mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
sync 3_0 branch with HEAD
This commit is contained in:
parent
6938b5b98a
commit
19ab776bf9
@ -1,6 +1,12 @@
|
|||||||
WHATS NEW IN Samba 3.0 alphaX
|
WHATS NEW IN Samba 3.0 alphaX
|
||||||
=============================
|
=============================
|
||||||
|
|
||||||
|
Changes in alpha18
|
||||||
|
- huge number of changes! really too many to list ... (and its 1am
|
||||||
|
here, and I'm too tired)
|
||||||
|
See the cvs tree at http://build.samba.org/
|
||||||
|
|
||||||
|
|
||||||
Changes in alpha17
|
Changes in alpha17
|
||||||
- OpenLinux packaging updates (jht)
|
- OpenLinux packaging updates (jht)
|
||||||
- Locking updates - fix zero timeout (tridge, jra)
|
- Locking updates - fix zero timeout (tridge, jra)
|
||||||
|
Binary file not shown.
@ -61,7 +61,9 @@ HOWTOSRC=projdoc/DOMAIN_MEMBER.sgml projdoc/NT_Security.sgml \
|
|||||||
projdoc/Samba-PDC-HOWTO.sgml projdoc/ENCRYPTION.sgml \
|
projdoc/Samba-PDC-HOWTO.sgml projdoc/ENCRYPTION.sgml \
|
||||||
projdoc/CVS-Access.sgml projdoc/Integrating-with-Windows.sgml \
|
projdoc/CVS-Access.sgml projdoc/Integrating-with-Windows.sgml \
|
||||||
projdoc/PAM-Authentication-And-Samba.sgml projdoc/Samba-LDAP-HOWTO.sgml \
|
projdoc/PAM-Authentication-And-Samba.sgml projdoc/Samba-LDAP-HOWTO.sgml \
|
||||||
projdoc/Samba-BDC-HOWTO.sgml
|
projdoc/Samba-BDC-HOWTO.sgml projdoc/Printing.sgml projdoc/Diagnosis.sgml \
|
||||||
|
projdoc/security_level.sgml projdoc/Browsing.sgml projdoc/Bugs.sgml \
|
||||||
|
projdoc/Speed.sgml
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -728,7 +728,7 @@
|
|||||||
<listitem><para><link linkend="SOCKETADDRESS"><parameter>socket address</parameter></link></para></listitem>
|
<listitem><para><link linkend="SOCKETADDRESS"><parameter>socket address</parameter></link></para></listitem>
|
||||||
<listitem><para><link linkend="SOCKETOPTIONS"><parameter>socket options</parameter></link></para></listitem>
|
<listitem><para><link linkend="SOCKETOPTIONS"><parameter>socket options</parameter></link></para></listitem>
|
||||||
<listitem><para><link linkend="SOURCEENVIRONMENT"><parameter>source environment</parameter></link></para></listitem>
|
<listitem><para><link linkend="SOURCEENVIRONMENT"><parameter>source environment</parameter></link></para></listitem>
|
||||||
|
<listitem><para><link linkend="SPNEGO"><parameter>use spnego</parameter></link></para></listitem>
|
||||||
<listitem><para><link linkend="STATCACHE"><parameter>stat cache</parameter></link></para></listitem>
|
<listitem><para><link linkend="STATCACHE"><parameter>stat cache</parameter></link></para></listitem>
|
||||||
<listitem><para><link linkend="STATCACHESIZE"><parameter>stat cache size</parameter></link></para></listitem>
|
<listitem><para><link linkend="STATCACHESIZE"><parameter>stat cache size</parameter></link></para></listitem>
|
||||||
<listitem><para><link linkend="STRIPDOT"><parameter>strip dot</parameter></link></para></listitem>
|
<listitem><para><link linkend="STRIPDOT"><parameter>strip dot</parameter></link></para></listitem>
|
||||||
@ -1102,7 +1102,13 @@
|
|||||||
%u</command></para>
|
%u</command></para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
<varlistentry><term><anchor id="ADDGROUPSCRIPT">add group script (G)</term>
|
||||||
|
<listitem><para>This is the full pathname to a script that will
|
||||||
|
be run <emphasis>AS ROOT</emphasis> by <ulink url="smbd.8.html">smbd(8) when a new group is requested. It will expand any <parameter>%g</parameter> to the group name passed. This script is only useful for installations using the Windows NT domain administration tools.
|
||||||
|
</ulink>
|
||||||
|
|
||||||
|
</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
@ -1910,6 +1916,7 @@
|
|||||||
<para>This script is called when a remote client removes a user
|
<para>This script is called when a remote client removes a user
|
||||||
from the server, normally using 'User Manager for Domains' or
|
from the server, normally using 'User Manager for Domains' or
|
||||||
<command>rpcclient</command>.
|
<command>rpcclient</command>.
|
||||||
|
</para>
|
||||||
|
|
||||||
<para>This script should delete the given UNIX username.
|
<para>This script should delete the given UNIX username.
|
||||||
</para>
|
</para>
|
||||||
@ -2762,6 +2769,10 @@
|
|||||||
<command>su -</command> command) and trying to print using the
|
<command>su -</command> command) and trying to print using the
|
||||||
system print command such as <command>lpr(1)</command> or <command>
|
system print command such as <command>lpr(1)</command> or <command>
|
||||||
lp(1)</command>.</para>
|
lp(1)</command>.</para>
|
||||||
|
|
||||||
|
<para>This paramater does not accept % marcos, becouse
|
||||||
|
many parts of the system require this value to be
|
||||||
|
constant for correct operation</para>
|
||||||
|
|
||||||
<para>Default: <emphasis>specified at compile time, usually
|
<para>Default: <emphasis>specified at compile time, usually
|
||||||
"nobody"</emphasis></para>
|
"nobody"</emphasis></para>
|
||||||
@ -3281,10 +3292,9 @@
|
|||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><anchor id="LDAPADMINDN">ldap admin dn (G)</term>
|
<term><anchor id="LDAPADMINDN">ldap admin dn (G)</term>
|
||||||
<para>
|
<listitem><para> The <parameter>ldap admin dn</parameter> defines the Distinguished
|
||||||
The <parameter>ldap admin dn</parameter> defines the Distinguished
|
Name (DN) name used by Samba to contact the ldap server when retreiving
|
||||||
Name (DN) name used by Samba to contact the <link linkend="LDAPSERVER">ldap
|
user account information. The <parameter>ldap
|
||||||
server</link> when retreiving user account information. The <parameter>ldap
|
|
||||||
admin dn</parameter> is used in conjunction with the admin dn password
|
admin dn</parameter> is used in conjunction with the admin dn password
|
||||||
stored in the <filename>private/secrets.tdb</filename> file. See the
|
stored in the <filename>private/secrets.tdb</filename> file. See the
|
||||||
<ulink url="smbpasswd.8.html"><command>smbpasswd(8)</command></ulink> man
|
<ulink url="smbpasswd.8.html"><command>smbpasswd(8)</command></ulink> man
|
||||||
@ -3301,8 +3311,7 @@
|
|||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><anchor id="LDAPFILTER">ldap filter (G)</term>
|
<term><anchor id="LDAPFILTER">ldap filter (G)</term>
|
||||||
<para>
|
<listitem><para>This parameter specifies the RFC 2254 compliant LDAP search filter.
|
||||||
This parameter specifies the RFC 2254 compliant LDAP search filter.
|
|
||||||
The default is to match the login name with the <constant>uid</constant>
|
The default is to match the login name with the <constant>uid</constant>
|
||||||
attribute for all entries matching the <constant>sambaAccount</constant>
|
attribute for all entries matching the <constant>sambaAccount</constant>
|
||||||
objectclass. Note that this filter should only return one entry.
|
objectclass. Note that this filter should only return one entry.
|
||||||
@ -3316,10 +3325,9 @@
|
|||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><anchor id="LDAPSSL">ldap ssl (G)</term>
|
<term><anchor id="LDAPSSL">ldap ssl (G)</term>
|
||||||
<para>
|
<listitem><para>This option is used to define whether or not Samba should
|
||||||
This option is used to define whether or not Samba should
|
use SSL when connecting to the ldap server
|
||||||
use SSL when connecting to the <link linkend="LDAPSERVER"><parameter>ldap
|
This is <emphasis>NOT</emphasis> related to
|
||||||
server</parameter></link>. This is <emphasis>NOT</emphasis> related to
|
|
||||||
Samba's previous SSL support which was enabled by specifying the
|
Samba's previous SSL support which was enabled by specifying the
|
||||||
<command>--with-ssl</command> option to the <filename>configure</filename>
|
<command>--with-ssl</command> option to the <filename>configure</filename>
|
||||||
script.
|
script.
|
||||||
@ -3365,7 +3373,7 @@
|
|||||||
|
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><anchor id="LDAPSUFFIX">ldap machine suffix (G)</term>
|
<term><anchor id="LDAPMACHINESUFFIX">ldap machine suffix (G)</term>
|
||||||
<listitem><para>It specifies where machines should be
|
<listitem><para>It specifies where machines should be
|
||||||
added to the ldap tree.
|
added to the ldap tree.
|
||||||
</para>
|
</para>
|
||||||
@ -3606,15 +3614,18 @@
|
|||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><anchor id="LOGLEVEL">log level (G)</term>
|
<term><anchor id="LOGLEVEL">log level (G)</term>
|
||||||
<listitem><para>The value of the parameter (an integer) allows
|
<listitem><para>The value of the parameter (a astring) allows
|
||||||
the debug level (logging level) to be specified in the
|
the debug level (logging level) to be specified in the
|
||||||
<filename>smb.conf</filename> file. This is to give greater
|
<filename>smb.conf</filename> file. This parameter has been
|
||||||
|
extended since 2.2.x series, now it allow to specify the debug
|
||||||
|
level for multiple debug classes. This is to give greater
|
||||||
flexibility in the configuration of the system.</para>
|
flexibility in the configuration of the system.</para>
|
||||||
|
|
||||||
<para>The default will be the log level specified on
|
<para>The default will be the log level specified on
|
||||||
the command line or level zero if none was specified.</para>
|
the command line or level zero if none was specified.</para>
|
||||||
|
|
||||||
<para>Example: <command>log level = 3</command></para></listitem>
|
<para>Example: <command>log level = 3 passdb:5 auth:10 winbind:2
|
||||||
|
</command></para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
|
||||||
@ -6959,7 +6970,12 @@
|
|||||||
/usr/local/smb_env_vars</command></para>
|
/usr/local/smb_env_vars</command></para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><anchor id="SPNEGO">use spnego (G)</term>
|
||||||
|
<listitem><para> This variable controls controls whether samba will try to use Simple and Protected NEGOciation (as specified by rfc2478) with WindowsXP and Windows2000sp2 clients to agree upon an authentication mechanism. As of samba 3.0alpha it must be set to "no" for these clients to join a samba domain controller. It can be set to "yes" to allow samba to participate in an AD domain controlled by a Windows2000 domain controller.</para>
|
||||||
|
<para>Default: <emphasis>use spnego = yes</emphasis></para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><anchor id="STATCACHE">stat cache (G)</term>
|
<term><anchor id="STATCACHE">stat cache (G)</term>
|
||||||
@ -7570,6 +7586,12 @@
|
|||||||
connection is made to a Samba server. Sites may use this to record the
|
connection is made to a Samba server. Sites may use this to record the
|
||||||
user connecting to a Samba share.</para>
|
user connecting to a Samba share.</para>
|
||||||
|
|
||||||
|
<para>Due to the requirements of the utmp record, we
|
||||||
|
are required to create a unique identifier for the
|
||||||
|
incoming user. Enabling this option creates an n^2
|
||||||
|
algorithm to find this number. This may impede
|
||||||
|
performance on large installations. </para>
|
||||||
|
|
||||||
<para>See also the <link linkend="UTMPDIRECTORY"><parameter>
|
<para>See also the <link linkend="UTMPDIRECTORY"><parameter>
|
||||||
utmp directory</parameter></link> parameter.</para>
|
utmp directory</parameter></link> parameter.</para>
|
||||||
|
|
||||||
|
@ -76,7 +76,7 @@
|
|||||||
<constant>force-election</constant>, <constant>ping
|
<constant>force-election</constant>, <constant>ping
|
||||||
</constant>, <constant>profile</constant>, <constant>
|
</constant>, <constant>profile</constant>, <constant>
|
||||||
debuglevel</constant>, <constant>profilelevel</constant>,
|
debuglevel</constant>, <constant>profilelevel</constant>,
|
||||||
or <constant>printer-notify</constant>.</para>
|
or <constant>printnotify</constant>.</para>
|
||||||
|
|
||||||
<para>The <constant>close-share</constant> message-type sends a
|
<para>The <constant>close-share</constant> message-type sends a
|
||||||
message to smbd which will then close the client connections to
|
message to smbd which will then close the client connections to
|
||||||
@ -119,11 +119,55 @@
|
|||||||
setting is returned by a "profilelevel" message. This can be sent
|
setting is returned by a "profilelevel" message. This can be sent
|
||||||
to any smbd or nmbd destinations.</para>
|
to any smbd or nmbd destinations.</para>
|
||||||
|
|
||||||
<para>The <constant>printer-notify</constant> message-type sends a
|
<para>The <constant>printnotify</constant> message-type sends a
|
||||||
message to smbd which in turn sends a printer notify message to
|
message to smbd which in turn sends a printer notify message to
|
||||||
any Windows NT clients connected to a printer. This message-type
|
any Windows NT clients connected to a printer. This message-type
|
||||||
takes an argument of the printer name to send notify messages to.
|
takes the following arguments:
|
||||||
This message can only be sent to <constant>smbd</constant>.</para>
|
|
||||||
|
<variablelist>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>queuepause printername</term>
|
||||||
|
<listitem><para>Send a queue pause change notify
|
||||||
|
message to the printer specified.</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>queueresume printername</term>
|
||||||
|
<listitem><para>Send a queue resume change notify
|
||||||
|
message for the printer specified.</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>jobpause printername unixjobid</term>
|
||||||
|
<listitem><para>Send a job pause change notify
|
||||||
|
message for the printer and unix jobid
|
||||||
|
specified.</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>jobresume printername unixjobid</term>
|
||||||
|
<listitem><para>Send a job resume change notify
|
||||||
|
message for the printer and unix jobid
|
||||||
|
specified.</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
<varlistentry>
|
||||||
|
<term>jobdelete printername unixjobid</term>
|
||||||
|
<listitem><para>Send a job delete change notify
|
||||||
|
message for the printer and unix jobid
|
||||||
|
specified.</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
</variablelist>
|
||||||
|
|
||||||
|
Note that this message only sends notification that an
|
||||||
|
event has occured. It doesn't actually cause the
|
||||||
|
event to happen.
|
||||||
|
|
||||||
|
This message can only be sent to <constant>smbd</constant>.
|
||||||
|
</para>
|
||||||
|
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
@ -326,7 +326,7 @@ use with an LDAP directory could appear as
|
|||||||
ldap suffix = "ou=people,dc=samba,dc=org"
|
ldap suffix = "ou=people,dc=samba,dc=org"
|
||||||
|
|
||||||
# generally the default ldap search filter is ok
|
# generally the default ldap search filter is ok
|
||||||
# ldap filter = "(&(uid=%u)(objectclass=sambaAccount))"
|
# ldap filter = "(&(uid=%u)(objectclass=sambaAccount))"
|
||||||
</programlisting></para>
|
</programlisting></para>
|
||||||
|
|
||||||
|
|
||||||
|
@ -1652,7 +1652,7 @@ I think this is all bogus, but have not deleted it. (Richard Sharpe)
|
|||||||
</warning>
|
</warning>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
The default logon path is \\%N\U%. NT Workstation will attempt to create
|
The default logon path is \\%N\%U. NT Workstation will attempt to create
|
||||||
a directory "\\samba-server\username.PDS" if you specify the logon path
|
a directory "\\samba-server\username.PDS" if you specify the logon path
|
||||||
as "\\samba-server\username" with the NT User Manager. Therefore, you
|
as "\\samba-server\username" with the NT User Manager. Therefore, you
|
||||||
will need to specify (for example) "\\samba-server\username\profile".
|
will need to specify (for example) "\\samba-server\username\profile".
|
||||||
|
@ -13,6 +13,12 @@
|
|||||||
<!ENTITY IntegratingWithWindows SYSTEM "Integrating-with-Windows.sgml">
|
<!ENTITY IntegratingWithWindows SYSTEM "Integrating-with-Windows.sgml">
|
||||||
<!ENTITY Samba-PAM SYSTEM "PAM-Authentication-And-Samba.sgml">
|
<!ENTITY Samba-PAM SYSTEM "PAM-Authentication-And-Samba.sgml">
|
||||||
<!ENTITY Samba-LDAP SYSTEM "Samba-LDAP-HOWTO.sgml">
|
<!ENTITY Samba-LDAP SYSTEM "Samba-LDAP-HOWTO.sgml">
|
||||||
|
<!ENTITY Diagnosis SYSTEM "Diagnosis.sgml">
|
||||||
|
<!ENTITY PRINTING SYSTEM "Printing.sgml">
|
||||||
|
<!ENTITY BUGS SYSTEM "Bugs.sgml">
|
||||||
|
<!ENTITY SECURITY-LEVEL SYSTEM "security_level.sgml">
|
||||||
|
<!ENTITY SPEED SYSTEM "Speed.sgml">
|
||||||
|
<!ENTITY BROWSING SYSTEM "Browsing.sgml">
|
||||||
<!ENTITY INDEX-FILE SYSTEM "index.sgml">
|
<!ENTITY INDEX-FILE SYSTEM "index.sgml">
|
||||||
]>
|
]>
|
||||||
|
|
||||||
@ -31,7 +37,7 @@
|
|||||||
<title>Abstract</title>
|
<title>Abstract</title>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
<emphasis>Last Update</emphasis> : Mon Apr 1 08:47:26 CST 2002
|
<emphasis>Last Update</emphasis> : Thu Aug 15 12:48:45 CDT 2002
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
@ -58,18 +64,24 @@ Cheers, jerry
|
|||||||
|
|
||||||
<!-- Chapters -->
|
<!-- Chapters -->
|
||||||
&UNIX-INSTALL;
|
&UNIX-INSTALL;
|
||||||
|
&Diagnosis;
|
||||||
&IntegratingWithWindows;
|
&IntegratingWithWindows;
|
||||||
&Samba-PAM;
|
&Samba-PAM;
|
||||||
&MS-Dfs-Setup;
|
&MS-Dfs-Setup;
|
||||||
&NT-Security;
|
&NT-Security;
|
||||||
&PRINTER-DRIVER2;
|
&PRINTER-DRIVER2;
|
||||||
|
&PRINTING;
|
||||||
|
&SECURITY-LEVEL;
|
||||||
&DOMAIN-MEMBER;
|
&DOMAIN-MEMBER;
|
||||||
|
&WINBIND;
|
||||||
&Samba-PDC-HOWTO;
|
&Samba-PDC-HOWTO;
|
||||||
&Samba-BDC-HOWTO;
|
&Samba-BDC-HOWTO;
|
||||||
&Samba-LDAP;
|
&Samba-LDAP;
|
||||||
&WINBIND;
|
&BROWSING;
|
||||||
|
&SPEED;
|
||||||
&OS2-Client;
|
&OS2-Client;
|
||||||
&CVS-Access;
|
&CVS-Access;
|
||||||
|
&BUGS;
|
||||||
|
|
||||||
<!-- Autogenerated Index -->
|
<!-- Autogenerated Index -->
|
||||||
&INDEX-FILE;
|
&INDEX-FILE;
|
||||||
|
@ -23,9 +23,19 @@
|
|||||||
<address><email>jtrostel@snapserver.com</email></address>
|
<address><email>jtrostel@snapserver.com</email></address>
|
||||||
</affiliation>
|
</affiliation>
|
||||||
</author>
|
</author>
|
||||||
|
<author>
|
||||||
|
<firstname>Naag</firstname><surname>Mummaneni</surname>
|
||||||
<pubdate>16 Oct 2000</pubdate>
|
<affiliation>
|
||||||
|
<address><email>getnag@rediffmail.com</email></address>
|
||||||
|
</affiliation>
|
||||||
|
</author>
|
||||||
|
<author>
|
||||||
|
<firstname>Jelmer</firstname><surname>Vernooij</surname>
|
||||||
|
<affiliation>
|
||||||
|
<address><email>jelmer@nl.linux.org</email></address>
|
||||||
|
</affiliation>
|
||||||
|
</author>
|
||||||
|
<pubdate>27 June 2002</pubdate>
|
||||||
</chapterinfo>
|
</chapterinfo>
|
||||||
|
|
||||||
<title>Unified Logons between Windows NT and UNIX using Winbind</title>
|
<title>Unified Logons between Windows NT and UNIX using Winbind</title>
|
||||||
@ -489,6 +499,13 @@ I also found it necessary to make the following symbolic link:
|
|||||||
<prompt>root#</prompt> <command>ln -s /lib/libnss_winbind.so /lib/libnss_winbind.so.2</command>
|
<prompt>root#</prompt> <command>ln -s /lib/libnss_winbind.so /lib/libnss_winbind.so.2</command>
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
|
<para>And, in the case of Sun solaris:</para>
|
||||||
|
<para>
|
||||||
|
<prompt>root#</prompt> <command>ln -s /usr/lib/libnss_winbind.so /usr/lib/libnss_winbind.so.1</command>
|
||||||
|
<prompt>root#</prompt> <command>ln -s /usr/lib/libnss_winbind.so /usr/lib/nss_winbind.so.1</command>
|
||||||
|
<prompt>root#</prompt> <command>ln -s /usr/lib/libnss_winbind.so /usr/lib/nss_winbind.so.2</command>
|
||||||
|
</para>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
Now, as root you need to edit <filename>/etc/nsswitch.conf</filename> to
|
Now, as root you need to edit <filename>/etc/nsswitch.conf</filename> to
|
||||||
allow user and group entries to be visible from the <command>winbindd</command>
|
allow user and group entries to be visible from the <command>winbindd</command>
|
||||||
@ -682,14 +699,18 @@ The same thing can be done for groups with the command
|
|||||||
|
|
||||||
|
|
||||||
<sect3>
|
<sect3>
|
||||||
<title>Fix the <filename>/etc/rc.d/init.d/smb</filename> startup files</title>
|
<title>Fix the init.d startup scripts</title>
|
||||||
|
|
||||||
|
<sect4>
|
||||||
|
<title>Linux</title>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
The <command>winbindd</command> daemon needs to start up after the
|
The <command>winbindd</command> daemon needs to start up after the
|
||||||
<command>smbd</command> and <command>nmbd</command> daemons are running.
|
<command>smbd</command> and <command>nmbd</command> daemons are running.
|
||||||
To accomplish this task, you need to modify the <filename>/etc/init.d/smb</filename>
|
To accomplish this task, you need to modify the startup scripts of your system. They are located at <filename>/etc/init.d/smb</filename> in RedHat and
|
||||||
|
<filename>/etc/init.d/samba</filename> in Debian.
|
||||||
script to add commands to invoke this daemon in the proper sequence. My
|
script to add commands to invoke this daemon in the proper sequence. My
|
||||||
<filename>/etc/init.d/smb</filename> file starts up <command>smbd</command>,
|
startup script starts up <command>smbd</command>,
|
||||||
<command>nmbd</command>, and <command>winbindd</command> from the
|
<command>nmbd</command>, and <command>winbindd</command> from the
|
||||||
<filename>/usr/local/samba/bin</filename> directory directly. The 'start'
|
<filename>/usr/local/samba/bin</filename> directory directly. The 'start'
|
||||||
function in the script looks like this:
|
function in the script looks like this:
|
||||||
@ -744,18 +765,79 @@ stop() {
|
|||||||
return $RETVAL
|
return $RETVAL
|
||||||
}
|
}
|
||||||
</programlisting></para>
|
</programlisting></para>
|
||||||
|
</sect4>
|
||||||
|
|
||||||
|
<sect4>
|
||||||
|
<title>Solaris</title>
|
||||||
|
|
||||||
|
<para>On solaris, you need to modify the
|
||||||
|
<filename>/etc/init.d/samba.server</filename> startup script. It usually
|
||||||
|
only starts smbd and nmbd but should now start winbindd too. If you
|
||||||
|
have samba installed in <filename>/usr/local/samba/bin</filename>,
|
||||||
|
the file could contains something like this:
|
||||||
|
</para>
|
||||||
|
|
||||||
|
<para><programlisting>
|
||||||
|
##
|
||||||
|
## samba.server
|
||||||
|
##
|
||||||
|
|
||||||
|
if [ ! -d /usr/bin ]
|
||||||
|
then # /usr not mounted
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
|
||||||
|
killproc() { # kill the named process(es)
|
||||||
|
pid=`/usr/bin/ps -e |
|
||||||
|
/usr/bin/grep -w $1 |
|
||||||
|
/usr/bin/sed -e 's/^ *//' -e 's/ .*//'`
|
||||||
|
[ "$pid" != "" ] && kill $pid
|
||||||
|
}
|
||||||
|
|
||||||
|
# Start/stop processes required for samba server
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
|
||||||
|
'start')
|
||||||
|
#
|
||||||
|
# Edit these lines to suit your installation (paths, workgroup, host)
|
||||||
|
#
|
||||||
|
echo Starting SMBD
|
||||||
|
/usr/local/samba/bin/smbd -D -s \
|
||||||
|
/usr/local/samba/smb.conf
|
||||||
|
|
||||||
|
echo Starting NMBD
|
||||||
|
/usr/local/samba/bin/nmbd -D -l \
|
||||||
|
/usr/local/samba/var/log -s /usr/local/samba/smb.conf
|
||||||
|
|
||||||
|
echo Starting Winbind Daemon
|
||||||
|
/usr/local/samba/bin/winbindd
|
||||||
|
;;
|
||||||
|
|
||||||
|
'stop')
|
||||||
|
killproc nmbd
|
||||||
|
killproc smbd
|
||||||
|
killproc winbindd
|
||||||
|
;;
|
||||||
|
|
||||||
|
*)
|
||||||
|
echo "Usage: /etc/init.d/samba.server { start | stop }"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
</programlisting></para>
|
||||||
|
</sect4>
|
||||||
|
|
||||||
|
<sect4>
|
||||||
|
<title>Restarting</title>
|
||||||
<para>
|
<para>
|
||||||
If you restart the <command>smbd</command>, <command>nmbd</command>,
|
If you restart the <command>smbd</command>, <command>nmbd</command>,
|
||||||
and <command>winbindd</command> daemons at this point, you
|
and <command>winbindd</command> daemons at this point, you
|
||||||
should be able to connect to the samba server as a domain member just as
|
should be able to connect to the samba server as a domain member just as
|
||||||
if you were a local user.
|
if you were a local user.
|
||||||
</para>
|
</para>
|
||||||
|
</sect4>
|
||||||
</sect3>
|
</sect3>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<sect3>
|
<sect3>
|
||||||
<title>Configure Winbind and PAM</title>
|
<title>Configure Winbind and PAM</title>
|
||||||
|
|
||||||
@ -781,13 +863,17 @@ by invoking the command
|
|||||||
from the <filename>../source</filename> directory. The
|
from the <filename>../source</filename> directory. The
|
||||||
<filename>pam_winbind.so</filename> file should be copied to the location of
|
<filename>pam_winbind.so</filename> file should be copied to the location of
|
||||||
your other pam security modules. On my RedHat system, this was the
|
your other pam security modules. On my RedHat system, this was the
|
||||||
<filename>/lib/security</filename> directory.
|
<filename>/lib/security</filename> directory. On Solaris, the pam security
|
||||||
|
modules reside in <filename>/usr/lib/security</filename>.
