exp $ -->
76
77 <guide link="/doc/en/articles/samba-p2.xml" disclaimer="articles">
78 <title>Introduction to Samba, Part 2</title>
79
80 <author title="Author">
81 <mail link="drobbins@g.o">Daniel Robbins</mail>
82 </author>
83 <!-- <author title="Editor">
84 <mail link="jackdark@×××××.com">Joshua Saddler</mail>
85 </author> -->
86
87 <abstract>
88 In his previous article, Daniel introduced you to what Samba can do. Now it's
89 time to get it running on your system. In this article, he'll walk you through
90 the process of compiling, installing, and initially configuring Samba (version
91 2.0.7) so that it works in your environment.
92 </abstract>
93
94 <!-- The original version of this article was first published on IBM
95 developerWorks, and is property of Westtech Information Services. This document
96 is an updated version of the original article, and contains various improvements
97 made by the Gentoo Linux Documentation team -->
98
99 <version>1.0</version>
100 <date>2005-10-06</date>
101
102 <chapter>
103 <title>Compiling, installing, and configuring Samba for your environment</title>
104 <section>
105 <title>Downloading Samba</title>
106 <body>
107
108 <p>
109 OK, it's time to download Samba 2.0.7 or greater from the Samba.org Web site
110 (see <uri link="#resources">Resources</uri> later in this article).
111 </p>
112
113 <note>
114 While I'll be compiling Samba from scratch, you may choose to install Samba from
115 a binary package (such as RPM that came with your Linux distribution). This is
116 perfectly OK. But, as I mentioned in my last article, if you do this, your file
117 locations may be slightly different than what I refer to here.
118 </note>
119
120 <p>
121 After you've downloaded Samba 2.0.7 or greater, it's time to decompress it to a
122 directory location of your choice. From the command prompt, type:
123 </p>
124
125 <pre caption="Unpacking the source files">
126 $ <i>tar -xzvf samba-2.0.7.tar.gz</i>
127 </pre>
128
129 <p>
130 A <path>samba-2.0.7</path> directory will be created. <c>cd</c> into it, and
131 we'll take a look around. First, notice the docs directory. Inside it you'll
132 see another directory called <path>textdocs</path>. <path>texdocs</path>
133 contains a whole bunch of Samba documentation. One of the most important files
134 in the <path>textdocs</path> directory is called DIAGNOSIS.txt. It walks you
135 through a step-by-step process of diagnosing problems you may have with proper
136 Samba operation. We'll be covering some, but not all, of the diagnosis
137 procedures mentioned in this file.
138 </p>
139
140 </body>
141 </section>
142 <section>
143 <title>Compiling and installing Samba</title>
144 <body>
145
146 <p>
147 You'll also notice the <path>sources</path> directory in the main
148 <path>samba-2.0.7</path> directory. Inside <path>sources</path> you'll find a
149 well designed configure script designed to set up all the makefiles properly. As
150 with any other configure script, to get a list of the configuration options,
151 type:
152 </p>
153
154 <pre caption="Investigating options">
155 $ <i>./configure --help</i>
156 </pre>
157
158 <p>
159 You will probably want to pipe the output to <c>more</c> so that you can view
160 all the options:
161 </p>
162
163 <pre caption="Even more options">
164 $ <i>./configure --help | more</i>
165 </pre>
166
167 <p>
168 Note the directory and file name options. Notice where everything gets
169 installed, and that the default install path is <path>/usr/local/samba</path>.
170 You will probably want to change this to <path>/usr/local</path> by passing the
171 <c>--prefix=/usr/local</c> option when you configure Samba. For this example,
172 I'm going to use the following path settings:
173 </p>
174
175 <pre caption="Configuring the directory options">
176 $ <i>./configure --prefix=/usr/local --localstatedir=/var/log --sysconfdir=/etc</i>
177 </pre>
178
179 <p>
180 The above configuration options will cause Samba's default tree to be in
181 <path>/usr/local</path>, with the exception of the configuration files. Samba
182 will expect to find these in <path>/etc</path> and log files, which will end up
183 in <path>/var/log</path>. If you omit those configure options, you'll find
184 everything in the <path>/usr/local/samba</path> directory tree
185 (<path>/usr/local/samba/var</path>, <path>/usr/local/samba/etc</path>, etc.).
186 </p>
187
188 <p>
189 It's now time to start the compilation. After running <c>configure</c>, type:
190 </p>
191
192 <pre caption="Compiling Samba">
193 $ <i>make</i>
194 </pre>
195
196 <p>
197 After compilation completes, type the following as root to install the
198 software:
199 </p>
200
201 <pre caption="Installing Samba">
202 # <i>make install</i>
203 </pre>
204
205 </body>
206 </section>
207 <section>
208 <title>Configuring the server</title>
209 <body>
210
211 <p>
212 For the most part, configuring Samba begins and ends with the
213 <path>smb.conf</path> file. This is Samba's main configuration file. It has
214 many different configuration options. To avoid confusion, we're going to start
215 only with those options essential to the proper operation of Samba. First,
216 you'll need to find out where <path>smb.conf</path> should be. If you used the
217 configuration options I specified above, you should place <path>smb.conf</path>
218 in <path>/etc</path>. If you used the default paths, Samba will look for it in
219 <path>/usr/local/samba/etc</path>. To get started, <c>cd</c> to the appropriate
220 directory, fire up your favorite text editor, and type in the following lines.
