1 |
rane 05/10/09 18:31:43 |
2 |
|
3 |
Modified: xml/htdocs/doc/en/articles samba-p1.xml |
4 |
Added: xml/htdocs/doc/en/articles samba-p2.xml samba-p3.xml |
5 |
Log: |
6 |
#106233, two new articles |
7 |
|
8 |
Revision Changes Path |
9 |
1.2 +1 -13 xml/htdocs/doc/en/articles/samba-p1.xml |
10 |
|
11 |
file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/samba-p1.xml?rev=1.2&content-type=text/x-cvsweb-markup&cvsroot=gentoo |
12 |
plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/samba-p1.xml?rev=1.2&content-type=text/plain&cvsroot=gentoo |
13 |
diff : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/samba-p1.xml.diff?r1=1.1&r2=1.2&cvsroot=gentoo |
14 |
|
15 |
Index: samba-p1.xml |
16 |
=================================================================== |
17 |
RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/samba-p1.xml,v |
18 |
retrieving revision 1.1 |
19 |
retrieving revision 1.2 |
20 |
diff -u -r1.1 -r1.2 |
21 |
--- samba-p1.xml 9 Oct 2005 11:26:57 -0000 1.1 |
22 |
+++ samba-p1.xml 9 Oct 2005 18:31:43 -0000 1.2 |
23 |
@@ -1,6 +1,6 @@ |
24 |
<?xml version="1.0" encoding="UTF-8"?> |
25 |
<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> |
26 |
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/samba-p1.xml,v 1.1 2005/10/09 11:26:57 rane Exp $ --> |
27 |
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/samba-p1.xml,v 1.2 2005/10/09 18:31:43 rane Exp $ --> |
28 |
|
29 |
<guide link="/doc/en/articles/samba-p1.xml" disclaimer="articles"> |
30 |
<title>Introduction to Samba, Part 1</title> |
31 |
@@ -399,10 +399,6 @@ |
32 |
|
33 |
<ul> |
34 |
<li>The main <uri link="http://fi.samba.org">Samba</uri> web site</li> |
35 |
- <li> |
36 |
- <uri link="http://www.kampsax.dtu.dk/~rask/Samba/mailinglist/">Amiga |
37 |
- Samba</uri> mailing list |
38 |
- </li> |
39 |
<li><uri link="http://linuxguy.net/samba.htm">Samba</uri> by Ed Weinberg</li> |
40 |
<li> |
41 |
<e><uri link="http://www.amazon.com/exec/obidos/ASIN/0672318628/">Samba |
42 |
@@ -413,20 +409,12 @@ |
43 |
(O'Reilly Publishing; 1999) |
44 |
</li> |
45 |
<li> |
46 |
- <uri link="http://www.mdb.ku.dk/tarvin/samba/">Samba Notes</uri> on Samba |
47 |
- and Redhat |
48 |
- </li> |
49 |
- <li> |
50 |
<uri link="http://jazz.external.hp.com/src/samba/">Samba/iX</uri>: Samba |
51 |
support on MPE/iX 6.0 |
52 |
</li> |
53 |
<li> |
54 |
The <uri link="http://fi.samba.org/docs/swat_ssl.html">SWAT</uri> main page |
55 |
</li> |
56 |
- <li> |
57 |
- <uri link="http://www.cs.wisc.edu/">GhostScript</uri> at the University of |
58 |
- Wisconsin. |
59 |
- </li> |
60 |
</ul> |
61 |
|
62 |
</body> |
63 |
|
64 |
|
65 |
|
66 |
1.1 xml/htdocs/doc/en/articles/samba-p2.xml |
67 |
|
68 |
file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/samba-p2.xml?rev=1.1&content-type=text/x-cvsweb-markup&cvsroot=gentoo |
69 |
plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/samba-p2.xml?rev=1.1&content-type=text/plain&cvsroot=gentoo |
70 |
|
71 |
Index: samba-p2.xml |
72 |
=================================================================== |
73 |
<?xml version="1.0" encoding="UTF-8"?> |
74 |
<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> |
75 |
<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/samba-p2.xml,v 1.1 2005/10/09 18:31:43 rane Exp $ --> |
76 |
|
77 |
<guide link="/doc/en/articles/samba-p2.xml" disclaimer="articles"> |
78 |
<title>Introduction to Samba, Part 2</title> |
79 |
|
80 |
<author title="Author"> |
81 |
<mail link="drobbins@g.o">Daniel Robbins</mail> |
82 |
</author> |
83 |
<!-- <author title="Editor"> |
84 |
<mail link="jackdark@×××××.com">Joshua Saddler</mail> |
85 |
</author> --> |
86 |
|
87 |
<abstract> |
88 |
In his previous article, Daniel introduced you to what Samba can do. Now it's |
89 |
time to get it running on your system. In this article, he'll walk you through |
90 |
the process of compiling, installing, and initially configuring Samba (version |
91 |
2.0.7) so that it works in your environment. |
92 |
</abstract> |
93 |
|
94 |
<!-- The original version of this article was first published on IBM |
95 |
developerWorks, and is property of Westtech Information Services. This document |
96 |