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
<prompt>root#</prompt> <command>cp ../samba/source/nsswitch/pam_winbind.so /lib/security</command>
|
<prompt>root#</prompt> <command>cp ../samba/source/nsswitch/pam_winbind.so /lib/security</command>
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
|
<sect4>
|
||||||
|
<title>Linux/FreeBSD-specific PAM configuration</title>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
The <filename>/etc/pam.d/samba</filename> file does not need to be changed. I
|
The <filename>/etc/pam.d/samba</filename> file does not need to be changed. I
|
||||||
just left this fileas it was:
|
just left this fileas it was:
|
||||||
@ -875,6 +961,92 @@ line after the <command>winbind.so</command> line to get rid of annoying
|
|||||||
double prompts for passwords.
|
double prompts for passwords.
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
|
</sect4>
|
||||||
|
|
||||||
|
<sect4>
|
||||||
|
<title>Solaris-specific configuration</title>
|
||||||
|
|
||||||
|
<para>
|
||||||
|
The /etc/pam.conf needs to be changed. I changed this file so that my Domain
|
||||||
|
users can logon both locally as well as telnet.The following are the changes
|
||||||
|
that I made.You can customize the pam.conf file as per your requirements,but
|
||||||
|
be sure of those changes because in the worst case it will leave your system
|
||||||
|
nearly impossible to boot.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
<para><programlisting>
|
||||||
|
#
|
||||||
|
#ident "@(#)pam.conf 1.14 99/09/16 SMI"
|
||||||
|
#
|
||||||
|
# Copyright (c) 1996-1999, Sun Microsystems, Inc.
|
||||||
|
# All Rights Reserved.
|
||||||
|
#
|
||||||
|
# PAM configuration
|
||||||
|
#
|
||||||
|
# Authentication management
|
||||||
|
#
|
||||||
|
login auth required /usr/lib/security/pam_winbind.so
|
||||||
|
login auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass
|
||||||
|
login auth required /usr/lib/security/$ISA/pam_dial_auth.so.1 try_first_pass
|
||||||
|
#
|
||||||
|
rlogin auth sufficient /usr/lib/security/pam_winbind.so
|
||||||
|
rlogin auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1
|
||||||
|
rlogin auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass
|
||||||
|
#
|
||||||
|
dtlogin auth sufficient /usr/lib/security/pam_winbind.so
|
||||||
|
dtlogin auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass
|
||||||
|
#
|
||||||
|
rsh auth required /usr/lib/security/$ISA/pam_rhosts_auth.so.1
|
||||||
|
other auth sufficient /usr/lib/security/pam_winbind.so
|
||||||
|
other auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass
|
||||||
|
#
|
||||||
|
# Account management
|
||||||
|
#
|
||||||
|
login account sufficient /usr/lib/security/pam_winbind.so
|
||||||
|
login account requisite /usr/lib/security/$ISA/pam_roles.so.1
|
||||||
|
login account required /usr/lib/security/$ISA/pam_unix.so.1
|
||||||
|
#
|
||||||
|
dtlogin account sufficient /usr/lib/security/pam_winbind.so
|
||||||
|
dtlogin account requisite /usr/lib/security/$ISA/pam_roles.so.1
|
||||||
|
dtlogin account required /usr/lib/security/$ISA/pam_unix.so.1
|
||||||
|
#
|
||||||
|
other account sufficient /usr/lib/security/pam_winbind.so
|
||||||
|
other account requisite /usr/lib/security/$ISA/pam_roles.so.1
|
||||||
|
other account required /usr/lib/security/$ISA/pam_unix.so.1
|
||||||
|
#
|
||||||
|
# Session management
|
||||||
|
#
|
||||||
|
other session required /usr/lib/security/$ISA/pam_unix.so.1
|
||||||
|
#
|
||||||
|
# Password management
|
||||||
|
#
|
||||||
|
#other password sufficient /usr/lib/security/pam_winbind.so
|
||||||
|
other password required /usr/lib/security/$ISA/pam_unix.so.1
|
||||||
|
dtsession auth required /usr/lib/security/$ISA/pam_unix.so.1
|
||||||
|
#
|
||||||
|
# Support for Kerberos V5 authentication (uncomment to use Kerberos)
|
||||||
|
#
|
||||||
|
#rlogin auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
|
||||||
|
#login auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
|
||||||
|
#dtlogin auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
|
||||||
|
#other auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
|
||||||
|
#dtlogin account optional /usr/lib/security/$ISA/pam_krb5.so.1
|
||||||
|
#other account optional /usr/lib/security/$ISA/pam_krb5.so.1
|
||||||
|
#other session optional /usr/lib/security/$ISA/pam_krb5.so.1
|
||||||
|
#other password optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
|
||||||
|
</programlisting></para>
|
||||||
|
|
||||||
|
<para>
|
||||||
|
I also added a try_first_pass line after the winbind.so line to get rid of
|
||||||
|
annoying double prompts for passwords.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
<para>
|
||||||
|
Now restart your Samba & try connecting through your application that you
|
||||||
|
configured in the pam.conf.
|
||||||
|
</para>
|
||||||
|
|
||||||
|
</sect4>
|
||||||
|
|
||||||
</sect3>
|
</sect3>
|
||||||
|
|
||||||
|
@ -191,7 +191,7 @@ CLASS="FILENAME"
|
|||||||
> is one such file.</P
|
> is one such file.</P
|
||||||
><P
|
><P
|
||||||
>When the IP address of the destination interface has been
|
>When the IP address of the destination interface has been
|
||||||
determined a protocol called ARP/RARP isused to identify
|
determined a protocol called ARP/RARP is used to identify
|
||||||
the MAC address of the target interface. ARP stands for Address
|
the MAC address of the target interface. ARP stands for Address
|
||||||
Resolution Protocol, and is a broadcast oriented method that
|
Resolution Protocol, and is a broadcast oriented method that
|
||||||
uses UDP (User Datagram Protocol) to send a request to all
|
uses UDP (User Datagram Protocol) to send a request to all
|
||||||
@ -414,7 +414,7 @@ architecture of the MS Windows network. The term "workgroup" indicates
|
|||||||
that the primary nature of the network environment is that of a
|
that the primary nature of the network environment is that of a
|
||||||
peer-to-peer design. In a WORKGROUP all machines are responsible for
|
peer-to-peer design. In a WORKGROUP all machines are responsible for
|
||||||
their own security, and generally such security is limited to use of
|
their own security, and generally such security is limited to use of
|
||||||
just a password (known as SHARE MORE security). In most situations
|
just a password (known as SHARE MODE security). In most situations
|
||||||
with peer-to-peer networking the users who control their own machines
|
with peer-to-peer networking the users who control their own machines
|
||||||
will simply opt to have no security at all. It is possible to have
|
will simply opt to have no security at all. It is possible to have
|
||||||
USER MODE security in a WORKGROUP environment, thus requiring use
|
USER MODE security in a WORKGROUP environment, thus requiring use
|
||||||
@ -444,8 +444,8 @@ NAME="AEN100"
|
|||||||
></H2
|
></H2
|
||||||
><P
|
><P
|
||||||
>All MS Windows machines employ an in memory buffer in which is
|
>All MS Windows machines employ an in memory buffer in which is
|
||||||
stored the NetBIOS names and their IP addresses for all external
|
stored the NetBIOS names and IP addresses for all external
|
||||||
machines that that the local machine has communicated with over the
|
machines that that machine has communicated with over the
|
||||||
past 10-15 minutes. It is more efficient to obtain an IP address
|
past 10-15 minutes. It is more efficient to obtain an IP address
|
||||||
for a machine from the local cache than it is to go through all the
|
for a machine from the local cache than it is to go through all the
|
||||||
configured name resolution mechanisms.</P
|
configured name resolution mechanisms.</P
|
||||||
@ -453,7 +453,7 @@ configured name resolution mechanisms.</P
|
|||||||
>If a machine whose name is in the local name cache has been shut
|
>If a machine whose name is in the local name cache has been shut
|
||||||
down before the name had been expired and flushed from the cache, then
|
down before the name had been expired and flushed from the cache, then
|
||||||
an attempt to exchange a message with that machine will be subject
|
an attempt to exchange a message with that machine will be subject
|
||||||
to time-out delays. ie: It's name is in the cache, so a name resolution
|
to time-out delays. i.e.: Its name is in the cache, so a name resolution
|
||||||
lookup will succeed, but the machine can not respond. This can be
|
lookup will succeed, but the machine can not respond. This can be
|
||||||
frustrating for users - but it is a characteristic of the protocol.</P
|
frustrating for users - but it is a characteristic of the protocol.</P
|
||||||
><P
|
><P
|
||||||
@ -660,7 +660,7 @@ dependable browsing using Samba</A
|
|||||||
></H1
|
></H1
|
||||||
><P
|
><P
|
||||||
>As stated above, MS Windows machines register their NetBIOS names
|
>As stated above, MS Windows machines register their NetBIOS names
|
||||||
(ie: the machine name for each service type in operation) on start
|
(i.e.: the machine name for each service type in operation) on start
|
||||||
up. Also, as stated above, the exact method by which this name registration
|
up. Also, as stated above, the exact method by which this name registration
|
||||||
takes place is determined by whether or not the MS Windows client/server
|
takes place is determined by whether or not the MS Windows client/server
|
||||||
has been given a WINS server address, whether or not LMHOSTS lookup
|
has been given a WINS server address, whether or not LMHOSTS lookup
|
||||||
@ -685,7 +685,7 @@ Instead, the domain master browser serves the role of contacting each local
|
|||||||
master browser (found by asking WINS or from LMHOSTS) and exchanging browse
|
master browser (found by asking WINS or from LMHOSTS) and exchanging browse
|
||||||
list contents. This way every master browser will eventually obtain a complete
|
list contents. This way every master browser will eventually obtain a complete
|
||||||
list of all machines that are on the network. Every 11-15 minutes an election
|
list of all machines that are on the network. Every 11-15 minutes an election
|
||||||
is held to determine which machine will be the master browser. By nature of
|
is held to determine which machine will be the master browser. By the nature of
|
||||||
the election criteria used, the machine with the highest uptime, or the
|
the election criteria used, the machine with the highest uptime, or the
|
||||||
most senior protocol version, or other criteria, will win the election
|
most senior protocol version, or other criteria, will win the election
|
||||||
as domain master browser.</P
|
as domain master browser.</P
|
||||||
@ -770,8 +770,8 @@ these versions no longer support plain text passwords by default.</P
|
|||||||
><P
|
><P
|
||||||
>MS Windows clients have a habit of dropping network mappings that
|
>MS Windows clients have a habit of dropping network mappings that
|
||||||
have been idle for 10 minutes or longer. When the user attempts to
|
have been idle for 10 minutes or longer. When the user attempts to
|
||||||
use the mapped drive connection that has been dropped the SMB protocol
|
use the mapped drive connection that has been dropped, the client
|
||||||
has a mechanism by which the connection can be re-established using
|
re-establishes the connection using
|
||||||
a cached copy of the password.</P
|
a cached copy of the password.</P
|
||||||
><P
|
><P
|
||||||
>When Microsoft changed the default password mode, they dropped support for
|
>When Microsoft changed the default password mode, they dropped support for
|
||||||
@ -959,7 +959,7 @@ NAME="AEN196"
|
|||||||
></H2
|
></H2
|
||||||
><P
|
><P
|
||||||
>This mode of authentication demands that there be on the
|
>This mode of authentication demands that there be on the
|
||||||
Unix/Linux system both a Unix style account as well as and
|
Unix/Linux system both a Unix style account as well as an
|
||||||
smbpasswd entry for the user. The Unix system account can be
|
smbpasswd entry for the user. The Unix system account can be
|
||||||
locked if required as only the encrypted password will be
|
locked if required as only the encrypted password will be
|
||||||
used for SMB client authentication.</P
|
used for SMB client authentication.</P
|
||||||
|
File diff suppressed because it is too large
Load Diff
@ -152,7 +152,7 @@ Identified (RID).</P
|
|||||||
>As a result of these defeciencies, a more robust means of storing user attributes
|
>As a result of these defeciencies, a more robust means of storing user attributes
|
||||||
used by smbd was developed. The API which defines access to user accounts
|
used by smbd was developed. The API which defines access to user accounts
|
||||||
is commonly referred to as the samdb interface (previously this was called the passdb
|
is commonly referred to as the samdb interface (previously this was called the passdb
|
||||||
API, and is still so named in the CVS trees). In Samba 2.2.3, enabling support
|
API, and is still so named in the CVS trees). In Samba 2.2.3, enabling support
|
||||||
for a samdb backend (e.g. <TT
|
for a samdb backend (e.g. <TT
|
||||||
CLASS="PARAMETER"
|
CLASS="PARAMETER"
|
||||||
><I
|
><I
|
||||||
@ -498,7 +498,7 @@ CLASS="REPLACEABLE"
|
|||||||
ldap suffix = "ou=people,dc=samba,dc=org"
|
ldap suffix = "ou=people,dc=samba,dc=org"
|
||||||
|
|
||||||
# generally the default ldap search filter is ok
|
# generally the default ldap search filter is ok
|
||||||
# ldap filter = "(&(uid=%u)(objectclass=sambaAccount))"</PRE
|
# ldap filter = "(&(uid=%u)(objectclass=sambaAccount))"</PRE
|
||||||
></P
|
></P
|
||||||
></DIV
|
></DIV
|
||||||
></DIV
|
></DIV
|
||||||
|
@ -2124,7 +2124,7 @@ ALIGN="LEFT"
|
|||||||
></TABLE
|
></TABLE
|
||||||
></DIV
|
></DIV
|
||||||
><P
|
><P
|
||||||
>The default logon path is \\%N\U%. NT Workstation will attempt to create
|
>The default logon path is \\%N\%U. NT Workstation will attempt to create
|
||||||
a directory "\\samba-server\username.PDS" if you specify the logon path
|
a directory "\\samba-server\username.PDS" if you specify the logon path
|
||||||
as "\\samba-server\username" with the NT User Manager. Therefore, you
|
as "\\samba-server\username" with the NT User Manager. Therefore, you
|
||||||
will need to specify (for example) "\\samba-server\username\profile".
|
will need to specify (for example) "\\samba-server\username\profile".
|
||||||
|
@ -478,7 +478,7 @@ CLASS="REPLACEABLE"
|
|||||||
></TT
|
></TT
|
||||||
></P
|
></P
|
||||||
><P
|
><P
|
||||||
>Your should get back a list of shares available on
|
>You should get back a list of shares available on
|
||||||
your server. If you don't then something is incorrectly setup.
|
your server. If you don't then something is incorrectly setup.
|
||||||
Note that this method can also be used to see what shares
|
Note that this method can also be used to see what shares
|
||||||
are available on other LanManager clients (such as WfWg).</P
|
are available on other LanManager clients (such as WfWg).</P
|
||||||
@ -656,8 +656,8 @@ NAME="AEN166"
|
|||||||
>By default Samba uses a blank scope ID. This means
|
>By default Samba uses a blank scope ID. This means
|
||||||
all your windows boxes must also have a blank scope ID.
|
all your windows boxes must also have a blank scope ID.
|
||||||
If you really want to use a non-blank scope ID then you will
|
If you really want to use a non-blank scope ID then you will
|
||||||
need to use the -i <scope> option to nmbd, smbd, and
|
need to use the 'netbios scope' smb.conf option.
|
||||||
smbclient. All your PCs will need to have the same setting for
|
All your PCs will need to have the same setting for
|
||||||
this to work. I do not recommend scope IDs.</P
|
this to work. I do not recommend scope IDs.</P
|
||||||
></DIV
|
></DIV
|
||||||
><DIV
|
><DIV
|
||||||
@ -778,19 +778,13 @@ NAME="AEN182"
|
|||||||
its open. A client may ask for DENY_NONE, DENY_READ, DENY_WRITE
|
its open. A client may ask for DENY_NONE, DENY_READ, DENY_WRITE
|
||||||
or DENY_ALL. There are also special compatibility modes called
|
or DENY_ALL. There are also special compatibility modes called
|
||||||
DENY_FCB and DENY_DOS.</P
|
DENY_FCB and DENY_DOS.</P
|
||||||
><P
|
|
||||||
>You can disable share modes using "share modes = no".
|
|
||||||
This may be useful on a heavily loaded server as the share
|
|
||||||
modes code is very slow. See also the FAST_SHARE_MODES
|
|
||||||
option in the Makefile for a way to do full share modes
|
|
||||||
very fast using shared memory (if your OS supports it).</P
|
|
||||||
></DIV
|
></DIV
|
||||||
><DIV
|
><DIV
|
||||||
CLASS="SECT2"
|
CLASS="SECT2"
|
||||||
><HR><H2
|
><HR><H2
|
||||||
CLASS="SECT2"
|
CLASS="SECT2"
|
||||||
><A
|
><A
|
||||||
NAME="AEN192"
|
NAME="AEN191"
|
||||||
>Mapping Usernames</A
|
>Mapping Usernames</A
|
||||||
></H2
|
></H2
|
||||||
><P
|
><P
|
||||||
@ -798,21 +792,6 @@ NAME="AEN192"
|
|||||||
the unix server then take a look at the "username map" option.
|
the unix server then take a look at the "username map" option.
|
||||||
See the smb.conf man page for details.</P
|
See the smb.conf man page for details.</P
|
||||||
></DIV
|
></DIV
|
||||||
><DIV
|
|
||||||
CLASS="SECT2"
|
|
||||||
><HR><H2
|
|
||||||
CLASS="SECT2"
|
|
||||||
><A
|
|
||||||
NAME="AEN195"
|
|
||||||
>Other Character Sets</A
|
|
||||||
></H2
|
|
||||||
><P
|
|
||||||
>If you have problems using filenames with accented
|
|
||||||
characters in them (like the German, French or Scandinavian
|
|
||||||
character sets) then I recommend you look at the "valid chars"
|
|
||||||
option in smb.conf and also take a look at the validchars
|
|
||||||
package in the examples directory.</P
|
|
||||||
></DIV
|
|
||||||
></DIV
|
></DIV
|
||||||
></DIV
|
></DIV
|
||||||
></BODY
|
></BODY
|
||||||
|
@ -37,12 +37,12 @@ NAME="AEN8"
|
|||||||
><B
|
><B
|
||||||
CLASS="COMMAND"
|
CLASS="COMMAND"
|
||||||
>rpcclient</B
|
>rpcclient</B
|
||||||
> [-A authfile] [-c <command string>] [-d debuglevel] [-h] [-l logfile] [-N] [-s <smb config file>] [-U username[%password]] [-W workgroup] [-N] {server}</P
|
> [-A authfile] [-c <command string>] [-d debuglevel] [-h] [-l logfile] [-N] [-s <smb config file>] [-U username[%password]] [-W workgroup] [-N] [-I destinationIP] {server}</P
|
||||||
></DIV
|
></DIV
|
||||||
><DIV
|
><DIV
|
||||||
CLASS="REFSECT1"
|
CLASS="REFSECT1"
|
||||||
><A
|
><A
|
||||||
NAME="AEN22"
|
NAME="AEN23"
|
||||||
></A
|
></A
|
||||||
><H2
|
><H2
|
||||||
>DESCRIPTION</H2
|
>DESCRIPTION</H2
|
||||||
@ -65,7 +65,7 @@ CLASS="COMMAND"
|
|||||||
><DIV
|
><DIV
|
||||||
CLASS="REFSECT1"
|
CLASS="REFSECT1"
|
||||||
><A
|
><A
|
||||||
NAME="AEN28"
|
NAME="AEN29"
|
||||||
></A
|
></A
|
||||||
><H2
|
><H2
|
||||||
>OPTIONS</H2
|
>OPTIONS</H2
|
||||||
@ -151,6 +151,35 @@ CLASS="FILENAME"
|
|||||||
</P
|
</P
|
||||||
></DD
|
></DD
|
||||||
><DT
|
><DT
|
||||||
|
>-I IP-address</DT
|
||||||
|
><DD
|
||||||
|
><P
|
||||||
|
><TT
|
||||||
|
CLASS="REPLACEABLE"
|
||||||
|
><I
|
||||||
|
>IP address</I
|
||||||
|
></TT
|
||||||
|
> is the address of the server to connect to.