221 I'll intersperse commentary along the way to provide you with a good
222 understanding of what each option does. Add these lines to your
223 <path>smb.conf</path> file:
224 </p>
225
226 <pre caption="smb.conf">
227 [global]
228 workgroup = YOURWORKGROUP
229 security = user
230 encrypt passwords = yes
231 guest account = guest
232 </pre>
233
234 <p>
235 The first line tells Samba that we are placing options in the "global" section.
236 There are many options that are intended to be defined only in this section.
237 These options control the global behavior of Samba.
238 </p>
239
240 <p>
241 The second line tells Samba the name of the Windows workgroup that Samba will
242 create. Replace YOURWORKGROUP with an appropriate name for your workgroup.
243 </p>
244
245 <p>
246 On the third line, we tell Samba to run in user-level security mode. This
247 option will cause Samba to tell all connecting Windows clients that they need to
248 provide a valid username/password combination to gain access to any network
249 resource. This is definitely a good thing. User-level security is Samba's most
250 often used security level because it's an excellent match for the majority of
251 file sharing situations. However, there are other security levels available.
252 One handy mode tells Samba to authenticate all users against the security
253 database of an existing Windows NT or 2000 Server. We won't be covering that
254 particular mode in this article. If you want more information about it, take a
255 look the "security" option in the <path>smb.conf</path> main page.
256 </p>
257
258 <p>
259 Now, on to the fourth line. Here we tell Samba to exchange passwords with Samba
260 in encrypted mode. You will always want to run Samba in encrypted mode, unless
261 all your client machines are extremely ancient (like Windows for Workgroups-era
262 machines). Enabling encrypted passwords does cause Samba to need its own
263 password file, in addition to the standard Unix password database. If you are
264 thinking that it may be nice to turn encrypted passwords off, so that you can
265 avoid having to maintain two password files, don't do it! Turning encrypted
266 passwords off will cause sharing problems with even moderately old versions of
267 Windows NT 4.0 in addition to Windows 2000. If you really want to avoid
268 maintaining two separate databases, Samba provides several ways to synchronize
269 both databases, which is a better approach.
270 </p>
271
272
273
274
275 1.1 xml/htdocs/doc/en/articles/samba-p3.xml
276
277 file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/samba-p3.xml?rev=1.1&content-type=text/x-cvsweb-markup&cvsroot=gentoo
278 plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/samba-p3.xml?rev=1.1&content-type=text/plain&cvsroot=gentoo
279
280 Index: samba-p3.xml
281 ===================================================================
282 <?xml version="1.0" encoding="UTF-8"?>
283 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
284 <!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/samba-p3.xml,v 1.1 2005/10/09 18:31:43 rane Exp $ -->
285
286 <guide link="/doc/en/articles/samba-p3.xml" disclaimer="articles">
287 <title>Introduction to Samba, Part 3</title>
288
289 <author title="Author">
290 <mail link="drobbins@g.o">Daniel Robbins</mail>
291 </author>
292 <!-- <author title="Editor">
293 <mail link="jackdark@×××××.com">Joshua Saddler</mail>
294 </author> -->
295
296 <abstract>
297 In his previous article, Daniel Robbins guided you through the process of
298 setting up Samba for the first time. Now it's time to configure Samba so that it
299 does everything that you want it to do.
300 </abstract>
301
302 <!-- The original version of this article was first published on IBM
303 developerWorks, and is property of Westtech Information Services. This document
304 is an updated version of the original article, and contains various improvements
305 made by the Gentoo Linux Documentation team -->
306
307 <version>1.0</version>
308 <date>2005-10-08</date>
309
310 <chapter>
311 <title>Getting Samba to samba: The configuration stage</title>
312 <section>
313 <title>A brief review</title>
314 <body>
315
316 <p>
317 Here's a listing of the <path>smb.conf</path> that we've been working with:
318 </p>
319
320 <pre caption="/etc/smb.conf">
321 [global]
322
323 <comment># set YOURWORKGROUP to the name of your workgroup</comment>
324
325 workgroup = YOURWORKGROUP
326 security = user
327 encrypt passwords = yes
328 guest account = guest
329
330 <comment># enable *one* of the following two lines</comment>
331 <comment># enable the first line if you want to use an existing</comment>
332 <comment># WINS server on your subnet, otherwise, enable the</comment>
333 <comment># second.</comment>
334
335 # wins server = IP address of WINS server
336 # wins support = yes
337
338 local master = yes
339 os level = 99
340 domain master = yes
341 preferred master = yes
342
343 <comment># optional security options. Customize for your site.</comment>
344
345 # hosts allow = 192.168.1. 127.