is an updated version of the original article, and contains various improvements |
97 |
made by the Gentoo Linux Documentation team --> |
98 |
|
99 |
<version>1.0</version> |
100 |
<date>2005-10-06</date> |
101 |
|
102 |
<chapter> |
103 |
<title>Compiling, installing, and configuring Samba for your environment</title> |
104 |
<section> |
105 |
<title>Downloading Samba</title> |
106 |
<body> |
107 |
|
108 |
<p> |
109 |
OK, it's time to download Samba 2.0.7 or greater from the Samba.org Web site |
110 |
(see <uri link="#resources">Resources</uri> later in this article). |
111 |
</p> |
112 |
|
113 |
<note> |
114 |
While I'll be compiling Samba from scratch, you may choose to install Samba from |
115 |
a binary package (such as RPM that came with your Linux distribution). This is |
116 |
perfectly OK. But, as I mentioned in my last article, if you do this, your file |
117 |
locations may be slightly different than what I refer to here. |
118 |
</note> |
119 |
|
120 |
<p> |
121 |
After you've downloaded Samba 2.0.7 or greater, it's time to decompress it to a |
122 |
directory location of your choice. From the command prompt, type: |
123 |
</p> |
124 |
|
125 |
<pre caption="Unpacking the source files"> |
126 |
$ <i>tar -xzvf samba-2.0.7.tar.gz</i> |
127 |
</pre> |
128 |
|
129 |
<p> |
130 |
A <path>samba-2.0.7</path> directory will be created. <c>cd</c> into it, and |
131 |
we'll take a look around. First, notice the docs directory. Inside it you'll |
132 |
see another directory called <path>textdocs</path>. <path>texdocs</path> |
133 |
contains a whole bunch of Samba documentation. One of the most important files |
134 |
in the <path>textdocs</path> directory is called DIAGNOSIS.txt. It walks you |
135 |
through a step-by-step process of diagnosing problems you may have with proper |
136 |
Samba operation. We'll be covering some, but not all, of the diagnosis |
137 |
procedures mentioned in this file. |
138 |
</p> |
139 |
|
140 |
</body> |
141 |
</section> |
142 |
<section> |
143 |
<title>Compiling and installing Samba</title> |
144 |
<body> |
145 |
|
146 |
<p> |
147 |
You'll also notice the <path>sources</path> directory in the main |
148 |
<path>samba-2.0.7</path> directory. Inside <path>sources</path> you'll find a |
149 |
well designed configure script designed to set up all the makefiles properly. As |
150 |
with any other configure script, to get a list of the configuration options, |
151 |
type: |
152 |
</p> |
153 |
|
154 |
<pre caption="Investigating options"> |
155 |
$ <i>./configure --help</i> |
156 |
</pre> |
157 |
|
158 |
<p> |
159 |
You will probably want to pipe the output to <c>more</c> so that you can view |
160 |
all the options: |
161 |
</p> |
162 |
|
163 |
<pre caption="Even more options"> |
164 |
$ <i>./configure --help | more</i> |
165 |
</pre> |
166 |
|
167 |
<p> |
168 |
Note the directory and file name options. Notice where everything gets |
169 |
installed, and that the default install path is <path>/usr/local/samba</path>. |
170 |
You will probably want to change this to <path>/usr/local</path> by passing the |
171 |
<c>--prefix=/usr/local</c> option when you configure Samba. For this example, |
172 |
I'm going to use the following path settings: |
173 |
</p> |
174 |
|
175 |
<pre caption="Configuring the directory options"> |
176 |
$ <i>./configure --prefix=/usr/local --localstatedir=/var/log --sysconfdir=/etc</i> |
177 |
</pre> |
178 |
|
179 |
<p> |
180 |
The above configuration options will cause Samba's default tree to be in |
181 |
<path>/usr/local</path>, with the exception of the configuration files. Samba |
182 |
will expect to find these in <path>/etc</path> and log files, which will end up |
183 |
in <path>/var/log</path>. If you omit those configure options, you'll find |
184 |
everything in the <path>/usr/local/samba</path> directory tree |
185 |
(<path>/usr/local/samba/var</path>, <path>/usr/local/samba/etc</path>, etc.). |
186 |
</p> |
187 |
|
188 |
<p> |
189 |
It's now time to start the compilation. After running <c>configure</c>, type: |
190 |
</p> |
191 |
|
192 |
<pre caption="Compiling Samba"> |
193 |
$ <i>make</i> |
194 |
</pre> |
195 |
|
196 |
<p> |
197 |