|
||||||
|
It should be specified in standard "a.b.c.d" notation. </P
|
||||||
|
><P
|
||||||
|
>Normally the client would attempt to locate a named
|
||||||
|
SMB/CIFS server by looking it up via the NetBIOS name resolution
|
||||||
|
mechanism described above in the <TT
|
||||||
|
CLASS="PARAMETER"
|
||||||
|
><I
|
||||||
|
>name resolve order</I
|
||||||
|
></TT
|
||||||
|
>
|
||||||
|
parameter above. Using this parameter will force the client
|
||||||
|
to assume that the server is on the machine with the specified IP
|
||||||
|
address and the NetBIOS name component of the resource being
|
||||||
|
connected to will be ignored. </P
|
||||||
|
><P
|
||||||
|
>There is no default for this parameter. If not supplied,
|
||||||
|
it will be determined automatically by the client as described
|
||||||
|
above. </P
|
||||||
|
></DD
|
||||||
|
><DT
|
||||||
>-l|--logfile=logbasename</DT
|
>-l|--logfile=logbasename</DT
|
||||||
><DD
|
><DD
|
||||||
><P
|
><P
|
||||||
@ -253,7 +282,7 @@ CLASS="COMMAND"
|
|||||||
><DIV
|
><DIV
|
||||||
CLASS="REFSECT1"
|
CLASS="REFSECT1"
|
||||||
><A
|
><A
|
||||||
NAME="AEN92"
|
NAME="AEN101"
|
||||||
></A
|
></A
|
||||||
><H2
|
><H2
|
||||||
>COMMANDS</H2
|
>COMMANDS</H2
|
||||||
@ -647,7 +676,7 @@ CLASS="COMMAND"
|
|||||||
><DIV
|
><DIV
|
||||||
CLASS="REFSECT1"
|
CLASS="REFSECT1"
|
||||||
><A
|
><A
|
||||||
NAME="AEN212"
|
NAME="AEN221"
|
||||||
></A
|
></A
|
||||||
><H2
|
><H2
|
||||||
>BUGS</H2
|
>BUGS</H2
|
||||||
@ -688,7 +717,7 @@ CLASS="COMMAND"
|
|||||||
><DIV
|
><DIV
|
||||||
CLASS="REFSECT1"
|
CLASS="REFSECT1"
|
||||||
><A
|
><A
|
||||||
NAME="AEN222"
|
NAME="AEN231"
|
||||||
></A
|
></A
|
||||||
><H2
|
><H2
|
||||||
>VERSION</H2
|
>VERSION</H2
|
||||||
@ -699,7 +728,7 @@ NAME="AEN222"
|
|||||||
><DIV
|
><DIV
|
||||||
CLASS="REFSECT1"
|
CLASS="REFSECT1"
|
||||||
><A
|
><A
|
||||||
NAME="AEN225"
|
NAME="AEN234"
|
||||||
></A
|
></A
|
||||||
><H2
|
><H2
|
||||||
>AUTHOR</H2
|
>AUTHOR</H2
|
||||||
|
File diff suppressed because it is too large
Load Diff
@ -170,7 +170,7 @@ CLASS="CONSTANT"
|
|||||||
>,
|
>,
|
||||||
or <TT
|
or <TT
|
||||||
CLASS="CONSTANT"
|
CLASS="CONSTANT"
|
||||||
>printer-notify</TT
|
>printnotify</TT
|
||||||
>.</P
|
>.</P
|
||||||
><P
|
><P
|
||||||
>The <TT
|
>The <TT
|
||||||
@ -246,15 +246,68 @@ CLASS="CONSTANT"
|
|||||||
><P
|
><P
|
||||||
>The <TT
|
>The <TT
|
||||||
CLASS="CONSTANT"
|
CLASS="CONSTANT"
|
||||||
>printer-notify</TT
|
>printnotify</TT
|
||||||
> message-type sends a
|
> message-type sends a
|
||||||
message to smbd which in turn sends a printer notify message to
|
message to smbd which in turn sends a printer notify message to
|
||||||
any Windows NT clients connected to a printer. This message-type
|
any Windows NT clients connected to a printer. This message-type
|
||||||
takes an argument of the printer name to send notify messages to.
|
takes the following arguments:
|
||||||
|
|
||||||
|
<P
|
||||||
|
></P
|
||||||
|
><DIV
|
||||||
|
CLASS="VARIABLELIST"
|
||||||
|
><DL
|
||||||
|
><DT
|
||||||
|
>queuepause printername</DT
|
||||||
|
><DD
|
||||||
|
><P
|
||||||
|
>Send a queue pause change notify
|
||||||
|
message to the printer specified.</P
|
||||||
|
></DD
|
||||||
|
><DT
|
||||||
|
>queueresume printername</DT
|
||||||
|
><DD
|
||||||
|
><P
|
||||||
|
>Send a queue resume change notify
|
||||||
|
message for the printer specified.</P
|
||||||
|
></DD
|
||||||
|
><DT
|
||||||
|
>jobpause printername unixjobid</DT
|
||||||
|
><DD
|
||||||
|
><P
|
||||||
|
>Send a job pause change notify
|
||||||
|
message for the printer and unix jobid
|
||||||
|
specified.</P
|
||||||
|
></DD
|
||||||
|
><DT
|
||||||
|
>jobresume printername unixjobid</DT
|
||||||
|
><DD
|
||||||
|
><P
|
||||||
|
>Send a job resume change notify
|
||||||
|
message for the printer and unix jobid
|
||||||
|
specified.</P
|
||||||
|
></DD
|
||||||
|
><DT
|
||||||
|
>jobdelete printername unixjobid</DT
|
||||||
|
><DD
|
||||||
|
><P
|
||||||
|
>Send a job delete change notify
|
||||||
|
message for the printer and unix jobid
|
||||||
|
specified.</P
|
||||||
|
></DD
|
||||||
|
></DL
|
||||||
|
></DIV
|
||||||
|
>
|
||||||
|
|
||||||
|
Note that this message only sends notification that an
|
||||||
|
event has occured. It doesn't actually cause the
|
||||||
|
event to happen.
|
||||||
|
|
||||||
This message can only be sent to <TT
|
This message can only be sent to <TT
|
||||||
CLASS="CONSTANT"
|
CLASS="CONSTANT"
|
||||||
>smbd</TT
|
>smbd</TT
|
||||||
>.</P
|
>.
|
||||||
|
</P
|
||||||
></DD
|
></DD
|
||||||
><DT
|
><DT
|
||||||
>parameters</DT
|
>parameters</DT
|
||||||
@ -268,7 +321,7 @@ CLASS="CONSTANT"
|
|||||||
><DIV
|
><DIV
|
||||||
CLASS="REFSECT1"
|
CLASS="REFSECT1"
|
||||||
><A
|
><A
|
||||||
NAME="AEN81"
|
NAME="AEN102"
|
||||||
></A
|
></A
|
||||||
><H2
|
><H2
|
||||||
>VERSION</H2
|
>VERSION</H2
|
||||||
@ -279,7 +332,7 @@ NAME="AEN81"
|
|||||||
><DIV
|
><DIV
|
||||||
CLASS="REFSECT1"
|
CLASS="REFSECT1"
|
||||||
><A
|
><A
|
||||||
NAME="AEN84"
|
NAME="AEN105"
|
||||||
></A
|
></A
|
||||||
><H2
|
><H2
|
||||||
>SEE ALSO</H2
|
>SEE ALSO</H2
|
||||||
@ -305,7 +358,7 @@ CLASS="COMMAND"
|
|||||||
><DIV
|
><DIV
|
||||||
CLASS="REFSECT1"
|
CLASS="REFSECT1"
|
||||||
><A
|
><A
|
||||||
NAME="AEN91"
|
NAME="AEN112"
|
||||||
></A
|
></A
|
||||||
><H2
|
><H2
|
||||||
>AUTHOR</H2
|
>AUTHOR</H2
|
||||||
|
@ -410,12 +410,20 @@ for providing the HOWTO for this section.</P
|
|||||||
>This HOWTO describes how to get winbind services up and running
|
>This HOWTO describes how to get winbind services up and running
|
||||||
to control access and authenticate users on your Linux box using
|
to control access and authenticate users on your Linux box using
|
||||||
the winbind services which come with SAMBA 2.2.2.</P
|
the winbind services which come with SAMBA 2.2.2.</P
|
||||||
|
><P
|
||||||
|
>There is also some Solaris specific information in
|
||||||
|
<TT
|
||||||
|
CLASS="FILENAME"
|
||||||
|
>docs/textdocs/Solaris-Winbind-HOWTO.txt</TT
|
||||||
|
>.
|
||||||
|
Future revisions of this document will incorporate that
|
||||||
|
information.</P
|
||||||
><DIV
|
><DIV
|
||||||
CLASS="SECT2"
|
CLASS="SECT2"
|
||||||
><HR><H2
|
><HR><H2
|
||||||
CLASS="SECT2"
|
CLASS="SECT2"
|
||||||
><A
|
><A
|
||||||
NAME="AEN76"
|
NAME="AEN78"
|
||||||
>Introduction</A
|
>Introduction</A
|
||||||
></H2
|
></H2
|
||||||
><P
|
><P
|
||||||
@ -468,7 +476,7 @@ CLASS="SECT2"
|
|||||||
><HR><H2
|
><HR><H2
|
||||||
CLASS="SECT2"
|
CLASS="SECT2"
|
||||||
><A
|
><A
|
||||||
NAME="AEN89"
|
NAME="AEN91"
|
||||||
>Requirements</A
|
>Requirements</A
|
||||||
></H2
|
></H2
|
||||||
><P
|
><P
|
||||||
@ -529,7 +537,7 @@ CLASS="SECT2"
|
|||||||
><HR><H2
|
><HR><H2
|
||||||
CLASS="SECT2"
|
CLASS="SECT2"
|
||||||
><A
|
><A
|
||||||
NAME="AEN103"
|
NAME="AEN105"
|
||||||
>Testing Things Out</A
|
>Testing Things Out</A
|
||||||
></H2
|
></H2
|
||||||
><P
|
><P
|
||||||
@ -574,7 +582,7 @@ CLASS="SECT3"
|
|||||||
><HR><H3
|
><HR><H3
|
||||||
CLASS="SECT3"
|
CLASS="SECT3"
|
||||||
><A
|
><A
|
||||||
NAME="AEN114"
|
NAME="AEN116"
|
||||||
>Configure and compile SAMBA</A
|
>Configure and compile SAMBA</A
|
||||||
></H3
|
></H3
|
||||||
><P
|
><P
|
||||||
@ -640,7 +648,7 @@ CLASS="SECT3"
|
|||||||
><HR><H3
|
><HR><H3
|
||||||
CLASS="SECT3"
|
CLASS="SECT3"
|
||||||
><A
|
><A
|
||||||
NAME="AEN133"
|
NAME="AEN135"
|
||||||
>Configure <TT
|
>Configure <TT
|
||||||
CLASS="FILENAME"
|
CLASS="FILENAME"
|
||||||
>nsswitch.conf</TT
|
>nsswitch.conf</TT
|
||||||
@ -672,6 +680,30 @@ CLASS="COMMAND"
|
|||||||
>ln -s /lib/libnss_winbind.so /lib/libnss_winbind.so.2</B
|
>ln -s /lib/libnss_winbind.so /lib/libnss_winbind.so.2</B
|
||||||
></P
|
></P
|
||||||
><P
|
><P
|
||||||
|
>And, in the case of Sun solaris:</P
|
||||||
|
><P
|
||||||
|
><TT
|
||||||
|
CLASS="PROMPT"
|
||||||
|
>root#</TT
|
||||||
|
> <B
|
||||||
|
CLASS="COMMAND"
|
||||||
|
>ln -s /usr/lib/libnss_winbind.so /usr/lib/libnss_winbind.so.1</B
|
||||||
|
>
|
||||||
|
<TT
|
||||||
|
CLASS="PROMPT"
|
||||||
|
>root#</TT
|
||||||
|
> <B
|
||||||
|
CLASS="COMMAND"
|
||||||
|
>ln -s /usr/lib/libnss_winbind.so /usr/lib/nss_winbind.so.1</B
|
||||||
|
>
|
||||||
|
<TT
|
||||||
|
CLASS="PROMPT"
|
||||||
|
>root#</TT
|
||||||
|
> <B
|
||||||
|
CLASS="COMMAND"
|
||||||
|
>ln -s /usr/lib/libnss_winbind.so /usr/lib/nss_winbind.so.2</B
|
||||||
|
></P
|
||||||
|
><P
|
||||||
>Now, as root you need to edit <TT
|
>Now, as root you need to edit <TT
|
||||||
CLASS="FILENAME"
|
CLASS="FILENAME"
|
||||||
>/etc/nsswitch.conf</TT
|
>/etc/nsswitch.conf</TT
|
||||||
@ -721,7 +753,7 @@ CLASS="SECT3"
|
|||||||
><HR><H3
|
><HR><H3
|
||||||
CLASS="SECT3"
|
CLASS="SECT3"
|
||||||
><A
|
><A
|
||||||
NAME="AEN158"
|
NAME="AEN168"
|
||||||
>Configure smb.conf</A
|
>Configure smb.conf</A
|
||||||
></H3
|
></H3
|
||||||
><P
|
><P
|
||||||
@ -796,7 +828,7 @@ CLASS="SECT3"
|
|||||||
><HR><H3
|
><HR><H3
|
||||||
CLASS="SECT3"
|
CLASS="SECT3"
|
||||||
><A
|
><A
|
||||||
NAME="AEN174"
|
NAME="AEN184"
|
||||||
>Join the SAMBA server to the PDC domain</A
|
>Join the SAMBA server to the PDC domain</A
|
||||||
></H3
|
></H3
|
||||||
><P
|
><P
|
||||||
@ -842,7 +874,7 @@ CLASS="SECT3"
|
|||||||
><HR><H3
|
><HR><H3
|
||||||
CLASS="SECT3"
|
CLASS="SECT3"
|
||||||
><A
|
><A
|
||||||
NAME="AEN185"
|
NAME="AEN195"
|
||||||
>Start up the winbindd daemon and test it!</A
|
>Start up the winbindd daemon and test it!</A
|
||||||
></H3
|
></H3
|
||||||
><P
|
><P
|
||||||
@ -965,12 +997,17 @@ CLASS="SECT3"
|
|||||||
><HR><H3
|
><HR><H3
|
||||||
CLASS="SECT3"
|
CLASS="SECT3"
|
||||||
><A
|
><A
|
||||||
NAME="AEN221"
|
NAME="AEN231"
|
||||||
>Fix the <TT
|
>Fix the init.d startup scripts</A
|
||||||
CLASS="FILENAME"
|
|
||||||
>/etc/rc.d/init.d/smb</TT
|
|
||||||
> startup files</A
|
|
||||||
></H3
|
></H3
|
||||||
|
><DIV
|
||||||
|
CLASS="SECT4"
|
||||||
|
><H4
|
||||||
|
CLASS="SECT4"
|
||||||
|
><A
|
||||||
|
NAME="AEN233"
|
||||||
|
>Linux</A
|
||||||
|
></H4
|
||||||
><P
|
><P
|
||||||
>The <B
|
>The <B
|
||||||
CLASS="COMMAND"
|
CLASS="COMMAND"
|
||||||
@ -983,15 +1020,16 @@ CLASS="COMMAND"
|
|||||||
CLASS="COMMAND"
|
CLASS="COMMAND"
|
||||||
>nmbd</B
|
>nmbd</B
|
||||||
> daemons are running.
|
> daemons are running.
|
||||||
To accomplish this task, you need to modify the <TT
|
To accomplish this task, you need to modify the startup scripts of your system. They are located at <TT
|
||||||
CLASS="FILENAME"
|
CLASS="FILENAME"
|
||||||
>/etc/init.d/smb</TT
|
>/etc/init.d/smb</TT
|
||||||
>
|
> in RedHat and
|
||||||
script to add commands to invoke this daemon in the proper sequence. My
|
|
||||||
<TT
|
<TT
|
||||||
CLASS="FILENAME"
|
CLASS="FILENAME"
|
||||||
>/etc/init.d/smb</TT
|
>/etc/init.d/samba</TT
|
||||||
> file starts up <B
|
> in Debian.
|
||||||
|
script to add commands to invoke this daemon in the proper sequence. My
|
||||||
|
startup script starts up <B
|
||||||
CLASS="COMMAND"
|
CLASS="COMMAND"
|
||||||
>smbd</B
|
>smbd</B
|
||||||
>,
|
>,
|
||||||
@ -1057,6 +1095,86 @@ CLASS="PROGRAMLISTING"
|
|||||||
return $RETVAL
|
return $RETVAL
|
||||||
}</PRE
|
}</PRE
|
||||||
></P
|
></P
|
||||||
|
></DIV
|
||||||
|
><DIV
|
||||||
|
CLASS="SECT4"
|
||||||
|
><HR><H4
|
||||||
|
CLASS="SECT4"
|
||||||
|
><A
|
||||||
|
NAME="AEN250"
|
||||||
|
>Solaris</A
|
||||||
|
></H4
|
||||||
|
><P
|
||||||
|
>On solaris, you need to modify the
|
||||||
|
<TT
|
||||||
|
CLASS="FILENAME"
|
||||||
|
>/etc/init.d/samba.server</TT
|
||||||
|
> startup script. It usually
|
||||||
|
only starts smbd and nmbd but should now start winbindd too. If you
|
||||||
|
have samba installed in <TT
|
||||||
|
CLASS="FILENAME"
|
||||||
|
>/usr/local/samba/bin</TT
|
||||||
|
>,
|
||||||
|
the file could contains something like this:</P
|
||||||
|
><P
|
||||||
|
><PRE
|
||||||
|
CLASS="PROGRAMLISTING"
|
||||||
|
>##
|
||||||
|
## samba.server
|
||||||
|
##
|
||||||
|
|
||||||
|
if [ ! -d /usr/bin ]
|
||||||
|
then # /usr not mounted
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
|
||||||
|
killproc() { # kill the named process(es)
|
||||||
|
pid=`/usr/bin/ps -e |
|
||||||
|
/usr/bin/grep -w $1 |
|
||||||
|
/usr/bin/sed -e 's/^ *//' -e 's/ .*//'`
|
||||||
|
[ "$pid" != "" ] && kill $pid
|
||||||
|
}
|
||||||
|
|
||||||
|
# Start/stop processes required for samba server
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
|
||||||
|
'start')
|
||||||
|
#
|
||||||
|
# Edit these lines to suit your installation (paths, workgroup, host)
|
||||||
|
#
|
||||||
|
echo Starting SMBD
|
||||||
|
/usr/local/samba/bin/smbd -D -s \
|
||||||
|
/usr/local/samba/smb.conf
|
||||||
|
|
||||||
|
echo Starting NMBD
|
||||||
|
/usr/local/samba/bin/nmbd -D -l \
|
||||||
|
/usr/local/samba/var/log -s /usr/local/samba/smb.conf
|
||||||
|
|
||||||
|
echo Starting Winbind Daemon
|
||||||
|
/usr/local/samba/bin/winbindd
|
||||||
|
;;
|
||||||
|
|
||||||
|
'stop')
|
||||||
|
killproc nmbd
|
||||||
|
killproc smbd
|
||||||
|
killproc winbindd
|
||||||
|
;;
|
||||||
|
|
||||||
|
*)
|
||||||
|
echo "Usage: /etc/init.d/samba.server { start | stop }"
|
||||||
|
;;
|
||||||
|
esac</PRE
|
||||||
|
></P
|
||||||
|
></DIV
|
||||||
|
><DIV
|
||||||
|
CLASS="SECT4"
|
||||||
|
><HR><H4
|
||||||
|
CLASS="SECT4"
|
||||||
|
><A
|
||||||
|
NAME="AEN257"
|
||||||
|
>Restarting</A
|
||||||
|
></H4
|
||||||
><P
|
><P
|
||||||
>If you restart the <B
|
>If you restart the <B
|
||||||
CLASS="COMMAND"
|
CLASS="COMMAND"
|
||||||
@ -1072,12 +1190,13 @@ CLASS="COMMAND"
|
|||||||
should be able to connect to the samba server as a domain member just as
|
should be able to connect to the samba server as a domain member just as
|
||||||
if you were a local user.</P
|
if you were a local user.</P
|
||||||
></DIV
|
></DIV
|
||||||
|
></DIV
|
||||||
><DIV
|
><DIV
|
||||||
CLASS="SECT3"
|
CLASS="SECT3"
|
||||||
><HR><H3
|
><HR><H3
|
||||||
CLASS="SECT3"
|
CLASS="SECT3"
|
||||||
><A
|
><A
|
||||||
NAME="AEN243"
|
NAME="AEN263"
|
||||||
>Configure Winbind and PAM</A
|
>Configure Winbind and PAM</A
|
||||||
></H3
|
></H3
|
||||||
><P
|
><P
|
||||||
@ -1117,7 +1236,11 @@ your other pam security modules. On my RedHat system, this was the
|
|||||||
<TT
|
<TT
|
||||||
CLASS="FILENAME"
|
CLASS="FILENAME"
|
||||||
>/lib/security</TT
|
>/lib/security</TT
|
||||||
> directory.</P
|
> directory. On Solaris, the pam security
|
||||||
|
modules reside in <TT
|
||||||
|
CLASS="FILENAME"
|
||||||
|
>/usr/lib/security</TT
|
||||||
|
>.</P
|
||||||
><P
|
><P
|
||||||
><TT
|
><TT
|
||||||
CLASS="PROMPT"
|
CLASS="PROMPT"
|
||||||
@ -1126,6 +1249,14 @@ CLASS="PROMPT"
|
|||||||
CLASS="COMMAND"
|
CLASS="COMMAND"
|
||||||
>cp ../samba/source/nsswitch/pam_winbind.so /lib/security</B
|
>cp ../samba/source/nsswitch/pam_winbind.so /lib/security</B
|
||||||
></P
|
></P
|
||||||
|
><DIV
|
||||||
|
CLASS="SECT4"
|
||||||
|
><HR><H4
|
||||||
|
CLASS="SECT4"
|
||||||
|
><A
|
||||||
|
NAME="AEN280"
|
||||||
|
>Linux/FreeBSD-specific PAM configuration</A
|
||||||
|
></H4
|
||||||
><P
|
><P
|
||||||
>The <TT
|
>The <TT
|
||||||
CLASS="FILENAME"
|
CLASS="FILENAME"
|
||||||
@ -1247,6 +1378,91 @@ CLASS="COMMAND"
|
|||||||
> line to get rid of annoying
|
> line to get rid of annoying
|
||||||
double prompts for passwords.</P
|
double prompts for passwords.</P
|
||||||
></DIV
|
></DIV
|
||||||
|
><DIV
|
||||||
|
CLASS="SECT4"
|
||||||
|
><HR><H4
|
||||||
|
CLASS="SECT4"
|
||||||
|
><A
|
||||||
|
NAME="AEN313"
|
||||||
|
>Solaris-specific configuration</A
|
||||||
|
></H4
|
||||||
|
><P
|
||||||
|
>The /etc/pam.conf needs to be changed. I changed this file so that my Domain
|
||||||
|
users can logon both locally as well as telnet.The following are the changes
|
||||||
|
that I made.You can customize the pam.conf file as per your requirements,but
|
||||||
|
be sure of those changes because in the worst case it will leave your system
|
||||||
|
nearly impossible to boot.</P
|
||||||
|
><P
|
||||||
|
><PRE
|
||||||
|
CLASS="PROGRAMLISTING"
|
||||||
|
>#
|
||||||
|
#ident "@(#)pam.conf 1.14 99/09/16 SMI"