346 # interfaces = eth1
347
348 [tmp]
349 path=/tmp
350 writeable=yes
351 </pre>
352
353 </body>
354 </section>
355 <section>
356 <title>Adding some shares</title>
357 <body>
358
359 <p>
360 While this <path>smb.conf</path> file is functional, all it does is share the
361 <path>/tmp</path> directory with Windows by creating a share with the name of
362 "tmp". Not too exciting. Let's create another share that could be more useful.
363 Add the following lines to your <path>smb.conf</path> and restart Samba.
364 </p>
365
366 <pre caption="Adding an FTP share">
367 [ftp]
368 path=/path/to/ftp/root
369 writeable=no
370 </pre>
371
372 <p>
373 If you have an ftp site or some kind of file archive on your Samba server, you
374 can use something like this to share the data over the network. The
375 <b>writeable=no</b> parameter tells Samba that no one should be allowed to
376 create or modify files on this share. Anyone who has a valid Samba account set
377 up will be able to access this share.
378 </p>
379
380 </body>
381 </section>
382 <section>
383 <title>An exciting share</title>
384 <body>
385
386 <p>
387 OK, I know what you're thinking. This still isn't too exciting. How about
388 sharing a home directory? Here's how:
389 </p>
390
391 <pre caption="Sharing a home directory">
392 [drobbins]
393 comment=Home directory for drobbins
394 path = /home/drobbins
395 force user = drobbins
396 read only = no
397 valid users = drobbins administrator
398 </pre>
399
400 <p>
401 This one is a lot more interesting. Adding something like this to your
402 <path>smb.conf</path> will allow you to share a home directory. In this example,
403 a "drobbins" share is created. This shares the contents of
404 <path>/home/drobbins</path> over the network. Fortunately, however, thanks to
405 the <b>valid users</b> line, not just anyone can access this hare. This line
406 causes Samba to reject access by anyone other than the "drobbins" or
407 "administrator" account. Since I'm using Windows NT, I'm often logged in as
408 administrator. In such situations, it's nice to still be able to access the
409 "drobbins" share. Such a valid users line allows this to happen.
410 </p>
411
412 <p>
413 You'll also notice the use of the <b>read only</b> parameter. As you might
414 guess, <b>read only</b> is the opposite of the <b>writeable</b> parameter. We
415 could have just as easily replaced this line with <b>writeable=yes</b>. This
416 means that Samba will permit writing to this particular share, as long as you
417 have the proper permissions to do so. Since the Samba "drobbins" user maps
418 directly to the Unix "drobbins" user, and drobbins happens to be the owner of
419 the <path>/home/drobbins</path> directory and its contents, writing and
420 modifying files will be permitted.
421 </p>
422
423 <p>
424 Have you ever created a file in your home directory as root, and then tried to
425 modify it when you're logged in as a normal user only to be denied write access?
426 This seems to happen all the time to me. To fix the problem, I need to
427 <c>su</c>, <c>chown drobbins.drobbins filename</c> and then <c>exit</c> from
428 root. Finally, I'm allowed to modify the file.
429 </p>
430
431 <p>
432 I bring this up because a similar problem can occur when you share out home
433 directories and access them using different Samba users. Consider the following
434 situation. I access a share as administrator and created a file. Normally, this
435 file would be owned by administrator and it would not be modifiable by the
436 drobbins user. If drobbins tried to modify it, access would be denied.
437 Fortunately, Samba has the <b>force user</b> option that works around this
438 situation. The <b>force user</b> option will cause all actions performed on
439 files (on a particular Samba SMB/CIFS share) to be performed using a single Unix
440 account. In my "drobbins" share example, this means that any files that
441 administrator creates will actually be owned by drobbins, preventing any
442 ownership conflicts. Since the "drobbins" share contains the contents of my home
443 directory, I like to keep everything in it owned by the drobbins account.
444 </p>
445
446 <p>
447 Before we head on to the next topic, I should mention the <b>comment</b>
448 parameter. This allows you to complement your share with a descriptive comment
449 visible from Windows.
450 </p>
451
452 </body>
453 </section>
454 <section>
455 <title>Sharing lots of home directories</title>
456 <body>
457
458 <p>
459 So, we've covered how to share a single home directory. But what do you do if
460 you happen to administrate a server that contains hundreds of users, all of whom
461 want to be able to access their home directories from Windows? Fortunately,
462 Samba has a special share just for this purpose called "homes". Here's how it
463 works:
464 </p>
465
466 <pre caption="Sharing multiple homes">
467 [homes]
468 comment=Home directory for %S
469 path=/home/%u
470 valid users = %u administrator
471 force user=%u
472 writeable = yes
473 browseable = no
474 </pre>
475
476 <p>
477 As I mentioned, this is a "special" share. It doesn't work like ordinary shares.
478 Samba recognizes the special identifier <b>[homes]</b> and treats this share
479 differently.
480 </p>
481
482
483
484 --
485 gentoo-doc-cvs@g.o mailing list
Report Message
Find on MARC Find on Google Groups