After compilation completes, type the following as root to install the |
198 |
software: |
199 |
</p> |
200 |
|
201 |
<pre caption="Installing Samba"> |
202 |
# <i>make install</i> |
203 |
</pre> |
204 |
|
205 |
</body> |
206 |
</section> |
207 |
<section> |
208 |
<title>Configuring the server</title> |
209 |
<body> |
210 |
|
211 |
<p> |
212 |
For the most part, configuring Samba begins and ends with the |
213 |
<path>smb.conf</path> file. This is Samba's main configuration file. It has |
214 |
many different configuration options. To avoid confusion, we're going to start |
215 |
only with those options essential to the proper operation of Samba. First, |
216 |
you'll need to find out where <path>smb.conf</path> should be. If you used the |
217 |
configuration options I specified above, you should place <path>smb.conf</path> |
218 |
in <path>/etc</path>. If you used the default paths, Samba will look for it in |
219 |
<path>/usr/local/samba/etc</path>. To get started, <c>cd</c> to the appropriate |
220 |
directory, fire up your favorite text editor, and type in the following lines. |
221 |
I'll intersperse commentary along the way to provide you with a good |
222 |
understanding of what each option does. Add these lines to your |
223 |
<path>smb.conf</path> file: |
224 |
</p> |
225 |
|
226 |
<pre caption="smb.conf"> |
227 |
[global] |
228 |
workgroup = YOURWORKGROUP |
229 |
security = user |
230 |
encrypt passwords = yes |
231 |
guest account = guest |
232 |
</pre> |
233 |
|
234 |
<p> |
235 |
The first line tells Samba that we are placing options in the "global" section. |
236 |
There are many options that are intended to be defined only in this section. |
237 |
These options control the global behavior of Samba. |
238 |
</p> |
239 |
|
240 |
<p> |
241 |
The second line tells Samba the name of the Windows workgroup that Samba will |
242 |
create. Replace YOURWORKGROUP with an appropriate name for your workgroup. |
243 |
</p> |
244 |
|
245 |
<p> |
246 |
On the third line, we tell Samba to run in user-level security mode. This |
247 |
option will cause Samba to tell all connecting Windows clients that they need to |
248 |
provide a valid username/password combination to gain access to any network |
249 |
resource. This is definitely a good thing. User-level security is Samba's most |
250 |
often used security level because it's an excellent match for the majority of |
251 |
file sharing situations. However, there are other security levels available. |
252 |
One handy mode tells Samba to authenticate all users against the security |
253 |
database of an existing Windows NT or 2000 Server. We won't be covering that |
254 |
particular mode in this article. If you want more information about it, take a |
255 |
look the "security" option in the <path>smb.conf</path> main page. |
256 |
</p> |
257 |
|
258 |
<p> |
259 |
Now, on to the fourth line. Here we tell Samba to exchange passwords with Samba |
260 |
in encrypted mode. You will always want to run Samba in encrypted mode, unless |
261 |
all your client machines are extremely ancient (like Windows for Workgroups-era |
262 |
machines). Enabling encrypted passwords does cause Samba to need its own |
263 |
password file, in addition to the standard Unix password database. If you are |
264 |
thinking that it may be nice to turn encrypted passwords off, so that you can |
265 |
avoid having to maintain two password files, don't do it! Turning encrypted |
266 |
passwords off will cause sharing problems with even moderately old versions of |
267 |
Windows NT 4.0 in addition to Windows 2000. If you really want to avoid |
268 |
maintaining two separate databases, Samba provides several ways to synchronize |
269 |
both databases, which is a better approach. |
270 |
</p> |
271 |
|
272 |
|
273 |
|
274 |
|
275 |
1.1 xml/htdocs/doc/en/articles/samba-p3.xml |
276 |
|
277 |
file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/samba-p3.xml?rev=1.1&content-type=text/x-cvsweb-markup&cvsroot=gentoo |
278 |
plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/samba-p3.xml?rev=1.1&content-type=text/plain&cvsroot=gentoo |
279 |
|
280 |
Index: samba-p3.xml |
281 |