|
||||||
|
#
|
||||||
|
# Copyright (c) 1996-1999, Sun Microsystems, Inc.
|
||||||
|
# All Rights Reserved.
|
||||||
|
#
|
||||||
|
# PAM configuration
|
||||||
|
#
|
||||||
|
# Authentication management
|
||||||
|
#
|
||||||
|
login auth required /usr/lib/security/pam_winbind.so
|
||||||
|
login auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass
|
||||||
|
login auth required /usr/lib/security/$ISA/pam_dial_auth.so.1 try_first_pass
|
||||||
|
#
|
||||||
|
rlogin auth sufficient /usr/lib/security/pam_winbind.so
|
||||||
|
rlogin auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1
|
||||||
|
rlogin auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass
|
||||||
|
#
|
||||||
|
dtlogin auth sufficient /usr/lib/security/pam_winbind.so
|
||||||
|
dtlogin auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass
|
||||||
|
#
|
||||||
|
rsh auth required /usr/lib/security/$ISA/pam_rhosts_auth.so.1
|
||||||
|
other auth sufficient /usr/lib/security/pam_winbind.so
|
||||||
|
other auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass
|
||||||
|
#
|
||||||
|
# Account management
|
||||||
|
#
|
||||||
|
login account sufficient /usr/lib/security/pam_winbind.so
|
||||||
|
login account requisite /usr/lib/security/$ISA/pam_roles.so.1
|
||||||
|
login account required /usr/lib/security/$ISA/pam_unix.so.1
|
||||||
|
#
|
||||||
|
dtlogin account sufficient /usr/lib/security/pam_winbind.so
|
||||||
|
dtlogin account requisite /usr/lib/security/$ISA/pam_roles.so.1
|
||||||
|
dtlogin account required /usr/lib/security/$ISA/pam_unix.so.1
|
||||||
|
#
|
||||||
|
other account sufficient /usr/lib/security/pam_winbind.so
|
||||||
|
other account requisite /usr/lib/security/$ISA/pam_roles.so.1
|
||||||
|
other account required /usr/lib/security/$ISA/pam_unix.so.1
|
||||||
|
#
|
||||||
|
# Session management
|
||||||
|
#
|
||||||
|
other session required /usr/lib/security/$ISA/pam_unix.so.1
|
||||||
|
#
|
||||||
|
# Password management
|
||||||
|
#
|
||||||
|
#other password sufficient /usr/lib/security/pam_winbind.so
|
||||||
|
other password required /usr/lib/security/$ISA/pam_unix.so.1
|
||||||
|
dtsession auth required /usr/lib/security/$ISA/pam_unix.so.1
|
||||||
|
#
|
||||||
|
# Support for Kerberos V5 authentication (uncomment to use Kerberos)
|
||||||
|
#
|
||||||
|
#rlogin auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
|
||||||
|
#login auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
|
||||||
|
#dtlogin auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
|
||||||
|
#other auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass
|
||||||
|
#dtlogin account optional /usr/lib/security/$ISA/pam_krb5.so.1
|
||||||
|
#other account optional /usr/lib/security/$ISA/pam_krb5.so.1
|
||||||
|
#other session optional /usr/lib/security/$ISA/pam_krb5.so.1
|
||||||
|
#other password optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass</PRE
|
||||||
|
></P
|
||||||
|
><P
|
||||||
|
>I also added a try_first_pass line after the winbind.so line to get rid of
|
||||||
|
annoying double prompts for passwords.</P
|
||||||
|
><P
|
||||||
|
>Now restart your Samba & try connecting through your application that you
|
||||||
|
configured in the pam.conf.</P
|
||||||
|
></DIV
|
||||||
|
></DIV
|
||||||
></DIV
|
></DIV
|
||||||
></DIV
|
></DIV
|
||||||
><DIV
|
><DIV
|
||||||
@ -1254,7 +1470,7 @@ CLASS="SECT1"
|
|||||||
><HR><H1
|
><HR><H1
|
||||||
CLASS="SECT1"
|
CLASS="SECT1"
|
||||||
><A
|
><A
|
||||||
NAME="AEN290"
|
NAME="AEN320"
|
||||||
>Limitations</A
|
>Limitations</A
|
||||||
></H1
|
></H1
|
||||||
><P
|
><P
|
||||||
@ -1295,7 +1511,7 @@ CLASS="SECT1"
|
|||||||
><HR><H1
|
><HR><H1
|
||||||
CLASS="SECT1"
|
CLASS="SECT1"
|
||||||
><A
|
><A
|
||||||
NAME="AEN300"
|
NAME="AEN330"
|
||||||
>Conclusion</A
|
>Conclusion</A
|
||||||
></H1
|
></H1
|
||||||
><P
|
><P
|
||||||
|
@ -3,12 +3,12 @@
|
|||||||
.\" <http://shell.ipoline.com/~elmert/hacks/docbook2X/>
|
.\" <http://shell.ipoline.com/~elmert/hacks/docbook2X/>
|
||||||
.\" Please send any bug reports, improvements, comments, patches,
|
.\" Please send any bug reports, improvements, comments, patches,
|
||||||
.\" etc. to Steve Cheng <steve@ggi-project.org>.
|
.\" etc. to Steve Cheng <steve@ggi-project.org>.
|
||||||
.TH "RPCCLIENT" "1" "16 April 2002" "" ""
|
.TH "RPCCLIENT" "1" "15 August 2002" "" ""
|
||||||
.SH NAME
|
.SH NAME
|
||||||
rpcclient \- tool for executing client side MS-RPC functions
|
rpcclient \- tool for executing client side MS-RPC functions
|
||||||
.SH SYNOPSIS
|
.SH SYNOPSIS
|
||||||
.sp
|
.sp
|
||||||
\fBrpcclient\fR [ \fB-A authfile\fR ] [ \fB-c <command string>\fR ] [ \fB-d debuglevel\fR ] [ \fB-h\fR ] [ \fB-l logfile\fR ] [ \fB-N\fR ] [ \fB-s <smb config file>\fR ] [ \fB-U username[%password]\fR ] [ \fB-W workgroup\fR ] [ \fB-N\fR ] \fBserver\fR
|
\fBrpcclient\fR [ \fB-A authfile\fR ] [ \fB-c <command string>\fR ] [ \fB-d debuglevel\fR ] [ \fB-h\fR ] [ \fB-l logfile\fR ] [ \fB-N\fR ] [ \fB-s <smb config file>\fR ] [ \fB-U username[%password]\fR ] [ \fB-W workgroup\fR ] [ \fB-N\fR ] [ \fB-I destinationIP\fR ] \fBserver\fR
|
||||||
.SH "DESCRIPTION"
|
.SH "DESCRIPTION"
|
||||||
.PP
|
.PP
|
||||||
This tool is part of the Sambasuite.
|
This tool is part of the Sambasuite.
|
||||||
@ -55,6 +55,22 @@ planning on submitting a bug report to the Samba team (see \fIBUGS.txt\fR).
|
|||||||
\fB-h|--help\fR
|
\fB-h|--help\fR
|
||||||
Print a summary of command line options.
|
Print a summary of command line options.
|
||||||
.TP
|
.TP
|
||||||
|
\fB-I IP-address\fR
|
||||||
|
\fIIP address\fR is the address of the server to connect to.
|
||||||
|
It should be specified in standard "a.b.c.d" notation.
|
||||||
|
|
||||||
|
Normally the client would attempt to locate a named
|
||||||
|
SMB/CIFS server by looking it up via the NetBIOS name resolution
|
||||||
|
mechanism described above in the \fIname resolve order\fR
|
||||||
|
parameter above. Using this parameter will force the client
|
||||||
|
to assume that the server is on the machine with the specified IP
|
||||||
|
address and the NetBIOS name component of the resource being
|
||||||
|
connected to will be ignored.
|
||||||
|
|
||||||
|
There is no default for this parameter. If not supplied,
|
||||||
|
it will be determined automatically by the client as described
|
||||||
|
above.
|
||||||
|
.TP
|
||||||
\fB-l|--logfile=logbasename\fR
|
\fB-l|--logfile=logbasename\fR
|
||||||
File name for log/debug files. The extension
|
File name for log/debug files. The extension
|
||||||
\&'.client' will be appended. The log file is never removed
|
\&'.client' will be appended. The log file is never removed
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
.\" <http://shell.ipoline.com/~elmert/hacks/docbook2X/>
|
.\" <http://shell.ipoline.com/~elmert/hacks/docbook2X/>
|
||||||
.\" Please send any bug reports, improvements, comments, patches,
|
.\" Please send any bug reports, improvements, comments, patches,
|
||||||
.\" etc. to Steve Cheng <steve@ggi-project.org>.
|
.\" etc. to Steve Cheng <steve@ggi-project.org>.
|
||||||
.TH "SMB.CONF" "5" "08 May 2002" "" ""
|
.TH "SMB.CONF" "5" "15 August 2002" "" ""
|
||||||
.SH NAME
|
.SH NAME
|
||||||
smb.conf \- The configuration file for the Samba suite
|
smb.conf \- The configuration file for the Samba suite
|
||||||
.SH "SYNOPSIS"
|
.SH "SYNOPSIS"
|
||||||
@ -657,18 +657,18 @@ each parameter for details. Note that some are synonyms.
|
|||||||
\fIldap filter\fR
|
\fIldap filter\fR
|
||||||
.TP 0.2i
|
.TP 0.2i
|
||||||
\(bu
|
\(bu
|
||||||
\fIldap port\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIldap server\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIldap ssl\fR
|
\fIldap ssl\fR
|
||||||
.TP 0.2i
|
.TP 0.2i
|
||||||
\(bu
|
\(bu
|
||||||
\fIldap suffix\fR
|
\fIldap suffix\fR
|
||||||
.TP 0.2i
|
.TP 0.2i
|
||||||
\(bu
|
\(bu
|
||||||
|
\fIldap suffix\fR
|
||||||
|
.TP 0.2i
|
||||||
|
\(bu
|
||||||
|
\fIldap suffix\fR
|
||||||
|
.TP 0.2i
|
||||||
|
\(bu
|
||||||
\fIlm announce\fR
|
\fIlm announce\fR
|
||||||
.TP 0.2i
|
.TP 0.2i
|
||||||
\(bu
|
\(bu
|
||||||
@ -906,55 +906,7 @@ each parameter for details. Note that some are synonyms.
|
|||||||
\fIsource environment\fR
|
\fIsource environment\fR
|
||||||
.TP 0.2i
|
.TP 0.2i
|
||||||
\(bu
|
\(bu
|
||||||
\fIssl\fR
|
\fIuse spnego\fR
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl CA certDir\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl CA certFile\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl ciphers\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl client cert\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl client key\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl compatibility\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl egd socket\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl entropy bytes\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl entropy file\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl hosts\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl hosts resign\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl require clientcert\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl require servercert\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl server cert\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl server key\fR
|
|
||||||
.TP 0.2i
|
|
||||||
\(bu
|
|
||||||
\fIssl version\fR
|
|
||||||
.TP 0.2i
|
.TP 0.2i
|
||||||
\(bu
|
\(bu
|
||||||
\fIstat cache\fR
|
\fIstat cache\fR
|
||||||
@ -1605,6 +1557,11 @@ Default: \fBadd user script = <empty string>
|
|||||||
\fR
|
\fR
|
||||||
Example: \fBadd user script = /usr/local/samba/bin/add_user
|
Example: \fBadd user script = /usr/local/samba/bin/add_user
|
||||||
%u\fR
|
%u\fR
|
||||||
|
.TP
|
||||||
|
\fBadd group script (G)\fR
|
||||||
|
This is the full pathname to a script that will
|
||||||
|
be run \fBAS ROOT\fR by smbd(8) when a new group is requested. It will expand any \fI%g\fR to the group name passed. This script is only useful for installations using the Windows NT domain administration tools.
|
||||||
|
|
||||||
.TP
|
.TP
|
||||||
\fBadmin users (S)\fR
|
\fBadmin users (S)\fR
|
||||||
This is a list of users who will be granted
|
This is a list of users who will be granted
|
||||||
@ -2189,44 +2146,14 @@ Example: \fBdelete share command = /usr/local/bin/delshare\fR
|
|||||||
.TP
|
.TP
|
||||||
\fBdelete user script (G)\fR
|
\fBdelete user script (G)\fR
|
||||||
This is the full pathname to a script that will
|
This is the full pathname to a script that will
|
||||||
be run \fBAS ROOT\fR by \fBsmbd(8)\fRunder special circumstances
|
be run by \fBsmbd(8)\fR
|
||||||
described below.
|
when managing user's with remote RPC (NT) tools.
|
||||||
|
|
||||||
Normally, a Samba server requires that UNIX users are
|
This script is called when a remote client removes a user
|
||||||
created for all users accessing files on this server. For sites
|
from the server, normally using 'User Manager for Domains' or
|
||||||
that use Windows NT account databases as their primary user database
|
\fBrpcclient\fR.
|
||||||
creating these users and keeping the user list in sync with the
|
|
||||||
Windows NT PDC is an onerous task. This option allows \fB smbd\fR to delete the required UNIX users \fBON
|
|
||||||
DEMAND\fR when a user accesses the Samba server and the
|
|
||||||
Windows NT user no longer exists.
|
|
||||||
|
|
||||||
In order to use this option, \fBsmbd\fR must be
|
This script should delete the given UNIX username.
|
||||||
set to \fIsecurity = domain\fR or \fIsecurity =
|
|
||||||
user\fR and \fIdelete user script\fR
|
|
||||||
must be set to a full pathname for a script
|
|
||||||
that will delete a UNIX user given one argument of \fI%u\fR,
|
|
||||||
which expands into the UNIX user name to delete.
|
|
||||||
|
|
||||||
When the Windows user attempts to access the Samba server,
|
|
||||||
at \fBlogin\fR (session setup in the SMB protocol)
|
|
||||||
time, \fBsmbd\fR contacts the \fIpassword server\fR and attempts to authenticate
|
|
||||||
the given user with the given password. If the authentication fails
|
|
||||||
with the specific Domain error code meaning that the user no longer
|
|
||||||
exists then \fBsmbd\fR attempts to find a UNIX user in
|
|
||||||
the UNIX password database that matches the Windows user account. If
|
|
||||||
this lookup succeeds, and \fIdelete user script\fR is
|
|
||||||
set then \fBsmbd\fR will all the specified script
|
|
||||||
\fBAS ROOT\fR, expanding any \fI%u\fR
|
|
||||||
argument to be the user name to delete.
|
|
||||||
|
|
||||||
This script should delete the given UNIX username. In this way,
|
|
||||||
UNIX users are dynamically deleted to match existing Windows NT
|
|
||||||
accounts.
|
|
||||||
|
|
||||||
See also security = domain,
|
|
||||||
\fIpassword server\fR
|
|
||||||
, \fIadd user script\fR
|
|
||||||
\&.
|
|
||||||
|
|
||||||
Default: \fBdelete user script = <empty string>
|
Default: \fBdelete user script = <empty string>
|
||||||
\fR
|
\fR
|
||||||
@ -2744,7 +2671,7 @@ would force all created directories to have read and execute
|
|||||||
permissions set for 'group' and 'other' as well as the
|
permissions set for 'group' and 'other' as well as the
|
||||||
read/write/execute bits set for the 'user'.
|
read/write/execute bits set for the 'user'.
|
||||||
.TP
|
.TP
|
||||||
\fBforce directory security mode (S)\fR
|
\fBforce directory\fR
|
||||||
This parameter controls what UNIX permission bits
|
This parameter controls what UNIX permission bits
|
||||||
can be modified when a Windows NT client is manipulating the UNIX
|
can be modified when a Windows NT client is manipulating the UNIX
|
||||||
permission on a directory using the native NT security dialog box.
|
permission on a directory using the native NT security dialog box.
|
||||||
@ -3302,14 +3229,9 @@ code paths.
|
|||||||
Default : \fBlarge readwrite = yes\fR
|
Default : \fBlarge readwrite = yes\fR
|
||||||
.TP
|
.TP
|
||||||
\fBldap admin dn (G)\fR
|
\fBldap admin dn (G)\fR
|
||||||
This parameter is only available if Samba has been
|
|
||||||
configure to include the \fB--with-ldapsam\fR option
|
|
||||||
at compile time. This option should be considered experimental and
|
|
||||||
under active development.
|
|
||||||
|
|
||||||
The \fIldap admin dn\fR defines the Distinguished
|
The \fIldap admin dn\fR defines the Distinguished
|
||||||
Name (DN) name used by Samba to contact the ldap
|
Name (DN) name used by Samba to contact the ldap server when retreiving
|
||||||
server when retreiving user account information. The \fIldap
|
user account information. The \fIldap
|
||||||
admin dn\fR is used in conjunction with the admin dn password
|
admin dn\fR is used in conjunction with the admin dn password
|
||||||
stored in the \fIprivate/secrets.tdb\fR file. See the
|
stored in the \fIprivate/secrets.tdb\fR file. See the
|
||||||
\fBsmbpasswd(8)\fRman
|
\fBsmbpasswd(8)\fRman
|
||||||
@ -3318,11 +3240,6 @@ page for more information on how to accmplish this.
|
|||||||
Default : \fBnone\fR
|
Default : \fBnone\fR
|
||||||
.TP
|
.TP
|
||||||
\fBldap filter (G)\fR
|
\fBldap filter (G)\fR
|
||||||
This parameter is only available if Samba has been
|
|
||||||
configure to include the \fB--with-ldapsam\fR option
|
|
||||||
at compile time. This option should be considered experimental and
|
|
||||||
under active development.
|
|
||||||
|
|
||||||
This parameter specifies the RFC 2254 compliant LDAP search filter.
|
This parameter specifies the RFC 2254 compliant LDAP search filter.
|
||||||
The default is to match the login name with the uid
|
The default is to match the login name with the uid
|
||||||
attribute for all entries matching the sambaAccount
|
attribute for all entries matching the sambaAccount
|
||||||
@ -3330,43 +3247,13 @@ objectclass. Note that this filter should only return one entry.
|
|||||||
|
|
||||||
Default : \fBldap filter = (&(uid=%u)(objectclass=sambaAccount))\fR
|
Default : \fBldap filter = (&(uid=%u)(objectclass=sambaAccount))\fR
|
||||||
.TP
|
.TP
|
||||||
\fBldap port (G)\fR
|
|
||||||
This parameter is only available if Samba has been
|
|
||||||
configure to include the \fB--with-ldapsam\fR option
|
|
||||||
at compile time. This option should be considered experimental and
|
|
||||||
under active development.
|
|
||||||
|
|
||||||
This option is used to control the tcp port number used to contact
|
|
||||||
the \fIldap server\fR.
|
|
||||||
The default is to use the stand LDAPS port 636.
|
|
||||||
|
|
||||||
See Also: ldap ssl
|
|
||||||
|
|
||||||
Default : \fBldap port = 636\fR
|
|
||||||
.TP
|
|
||||||
\fBldap server (G)\fR
|
|
||||||
This parameter is only available if Samba has been
|
|
||||||
configure to include the \fB--with-ldapsam\fR option
|
|
||||||
at compile time. This option should be considered experimental and
|
|
||||||
under active development.
|
|
||||||
|
|
||||||
This parameter should contains the FQDN of the ldap directory
|
|
||||||
server which should be queried to locate user account information.
|
|
||||||
|
|
||||||
Default : \fBldap server = localhost\fR
|
|
||||||
.TP
|
|
||||||
\fBldap ssl (G)\fR
|
\fBldap ssl (G)\fR
|
||||||
This parameter is only available if Samba has been
|
|
||||||
configure to include the \fB--with-ldapsam\fR option
|
|
||||||
at compile time. This option should be considered experimental and
|
|
||||||
under active development.
|
|
||||||
|
|
||||||
This option is used to define whether or not Samba should
|
This option is used to define whether or not Samba should
|
||||||
use SSL when connecting to the \fIldap
|
use SSL when connecting to the ldap server
|
||||||
server\fR. This is \fBNOT\fR related to
|
This is \fBNOT\fR related to
|
||||||
Samba SSL support which is enabled by specifying the
|
Samba's previous SSL support which was enabled by specifying the
|
||||||
\fB--with-ssl\fR option to the \fIconfigure\fR
|
\fB--with-ssl\fR option to the \fIconfigure\fR
|
||||||
script (see \fIssl\fR).
|
script.
|
||||||
|
|
||||||
The \fIldap ssl\fR can be set to one of three values:
|
The \fIldap ssl\fR can be set to one of three values:
|
||||||
(a) on - Always use SSL when contacting the
|
(a) on - Always use SSL when contacting the
|
||||||
@ -3378,10 +3265,16 @@ Never use SSL when querying the directory, or (c) start_tls
|
|||||||
Default : \fBldap ssl = on\fR
|
Default : \fBldap ssl = on\fR
|
||||||
.TP
|
.TP
|
||||||
\fBldap suffix (G)\fR
|
\fBldap suffix (G)\fR
|
||||||
This parameter is only available if Samba has been
|
Default : \fBnone\fR
|
||||||
configure to include the \fB--with-ldapsam\fR option
|
.TP
|
||||||
at compile time. This option should be considered experimental and
|
\fBldap user suffix (G)\fR
|
||||||
under active development.
|
It specifies where users are added to the tree.
|
||||||
|
|
||||||
|
Default : \fBnone\fR
|
||||||
|
.TP
|
||||||
|
\fBldap machine suffix (G)\fR
|
||||||
|
It specifies where machines should be
|
||||||
|
added to the ldap tree.
|
||||||
|
|
||||||
Default : \fBnone\fR
|
Default : \fBnone\fR
|
||||||
.TP
|
.TP
|
||||||
@ -3546,16 +3439,18 @@ you to have separate log files for each user or machine.
|
|||||||
Example: \fBlog file = /usr/local/samba/var/log.%m
|
Example: \fBlog file = /usr/local/samba/var/log.%m
|
||||||
\fR.TP
|
\fR.TP
|
||||||
\fBlog level (G)\fR
|
\fBlog level (G)\fR
|
||||||
The value of the parameter (an integer) allows
|
The value of the parameter (a astring) allows
|
||||||
the debug level (logging level) to be specified in the
|
the debug level (logging level) to be specified in the
|
||||||
\fIsmb.conf\fR file. This is to give greater
|
\fIsmb.conf\fR file. This parameter has been
|
||||||
|
extended since 2.2.x series, now it allow to specify the debug
|
||||||
|
level for multiple debug classes. This is to give greater
|
||||||
flexibility in the configuration of the system.
|
flexibility in the configuration of the system.
|
||||||
|
|
||||||
The default will be the log level specified on
|
The default will be the log level specified on
|
||||||
the command line or level zero if none was specified.
|
the command line or level zero if none was specified.
|
||||||
|
|
||||||
Example: \fBlog level = 3\fR
|
Example: \fBlog level = 3 passdb:5 auth:10 winbind:2
|
||||||
.TP
|
\fR.TP
|
||||||
\fBlogon drive (G)\fR
|
\fBlogon drive (G)\fR
|
||||||
This parameter specifies the local path to
|
This parameter specifies the local path to
|
||||||
which the home directory will be connected (see \fIlogon home\fR)
|
which the home directory will be connected (see \fIlogon home\fR)
|
||||||
@ -4790,14 +4685,27 @@ arbitary passdb backend from the .so specified as a compulsary argument.
|
|||||||
|
|
||||||
Any characters after the (optional) second : are passed to the plugin
|
Any characters after the (optional) second : are passed to the plugin
|
||||||
for its own processing
|
for its own processing
|
||||||
|
.TP 0.2i
|
||||||
|
\(bu
|
||||||
|
\fBunixsam\fR - Allows samba to map all (other) available unix users
|
||||||
|
|
||||||
|
This backend uses the standard unix database for retrieving users. Users included
|
||||||
|
in this pdb are NOT listed in samba user listings and users included in this pdb won't be
|
||||||
|
able to login. The use of this backend is to always be able to display the owner of a file
|
||||||
|
on the samba server - even when the user doesn't have a 'real' samba account in one of the
|
||||||
|
other passdb backends.
|
||||||
|
|
||||||
|
This backend should always be the last backend listed, since it contains all users in
|
||||||
|
the unix passdb and might 'override' mappings if specified earlier. It's meant to only return
|
||||||
|
accounts for users that aren't covered by the previous backends.
|
||||||
.RE
|
.RE
|
||||||
.PP
|
.PP
|
||||||
|
|
||||||
Default: \fBpassdb backend = smbpasswd\fR
|
Default: \fBpassdb backend = smbpasswd unixsam\fR
|
||||||
|
|
||||||
Example: \fBpassdb backend = tdbsam:/etc/samba/private/passdb.tdb smbpasswd:/etc/samba/smbpasswd\fR
|
Example: \fBpassdb backend = tdbsam:/etc/samba/private/passdb.tdb smbpasswd:/etc/samba/smbpasswd unixsam\fR
|
||||||
|
|
||||||
Example: \fBpassdb backend = ldapsam_nua:ldaps://ldap.example.com\fR
|
Example: \fBpassdb backend = ldapsam_nua:ldaps://ldap.example.com unixsam\fR
|
||||||
|
|
||||||
Example: \fBpassdb backend = plugin:/usr/local/samba/lib/my_passdb.so:my_plugin_args tdbsam:/etc/samba/private/passdb.tdb\fR
|
Example: \fBpassdb backend = plugin:/usr/local/samba/lib/my_passdb.so:my_plugin_args tdbsam:/etc/samba/private/passdb.tdb\fR
|
||||||
.TP
|
.TP
|
||||||
@ -6278,246 +6186,10 @@ Examples: \fBsource environment = |/etc/smb.conf.sh
|
|||||||
Example: \fBsource environment =
|
Example: \fBsource environment =
|
||||||
/usr/local/smb_env_vars\fR
|
/usr/local/smb_env_vars\fR
|
||||||
.TP
|
.TP
|
||||||
\fBssl (G)\fR
|
\fBuse spnego (G)\fR
|
||||||
This variable is part of SSL-enabled Samba. This
|
This variable controls controls whether samba will try to use Simple and Protected NEGOciation (as specified by rfc2478) with WindowsXP and Windows2000sp2 clients to agree upon an authentication mechanism. As of samba 3.0alpha it must be set to "no" for these clients to join a samba domain controller. It can be set to "yes" to allow samba to participate in an AD domain controlled by a Windows2000 domain controller.
