sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-23 09:57:40 +03:00
Code

This commit was manufactured by cvs2svn to create branch 'SAMBA_3_0'.

Browse Source
This commit is contained in:
cvs2svn Import User -
commit 2662e351f2
25 changed files with 9605 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

200
docs/docbook/projdoc/VFS.sgml Normal file
View File

@ -0,0 +1,200 @@
<chapter id="VFS">
<chapterinfo>
<author><firstname>Jelmer</firstname><surname>Vernooij</surname></author>
<author><firstname>Alexander</firstname><surname>Bokovoy</surname></author>
<author><firstname>Tim</firstname><surname>Potter</surname></author>
<author><firstname>Simo</firstname><surname>Sorce</surname></author>
</chapterinfo>
<title>Stackable VFS modules</title>
<sect1>
<title>Introduction and configuration</title>
<para>
Since samba 3.0, samba supports stackable VFS(Virtual File System) modules.
Samba passes each request to access the unix file system thru the loaded VFS modules.
This chapter covers all the modules that come with the samba source and references to
some external modules.
</para>
<para>
You may have problems to compile these modules, as shared libraries are
compiled and linked in different ways on different systems.
They currently have been tested against GNU/linux and IRIX.
</para>
<para>
To use the VFS modules, create a share similar to the one below. The
important parameter is the <command>vfs object</command> parameter which must point to
the exact pathname of the shared library objects. For example, to log all access
to files and use a recycle bin:
<programlisting>
[audit]
comment = Audited /data directory
path = /data
vfs object = /path/to/audit.so /path/to/recycle.so
writeable = yes
browseable = yes
</programlisting>
</para>
<para>
The modules are used in the order they are specified.
</para>
<para>
Further documentation on writing VFS modules for Samba can be found in
the Samba Developers Guide.
</para>
</sect1>
<sect1>
<title>Included modules</title>
<sect2>
<title>audit</title>
<para>A simple module to audit file access to the syslog
facility. The following operations are logged:
<simplelist>
<member>share</member>
<member>connect/disconnect</member>
<member>directory opens/create/remove</member>
<member>file open/close/rename/unlink/chmod</member>
</simplelist>
</para>
</sect2>
<sect2>
<title>recycle</title>
<para>
A recycle-bin like modules. When used any unlink call
will be intercepted and files moved to the recycle
directory instead of beeing deleted.
</para>
<para>Supported options:
<variablelist>
<varlistentry>
<term>vfs_recycle_bin:repository</term>
<listitem><para>FIXME</para></listitem>
</varlistentry>
<varlistentry>
<term>vfs_recycle_bin:keeptree</term>
<listitem><para>FIXME</para></listitem>
</varlistentry>
<varlistentry>
<term>vfs_recycle_bin:versions</term>
<listitem><para>FIXME</para></listitem>
</varlistentry>
<varlistentry>
<term>vfs_recycle_bin:touch</term>
<listitem><para>FIXME</para></listitem>
</varlistentry>
<varlistentry>
<term>vfs_recycle_bin:maxsize</term>
<listitem><para>FIXME</para></listitem>
</varlistentry>
<varlistentry>
<term>vfs_recycle_bin:exclude</term>
<listitem><para>FIXME</para></listitem>
</varlistentry>
<varlistentry>
<term>vfs_recycle_bin:exclude_dir</term>
<listitem><para>FIXME</para></listitem>
</varlistentry>
<varlistentry>
<term>vfs_recycle_bin:noversions</term>
<listitem><para>FIXME</para></listitem>
</varlistentry>
</variablelist>
</para>
</sect2>
<sect2>
<title>netatalk</title>
<para>
A netatalk module, that will ease co-existence of samba and
netatalk file sharing services.
</para>
<para>Advantages compared to the old netatalk module:
<simplelist>
<member>it doesn't care about creating of .AppleDouble forks, just keeps ones in sync</member>
<member>if share in smb.conf doesn't contain .AppleDouble item in hide or veto list, it will be added automatically</member>
</simplelist>
</para>
</sect2>
</sect1>
<sect1>
<title>VFS modules available elsewhere</title>
<para>
This section contains a listing of various other VFS modules that
have been posted but don't currently reside in the Samba CVS
tree for one reason ot another (e.g. it is easy for the maintainer
to have his or her own CVS tree).
</para>
<para>
No statemets about the stability or functionality any module
should be implied due to its presence here.
</para>
<sect2>
<title>DatabaseFS</title>
<para>
URL: <ulink url="http://www.css.tayloru.edu/~elorimer/databasefs/index.php">http://www.css.tayloru.edu/~elorimer/databasefs/index.php</ulink>
</para>
<para>By <ulink url="mailto:elorimer@css.tayloru.edu">Eric Lorimer</ulink>.</para>
<para>
I have created a VFS module which implements a fairly complete read-only
filesystem. It presents information from a database as a filesystem in
a modular and generic way to allow different databases to be used
(originally designed for organizing MP3s under directories such as
"Artists," "Song Keywords," etc... I have since applied it to a student
roster database very easily). The directory structure is stored in the
database itself and the module makes no assumptions about the database
structure beyond the table it requires to run.
</para>
<para>
Any feedback would be appreciated: comments, suggestions, patches,
etc... If nothing else, hopefully it might prove useful for someone
else who wishes to create a virtual filesystem.
</para>
</sect2>
<sect2>
<title>vscan</title>
<para>URL: <ulink url="http://www.openantivirus.org/">http://www.openantivirus.org/</ulink></para>
<para>
samba-vscan is a proof-of-concept module for Samba, which
uses the VFS (virtual file system) features of Samba 2.2.x/3.0
alphaX. Of couse, Samba has to be compiled with VFS support.
samba-vscan supports various virus scanners and is maintained
by Rainer Link.
</para>
</sect2>
</sect1>
</chapter>