=================================================================== |
282 |
<?xml version="1.0" encoding="UTF-8"?> |
283 |
<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> |
284 |
<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/samba-p3.xml,v 1.1 2005/10/09 18:31:43 rane Exp $ --> |
285 |
|
286 |
<guide link="/doc/en/articles/samba-p3.xml" disclaimer="articles"> |
287 |
<title>Introduction to Samba, Part 3</title> |
288 |
|
289 |
<author title="Author"> |
290 |
<mail link="drobbins@g.o">Daniel Robbins</mail> |
291 |
</author> |
292 |
<!-- <author title="Editor"> |
293 |
<mail link="jackdark@×××××.com">Joshua Saddler</mail> |
294 |
</author> --> |
295 |
|
296 |
<abstract> |
297 |
In his previous article, Daniel Robbins guided you through the process of |
298 |
setting up Samba for the first time. Now it's time to configure Samba so that it |
299 |
does everything that you want it to do. |
300 |
</abstract> |
301 |
|
302 |
<!-- The original version of this article was first published on IBM |
303 |
developerWorks, and is property of Westtech Information Services. This document |
304 |
is an updated version of the original article, and contains various improvements |
305 |
made by the Gentoo Linux Documentation team --> |
306 |
|
307 |
<version>1.0</version> |
308 |
<date>2005-10-08</date> |
309 |
|
310 |
<chapter> |
311 |
<title>Getting Samba to samba: The configuration stage</title> |
312 |
<section> |
313 |
<title>A brief review</title> |
314 |
<body> |
315 |
|
316 |
<p> |
317 |
Here's a listing of the <path>smb.conf</path> that we've been working with: |
318 |
</p> |
319 |
|
320 |
<pre caption="/etc/smb.conf"> |
321 |
[global] |
322 |
|
323 |
<comment># set YOURWORKGROUP to the name of your workgroup</comment> |
324 |
|
325 |
workgroup = YOURWORKGROUP |
326 |
security = user |
327 |
encrypt passwords = yes |
328 |
guest account = guest |
329 |
|
330 |
<comment># enable *one* of the following two lines</comment> |
331 |
<comment># enable the first line if you want to use an existing</comment> |
332 |
<comment># WINS server on your subnet, otherwise, enable the</comment> |
333 |
<comment># second.</comment> |
334 |
|
335 |
# wins server = IP address of WINS server |
336 |
# wins support = yes |
337 |
|
338 |
local master = yes |
339 |
os level = 99 |
340 |
domain master = yes |
341 |
preferred master = yes |
342 |
|
343 |
<comment># optional security options. Customize for your site.</comment> |
344 |
|
345 |
# hosts allow = 192.168.1. 127. |
346 |
# interfaces = eth1 |
347 |
|
348 |
[tmp] |
349 |
path=/tmp |
350 |
writeable=yes |
351 |
</pre> |
352 |
|
353 |
</body> |
354 |
</section> |
355 |
<section> |
356 |
<title>Adding some shares</title> |
357 |
<body> |
358 |
|
359 |
<p> |
360 |
While this <path>smb.conf</path> file is functional, all it does is share the |
361 |
<path>/tmp</path> directory with Windows by creating a share with the name of |
362 |
"tmp". Not too exciting. Let's create another share that could be more useful. |
363 |
Add the following lines to your <path>smb.conf</path> and restart Samba. |
364 |
</p> |
365 |
|
366 |
<pre caption="Adding an FTP share"> |
367 |
[ftp] |
368 |
path=/path/to/ftp/root |
369 |
writeable=no |
370 |
</pre> |
371 |
|
372 |
<p> |
373 |
If you have an ftp site or some kind of file archive on your Samba server, you |
374 |
can use something like this to share the data over the network. The |
375 |
<b>writeable=no</b> parameter tells Samba that no one should be allowed to |
376 |
create or modify files on this share. Anyone who has a valid Samba account set |
377 |
up will be able to access this share. |
378 |
</p> |
379 |
|
380 |
</body> |
381 |
</section> |
382 |
<section> |
383 |
<title>An exciting share</title> |
384 |
<body> |
385 |
|
386 |
<p> |
387 |
OK, I know what you're thinking. This still isn't too exciting. How about |
388 |
sharing a home directory? Here's how: |
389 |
</p> |
390 |
|
391 |
<pre caption="Sharing a home directory"> |
392 |
[drobbins] |
393 |
comment=Home directory for drobbins |
394 |
path = /home/drobbins |
395 |
force user = drobbins |
396 |
read only = no |
397 |
valid users = drobbins administrator |
398 |
</pre> |
399 |
|
400 |
<p> |
401 |