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
This variable enables or disables the entire SSL mode. If
|
Default: \fBuse spnego = yes\fR
|
||||||
it is set to no, the SSL-enabled Samba behaves
|
|
||||||
exactly like the non-SSL Samba. If set to yes,
|
|
||||||
it depends on the variables \fI ssl hosts\fR and \fIssl hosts resign\fR whether an SSL
|
|
||||||
connection will be required.
|
|
||||||
|
|
||||||
Default: \fBssl = no\fR
|
|
||||||
.TP
|
|
||||||
\fBssl CA certDir (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
This variable defines where to look up the Certification
|
|
||||||
Authorities. The given directory should contain one file for
|
|
||||||
each CA that Samba will trust. The file name must be the hash
|
|
||||||
value over the "Distinguished Name" of the CA. How this directory
|
|
||||||
is set up is explained later in this document. All files within the
|
|
||||||
directory that don't fit into this naming scheme are ignored. You
|
|
||||||
don't need this variable if you don't verify client certificates.
|
|
||||||
|
|
||||||
Default: \fBssl CA certDir = /usr/local/ssl/certs
|
|
||||||
\fR.TP
|
|
||||||
\fBssl CA certFile (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
This variable is a second way to define the trusted CAs.
|
|
||||||
The certificates of the trusted CAs are collected in one big
|
|
||||||
file and this variable points to the file. You will probably
|
|
||||||
only use one of the two ways to define your CAs. The first choice is
|
|
||||||
preferable if you have many CAs or want to be flexible, the second
|
|
||||||
is preferable if you only have one CA and want to keep things
|
|
||||||
simple (you won't need to create the hashed file names). You
|
|
||||||
don't need this variable if you don't verify client certificates.
|
|
||||||
|
|
||||||
Default: \fBssl CA certFile = /usr/local/ssl/certs/trustedCAs.pem
|
|
||||||
\fR.TP
|
|
||||||
\fBssl ciphers (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
This variable defines the ciphers that should be offered
|
|
||||||
during SSL negotiation. You should not set this variable unless
|
|
||||||
you know what you are doing.
|
|
||||||
.TP
|
|
||||||
\fBssl client cert (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
The certificate in this file is used by \fBsmbclient(1)\fRif it exists. It's needed
|
|
||||||
if the server requires a client certificate.
|
|
||||||
|
|
||||||
Default: \fBssl client cert = /usr/local/ssl/certs/smbclient.pem
|
|
||||||
\fR.TP
|
|
||||||
\fBssl client key (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
This is the private key for \fBsmbclient(1)\fR. It's only needed if the
|
|
||||||
client should have a certificate.
|
|
||||||
|
|
||||||
Default: \fBssl client key = /usr/local/ssl/private/smbclient.pem
|
|
||||||
\fR.TP
|
|
||||||
\fBssl compatibility (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
This variable defines whether OpenSSL should be configured
|
|
||||||
for bug compatibility with other SSL implementations. This is
|
|
||||||
probably not desirable because currently no clients with SSL
|
|
||||||
implementations other than OpenSSL exist.
|
|
||||||
|
|
||||||
Default: \fBssl compatibility = no\fR
|
|
||||||
.TP
|
|
||||||
\fBssl egd socket (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
This option is used to define the location of the communiation socket of
|
|
||||||
an EGD or PRNGD daemon, from which entropy can be retrieved. This option
|
|
||||||
can be used instead of or together with the \fIssl entropy file\fR
|
|
||||||
directive. 255 bytes of entropy will be retrieved from the daemon.
|
|
||||||
|
|
||||||
Default: \fBnone\fR
|
|
||||||
.TP
|
|
||||||
\fBssl entropy bytes (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
This parameter is used to define the number of bytes which should
|
|
||||||
be read from the \fIssl entropy
|
|
||||||
file\fR If a -1 is specified, the entire file will
|
|
||||||
be read.
|
|
||||||
|
|
||||||
Default: \fBssl entropy bytes = 255\fR
|
|
||||||
.TP
|
|
||||||
\fBssl entropy file (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
This parameter is used to specify a file from which processes will
|
|
||||||
read "random bytes" on startup. In order to seed the internal pseudo
|
|
||||||
random number generator, entropy must be provided. On system with a
|
|
||||||
\fI/dev/urandom\fR device file, the processes
|
|
||||||
will retrieve its entropy from the kernel. On systems without kernel
|
|
||||||
entropy support, a file can be supplied that will be read on startup
|
|
||||||
and that will be used to seed the PRNG.
|
|
||||||
|
|
||||||
Default: \fBnone\fR
|
|
||||||
.TP
|
|
||||||
\fBssl hosts (G)\fR
|
|
||||||
See \fI ssl hosts resign\fR.
|
|
||||||
.TP
|
|
||||||
\fBssl hosts resign (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
These two variables define whether Samba will go
|
|
||||||
into SSL mode or not. If none of them is defined, Samba will
|
|
||||||
allow only SSL connections. If the \fIssl hosts\fR variable lists
|
|
||||||
hosts (by IP-address, IP-address range, net group or name),
|
|
||||||
only these hosts will be forced into SSL mode. If the \fI ssl hosts resign\fR variable lists hosts, only these
|
|
||||||
hosts will \fBNOT\fR be forced into SSL mode. The syntax for these two
|
|
||||||
variables is the same as for the \fI hosts allow\fR and \fIhosts deny\fR pair of variables, only
|
|
||||||
that the subject of the decision is different: It's not the access
|
|
||||||
right but whether SSL is used or not.
|
|
||||||
|
|
||||||
The example below requires SSL connections from all hosts
|
|
||||||
outside the local net (which is 192.168.*.*).
|
|
||||||
|
|
||||||
Default: \fBssl hosts = <empty string>\fR
|
|
||||||
|
|
||||||
\fBssl hosts resign = <empty string>\fR
|
|
||||||
|
|
||||||
Example: \fBssl hosts resign = 192.168.\fR
|
|
||||||
.TP
|
|
||||||
\fBssl require clientcert (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
If this variable is set to yes, the
|
|
||||||
server will not tolerate connections from clients that don't
|
|
||||||
have a valid certificate. The directory/file given in \fIssl CA certDir\fR
|
|
||||||
and \fIssl CA certFile
|
|
||||||
\fRwill be used to look up the CAs that issued
|
|
||||||
the client's certificate. If the certificate can't be verified
|
|
||||||
positively, the connection will be terminated. If this variable
|
|
||||||
is set to no, clients don't need certificates.
|
|
||||||
Contrary to web applications you really \fBshould\fR
|
|
||||||
require client certificates. In the web environment the client's
|
|
||||||
data is sensitive (credit card numbers) and the server must prove
|
|
||||||
to be trustworthy. In a file server environment the server's data
|
|
||||||
will be sensitive and the clients must prove to be trustworthy.
|
|
||||||
|
|
||||||
Default: \fBssl require clientcert = no\fR
|
|
||||||
.TP
|
|
||||||
\fBssl require servercert (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
If this variable is set to yes, the
|
|
||||||
\fBsmbclient(1)\fR
|
|
||||||
will request a certificate from the server. Same as
|
|
||||||
\fIssl require
|
|
||||||
clientcert\fR for the server.
|
|
||||||
|
|
||||||
Default: \fBssl require servercert = no\fR
|
|
||||||
.TP
|
|
||||||
\fBssl server cert (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
This is the file containing the server's certificate.
|
|
||||||
The server \fBmust\fR have a certificate. The
|
|
||||||
file may also contain the server's private key. See later for
|
|
||||||
how certificates and private keys are created.
|
|
||||||
|
|
||||||
Default: \fBssl server cert = <empty string>
|
|
||||||
\fR.TP
|
|
||||||
\fBssl server key (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
This file contains the private key of the server. If
|
|
||||||
this variable is not defined, the key is looked up in the
|
|
||||||
certificate file (it may be appended to the certificate).
|
|
||||||
The server \fBmust\fR have a private key
|
|
||||||
and the certificate \fBmust\fR
|
|
||||||
match this private key.
|
|
||||||
|
|
||||||
Default: \fBssl server key = <empty string>
|
|
||||||
\fR.TP
|
|
||||||
\fBssl version (G)\fR
|
|
||||||
This variable is part of SSL-enabled Samba. This
|
|
||||||
is only available if the SSL libraries have been compiled on your
|
|
||||||
system and the configure option \fB--with-ssl\fR was
|
|
||||||
given at configure time.
|
|
||||||
|
|
||||||
This enumeration variable defines the versions of the
|
|
||||||
SSL protocol that will be used. ssl2or3 allows
|
|
||||||
dynamic negotiation of SSL v2 or v3, ssl2 results
|
|
||||||
in SSL v2, ssl3 results in SSL v3 and
|
|
||||||
tls1 results in TLS v1. TLS (Transport Layer
|
|
||||||
Security) is the new standard for SSL.
|
|
||||||
|
|
||||||
Default: \fBssl version = "ssl2or3"\fR
|
|
||||||
.TP
|
.TP
|
||||||
\fBstat cache (G)\fR
|
\fBstat cache (G)\fR
|
||||||
This parameter determines if smbd(8)will use a cache in order to
|
This parameter determines if smbd(8)will use a cache in order to
|
||||||
@ -6698,9 +6370,9 @@ Example: \fBtotal print jobs = 5000\fR
|
|||||||
.TP
|
.TP
|
||||||
\fBunix extensions(G)\fR
|
\fBunix extensions(G)\fR
|
||||||
This boolean parameter controls whether Samba
|
This boolean parameter controls whether Samba
|
||||||
implments the CIFS UNIX extensions, as defined by HP. These
|
implments the CIFS UNIX extensions, as defined by HP.
|
||||||
extensions enable CIFS to server UNIX clients to UNIX servers
|
These extensions enable Samba to better serve UNIX CIFS clients
|
||||||
better, and allow such things as symbolic links, hard links etc.
|
by supporting features such as symbolic links, hard links, etc...
|
||||||
These extensions require a similarly enabled client, and are of
|
These extensions require a similarly enabled client, and are of
|
||||||
no current use to Windows clients.
|
no current use to Windows clients.
|
||||||
|
|
||||||
@ -6983,6 +6655,12 @@ to add utmp or utmpx records (depending on the UNIX system) whenever a
|
|||||||
connection is made to a Samba server. Sites may use this to record the
|
connection is made to a Samba server. Sites may use this to record the
|
||||||
user connecting to a Samba share.
|
user connecting to a Samba share.
|
||||||
|
|
||||||
|
Due to the requirements of the utmp record, we
|
||||||
|
are required to create a unique identifier for the
|
||||||
|
incoming user. Enabling this option creates an n^2
|
||||||
|
algorithm to find this number. This may impede
|
||||||
|
performance on large installations.
|
||||||
|
|
||||||
See also the \fI utmp directory\fR parameter.
|
See also the \fI utmp directory\fR parameter.
|
||||||
|
|
||||||
Default: \fButmp = no\fR
|
Default: \fButmp = no\fR
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
.\" <http://shell.ipoline.com/~elmert/hacks/docbook2X/>
|
.\" <http://shell.ipoline.com/~elmert/hacks/docbook2X/>
|
||||||
.\" Please send any bug reports, improvements, comments, patches,
|
.\" Please send any bug reports, improvements, comments, patches,
|
||||||
.\" etc. to Steve Cheng <steve@ggi-project.org>.
|
.\" etc. to Steve Cheng <steve@ggi-project.org>.
|
||||||
.TH "SMBCONTROL" "1" "08 May 2002" "" ""
|
.TH "SMBCONTROL" "1" "15 August 2002" "" ""
|
||||||
.SH NAME
|
.SH NAME
|
||||||
smbcontrol \- send messages to smbd, nmbd or winbindd processes
|
smbcontrol \- send messages to smbd, nmbd or winbindd processes
|
||||||
.SH SYNOPSIS
|
.SH SYNOPSIS
|
||||||
@ -47,7 +47,7 @@ One of: close-share,
|
|||||||
debug,
|
debug,
|
||||||
force-election, ping
|
force-election, ping
|
||||||
, profile, debuglevel, profilelevel,
|
, profile, debuglevel, profilelevel,
|
||||||
or printer-notify.
|
or printnotify.
|
||||||
|
|
||||||
The close-share message-type sends a
|
The close-share message-type sends a
|
||||||
message to smbd which will then close the client connections to
|
message to smbd which will then close the client connections to
|
||||||
@ -90,11 +90,40 @@ a "request profile level" message. The current profile level
|
|||||||
setting is returned by a "profilelevel" message. This can be sent
|
setting is returned by a "profilelevel" message. This can be sent
|
||||||
to any smbd or nmbd destinations.
|
to any smbd or nmbd destinations.
|
||||||
|
|
||||||
The printer-notify message-type sends a
|
The printnotify message-type sends a
|
||||||
message to smbd which in turn sends a printer notify message to
|
message to smbd which in turn sends a printer notify message to
|
||||||
any Windows NT clients connected to a printer. This message-type
|
any Windows NT clients connected to a printer. This message-type
|
||||||
takes an argument of the printer name to send notify messages to.
|
takes the following arguments:
|
||||||
This message can only be sent to smbd.
|
.RS
|
||||||
|
.TP
|
||||||
|
\fBqueuepause printername\fR
|
||||||
|
Send a queue pause change notify
|
||||||
|
message to the printer specified.
|
||||||
|
.TP
|
||||||
|
\fBqueueresume printername\fR
|
||||||
|
Send a queue resume change notify
|
||||||
|
message for the printer specified.
|
||||||
|
.TP
|
||||||
|
\fBjobpause printername unixjobid\fR
|
||||||
|
Send a job pause change notify
|
||||||
|
message for the printer and unix jobid
|
||||||
|
specified.
|
||||||
|
.TP
|
||||||
|
\fBjobresume printername unixjobid\fR
|
||||||
|
Send a job resume change notify
|
||||||
|
message for the printer and unix jobid
|
||||||
|
specified.
|
||||||
|
.TP
|
||||||
|
\fBjobdelete printername unixjobid\fR
|
||||||
|
Send a job delete change notify
|
||||||
|
message for the printer and unix jobid
|
||||||
|
specified.
|
||||||
|
.RE
|
||||||
|
.PP
|
||||||
|
Note that this message only sends notification that an
|
||||||
|
event has occured. It doesn't actually cause the
|
||||||
|
event to happen.
|
||||||
|
This message can only be sent to smbd.
|
||||||
.TP
|
.TP
|
||||||
\fBparameters\fR
|
\fBparameters\fR
|
||||||
any parameters required for the message-type
|
any parameters required for the message-type
|
||||||
|
@ -119,8 +119,20 @@ attributetype ( 1.3.6.1.4.1.7165.2.1.15 NAME 'primaryGroupID'
|
|||||||
# MUST ( uid $ uidNumber )
|
# MUST ( uid $ uidNumber )
|
||||||
# MAY ( lmPassword $ ntPassword $ pwdLastSet $ acctFlags ))
|
# MAY ( lmPassword $ ntPassword $ pwdLastSet $ acctFlags ))
|
||||||
|
|
||||||
objectclass ( 1.3.6.1.4.1.7165.2.2.2 NAME 'sambaAccount' SUP top STRUCTURAL
|
#objectclass ( 1.3.6.1.4.1.7165.2.2.2 NAME 'sambaAccount' SUP top STRUCTURAL
|
||||||
DESC 'Samba Account'
|
# DESC 'Samba Account'
|
||||||
|
# MUST ( uid $ rid )
|
||||||
|
# MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $
|
||||||
|
# logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $
|
||||||
|
# displayName $ smbHome $ homeDrive $ scriptPath $ profilePath $
|
||||||
|
# description $ userWorkstations $ primaryGroupID $ domain ))
|
||||||
|
|
||||||
|
## The X.500 data model (and therefore LDAPv3) says that each entry can
|
||||||
|
## only have one structural objectclass. OpenLDAP 2.0 does not enforce
|
||||||
|
## this currently but will in v2.1
|
||||||
|
|
||||||
|
objectclass ( 1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' SUP top AUXILIARY
|
||||||
|
DESC 'Samba Auxilary Account'
|
||||||
MUST ( uid $ rid )
|
MUST ( uid $ rid )
|
||||||
MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $
|
MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $ logonTime $
|
||||||
logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $
|
logoffTime $ kickoffTime $ pwdCanChange $ pwdMustChange $ acctFlags $
|
||||||
|
@ -3,6 +3,7 @@
|
|||||||
* facility.
|
* facility.