138
docs/docbook/projdoc/pdb_mysql.sgml Normal file
View File

@ -0,0 +1,138 @@
<chapter id="pdb-mysql">
<chapterinfo>
<author>
<firstname>Jelmer</firstname><surname>Vernooij</surname>
<affiliation>
<orgname>The Samba Team</orgname>
<address><email>jelmer@samba.org</email></address>
</affiliation>
</author>
<pubdate>November 2002</pubdate>
</chapterinfo>
<title>Passdb MySQL plugin</title>
<sect1>
<title>Building</title>
<para>To build the plugin, run <command>make bin/pdb_mysql.so</command>
in the <filename>source/</filename> directory of samba distribution.
</para>
<para>Next, copy pdb_mysql.so to any location you want. I
strongly recommend installing it in $PREFIX/lib or /usr/lib/samba/</para>
</sect1>
<sect1>
<title>Configuring</title>
<para>This plugin lacks some good documentation, but here is some short info:</para>
<para>Add a the following to the <command>passdb backend</command> variable in your <filename>smb.conf</filename>:
<programlisting>
passdb backend = [other-plugins] plugin:/location/to/pdb_mysql.so:identifier [other-plugins]
</programlisting>
</para>
<para>The identifier can be any string you like, as long as it doesn't collide with
the identifiers of other plugins or other instances of pdb_mysql. If you
specify multiple pdb_mysql.so entries in 'passdb backend', you also need to
use different identifiers!
</para>
<para>
Additional options can be given thru the smb.conf file in the [global] section.
</para>
<para><programlisting>
identifier:mysql host - host name, defaults to 'localhost'
identifier:mysql password
identifier:mysql user - defaults to 'samba'
identifier:mysql database - defaults to 'samba'
identifier:mysql port - defaults to 3306
identifier:table - Name of the table containing users
</programlisting></para>
<para>Names of the columns in this table(I've added column types those columns should have first):</para>
<para><programlisting>
identifier:logon time column - int(9)
identifier:logoff time column - int(9)
identifier:kickoff time column - int(9)
identifier:pass last set time column - int(9)
identifier:pass can change time column - int(9)
identifier:pass must change time column - int(9)
identifier:username column - varchar(255) - unix username
identifier:domain column - varchar(255) - NT domain user is part of
identifier:nt username column - varchar(255) - NT username
identifier:fullname column - varchar(255) - Full name of user
identifier:home dir column - varchar(255) - Unix homedir path
identifier:dir drive column - varchar(2) - Directory drive path (eg: 'H:')
identifier:logon script column - varchar(255) - Batch file to run on client side when logging on
identifier:profile path column - varchar(255) - Path of profile
identifier:acct desc column - varchar(255) - Some ASCII NT user data
identifier:workstations column - varchar(255) - Workstations user can logon to (or NULL for all)
identifier:unknown string column - varchar(255) - unknown string
identifier:munged dial column - varchar(255) - ?
identifier:uid column - int(9) - Unix user ID (uid)
identifier:gid column - int(9) - Unix user group (gid)
identifier:user sid column - varchar(255) - NT user SID
identifier:group sid column - varchar(255) - NT group ID
identifier:lanman pass column - varchar(255) - encrypted lanman password
identifier:nt pass column - varchar(255) - encrypted nt passwd
identifier:plain pass column - varchar(255) - plaintext password
identifier:acct control column - int(9) - nt user data
identifier:unknown 3 column - int(9) - unknown
identifier:logon divs column - int(9) - ?
identifier:hours len column - int(9) - ?
identifier:unknown 5 column - int(9) - unknown
identifier:unknown 6 column - int(9) - unknown
</programlisting></para>
<para>
Eventually, you can put a colon (:) after the name of each column, which
should specify the column to update when updating the table. You can also
specify nothing behind the colon - then the data from the field will not be
updated.
</para>
</sect1>
<sect1>
<title>Using plaintext passwords or encrypted password</title>
<para>
I strongly discourage the use of plaintext passwords, however, you can use them:
</para>
<para>
If you would like to use plaintext passwords, set 'identifier:lanman pass column' and 'identifier:nt pass column' to 'NULL' (without the quotes) and 'identifier:plain pass column' to the name of the column containing the plaintext passwords.
</para>
<para>
If you use encrypted passwords, set the 'identifier:plain pass column' to 'NULL' (without the quotes). This is the default.
</para>
</sect1>
<sect1>
<title>Getting non-column data from the table</title>
<para>
It is possible to have not all data in the database and making some 'constant'.
</para>
<para>
For example, you can set 'identifier:fullname column' to :
<command>CONCAT(First_name,' ',Sur_name)</command>
</para>
<para>
Or, set 'identifier:workstations column' to :
<command>NULL</command></para>
<para>See the MySQL documentation for more language constructs.</para>
</sect1>
</chapter>