This one is a lot more interesting. Adding something like this to your |
402 |
<path>smb.conf</path> will allow you to share a home directory. In this example, |
403 |
a "drobbins" share is created. This shares the contents of |
404 |
<path>/home/drobbins</path> over the network. Fortunately, however, thanks to |
405 |
the <b>valid users</b> line, not just anyone can access this hare. This line |
406 |
causes Samba to reject access by anyone other than the "drobbins" or |
407 |
"administrator" account. Since I'm using Windows NT, I'm often logged in as |
408 |
administrator. In such situations, it's nice to still be able to access the |
409 |
"drobbins" share. Such a valid users line allows this to happen. |
410 |
</p> |
411 |
|
412 |
<p> |
413 |
You'll also notice the use of the <b>read only</b> parameter. As you might |
414 |
guess, <b>read only</b> is the opposite of the <b>writeable</b> parameter. We |
415 |
could have just as easily replaced this line with <b>writeable=yes</b>. This |
416 |
means that Samba will permit writing to this particular share, as long as you |
417 |
have the proper permissions to do so. Since the Samba "drobbins" user maps |
418 |
directly to the Unix "drobbins" user, and drobbins happens to be the owner of |
419 |
the <path>/home/drobbins</path> directory and its contents, writing and |
420 |
modifying files will be permitted. |
421 |
</p> |
422 |
|
423 |
<p> |
424 |
Have you ever created a file in your home directory as root, and then tried to |
425 |
modify it when you're logged in as a normal user only to be denied write access? |
426 |
This seems to happen all the time to me. To fix the problem, I need to |
427 |
<c>su</c>, <c>chown drobbins.drobbins filename</c> and then <c>exit</c> from |
428 |
root. Finally, I'm allowed to modify the file. |
429 |
</p> |
430 |
|
431 |
<p> |
432 |
I bring this up because a similar problem can occur when you share out home |
433 |
directories and access them using different Samba users. Consider the following |
434 |
situation. I access a share as administrator and created a file. Normally, this |
435 |
file would be owned by administrator and it would not be modifiable by the |
436 |
drobbins user. If drobbins tried to modify it, access would be denied. |
437 |
Fortunately, Samba has the <b>force user</b> option that works around this |
438 |
situation. The <b>force user</b> option will cause all actions performed on |
439 |
files (on a particular Samba SMB/CIFS share) to be performed using a single Unix |
440 |
account. In my "drobbins" share example, this means that any files that |
441 |
administrator creates will actually be owned by drobbins, preventing any |
442 |
ownership conflicts. Since the "drobbins" share contains the contents of my home |
443 |
directory, I like to keep everything in it owned by the drobbins account. |
444 |
</p> |
445 |
|
446 |
<p> |
447 |
Before we head on to the next topic, I should mention the <b>comment</b> |
448 |
parameter. This allows you to complement your share with a descriptive comment |
449 |
visible from Windows. |
450 |
</p> |
451 |
|
452 |
</body> |
453 |
</section> |
454 |
<section> |
455 |
<title>Sharing lots of home directories</title> |
456 |
<body> |
457 |
|
458 |
<p> |
459 |
So, we've covered how to share a single home directory. But what do you do if |
460 |
you happen to administrate a server that contains hundreds of users, all of whom |
461 |
want to be able to access their home directories from Windows? Fortunately, |
462 |
Samba has a special share just for this purpose called "homes". Here's how it |
463 |
works: |
464 |
</p> |
465 |
|
466 |
<pre caption="Sharing multiple homes"> |
467 |
[homes] |
468 |
comment=Home directory for %S |
469 |
path=/home/%u |
470 |
valid users = %u administrator |
471 |
force user=%u |
472 |
writeable = yes |
473 |
browseable = no |
474 |
</pre> |
475 |
|
476 |
<p> |
477 |
As I mentioned, this is a "special" share. It doesn't work like ordinary shares. |
478 |
Samba recognizes the special identifier <b>[homes]</b> and treats this share |
479 |
differently. |
480 |
</p> |
481 |
|
482 |
|
483 |
|
484 |
-- |
485 |
gentoo-doc-cvs@g.o mailing list |