|
||||||
*
|
*
|
||||||
* Copyright (C) Tim Potter, 1999-2000
|
* Copyright (C) Tim Potter, 1999-2000
|
||||||
|
* Copyright (C) Alexander Bokovoy, 2002
|
||||||
*
|
*
|
||||||
* This program is free software; you can redistribute it and/or modify
|
* This program is free software; you can redistribute it and/or modify
|
||||||
* it under the terms of the GNU General Public License as published by
|
* it under the terms of the GNU General Public License as published by
|
||||||
@ -47,134 +48,79 @@
|
|||||||
|
|
||||||
/* Function prototypes */
|
/* Function prototypes */
|
||||||
|
|
||||||
int audit_connect(struct connection_struct *conn, const char *svc, const char *user);
|
static int audit_connect(struct connection_struct *conn, const char *svc, const char *user);
|
||||||
void audit_disconnect(struct connection_struct *conn);
|
static void audit_disconnect(struct connection_struct *conn);
|
||||||
DIR *audit_opendir(struct connection_struct *conn, const char *fname);
|
static DIR *audit_opendir(struct connection_struct *conn, const char *fname);
|
||||||
int audit_mkdir(struct connection_struct *conn, const char *path, mode_t mode);
|
static int audit_mkdir(struct connection_struct *conn, const char *path, mode_t mode);
|
||||||
int audit_rmdir(struct connection_struct *conn, const char *path);
|
static int audit_rmdir(struct connection_struct *conn, const char *path);
|
||||||
int audit_open(struct connection_struct *conn, const char *fname, int flags, mode_t mode);
|
static int audit_open(struct connection_struct *conn, const char *fname, int flags, mode_t mode);
|
||||||
int audit_close(struct files_struct *fsp, int fd);
|
static int audit_close(struct files_struct *fsp, int fd);
|
||||||
int audit_rename(struct connection_struct *conn, const char *old, const char *new);
|
static int audit_rename(struct connection_struct *conn, const char *old, const char *new);
|
||||||
int audit_unlink(struct connection_struct *conn, const char *path);
|
static int audit_unlink(struct connection_struct *conn, const char *path);
|
||||||
int audit_chmod(struct connection_struct *conn, const char *path, mode_t mode);
|
static int audit_chmod(struct connection_struct *conn, const char *path, mode_t mode);
|
||||||
int audit_chmod_acl(struct connection_struct *conn, const char *name, mode_t mode);
|
static int audit_chmod_acl(struct connection_struct *conn, const char *name, mode_t mode);
|
||||||
int audit_fchmod(struct files_struct *fsp, int fd, mode_t mode);
|
static int audit_fchmod(struct files_struct *fsp, int fd, mode_t mode);
|
||||||
int audit_fchmod_acl(struct files_struct *fsp, int fd, mode_t mode);
|
static int audit_fchmod_acl(struct files_struct *fsp, int fd, mode_t mode);
|
||||||
|
|
||||||
/* VFS operations */
|
/* VFS operations */
|
||||||
|
|
||||||
extern struct vfs_ops default_vfs_ops; /* For passthrough operation */
|
static struct vfs_ops default_vfs_ops; /* For passthrough operation */
|
||||||
|
static struct smb_vfs_handle_struct *audit_handle;
|
||||||
|
|
||||||
struct vfs_ops audit_ops = {
|
static vfs_op_tuple audit_ops[] = {
|
||||||
|
|
||||||
/* Disk operations */
|
/* Disk operations */
|
||||||
|
|
||||||
audit_connect,
|
{audit_connect, SMB_VFS_OP_CONNECT, SMB_VFS_LAYER_LOGGER},
|
||||||
audit_disconnect,
|
{audit_disconnect, SMB_VFS_OP_DISCONNECT, SMB_VFS_LAYER_LOGGER},
|
||||||
NULL, /* disk free */
|
|
||||||
|
|
||||||
/* Directory operations */
|
/* Directory operations */
|
||||||
|
|
||||||
audit_opendir,
|
{audit_opendir, SMB_VFS_OP_OPENDIR, SMB_VFS_LAYER_LOGGER},
|
||||||
NULL, /* readdir */
|
{audit_mkdir, SMB_VFS_OP_MKDIR, SMB_VFS_LAYER_LOGGER},
|
||||||
audit_mkdir,
|
{audit_rmdir, SMB_VFS_OP_RMDIR, SMB_VFS_LAYER_LOGGER},
|
||||||
audit_rmdir,
|
|
||||||
NULL, /* closedir */
|
|
||||||
|
|
||||||
/* File operations */
|
/* File operations */
|
||||||
|
|
||||||
audit_open,
|
{audit_open, SMB_VFS_OP_OPEN, SMB_VFS_LAYER_LOGGER},
|
||||||
audit_close,
|
{audit_close, SMB_VFS_OP_CLOSE, SMB_VFS_LAYER_LOGGER},
|
||||||
NULL, /* read */
|
{audit_rename, SMB_VFS_OP_RENAME, SMB_VFS_LAYER_LOGGER},
|
||||||
NULL, /* write */
|
{audit_unlink, SMB_VFS_OP_UNLINK, SMB_VFS_LAYER_LOGGER},
|
||||||
NULL, /* lseek */
|
{audit_chmod, SMB_VFS_OP_CHMOD, SMB_VFS_LAYER_LOGGER},
|
||||||
audit_rename,
|
{audit_fchmod, SMB_VFS_OP_FCHMOD, SMB_VFS_LAYER_LOGGER},
|
||||||
NULL, /* fsync */
|
{audit_chmod_acl, SMB_VFS_OP_CHMOD_ACL, SMB_VFS_LAYER_LOGGER},
|
||||||
NULL, /* stat */
|
{audit_fchmod_acl, SMB_VFS_OP_FCHMOD_ACL, SMB_VFS_LAYER_LOGGER},
|
||||||
NULL, /* fstat */
|
|
||||||
NULL, /* lstat */
|
/* Finish VFS operations definition */
|
||||||
audit_unlink,
|
|
||||||
audit_chmod,
|
{NULL, SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
|
||||||
audit_fchmod,
|
|
||||||
NULL, /* chown */
|
|
||||||
NULL, /* fchown */
|
|
||||||
NULL, /* chdir */
|
|
||||||
NULL, /* getwd */
|
|
||||||
NULL, /* utime */
|
|
||||||
NULL, /* ftruncate */
|
|
||||||
NULL, /* lock */
|
|
||||||
NULL, /* symlink */
|
|
||||||
NULL, /* readlink */
|
|
||||||
NULL, /* link */
|
|
||||||
NULL, /* mknod */
|
|
||||||
NULL, /* realpath */
|
|
||||||
NULL, /* fget_nt_acl */
|
|
||||||
NULL, /* get_nt_acl */
|
|
||||||
NULL, /* fset_nt_acl */
|
|
||||||
NULL, /* set_nt_acl */
|
|
||||||
|
|
||||||
audit_chmod_acl, /* chmod_acl */
|
|
||||||
audit_fchmod_acl, /* fchmod_acl */
|
|
||||||
|
|
||||||
NULL, /* sys_acl_get_entry */
|
|
||||||
NULL, /* sys_acl_get_tag_type */
|
|
||||||
NULL, /* sys_acl_get_permset */
|
|
||||||
NULL, /*sys_acl_get_qualifier */
|
|
||||||
NULL, /* sys_acl_get_file */
|
|
||||||
NULL, /* sys_acl_get_fd */
|
|
||||||
NULL, /* sys_acl_clear_perms */
|
|
||||||
NULL, /* sys_acl_add_perm */
|
|
||||||
NULL, /* sys_acl_to_text */
|
|
||||||
NULL, /* sys_acl_init */
|
|
||||||
NULL, /* sys_acl_create_entry */
|
|
||||||
NULL, /* sys_acl_set_tag_type */
|
|
||||||
NULL, /* sys_acl_set_qualifier */
|
|
||||||
NULL, /* sys_acl_set_permset */
|
|
||||||
NULL, /* sys_acl_valid */
|
|
||||||
NULL, /* sys_acl_set_file */
|
|
||||||
NULL, /* sys_acl_set_fd */
|
|
||||||
NULL, /* sys_acl_delete_def_file */
|
|
||||||
NULL, /* sys_acl_get_perm */
|
|
||||||
NULL, /* sys_acl_free_text */
|
|
||||||
NULL, /* sys_acl_free_acl */
|
|
||||||
NULL /* sys_acl_free_qualifier */
|
|
||||||
};
|
};
|
||||||
|
|
||||||
/* VFS initialisation function. Return initialised vfs_ops structure
|
/* VFS initialisation function. Return vfs_op_tuple array back to SAMBA. */
|
||||||
back to SAMBA. */
|
|
||||||
|
|
||||||
struct vfs_ops *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops)
|
vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops,
|
||||||
|
struct smb_vfs_handle_struct *vfs_handle)
|
||||||
{
|
{
|
||||||
struct vfs_ops tmp_ops;
|
|
||||||
|
|
||||||
*vfs_version = SMB_VFS_INTERFACE_VERSION;
|
*vfs_version = SMB_VFS_INTERFACE_VERSION;
|
||||||
memcpy(&tmp_ops, def_vfs_ops, sizeof(struct vfs_ops));
|
memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops));
|
||||||
|
|
||||||
tmp_ops.connect = audit_connect;
|
audit_handle = vfs_handle;
|
||||||
tmp_ops.disconnect = audit_disconnect;
|
|
||||||
tmp_ops.opendir = audit_opendir;
|
|
||||||
tmp_ops.mkdir = audit_mkdir;
|
|
||||||
tmp_ops.rmdir = audit_rmdir;
|
|
||||||
tmp_ops.open = audit_open;
|
|
||||||
tmp_ops.close = audit_close;
|
|
||||||
tmp_ops.rename = audit_rename;
|
|
||||||
tmp_ops.unlink = audit_unlink;
|
|
||||||
tmp_ops.chmod = audit_chmod;
|
|
||||||
tmp_ops.chmod_acl = audit_chmod_acl;
|
|
||||||
tmp_ops.fchmod = audit_fchmod;
|
|
||||||
tmp_ops.fchmod_acl = audit_fchmod_acl;
|
|
||||||
|
|
||||||
memcpy(&audit_ops, &tmp_ops, sizeof(struct vfs_ops));
|
|
||||||
|
|
||||||
openlog("smbd_audit", LOG_PID, SYSLOG_FACILITY);
|
openlog("smbd_audit", LOG_PID, SYSLOG_FACILITY);
|
||||||
syslog(SYSLOG_PRIORITY, "VFS_INIT: vfs_ops loaded\n");
|
syslog(SYSLOG_PRIORITY, "VFS_INIT: vfs_ops loaded\n");
|
||||||
return &audit_ops;
|
return audit_ops;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* VFS finalization function. */
|
||||||
|
void vfs_done(connection_struct *conn)
|
||||||
|
{
|
||||||
|
syslog(SYSLOG_PRIORITY, "VFS_DONE: vfs module unloaded\n");
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Implementation of vfs_ops. Pass everything on to the default
|
/* Implementation of vfs_ops. Pass everything on to the default
|
||||||
operation but log event first. */
|
operation but log event first. */
|
||||||
|
|
||||||
int audit_connect(struct connection_struct *conn, const char *svc, const char *user)
|
static int audit_connect(struct connection_struct *conn, const char *svc, const char *user)
|
||||||
{
|
{
|
||||||
syslog(SYSLOG_PRIORITY, "connect to service %s by user %s\n",
|
syslog(SYSLOG_PRIORITY, "connect to service %s by user %s\n",
|
||||||
svc, user);
|
svc, user);
|
||||||
@ -182,13 +128,13 @@ int audit_connect(struct connection_struct *conn, const char *svc, const char *u
|
|||||||
return default_vfs_ops.connect(conn, svc, user);
|
return default_vfs_ops.connect(conn, svc, user);
|
||||||
}
|
}
|
||||||
|
|
||||||
void audit_disconnect(struct connection_struct *conn)
|
static void audit_disconnect(struct connection_struct *conn)
|
||||||
{
|
{
|
||||||
syslog(SYSLOG_PRIORITY, "disconnected\n");
|
syslog(SYSLOG_PRIORITY, "disconnected\n");
|
||||||
default_vfs_ops.disconnect(conn);
|
default_vfs_ops.disconnect(conn);
|
||||||
}
|
}
|
||||||
|
|
||||||
DIR *audit_opendir(struct connection_struct *conn, const char *fname)
|
static DIR *audit_opendir(struct connection_struct *conn, const char *fname)
|
||||||
{
|
{
|
||||||
DIR *result = default_vfs_ops.opendir(conn, fname);
|
DIR *result = default_vfs_ops.opendir(conn, fname);
|
||||||
|
|
||||||
@ -200,7 +146,7 @@ DIR *audit_opendir(struct connection_struct *conn, const char *fname)
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
int audit_mkdir(struct connection_struct *conn, const char *path, mode_t mode)
|
static int audit_mkdir(struct connection_struct *conn, const char *path, mode_t mode)
|
||||||
{
|
{
|
||||||
int result = default_vfs_ops.mkdir(conn, path, mode);
|
int result = default_vfs_ops.mkdir(conn, path, mode);
|
||||||
|
|
||||||
@ -212,7 +158,7 @@ int audit_mkdir(struct connection_struct *conn, const char *path, mode_t mode)
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
int audit_rmdir(struct connection_struct *conn, const char *path)
|
static int audit_rmdir(struct connection_struct *conn, const char *path)
|
||||||
{
|
{
|
||||||
int result = default_vfs_ops.rmdir(conn, path);
|
int result = default_vfs_ops.rmdir(conn, path);
|
||||||
|
|
||||||
@ -224,7 +170,7 @@ int audit_rmdir(struct connection_struct *conn, const char *path)
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
int audit_open(struct connection_struct *conn, const char *fname, int flags, mode_t mode)
|
static int audit_open(struct connection_struct *conn, const char *fname, int flags, mode_t mode)
|
||||||
{
|
{
|
||||||
int result = default_vfs_ops.open(conn, fname, flags, mode);
|
int result = default_vfs_ops.open(conn, fname, flags, mode);
|
||||||
|
|
||||||
@ -237,7 +183,7 @@ int audit_open(struct connection_struct *conn, const char *fname, int flags, mod
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
int audit_close(struct files_struct *fsp, int fd)
|
static int audit_close(struct files_struct *fsp, int fd)
|
||||||
{
|
{
|
||||||
int result = default_vfs_ops.close(fsp, fd);
|
int result = default_vfs_ops.close(fsp, fd);
|
||||||
|
|
||||||
@ -249,7 +195,7 @@ int audit_close(struct files_struct *fsp, int fd)
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
int audit_rename(struct connection_struct *conn, const char *old, const char *new)
|
static int audit_rename(struct connection_struct *conn, const char *old, const char *new)
|
||||||
{
|
{
|
||||||
int result = default_vfs_ops.rename(conn, old, new);
|
int result = default_vfs_ops.rename(conn, old, new);
|
||||||
|
|
||||||
@ -261,7 +207,7 @@ int audit_rename(struct connection_struct *conn, const char *old, const char *ne
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
int audit_unlink(struct connection_struct *conn, const char *path)
|
static int audit_unlink(struct connection_struct *conn, const char *path)
|
||||||
{
|
{
|
||||||
int result = default_vfs_ops.unlink(conn, path);
|
int result = default_vfs_ops.unlink(conn, path);
|
||||||
|
|
||||||
@ -273,7 +219,7 @@ int audit_unlink(struct connection_struct *conn, const char *path)
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
int audit_chmod(struct connection_struct *conn, const char *path, mode_t mode)
|
static int audit_chmod(struct connection_struct *conn, const char *path, mode_t mode)
|
||||||
{
|
{
|
||||||
int result = default_vfs_ops.chmod(conn, path, mode);
|
int result = default_vfs_ops.chmod(conn, path, mode);
|
||||||
|
|
||||||
@ -285,7 +231,7 @@ int audit_chmod(struct connection_struct *conn, const char *path, mode_t mode)
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
int audit_chmod_acl(struct connection_struct *conn, const char *path, mode_t mode)
|
static int audit_chmod_acl(struct connection_struct *conn, const char *path, mode_t mode)
|
||||||
{
|
{
|
||||||
int result = default_vfs_ops.chmod_acl(conn, path, mode);
|
int result = default_vfs_ops.chmod_acl(conn, path, mode);
|
||||||
|
|
||||||
@ -297,7 +243,7 @@ int audit_chmod_acl(struct connection_struct *conn, const char *path, mode_t mod
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
int audit_fchmod(struct files_struct *fsp, int fd, mode_t mode)
|
static int audit_fchmod(struct files_struct *fsp, int fd, mode_t mode)
|
||||||
{
|
{
|
||||||
int result = default_vfs_ops.fchmod(fsp, fd, mode);
|
int result = default_vfs_ops.fchmod(fsp, fd, mode);
|
||||||
|
|
||||||
@ -309,7 +255,7 @@ int audit_fchmod(struct files_struct *fsp, int fd, mode_t mode)
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
int audit_fchmod_acl(struct files_struct *fsp, int fd, mode_t mode)
|
static int audit_fchmod_acl(struct files_struct *fsp, int fd, mode_t mode)
|
||||||
{
|
{
|
||||||
int result = default_vfs_ops.fchmod_acl(fsp, fd, mode);
|
int result = default_vfs_ops.fchmod_acl(fsp, fd, mode);
|
||||||
|
|
||||||
|
@ -3,6 +3,7 @@
|
|||||||
* Block access from links to dev mount points specified in PARAMCONF file
|
* Block access from links to dev mount points specified in PARAMCONF file
|
||||||
*
|
*
|
||||||
* Copyright (C) Ronald Kuetemeier, 2001
|
* Copyright (C) Ronald Kuetemeier, 2001
|
||||||
|
* Copyright (C) Alexander Bokovoy, 2002
|
||||||
*
|
*
|
||||||
* This program is free software; you can redistribute it and/or modify
|
* This program is free software; you can redistribute it and/or modify
|
||||||
* it under the terms of the GNU General Public License as published by
|
* it under the terms of the GNU General Public License as published by
|
||||||
@ -47,93 +48,29 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
DIR *block_opendir(struct connection_struct *conn, char *fname);
|
static DIR *block_opendir(connection_struct *conn, char *fname);
|
||||||
int block_connect(struct connection_struct *conn, const char *service, const char *user);
|
static int block_connect(connection_struct *conn, const char *service, const char *user);
|
||||||
void block_disconnect(struct connection_struct *conn);
|
static void block_disconnect(connection_struct *conn);
|
||||||
|
|
||||||
|
static struct smb_vfs_handle_struct *block_handle;
|
||||||
|
|
||||||
/* VFS operations */
|
/* VFS operations */
|
||||||
|
|
||||||
|
|
||||||
extern struct vfs_ops default_vfs_ops; /* For passthrough operation */
|
static struct vfs_ops default_vfs_ops; /* For passthrough operation */
|
||||||
|
|
||||||
struct vfs_ops execute_vfs_ops = {
|
static vfs_op_tuple block_vfs_ops[] = {
|
||||||
|
|
||||||
/* Disk operations */
|
/* Disk operations */
|
||||||
|
|
||||||
block_connect,
|
{block_connect, SMB_VFS_OP_CONNECT, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
block_disconnect,
|
{block_disconnect, SMB_VFS_OP_DISCONNECT, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
NULL, /* disk free */
|
|
||||||
|
|
||||||
/* Directory operations */
|
/* Directory operations */
|
||||||
|
|
||||||
block_opendir,
|
{block_opendir, SMB_VFS_OP_OPENDIR, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
NULL, /* readdir */
|
|
||||||
NULL, /* mkdir */
|
{NULL, SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
|
||||||
NULL, /* rmdir */
|
|
||||||
NULL, /* closedir */
|
|
||||||
|
|
||||||
/* File operations */
|
|
||||||
|
|
||||||
NULL, /* open */
|
|
||||||
NULL, /* close */
|
|
||||||
NULL, /* read */
|
|
||||||
NULL, /* write */
|
|
||||||
NULL, /* lseek */
|
|
||||||
NULL, /* rename */
|
|
||||||
NULL, /* fsync */
|
|
||||||
NULL, /* stat */
|
|
||||||
NULL, /* fstat */
|
|
||||||
NULL, /* lstat */
|
|
||||||
NULL, /* unlink */
|
|
||||||
NULL, /* chmod */
|
|
||||||
NULL, /* fchmod */
|
|
||||||
NULL, /* chown */
|
|
||||||
NULL, /* fchown */
|
|
||||||
NULL, /* chdir */
|
|
||||||
NULL, /* getwd */
|
|
||||||
NULL, /* utime */
|
|
||||||
NULL, /* ftruncate */
|
|
||||||
NULL, /* lock */
|
|
||||||
NULL, /* symlink */
|
|
||||||
NULL, /* readlink */
|
|
||||||
NULL, /* link */
|
|
||||||
NULL, /* mknod */
|
|
||||||
NULL, /* realpath */
|
|
||||||
|
|
||||||
/* NT ACL operations */
|
|
||||||
|
|
||||||
NULL, /* fget_nt_acl */
|
|
||||||
NULL, /* get_nt_acl */
|
|
||||||
NULL, /* fset_nt_acl */
|
|
||||||
NULL, /* set_nt_acl */
|
|
||||||
|
|
||||||
/* POSIX ACL operations. */
|
|
||||||
|
|
||||||
NULL, /* chmod_acl */
|
|
||||||
NULL, /* fchmod_acl */
|
|
||||||
NULL, /* sys_acl_get_entry */
|
|
||||||
NULL, /* sys_acl_get_tag_type */
|
|
||||||
NULL, /* sys_acl_get_permset */
|
|
||||||
NULL, /* sys_acl_get_qualifier */
|
|
||||||
NULL, /* sys_acl_get_file */
|
|
||||||
NULL, /* sys_acl_get_fd */
|
|
||||||
NULL, /* sys_acl_clear_perms */
|
|
||||||
NULL, /* sys_acl_add_perm */
|
|
||||||
NULL, /* sys_acl_to_text */
|
|
||||||
NULL, /* sys_acl_init */
|
|
||||||
NULL, /* sys_acl_create_entry */
|
|
||||||
NULL, /* sys_acl_set_tag_type */
|
|
||||||
NULL, /* sys_acl_set_qualifier */
|
|
||||||
NULL, /* sys_acl_set_permset */
|
|
||||||
NULL, /* sys_acl_valid */
|
|
||||||
NULL, /* sys_acl_set_file */
|
|
||||||
NULL, /* sys_acl_set_fd */
|
|
||||||
NULL, /* sys_acl_delete_def_file */
|
|
||||||
NULL, /* sys_acl_get_perm */
|
|
||||||
NULL, /* sys_acl_free_text */
|
|
||||||
NULL, /* sys_acl_free_acl */
|
|
||||||
NULL /* sys_acl_free_qualifier */
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
@ -145,13 +82,13 @@ extern BOOL pm_process(char *FileName, BOOL (*sfunc)(char *), BOOL(*pfunc)(char
|
|||||||
|
|
||||||
//functions
|
//functions
|
||||||
|
|
||||||
BOOL enter_pblock_mount(char *dir);
|
static BOOL enter_pblock_mount(char *dir);
|
||||||
BOOL get_section(char *sect);
|
static BOOL get_section(char *sect);
|
||||||
BOOL get_parameter_value(char *param, char *value);
|
static BOOL get_parameter_value(char *param, char *value);
|
||||||
BOOL load_param(void);
|
static BOOL load_param(void);
|
||||||
BOOL search(struct stat *stat_buf);
|
static BOOL search(struct stat *stat_buf);
|
||||||
BOOL dir_search(char *link, char *dir);
|
static BOOL dir_search(char *link, char *dir);
|
||||||
BOOL enter_pblock_dir(char *dir);
|
static BOOL enter_pblock_dir(char *dir);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -176,7 +113,7 @@ static struct block_dir *pblock_dir = NULL;
|
|||||||
* Load the conf file into a table
|
* Load the conf file into a table
|
||||||
*/
|
*/
|
||||||
|
|
||||||
BOOL load_param(void)
|
static BOOL load_param(void)
|
||||||
{
|
{
|
||||||
|
|
||||||
if ((pm_process(PARAMCONF,&get_section,&get_parameter_value)) == TRUE)
|
if ((pm_process(PARAMCONF,&get_section,&get_parameter_value)) == TRUE)
|
||||||
@ -194,7 +131,7 @@ BOOL load_param(void)
|
|||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
BOOL enter_pblock_mount(char *dir)
|
static BOOL enter_pblock_mount(char *dir)
|
||||||
{
|
{
|
||||||
struct stat stat_buf;
|
struct stat stat_buf;
|
||||||
static struct block_dir *tmp_pblock;
|
static struct block_dir *tmp_pblock;
|
||||||
@ -242,7 +179,7 @@ BOOL enter_pblock_mount(char *dir)
|
|||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
BOOL enter_pblock_dir(char *dir)
|
static BOOL enter_pblock_dir(char *dir)
|
||||||
{
|
{
|
||||||
static struct block_dir *tmp_pblock;
|
static struct block_dir *tmp_pblock;
|
||||||
|
|
||||||
@ -285,7 +222,7 @@ BOOL enter_pblock_dir(char *dir)
|
|||||||
* Function callback for config section names
|
* Function callback for config section names
|
||||||
*/
|
*/
|
||||||
|
|
||||||
BOOL get_section(char *sect)
|
static BOOL get_section(char *sect)
|
||||||
{
|
{
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
@ -297,7 +234,7 @@ BOOL get_section(char *sect)
|
|||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
BOOL get_parameter_value(char *param, char *value)
|
static BOOL get_parameter_value(char *param, char *value)
|
||||||
{
|
{
|
||||||
int i = 0, maxargs = sizeof(params) / sizeof(char *);
|
int i = 0, maxargs = sizeof(params) / sizeof(char *);
|
||||||
|
|
||||||
@ -327,24 +264,25 @@ BOOL get_parameter_value(char *param, char *value)
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
/* VFS initialisation function. Return initialised vfs_ops structure
|
/* VFS initialisation function. Return initialised vfs_op_tuple array
|
||||||
back to SAMBA. */
|
back to SAMBA. */
|
||||||
|
|
||||||
struct vfs_ops *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops)
|
vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops,
|
||||||
|
struct smb_vfs_handle_struct *vfs_handle)
|
||||||
{
|
{
|
||||||
struct vfs_ops tmp_ops;
|
|
||||||
|
|
||||||
*vfs_version = SMB_VFS_INTERFACE_VERSION;
|
*vfs_version = SMB_VFS_INTERFACE_VERSION;
|
||||||
|
|
||||||
memcpy(&tmp_ops, def_vfs_ops, sizeof(struct vfs_ops));
|
memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops));
|
||||||
|
|
||||||
|
block_handle = vfs_handle;
|
||||||
|
|
||||||
/* Override the ones we want. */
|
return block_vfs_ops;
|
||||||
tmp_ops.connect = block_connect;
|
}
|
||||||
tmp_ops.disconnect = block_disconnect;
|
|
||||||
tmp_ops.opendir = block_opendir;
|
|
||||||
|
|
||||||
memcpy(&execute_vfs_ops, &tmp_ops, sizeof(struct vfs_ops));
|
|
||||||
return(&execute_vfs_ops);
|
/* VFS finalization function. */
|
||||||
|
void vfs_done(connection_struct *conn)
|
||||||
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -352,7 +290,7 @@ struct vfs_ops *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops)
|
|||||||
* VFS connect and param file loading
|
* VFS connect and param file loading
|
||||||
*/
|
*/
|
||||||
|
|
||||||
int block_connect(struct connection_struct *conn, char *service, char *user)
|
static int block_connect(connection_struct *conn, const char *service, const char *user)
|
||||||
{
|
{
|
||||||
if((load_param()) == FALSE)
|
if((load_param()) == FALSE)
|
||||||
{
|
{
|
||||||
@ -372,7 +310,7 @@ int block_connect(struct connection_struct *conn, char *service, char *user)
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
||||||
void block_disconnect(struct connection_struct *conn)
|
static void block_disconnect(struct connection_struct *conn)
|
||||||
{
|
{
|
||||||
|
|
||||||
struct block_dir *tmp_pblock = (pblock_mountp == NULL ? pblock_dir : pblock_mountp);
|
struct block_dir *tmp_pblock = (pblock_mountp == NULL ? pblock_dir : pblock_mountp);
|
||||||
@ -403,7 +341,7 @@ void block_disconnect(struct connection_struct *conn)
|
|||||||
* VFS opendir
|
* VFS opendir
|
||||||
*/
|
*/
|
||||||
|
|
||||||
DIR *block_opendir(struct connection_struct *conn, char *fname)
|
static DIR *block_opendir(struct connection_struct *conn, char *fname)
|
||||||
{
|
{
|
||||||
|
|
||||||
char *dir_name = NULL;
|
char *dir_name = NULL;
|
||||||
@ -437,7 +375,7 @@ DIR *block_opendir(struct connection_struct *conn, char *fname)
|
|||||||
* Find mount point to block in list
|
* Find mount point to block in list
|
||||||
*/
|
*/
|
||||||
|
|
||||||
BOOL search(struct stat *stat_buf)
|
static BOOL search(struct stat *stat_buf)
|
||||||
{
|
{
|
||||||
struct block_dir *tmp_pblock = pblock_mountp;
|
struct block_dir *tmp_pblock = pblock_mountp;
|
||||||
|
|
||||||
@ -459,7 +397,7 @@ BOOL search(struct stat *stat_buf)
|
|||||||
* Find dir in list to block id the starting point is link from a share
|
* Find dir in list to block id the starting point is link from a share
|
||||||
*/
|
*/
|
||||||
|
|
||||||
BOOL dir_search(char *link, char *dir)
|
static BOOL dir_search(char *link, char *dir)
|
||||||
{
|
{
|
||||||
char buf[PATH_MAX +1], *ext_path;
|
char buf[PATH_MAX +1], *ext_path;
|
||||||
int len = 0;
|
int len = 0;
|
||||||
|
@ -4,6 +4,7 @@
|
|||||||
*
|
*
|
||||||
* Copyright (C) 2001, Brandon Stone, Amherst College, <bbstone@amherst.edu>.
|
* Copyright (C) 2001, Brandon Stone, Amherst College, <bbstone@amherst.edu>.
|
||||||
* Copyright (C) 2002, Jeremy Allison - modified to make a VFS module.
|
* Copyright (C) 2002, Jeremy Allison - modified to make a VFS module.