423
docs/htmldocs/ads.html Normal file
View File

@ -0,0 +1,423 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Samba as a ADS domain member</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="UP"
TITLE="Type of installation"
HREF="type.html"><LINK
REL="PREVIOUS"
TITLE="How to Act as a Backup Domain Controller in a Purely Samba Controlled Domain"
HREF="samba-bdc.html"><LINK
REL="NEXT"
TITLE="Samba as a NT4 domain member"
HREF="domain-security.html"></HEAD
><BODY
CLASS="CHAPTER"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="samba-bdc.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="domain-security.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="CHAPTER"
><H1
><A
NAME="ADS"
></A
>Chapter 9. Samba as a ADS domain member</H1
><P
>This is a VERY ROUGH guide to setting up the current (November 2001)
pre-alpha version of Samba 3.0 with kerberos authentication against a
Windows2000 KDC. The procedures listed here are likely to change as
the code develops.</P
><P
>Pieces you need before you begin:
<P
></P
><TABLE
BORDER="0"
><TBODY
><TR
><TD
>a Windows 2000 server.</TD
></TR
><TR
><TD
>samba 3.0 or higher.</TD
></TR
><TR
><TD
>the MIT kerberos development libraries (either install from the above sources or use a package). The heimdal libraries will not work.</TD
></TR
><TR
><TD
>the OpenLDAP development libraries.</TD
></TR
></TBODY
></TABLE
><P
></P
></P
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN1203"
></A
>9.1. Installing the required packages for Debian</H1
><P
>On Debian you need to install the following packages:
<P
></P
><TABLE
BORDER="0"
><TBODY
><TR
><TD
>libkrb5-dev</TD
></TR
><TR
><TD
>krb5-user</TD
></TR
></TBODY
></TABLE
><P
></P
></P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN1209"
></A
>9.2. Installing the required packages for RedHat</H1
><P
>On RedHat this means you should have at least:
<P
></P
><TABLE
BORDER="0"
><TBODY
><TR
><TD
>krb5-workstation (for kinit)</TD
></TR
><TR
><TD
>krb5-libs (for linking with)</TD
></TR
><TR
><TD
>krb5-devel (because you are compiling from source)</TD
></TR
></TBODY
></TABLE
><P
></P
></P
><P
>in addition to the standard development environment.</P
><P
>Note that these are not standard on a RedHat install, and you may need
to get them off CD2.</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN1218"
></A
>9.3. Compile Samba</H1
><P
>If your kerberos libraries are in a non-standard location then
remember to add the configure option --with-krb5=DIR.</P
><P
>After you run configure make sure that include/config.h contains
lines like this:</P
><P
><PRE
CLASS="PROGRAMLISTING"
>#define HAVE_KRB5 1
#define HAVE_LDAP 1</PRE
></P
><P
>If it doesn't then configure did not find your krb5 libraries or
your ldap libraries. Look in config.log to figure out why and fix
it.</P
><P
>Then compile and install Samba as usual. You must use at least the
following 3 options in smb.conf:</P
><P
><PRE
CLASS="PROGRAMLISTING"
> realm = YOUR.KERBEROS.REALM
ads server = your.kerberos.server
security = ADS
encrypt passwords = yes</PRE
></P
><P
>Strictly speaking, you can omit the realm name and you can use an IP
address for the ads server. In that case Samba will auto-detect these.</P
><P
>You do *not* need a smbpasswd file, although it won't do any harm
and if you have one then Samba will be able to fall back to normal
password security for older clients. I expect that the above
required options will change soon when we get better active
directory integration.</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN1230"
></A
>9.4. Setup your /etc/krb5.conf</H1
><P
>The minimal configuration for krb5.conf is:</P
><P
><PRE
CLASS="PROGRAMLISTING"
> [realms]
YOUR.KERBEROS.REALM = {
kdc = your.kerberos.server
}</PRE
></P
><P
>Test your config by doing a "kinit USERNAME@REALM" and making sure that
your password is accepted by the Win2000 KDC. </P
><P
>NOTE: The realm must be uppercase. </P
><P
>You also must ensure that you can do a reverse DNS lookup on the IP