|
||||||
|
* Copyright (C) 2002, Alexander Bokovoy - cascaded VFS adoption,
|
||||||
*
|
*
|
||||||
* This program is free software; you can redistribute it and/or modify
|
* This program is free software; you can redistribute it and/or modify
|
||||||
* it under the terms of the GNU General Public License as published by
|
* it under the terms of the GNU General Public License as published by
|
||||||
@ -40,139 +41,67 @@
|
|||||||
|
|
||||||
/* VFS operations */
|
/* VFS operations */
|
||||||
|
|
||||||
extern struct vfs_ops default_vfs_ops; /* For passthrough operation */
|
static struct vfs_ops default_vfs_ops; /* For passthrough operation */
|
||||||
|
static struct smb_vfs_handle_struct *recycle_handle;
|
||||||
static int recycle_unlink(connection_struct *, const char *);
|
static int recycle_unlink(connection_struct *, const char *);
|
||||||
static int recycle_connect(struct connection_struct *conn, const char *service, const char *user);
|
static int recycle_connect(struct connection_struct *conn, const char *service, const char *user);
|
||||||
static void recycle_disconnect(struct connection_struct *conn);
|
static void recycle_disconnect(struct connection_struct *conn);
|
||||||
|
|
||||||
struct vfs_ops recycle_ops = {
|
static vfs_op_tuple recycle_ops[] = {
|
||||||
|
|
||||||
/* Disk operations */
|
/* Disk operations */
|
||||||
|
|
||||||
recycle_connect, /* connect */
|
{recycle_connect, SMB_VFS_OP_CONNECT, SMB_VFS_LAYER_OPAQUE},
|
||||||
recycle_disconnect, /* disconnect */
|
{recycle_disconnect, SMB_VFS_OP_DISCONNECT, SMB_VFS_LAYER_OPAQUE},
|
||||||
NULL, /* disk free */
|
|
||||||
|
|
||||||
/* Directory operations */
|
|
||||||
|
|
||||||
NULL, /* opendir */
|
|
||||||
NULL, /* readdir */
|
|
||||||
NULL, /* mkdir */
|
|
||||||
NULL, /* rmdir */
|
|
||||||
NULL, /* closedir */
|
|
||||||
|
|
||||||
/* File operations */
|
/* File operations */
|
||||||
|
|
||||||
NULL, /* open */
|
{recycle_unlink, SMB_VFS_OP_UNLINK, SMB_VFS_LAYER_OPAQUE},
|
||||||
NULL, /* close */
|
|
||||||
NULL, /* read */
|
{NULL, SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
|
||||||
NULL, /* write */
|
|
||||||
NULL, /* lseek */
|
|
||||||
NULL, /* rename */
|
|
||||||
NULL, /* fsync */
|
|
||||||
NULL, /* stat */
|
|
||||||
NULL, /* fstat */
|
|
||||||
NULL, /* lstat */
|
|
||||||
recycle_unlink,
|
|
||||||
NULL, /* chmod */
|
|
||||||
NULL, /* fchmod */
|
|
||||||
NULL, /* chown */
|
|
||||||
NULL, /* fchown */
|
|
||||||
NULL, /* chdir */
|
|
||||||
NULL, /* getwd */
|
|
||||||
NULL, /* utime */
|
|
||||||
NULL, /* ftruncate */
|
|
||||||
NULL, /* lock */
|
|
||||||
NULL, /* symlink */
|
|
||||||
NULL, /* readlink */
|
|
||||||
NULL, /* link */
|
|
||||||
NULL, /* mknod */
|
|
||||||
NULL, /* realpath */
|
|
||||||
NULL, /* fget_nt_acl */
|
|
||||||
NULL, /* get_nt_acl */
|
|
||||||
NULL, /* fset_nt_acl */
|
|
||||||
NULL, /* set_nt_acl */
|
|
||||||
|
|
||||||
NULL, /* chmod_acl */
|
|
||||||
NULL, /* fchmod_acl */
|
|
||||||
|
|
||||||
NULL, /* sys_acl_get_entry */
|
|
||||||
NULL, /* sys_acl_get_tag_type */
|
|
||||||
NULL, /* sys_acl_get_permset */
|
|
||||||
NULL, /* sys_acl_get_qualifier */
|
|
||||||
NULL, /* sys_acl_get_file */
|
|
||||||
NULL, /* sys_acl_get_fd */
|
|
||||||
NULL, /* sys_acl_clear_perms */
|
|
||||||
NULL, /* sys_acl_add_perm */
|
|
||||||
NULL, /* sys_acl_to_text */
|
|
||||||
NULL, /* sys_acl_init */
|
|
||||||
NULL, /* sys_acl_create_entry */
|
|
||||||
NULL, /* sys_acl_set_tag_type */
|
|
||||||
NULL, /* sys_acl_set_qualifier */
|
|
||||||
NULL, /* sys_acl_set_permset */
|
|
||||||
NULL, /* sys_acl_valid */
|
|
||||||
NULL, /* sys_acl_set_file */
|
|
||||||
NULL, /* sys_acl_set_fd */
|
|
||||||
NULL, /* sys_acl_delete_def_file */
|
|
||||||
NULL, /* sys_acl_get_perm */
|
|
||||||
NULL, /* sys_acl_free_text */
|
|
||||||
NULL, /* sys_acl_free_acl */
|
|
||||||
NULL /* sys_acl_free_qualifier */
|
|
||||||
};
|
};
|
||||||
|
|
||||||
/* VFS initialisation function. Return initialised vfs_ops structure
|
/* VFS initialisation function. Return initialised vfs_op_tuple array back to SAMBA. */
|
||||||
back to SAMBA. */
|
|
||||||
|
|
||||||
struct vfs_ops *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops)
|
vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops,
|
||||||
|
struct smb_vfs_handle_struct *vfs_handle)
|
||||||
{
|
{
|
||||||
struct vfs_ops tmp_ops;
|
|
||||||
|
|
||||||
*vfs_version = SMB_VFS_INTERFACE_VERSION;
|
*vfs_version = SMB_VFS_INTERFACE_VERSION;
|
||||||
memcpy(&tmp_ops, def_vfs_ops, sizeof(struct vfs_ops));
|
memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops));
|
||||||
tmp_ops.unlink = recycle_unlink;
|
|
||||||
tmp_ops.connect = recycle_connect;
|
/* Remember vfs_id for storing private information at connect */
|
||||||
tmp_ops.disconnect = recycle_disconnect;
|
recycle_handle = vfs_handle;
|
||||||
memcpy(&recycle_ops, &tmp_ops, sizeof(struct vfs_ops));
|
|
||||||
return &recycle_ops;
|
return recycle_ops;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* VFS finalization function. */
|
||||||
|
void vfs_done(connection_struct *conn)
|
||||||
|
{
|
||||||
|
DEBUG(3,("vfs_done_recycle: called for connection %p\n",conn));
|
||||||
}
|
}
|
||||||
|
|
||||||
static int recycle_connect(struct connection_struct *conn, const char *service, const char *user)
|
static int recycle_connect(struct connection_struct *conn, const char *service, const char *user)
|
||||||
{
|
{
|
||||||
pstring opts_str;
|
|
||||||
fstring recycle_bin;
|
fstring recycle_bin;
|
||||||
char *p;
|
|
||||||
|
|
||||||
DEBUG(3,("recycle_connect: called for service %s as user %s\n", service, user));
|
DEBUG(3,("recycle_connect: called for service %s as user %s\n", service, user));
|
||||||
|
|
||||||
pstrcpy(opts_str, (const char *)lp_vfs_options(SNUM(conn)));
|
fstrcpy(recycle_bin, (const char *)lp_parm_string(lp_servicename(SNUM(conn)),"vfs","recycle bin"));
|
||||||
if (!*opts_str) {
|
if (!*recycle_bin) {
|
||||||
DEBUG(3,("recycle_connect: No options listed (%s).\n", lp_vfs_options(SNUM(conn)) ));
|
DEBUG(3,("recycle_connect: No options listed (vfs:recycle bin).\n" ));
|
||||||
return 0; /* No options. */
|
return 0; /* No options. */
|
||||||
}
|
}
|
||||||
|
|
||||||
p = opts_str;
|
DEBUG(3,("recycle_connect: recycle name is %s\n", recycle_bin ));
|
||||||
if (next_token(&p,recycle_bin,"=",sizeof(recycle_bin))) {
|
|
||||||
if (!strequal("recycle", recycle_bin)) {
|
|
||||||
DEBUG(3,("recycle_connect: option %s is not recycle\n", recycle_bin ));
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!next_token(&p,recycle_bin," \n",sizeof(recycle_bin))) {
|
recycle_handle->data = (void *)strdup(recycle_bin);
|
||||||
DEBUG(3,("recycle_connect: no option after recycle=\n"));
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
DEBUG(10,("recycle_connect: recycle name is %s\n", recycle_bin ));
|
|
||||||
|
|
||||||
conn->vfs_private = (void *)strdup(recycle_bin);
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void recycle_disconnect(struct connection_struct *conn)
|
static void recycle_disconnect(struct connection_struct *conn)
|
||||||
{
|
{
|
||||||
SAFE_FREE(conn->vfs_private);
|
SAFE_FREE(recycle_handle->data);
|
||||||
}
|
}
|
||||||
|
|
||||||
static BOOL recycle_XXX_exist(connection_struct *conn, const char *dname, BOOL isdir)
|
static BOOL recycle_XXX_exist(connection_struct *conn, const char *dname, BOOL isdir)
|
||||||
@ -225,8 +154,8 @@ static int recycle_unlink(connection_struct *conn, const char *inname)
|
|||||||
*recycle_bin = '\0';
|
*recycle_bin = '\0';
|
||||||
pstrcpy(fname, inname);
|
pstrcpy(fname, inname);
|
||||||
|
|
||||||
if (conn->vfs_private)
|
if (recycle_handle->data)
|
||||||
fstrcpy(recycle_bin, (const char *)conn->vfs_private);
|
fstrcpy(recycle_bin, (const char *)recycle_handle->data);
|
||||||
|
|
||||||
if(!*recycle_bin) {
|
if(!*recycle_bin) {
|
||||||
DEBUG(3, ("recycle bin: share parameter not set, purging %s...\n", fname));
|
DEBUG(3, ("recycle bin: share parameter not set, purging %s...\n", fname));
|
||||||
|
@ -3,6 +3,7 @@
|
|||||||
* calls to disk functions.
|
* calls to disk functions.
|
||||||
*
|
*
|
||||||
* Copyright (C) Tim Potter, 1999-2000
|
* Copyright (C) Tim Potter, 1999-2000
|
||||||
|
* Copyright (C) Alexander Bokovoy, 2002
|
||||||
*
|
*
|
||||||
* This program is free software; you can redistribute it and/or modify
|
* This program is free software; you can redistribute it and/or modify
|
||||||
* it under the terms of the GNU General Public License as published by
|
* it under the terms of the GNU General Public License as published by
|
||||||
@ -38,8 +39,8 @@
|
|||||||
#include <includes.h>
|
#include <includes.h>
|
||||||
#include <vfs.h>
|
#include <vfs.h>
|
||||||
|
|
||||||
extern struct vfs_ops default_vfs_ops; /* For passthrough operation */
|
static struct vfs_ops default_vfs_ops; /* For passthrough operation */
|
||||||
extern struct vfs_ops skel_ops;
|
static struct smb_vfs_handle_struct *skel_handle; /* use skel_handle->data for storing per-instance private data */
|
||||||
|
|
||||||
static int skel_connect(struct connection_struct *conn, const char *service, const char *user)
|
static int skel_connect(struct connection_struct *conn, const char *service, const char *user)
|
||||||
{
|
{
|
||||||
@ -349,172 +350,110 @@ static int skel_sys_acl_free_qualifier(struct connection_struct *conn, void *qua
|
|||||||
return default_vfs_ops.sys_acl_free_qualifier(conn, qualifier, tagtype);
|
return default_vfs_ops.sys_acl_free_qualifier(conn, qualifier, tagtype);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* VFS initialisation - return vfs_ops function pointer structure */
|
|
||||||
|
|
||||||
struct vfs_ops *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops)
|
|
||||||
{
|
|
||||||
struct vfs_ops tmp_ops;
|
|
||||||
|
|
||||||
DEBUG(3, ("Initialising default vfs hooks\n"));
|
|
||||||
|
|
||||||
*vfs_version = SMB_VFS_INTERFACE_VERSION;
|
|
||||||
memcpy(&tmp_ops, def_vfs_ops, sizeof(struct vfs_ops));
|
|
||||||
|
|
||||||
tmp_ops.connect = skel_connect;
|
|
||||||
tmp_ops.disconnect = skel_disconnect;
|
|
||||||
tmp_ops.disk_free = skel_disk_free;
|
|
||||||
|
|
||||||
/* Directory operations */
|
|
||||||
|
|
||||||
tmp_ops.opendir = skel_opendir;
|
|
||||||
tmp_ops.readdir = skel_readdir;
|
|
||||||
tmp_ops.mkdir = skel_mkdir;
|
|
||||||
tmp_ops.rmdir = skel_rmdir;
|
|
||||||
tmp_ops.closedir = skel_closedir;
|
|
||||||
|
|
||||||
/* File operations */
|
|
||||||
|
|
||||||
tmp_ops.open = skel_open;
|
|
||||||
tmp_ops.close = skel_close;
|
|
||||||
tmp_ops.read = skel_read;
|
|
||||||
tmp_ops.write = skel_write;
|
|
||||||
tmp_ops.lseek = skel_lseek;
|
|
||||||
tmp_ops.rename = skel_rename;
|
|
||||||
tmp_ops.fsync = skel_fsync;
|
|
||||||
tmp_ops.stat = skel_stat;
|
|
||||||
tmp_ops.fstat = skel_fstat;
|
|
||||||
tmp_ops.lstat = skel_lstat;
|
|
||||||
tmp_ops.unlink = skel_unlink;
|
|
||||||
tmp_ops.chmod = skel_chmod;
|
|
||||||
tmp_ops.fchmod = skel_fchmod;
|
|
||||||
tmp_ops.chown = skel_chown;
|
|
||||||
tmp_ops.fchown = skel_fchown;
|
|
||||||
tmp_ops.chdir = skel_chdir;
|
|
||||||
tmp_ops.getwd = skel_getwd;
|
|
||||||
tmp_ops.utime = skel_utime;
|
|
||||||
tmp_ops.ftruncate = skel_ftruncate;
|
|
||||||
tmp_ops.lock = skel_lock;
|
|
||||||
tmp_ops.symlink = skel_symlink;
|
|
||||||
tmp_ops.readlink = skel_readlink;
|
|
||||||
tmp_ops.link = skel_link;
|
|
||||||
tmp_ops.mknod = skel_mknod;
|
|
||||||
tmp_ops.realpath = skel_realpath;
|
|
||||||
|
|
||||||
tmp_ops.fget_nt_acl = skel_fget_nt_acl;
|
|
||||||
tmp_ops.get_nt_acl = skel_get_nt_acl;
|
|
||||||
tmp_ops.fset_nt_acl = skel_fset_nt_acl;
|
|
||||||
tmp_ops.set_nt_acl = skel_set_nt_acl;
|
|
||||||
|
|
||||||
/* POSIX ACL operations. */
|
|
||||||
|
|
||||||
tmp_ops.chmod_acl = skel_chmod_acl;
|
|
||||||
tmp_ops.fchmod_acl = skel_fchmod_acl;
|
|
||||||
tmp_ops.sys_acl_get_entry = skel_sys_acl_get_entry;
|
|
||||||
tmp_ops.sys_acl_get_tag_type = skel_sys_acl_get_tag_type;
|
|
||||||
tmp_ops.sys_acl_get_permset = skel_sys_acl_get_permset;
|
|
||||||
tmp_ops.sys_acl_get_qualifier = skel_sys_acl_get_qualifier;
|
|
||||||
tmp_ops.sys_acl_get_file = skel_sys_acl_get_file;
|
|
||||||
tmp_ops.sys_acl_get_fd = skel_sys_acl_get_fd;
|
|
||||||
tmp_ops.sys_acl_clear_perms = skel_sys_acl_clear_perms;
|
|
||||||
tmp_ops.sys_acl_add_perm = skel_sys_acl_add_perm;
|
|
||||||
tmp_ops.sys_acl_to_text = skel_sys_acl_to_text;
|
|
||||||
tmp_ops.sys_acl_init = skel_sys_acl_init;
|
|
||||||
tmp_ops.sys_acl_create_entry = skel_sys_acl_create_entry;
|
|
||||||
tmp_ops.sys_acl_set_tag_type = skel_sys_acl_set_tag_type;
|
|
||||||
tmp_ops.sys_acl_set_qualifier = skel_sys_acl_set_qualifier;
|
|
||||||
tmp_ops.sys_acl_set_permset = skel_sys_acl_set_permset;
|
|
||||||
tmp_ops.sys_acl_valid = skel_sys_acl_valid;
|
|
||||||
tmp_ops.sys_acl_set_file = skel_sys_acl_set_file;
|
|
||||||
tmp_ops.sys_acl_set_fd = skel_sys_acl_set_fd;
|
|
||||||
tmp_ops.sys_acl_delete_def_file = skel_sys_acl_delete_def_file;
|
|
||||||
tmp_ops.sys_acl_get_perm = skel_sys_acl_get_perm;
|
|
||||||
tmp_ops.sys_acl_free_text = skel_sys_acl_free_text;
|
|
||||||
tmp_ops.sys_acl_free_acl = skel_sys_acl_free_acl;
|
|
||||||
tmp_ops.sys_acl_free_qualifier = skel_sys_acl_free_qualifier;
|
|
||||||
|
|
||||||
memcpy(&skel_ops, &tmp_ops, sizeof(struct vfs_ops));
|
|
||||||
|
|
||||||
return &skel_ops;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* VFS operations structure */
|
/* VFS operations structure */
|
||||||
|
|
||||||
struct vfs_ops skel_ops = {
|
static vfs_op_tuple skel_ops[] = {
|
||||||
|
|
||||||
/* Disk operations */
|
/* Disk operations */
|
||||||
|
|
||||||
skel_connect,
|
{skel_connect, SMB_VFS_OP_CONNECT, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_disconnect,
|
{skel_disconnect, SMB_VFS_OP_DISCONNECT, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_disk_free,
|
{skel_disk_free, SMB_VFS_OP_DISK_FREE, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
|
|
||||||
/* Directory operations */
|
/* Directory operations */
|
||||||
|
|
||||||
skel_opendir,
|
{skel_opendir, SMB_VFS_OP_OPENDIR, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_readdir,
|
{skel_readdir, SMB_VFS_OP_READDIR, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_mkdir,
|
{skel_mkdir, SMB_VFS_OP_MKDIR, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_rmdir,
|
{skel_rmdir, SMB_VFS_OP_RMDIR, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_closedir,
|
{skel_closedir, SMB_VFS_OP_CLOSEDIR, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
|
|
||||||
/* File operations */
|
/* File operations */
|
||||||
|
|
||||||
skel_open,
|
{skel_open, SMB_VFS_OP_OPEN, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_close,
|
{skel_close, SMB_VFS_OP_CLOSE, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_read,
|
{skel_read, SMB_VFS_OP_READ, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_write,
|
{skel_write, SMB_VFS_OP_WRITE, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_lseek,
|
{skel_lseek, SMB_VFS_OP_LSEEK, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_rename,
|
{skel_rename, SMB_VFS_OP_RENAME, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_fsync,
|
{skel_fsync, SMB_VFS_OP_FSYNC, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_stat,
|
{skel_stat, SMB_VFS_OP_STAT, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_fstat,
|
{skel_fstat, SMB_VFS_OP_FSTAT, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_lstat,
|
{skel_lstat, SMB_VFS_OP_LSTAT, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_unlink,
|
{skel_unlink, SMB_VFS_OP_UNLINK, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_chmod,
|
{skel_chmod, SMB_VFS_OP_CHMOD, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_fchmod,
|
{skel_fchmod, SMB_VFS_OP_FCHMOD, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_chown,
|
{skel_chown, SMB_VFS_OP_CHOWN, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_fchown,
|
{skel_fchown, SMB_VFS_OP_FCHOWN, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_chdir,
|
{skel_chdir, SMB_VFS_OP_CHDIR, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_getwd,
|
{skel_getwd, SMB_VFS_OP_GETWD, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_utime,
|
{skel_utime, SMB_VFS_OP_UTIME, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_ftruncate,
|
{skel_ftruncate, SMB_VFS_OP_FTRUNCATE, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_lock,
|
{skel_lock, SMB_VFS_OP_LOCK, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_symlink,
|
{skel_symlink, SMB_VFS_OP_SYMLINK, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_readlink,
|
{skel_readlink, SMB_VFS_OP_READLINK, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_link,
|
{skel_link, SMB_VFS_OP_LINK, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_mknod,
|
{skel_mknod, SMB_VFS_OP_MKNOD, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_realpath,
|
{skel_realpath, SMB_VFS_OP_REALPATH, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
|
|
||||||
/* NT File ACL operations */
|
/* NT File ACL operations */
|
||||||
|
|
||||||
skel_fget_nt_acl,
|
{skel_fget_nt_acl, SMB_VFS_OP_FGET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_get_nt_acl,
|
{skel_get_nt_acl, SMB_VFS_OP_GET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_fset_nt_acl,
|
{skel_fset_nt_acl, SMB_VFS_OP_FSET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_set_nt_acl,
|
{skel_set_nt_acl, SMB_VFS_OP_SET_NT_ACL, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
|
|
||||||
/* POSIX ACL operations */
|
/* POSIX ACL operations */
|
||||||
|
|
||||||
skel_chmod_acl,
|
{skel_chmod_acl, SMB_VFS_OP_CHMOD_ACL, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_fchmod_acl,
|
{skel_fchmod_acl, SMB_VFS_OP_FCHMOD_ACL, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
|
|
||||||
skel_sys_acl_get_entry,
|
{skel_sys_acl_get_entry, SMB_VFS_OP_SYS_ACL_GET_ENTRY, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_get_tag_type,
|
{skel_sys_acl_get_tag_type, SMB_VFS_OP_SYS_ACL_GET_TAG_TYPE, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_get_permset,
|
{skel_sys_acl_get_permset, SMB_VFS_OP_SYS_ACL_GET_PERMSET, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_get_qualifier,
|
{skel_sys_acl_get_qualifier, SMB_VFS_OP_SYS_ACL_GET_QUALIFIER, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_get_file,
|
{skel_sys_acl_get_file, SMB_VFS_OP_SYS_ACL_GET_FILE, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_get_fd,
|
{skel_sys_acl_get_fd, SMB_VFS_OP_SYS_ACL_GET_FD, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_clear_perms,
|
{skel_sys_acl_clear_perms, SMB_VFS_OP_SYS_ACL_CLEAR_PERMS, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_add_perm,
|
{skel_sys_acl_add_perm, SMB_VFS_OP_SYS_ACL_ADD_PERM, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_to_text,
|
{skel_sys_acl_to_text, SMB_VFS_OP_SYS_ACL_TO_TEXT, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_init,
|
{skel_sys_acl_init, SMB_VFS_OP_SYS_ACL_INIT, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_create_entry,
|
{skel_sys_acl_create_entry, SMB_VFS_OP_SYS_ACL_CREATE_ENTRY, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_set_tag_type,
|
{skel_sys_acl_set_tag_type, SMB_VFS_OP_SYS_ACL_SET_TAG_TYPE, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_set_qualifier,
|
{skel_sys_acl_set_qualifier, SMB_VFS_OP_SYS_ACL_SET_QUALIFIER, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_set_permset,
|
{skel_sys_acl_set_permset, SMB_VFS_OP_SYS_ACL_SET_PERMSET, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_valid,
|
{skel_sys_acl_valid, SMB_VFS_OP_SYS_ACL_VALID, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_set_file,
|
{skel_sys_acl_set_file, SMB_VFS_OP_SYS_ACL_SET_FILE, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_set_fd,
|
{skel_sys_acl_set_fd, SMB_VFS_OP_SYS_ACL_SET_FD, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_delete_def_file,
|
{skel_sys_acl_delete_def_file, SMB_VFS_OP_SYS_ACL_DELETE_DEF_FILE, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_get_perm,
|
{skel_sys_acl_get_perm, SMB_VFS_OP_SYS_ACL_GET_PERM, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_free_text,
|
{skel_sys_acl_free_text, SMB_VFS_OP_SYS_ACL_FREE_TEXT, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_free_acl,
|
{skel_sys_acl_free_acl, SMB_VFS_OP_SYS_ACL_FREE_ACL, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
skel_sys_acl_free_qualifier
|
{skel_sys_acl_free_qualifier, SMB_VFS_OP_SYS_ACL_FREE_QUALIFIER, SMB_VFS_LAYER_TRANSPARENT},
|
||||||
|
|
||||||
|
{NULL, SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
/* VFS initialisation - return initialized vfs_op_tuple array back to Samba */
|
||||||
|
|
||||||
|
vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops,
|
||||||
|
struct smb_vfs_handle_struct *vfs_handle)
|
||||||
|
{
|
||||||
|
DEBUG(3, ("Initialising default vfs hooks\n"));
|
||||||
|
|
||||||
|
*vfs_version = SMB_VFS_INTERFACE_VERSION;
|
||||||
|
memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops));
|
||||||
|
|
||||||
|
/* Remember vfs_handle for further allocation and referencing of private
|
||||||
|
information in vfs_handle->data
|
||||||
|
*/
|
||||||
|
skel_handle = vfs_handle;
|
||||||
|
return skel_ops;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* VFS finalization function */
|
||||||
|
void vfs_done(connection_struct *conn)
|
||||||
|
{
|
||||||
|
DEBUG(3, ("Finalizing default vfs hooks\n"));
|
||||||
|
}
|
||||||
|
@ -1,5 +1,9 @@
|
|||||||
README for Samba Password Database (PDB) examples
|
README for Samba Password Database (PDB) examples
|
||||||
====================================================
|
====================================================
|
||||||
|
8-8-2002 Jelmer Vernooij <jelmer@samba.org>
|
||||||
|
|
||||||
|
Added mysql and xml modules. See README in xml/ and mysql/ for details.
|
||||||
|
|
||||||
21-6-2002 Stefan (metze) Metzmacher <metze@metzemix.de>
|
21-6-2002 Stefan (metze) Metzmacher <metze@metzemix.de>
|
||||||
|
|
||||||
I have added an interface versioning.
|
I have added an interface versioning.
|
||||||
|
@ -71,7 +71,7 @@ static BOOL testsam_getsampwnam (struct pdb_methods *methods, SAM_ACCOUNT *user,
|
|||||||
Search by sid
|
Search by sid
|
||||||
**************************************************************************/
|
**************************************************************************/
|
||||||
|
|
||||||
static BOOL testsam_getsampwsid (struct pdb_methods *methods, SAM_ACCOUNT *user, DOM_SID sid)
|
static BOOL testsam_getsampwsid (struct pdb_methods *methods, SAM_ACCOUNT *user, const DOM_SID *sid)
|
||||||
{
|
{
|
||||||
DEBUG(10, ("testsam_getsampwsid called\n"));
|
DEBUG(10, ("testsam_getsampwsid called\n"));
|
||||||
return False;
|
return False;
|
||||||
@ -81,7 +81,7 @@ static BOOL testsam_getsampwsid (struct pdb_methods *methods, SAM_ACCOUNT *user,
|
|||||||
Delete a SAM_ACCOUNT
|
Delete a SAM_ACCOUNT
|
||||||
****************************************************************************/
|
****************************************************************************/
|
||||||
|
|
||||||
static BOOL testsam_delete_sam_account(struct pdb_methods *methods, const SAM_ACCOUNT *sam_pass)
|
static BOOL testsam_delete_sam_account(struct pdb_methods *methods, SAM_ACCOUNT *sam_pass)
|
||||||
{
|
{
|
||||||
DEBUG(10, ("testsam_delete_sam_account called\n"));
|
DEBUG(10, ("testsam_delete_sam_account called\n"));
|
||||||
return False;
|
return False;
|
||||||
@ -91,7 +91,7 @@ static BOOL testsam_delete_sam_account(struct pdb_methods *methods, const SAM_AC
|
|||||||
Modifies an existing SAM_ACCOUNT
|
Modifies an existing SAM_ACCOUNT
|
||||||
****************************************************************************/
|
****************************************************************************/
|
||||||
|
|
||||||
static BOOL testsam_update_sam_account (struct pdb_methods *methods, const SAM_ACCOUNT *newpwd)
|
static BOOL testsam_update_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
|
||||||
{
|
{
|
||||||
DEBUG(10, ("testsam_update_sam_account called\n"));
|
DEBUG(10, ("testsam_update_sam_account called\n"));
|
||||||
return False;
|
return False;
|
||||||
@ -101,7 +101,7 @@ static BOOL testsam_update_sam_account (struct pdb_methods *methods, const SAM_A
|
|||||||
Adds an existing SAM_ACCOUNT
|
Adds an existing SAM_ACCOUNT
|
||||||
****************************************************************************/
|
****************************************************************************/
|
||||||
|
|
||||||
static BOOL testsam_add_sam_account (struct pdb_methods *methods, const SAM_ACCOUNT *newpwd)
|
static BOOL testsam_add_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
|
||||||
{
|
{
|
||||||
DEBUG(10, ("testsam_add_sam_account called\n"));
|
DEBUG(10, ("testsam_add_sam_account called\n"));
|
||||||
return False;
|
return False;
|
||||||
|
@ -254,15 +254,15 @@ CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="-s" ./configure \
|
|||||||
make all nsswitch/libnss_wins.so nsswitch/libnss_winbind.so torture nsswitch/pam_winbind.so everything
|
make all nsswitch/libnss_wins.so nsswitch/libnss_winbind.so torture nsswitch/pam_winbind.so everything
|
||||||
(cd tdb; make tdbdump tdbtest tdbtorture tdbtool)
|
(cd tdb; make tdbdump tdbtest tdbtorture tdbtool)
|
||||||
|
|
||||||
cd ../examples/VFS
|
#cd ../examples/VFS
|
||||||
CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="-s" ./configure \
|
#CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="-s" ./configure \
|
||||||
--prefix='$(DESTDIR)/usr' \
|
# --prefix='$(DESTDIR)/usr' \
|
||||||
--localstatedir='$(DESTDIR)/var' \
|
# --localstatedir='$(DESTDIR)/var' \
|
||||||
--libdir='$(DESTDIR)%{EtcSamba}' \
|
# --libdir='$(DESTDIR)%{EtcSamba}' \
|
||||||
--sbindir='$(DESTDIR)/usr/sbin'
|
# --sbindir='$(DESTDIR)/usr/sbin'
|
||||||
make
|
#make
|
||||||
cd block
|
#cd block
|
||||||
make
|
#make
|
||||||
|
|
||||||
%Install
|
%Install
|
||||||
%{mkDESTDIR}
|
%{mkDESTDIR}
|
||||||
@ -305,10 +305,10 @@ do
|
|||||||
install -m 755 source/tdb/$i $DESTDIR/usr/sbin
|
install -m 755 source/tdb/$i $DESTDIR/usr/sbin
|
||||||
done
|
done
|
||||||
# Add VFS Modules
|
# Add VFS Modules
|
||||||
for i in audit.so recycle.so block/block.so
|
#for i in audit.so recycle.so block/block.so
|
||||||
do
|
#do
|
||||||
install -m755 $i $DESTDIR/lib/samba
|
# install -m755 $i $DESTDIR/lib/samba
|
||||||
done
|
#done
|
||||||
|
|
||||||
#mv $DESTDIR/usr/bin/{make,add,conv}* $DESTDIR/usr/sbin
|
#mv $DESTDIR/usr/bin/{make,add,conv}* $DESTDIR/usr/sbin
|
||||||
|
|
||||||
|
@ -25,7 +25,11 @@ documents are:
|
|||||||
http://www.fsf.org/prep/standards_toc.html
|
http://www.fsf.org/prep/standards_toc.html
|
||||||
|
|
||||||
but note that coding style in Samba varies due to the many different
|
but note that coding style in Samba varies due to the many different
|
||||||
programmers who have contributed.
|
programmers who have contributed.
|
||||||
|
|
||||||
|
The indent utility can be used to format C files in the general
|
||||||
|
samba coding style. The arguments you should give to indent are:
|
||||||
|
-bad -bap -br -ce -cdw -nbc -brs -bbb -nbc -npsl
|
||||||
|
|
||||||
Following are some considerations you should use when adding new code to
|
Following are some considerations you should use when adding new code to
|
||||||
Samba. First and foremost remember that:
|
Samba. First and foremost remember that:
|
||||||
@ -137,12 +141,20 @@ Here are some other suggestions:
|
|||||||
to and maintain your code. If it would be hard for someone else to
|
to and maintain your code. If it would be hard for someone else to
|
||||||
maintain then do it another way.
|
maintain then do it another way.
|
||||||
|
|
||||||
|
26) Always keep the declaration of a function on one line. The autoprototyper
|
||||||
|
doesn't catch declarations spread over multiple lines.
|
||||||
|
Use:
|
||||||
|
static char foo(int bar)
|
||||||
|
and not:
|
||||||
|
static char
|
||||||
|
foo(int bar)
|
||||||
|
|
||||||
The suggestions above are simply that, suggestions, but the information may
|
The suggestions above are simply that, suggestions, but the information may
|
||||||
help in reducing the routine rework done on new code. The preceeding list
|
help in reducing the routine rework done on new code. The preceeding list
|
||||||
is expected to change routinely as new support routines and macros are
|
is expected to change routinely as new support routines and macros are
|
||||||
added.
|
added.
|
||||||
|
|
||||||
Written by Steve French, with contributions from Simo Sorce, Andrew
|
Written by Steve French, with contributions from Simo Sorce, Andrew
|
||||||
Bartlett, Tim Potter and Martin Pool.
|
Bartlett, Tim Potter, Martin Pool and Jelmer Vernooij.
|
||||||
|
|
||||||
**/
|
**/
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
##########################################################################
|
#########################################################################
|
||||||
# Makefile.in for Samba - rewritten for autoconf support
|
# Makefile.in for Samba - rewritten for autoconf support
|
||||||
# Copyright Andrew Tridgell 1992-1998
|
# Copyright Andrew Tridgell 1992-1998
|
||||||
# Copyright (C) 2001 by Martin Pool <mbp@samba.org>
|
# Copyright (C) 2001 by Martin Pool <mbp@samba.org>
|
||||||
@ -52,7 +52,7 @@ INSTALLPERMS = 0755
|
|||||||
# set these to where to find various files
|
# set these to where to find various files
|
||||||
# These can be overridden by command line switches (see smbd(8))
|
# These can be overridden by command line switches (see smbd(8))
|
||||||
# or in smb.conf (see smb.conf(5))
|
# or in smb.conf (see smb.conf(5))
|
||||||
LOGFILEBASE = $(VARDIR)
|
LOGFILEBASE = @logfilebase@
|
||||||
CONFIGFILE = $(LIBDIR)/smb.conf
|
CONFIGFILE = $(LIBDIR)/smb.conf
|
||||||
LMHOSTSFILE = $(LIBDIR)/lmhosts
|
LMHOSTSFILE = $(LIBDIR)/lmhosts
|
||||||
DRIVERFILE = $(LIBDIR)/printers.def
|
DRIVERFILE = $(LIBDIR)/printers.def
|
||||||
@ -110,7 +110,7 @@ TORTURE_PROGS = bin/smbtorture bin/msgtest bin/masktest bin/locktest \
|
|||||||
SHLIBS = @LIBSMBCLIENT@
|
SHLIBS = @LIBSMBCLIENT@
|
||||||
|
|
||||||
SCRIPTS = $(srcdir)/script/smbtar $(srcdir)/script/addtosmbpass $(srcdir)/script/convert_smbpasswd \
|
SCRIPTS = $(srcdir)/script/smbtar $(srcdir)/script/addtosmbpass $(srcdir)/script/convert_smbpasswd \
|
||||||
$(srcdir)/script/findsmb
|
$(builddir)/script/findsmb
|
||||||
|
|
||||||
QUOTAOBJS=@QUOTAOBJS@
|
QUOTAOBJS=@QUOTAOBJS@
|
||||||
|
|
||||||
@ -129,7 +129,7 @@ LIB_OBJ = lib/charcnv.o lib/debug.o lib/fault.o \
|
|||||||
lib/util_getent.o lib/util_pw.o lib/access.o lib/smbrun.o \
|
lib/util_getent.o lib/util_pw.o lib/access.o lib/smbrun.o \
|
||||||
lib/bitmap.o lib/crc32.o lib/snprintf.o lib/dprintf.o \
|
lib/bitmap.o lib/crc32.o lib/snprintf.o lib/dprintf.o \
|
||||||
lib/xfile.o lib/wins_srv.o \
|
lib/xfile.o lib/wins_srv.o \
|
||||||
lib/util_str.o lib/util_sid.o \
|
lib/util_str.o lib/util_sid.o lib/util_uuid.o \
|
||||||
lib/util_unistr.o lib/util_file.o lib/data_blob.o \
|
lib/util_unistr.o lib/util_file.o lib/data_blob.o \
|
||||||
lib/util.o lib/util_sock.o lib/util_sec.o \
|
lib/util.o lib/util_sock.o lib/util_sec.o \
|
||||||
lib/talloc.o lib/hash.o lib/substitute.o lib/fsusage.o \
|
lib/talloc.o lib/hash.o lib/substitute.o lib/fsusage.o \
|
||||||
@ -138,7 +138,9 @@ LIB_OBJ = lib/charcnv.o lib/debug.o lib/fault.o \
|
|||||||
lib/md5.o lib/hmacmd5.o lib/iconv.o lib/smbpasswd.o \
|
lib/md5.o lib/hmacmd5.o lib/iconv.o lib/smbpasswd.o \
|
||||||
nsswitch/wb_client.o nsswitch/wb_common.o \
|
nsswitch/wb_client.o nsswitch/wb_common.o \
|
||||||
lib/pam_errors.o intl/lang_tdb.o lib/account_pol.o \
|
lib/pam_errors.o intl/lang_tdb.o lib/account_pol.o \
|
||||||
$(TDB_OBJ)
|
lib/adt_tree.o lib/popt_common.o $(TDB_OBJ)
|
||||||
|
|
||||||
|
LIB_SMBD_OBJ = lib/system_smbd.o lib/util_smbd.o
|
||||||
|
|
||||||
READLINE_OBJ = lib/readline.o
|
READLINE_OBJ = lib/readline.o
|
||||||
|
|
||||||
@ -166,17 +168,21 @@ LIBSMB_OBJ = libsmb/clientgen.o libsmb/cliconnect.o libsmb/clifile.o \
|
|||||||
libsmb/smberr.o libsmb/credentials.o libsmb/pwd_cache.o \
|
libsmb/smberr.o libsmb/credentials.o libsmb/pwd_cache.o \
|
||||||
libsmb/clioplock.o libsmb/errormap.o libsmb/clirap2.o \
|
libsmb/clioplock.o libsmb/errormap.o libsmb/clirap2.o \
|
||||||
libsmb/passchange.o libsmb/unexpected.o libsmb/doserr.o \
|
libsmb/passchange.o libsmb/unexpected.o libsmb/doserr.o \
|
||||||
$(RPC_PARSE_OBJ1)
|
libsmb/namecache.o $(RPC_PARSE_OBJ1)
|
||||||
|
|
||||||
LIBMSRPC_OBJ = libsmb/cli_lsarpc.o libsmb/cli_samr.o \
|
LIBMSRPC_OBJ = rpc_client/cli_lsarpc.o rpc_client/cli_samr.o \
|
||||||
libsmb/cli_netlogon.o libsmb/cli_srvsvc.o libsmb/cli_wkssvc.o \
|
rpc_client/cli_netlogon.o rpc_client/cli_srvsvc.o \
|
||||||
libsmb/cli_dfs.o libsmb/cli_reg.o \
|
rpc_client/cli_wkssvc.o rpc_client/cli_dfs.o \
|
||||||
rpc_client/cli_pipe.o libsmb/cli_spoolss.o libsmb/cli_spoolss_notify.o
|
rpc_client/cli_reg.o rpc_client/cli_pipe.o \
|
||||||
|
rpc_client/cli_spoolss.o rpc_client/cli_spoolss_notify.o
|
||||||
|
|
||||||
LIBMSRPC_SERVER_OBJ = libsmb/trust_passwd.o
|
LIBMSRPC_SERVER_OBJ = libsmb/trust_passwd.o
|
||||||
|
|
||||||
LIBMSRPC_PICOBJ = $(LIBMSRPC_OBJ:.o=.po)
|
LIBMSRPC_PICOBJ = $(LIBMSRPC_OBJ:.o=.po)
|
||||||
|
|
||||||
|
REGISTRY_OBJ = registry/reg_frontend.o registry/reg_cachehook.o registry/reg_printing.o \
|
||||||
|
registry/reg_db.o
|
||||||
|
|
||||||
RPC_SERVER_OBJ = rpc_server/srv_lsa.o rpc_server/srv_lsa_nt.o \
|
RPC_SERVER_OBJ = rpc_server/srv_lsa.o rpc_server/srv_lsa_nt.o \
|
||||||
rpc_server/srv_lsa_hnd.o rpc_server/srv_netlog.o rpc_server/srv_netlog_nt.o \
|
rpc_server/srv_lsa_hnd.o rpc_server/srv_netlog.o rpc_server/srv_netlog_nt.o \
|
||||||
rpc_server/srv_pipe_hnd.o rpc_server/srv_reg.o rpc_server/srv_reg_nt.o \
|
rpc_server/srv_pipe_hnd.o rpc_server/srv_reg.o rpc_server/srv_reg_nt.o \
|
||||||
@ -184,7 +190,7 @@ RPC_SERVER_OBJ = rpc_server/srv_lsa.o rpc_server/srv_lsa_nt.o \
|
|||||||
rpc_server/srv_srvsvc.o rpc_server/srv_srvsvc_nt.o \
|
rpc_server/srv_srvsvc.o rpc_server/srv_srvsvc_nt.o \
|
||||||
rpc_server/srv_util.o rpc_server/srv_wkssvc.o rpc_server/srv_wkssvc_nt.o \
|
rpc_server/srv_util.o rpc_server/srv_wkssvc.o rpc_server/srv_wkssvc_nt.o \
|
||||||
rpc_server/srv_pipe.o rpc_server/srv_dfs.o rpc_server/srv_dfs_nt.o \
|
rpc_server/srv_pipe.o rpc_server/srv_dfs.o rpc_server/srv_dfs_nt.o \
|
||||||
rpc_server/srv_spoolss.o rpc_server/srv_spoolss_nt.o
|
rpc_server/srv_spoolss.o rpc_server/srv_spoolss_nt.o $(REGISTRY_OBJ)
|
||||||
|
|
||||||
# this includes only the low level parse code, not stuff
|
# this includes only the low level parse code, not stuff
|
||||||
# that requires knowledge of security contexts
|
# that requires knowledge of security contexts
|
||||||
@ -261,7 +267,8 @@ SMBD_OBJ = $(SMBD_OBJ1) $(MSDFS_OBJ) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \
|
|||||||
$(LIB_OBJ) $(PRINTBACKEND_OBJ) $(QUOTAOBJS) $(OPLOCK_OBJ) \
|
$(LIB_OBJ) $(PRINTBACKEND_OBJ) $(QUOTAOBJS) $(OPLOCK_OBJ) \
|
||||||
$(NOTIFY_OBJ) $(GROUPDB_OBJ) $(AUTH_OBJ) \
|
$(NOTIFY_OBJ) $(GROUPDB_OBJ) $(AUTH_OBJ) \
|
||||||
$(LIBMSRPC_OBJ) $(LIBMSRPC_SERVER_OBJ) \
|
$(LIBMSRPC_OBJ) $(LIBMSRPC_SERVER_OBJ) \
|
||||||
$(LIBADS_OBJ) $(LIBADS_SERVER_OBJ)
|
$(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) \
|
||||||
|
$(LIB_SMBD_OBJ)
|
||||||
|
|
||||||
|
|
||||||
NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \
|
NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \
|
||||||
@ -278,7 +285,7 @@ NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \
|
|||||||
nmbd/nmbd_workgroupdb.o nmbd/nmbd_synclists.o
|
nmbd/nmbd_workgroupdb.o nmbd/nmbd_synclists.o
|
||||||
|
|
||||||
NMBD_OBJ = $(NMBD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \
|
NMBD_OBJ = $(NMBD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \
|
||||||
$(PROFILE_OBJ) $(LIB_OBJ)
|
$(PROFILE_OBJ) $(LIB_OBJ) $(SECRETS_OBJ)
|
||||||
|
|
||||||
WREPL_OBJ1 = wrepld/server.o wrepld/process.o wrepld/parser.o wrepld/socket.o \
|
WREPL_OBJ1 = wrepld/server.o wrepld/process.o wrepld/parser.o wrepld/socket.o \
|
||||||
wrepld/partners.o
|
wrepld/partners.o
|
||||||
@ -438,7 +445,8 @@ PROTO_OBJ = $(SMBD_OBJ1) $(NMBD_OBJ1) $(SWAT_OBJ1) $(LIB_OBJ) $(LIBSMB_OBJ) \
|
|||||||
$(AUTH_OBJ) $(PARAM_OBJ) $(LOCKING_OBJ) $(SECRETS_OBJ) \
|
$(AUTH_OBJ) $(PARAM_OBJ) $(LOCKING_OBJ) $(SECRETS_OBJ) \
|
||||||
$(PRINTING_OBJ) $(PRINTBACKEND_OBJ) $(OPLOCK_OBJ) $(NOTIFY_OBJ) \
|
$(PRINTING_OBJ) $(PRINTBACKEND_OBJ) $(OPLOCK_OBJ) $(NOTIFY_OBJ) \
|
||||||
$(QUOTAOBJS) $(PASSDB_OBJ) $(GROUPDB_OBJ) $(MSDFS_OBJ) \
|
$(QUOTAOBJS) $(PASSDB_OBJ) $(GROUPDB_OBJ) $(MSDFS_OBJ) \
|
||||||
$(READLINE_OBJ) $(PROFILE_OBJ) $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ)
|
$(READLINE_OBJ) $(PROFILE_OBJ) $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) \
|
||||||
|
$(LIB_SMBD_OBJ)
|
||||||
|
|
||||||
NSS_OBJ_0 = nsswitch/wins.o $(PARAM_OBJ) $(UBIQX_OBJ) $(LIBSMB_OBJ) \
|
NSS_OBJ_0 = nsswitch/wins.o $(PARAM_OBJ) $(UBIQX_OBJ) $(LIBSMB_OBJ) \
|
||||||
$(LIB_OBJ) $(NSSWINS_OBJ)
|
$(LIB_OBJ) $(NSSWINS_OBJ)
|
||||||
@ -451,16 +459,9 @@ LIBSMBCLIENT_PICOBJS = $(LIBSMBCLIENT_OBJ:.o=.po)
|
|||||||
|
|
||||||
PAM_SMBPASS_OBJ_0 = pam_smbpass/pam_smb_auth.o pam_smbpass/pam_smb_passwd.o \
|
PAM_SMBPASS_OBJ_0 = pam_smbpass/pam_smb_auth.o pam_smbpass/pam_smb_passwd.o \
|
||||||
pam_smbpass/pam_smb_acct.o pam_smbpass/support.o \
|
pam_smbpass/pam_smb_acct.o pam_smbpass/support.o \
|
||||||
lib/debug.o lib/util_sid.o lib/messages.o lib/util_str.o \
|
libsmb/smbencrypt.o libsmb/smbdes.o libsmb/nterr.o \
|
||||||
lib/wins_srv.o lib/substitute.o lib/select.o lib/util.o \
|
$(PARAM_OBJ) $(LIB_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \
|
||||||
nsswitch/wb_client.o nsswitch/wb_common.o \
|
$(SECRETS_OBJ) $(UBIQX_OBJ)
|
||||||
lib/system.o lib/util_file.o \
|
|
||||||
lib/genrand.o lib/username.o lib/util_getent.o lib/charcnv.o lib/time.o \
|
|
||||||
lib/md4.o lib/util_unistr.o lib/signal.o lib/talloc.o \
|
|
||||||
lib/ms_fnmatch.o lib/util_sock.o lib/smbrun.o \
|
|
||||||
lib/util_sec.o lib/snprintf.o \
|
|
||||||
ubiqx/ubi_sLinkList.o libsmb/smbencrypt.o libsmb/smbdes.o \
|
|
||||||
$(PARAM_OBJ) $(TDB_OBJ) $(PASSDB_OBJ)
|
|
||||||
|
|
||||||
PAM_SMBPASS_PICOOBJ = $(PAM_SMBPASS_OBJ_0:.o=.po)
|
PAM_SMBPASS_PICOOBJ = $(PAM_SMBPASS_OBJ_0:.o=.po)
|
||||||
|
|
||||||
|
@ -218,3 +218,6 @@
|
|||||||
#ifndef _GNU_SOURCE
|
#ifndef _GNU_SOURCE
|
||||||
#undef _GNU_SOURCE
|
#undef _GNU_SOURCE
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#undef LDAP_SET_REBIND_PROC_ARGS
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user