address of your KDC. Also, the name that this reverse lookup maps to
must either be the netbios name of the KDC (ie. the hostname with no
domain attached) or it can alternatively be the netbios name
followed by the realm. </P
><P
>The easiest way to ensure you get this right is to add a /etc/hosts
entry mapping the IP address of your KDC to its netbios name. If you
don't get this right then you will get a "local error" when you try
to join the realm.</P
><P
>If all you want is kerberos support in smbclient then you can skip
straight to step 5 now. Step 3 is only needed if you want kerberos
support in smbd.</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN1240"
></A
>9.5. Create the computer account</H1
><P
>Do a "kinit" as a user that has authority to change arbitrary
passwords on the KDC ("Administrator" is a good choice). Then as a
user that has write permission on the Samba private directory
(usually root) run:
<B
CLASS="COMMAND"
>net ads join</B
></P
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN1244"
></A
>9.5.1. Possible errors</H2
><P
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>"bash: kinit: command not found"</DT
><DD
><P
>kinit is in the krb5-workstation RPM on RedHat systems, and is in /usr/kerberos/bin, so it won't be in the path until you log in again (or open a new terminal)</P
></DD
><DT
>"ADS support not compiled in"</DT
><DD
><P
>Samba must be reconfigured (remove config.cache) and recompiled (make clean all install) after the kerberos libs and headers are installed.</P
></DD
></DL
></DIV
></P
></DIV
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN1256"
></A
>9.6. Test your server setup</H1
><P
>On a Windows 2000 client try <B
CLASS="COMMAND"
>net use * \\server\share</B
>. You should
be logged in with kerberos without needing to know a password. If
this fails then run <B
CLASS="COMMAND"
>klist tickets</B
>. Did you get a ticket for the
server? Does it have an encoding type of DES-CBC-MD5 ? </P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN1261"
></A
>9.7. Testing with smbclient</H1
><P
>On your Samba server try to login to a Win2000 server or your Samba
server using smbclient and kerberos. Use smbclient as usual, but
specify the -k option to choose kerberos authentication.</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN1264"
></A
>9.8. Notes</H1
><P
>You must change administrator password at least once after DC install,
to create the right encoding types</P
><P
>w2k doesn't seem to create the _kerberos._udp and _ldap._tcp in
their defaults DNS setup. Maybe fixed in service packs?</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="samba-bdc.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="domain-security.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>How to Act as a Backup Domain Controller in a Purely Samba Controlled Domain</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="type.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Samba as a NT4 domain member</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

391
docs/htmldocs/appendixes.html Normal file
View File

@ -0,0 +1,391 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Appendixes</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="PREVIOUS"
TITLE="Samba performance issues"
HREF="speed.html"><LINK
REL="NEXT"
TITLE="Portability"
HREF="portability.html"></HEAD
><BODY
CLASS="PART"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="speed.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="portability.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="PART"
><A
NAME="APPENDIXES"
></A
><DIV
CLASS="TITLEPAGE"
><H1
CLASS="TITLE"
>IV. Appendixes</H1
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>24. <A
HREF="portability.html"
>Portability</A
></DT
><DD
><DL
><DT
>24.1. <A
HREF="portability.html#AEN3198"
>HPUX</A
></DT
><DT
>24.2. <A
HREF="portability.html#AEN3204"
>SCO Unix</A
></DT
><DT
>24.3. <A
HREF="portability.html#AEN3208"
>DNIX</A
></DT
><DT
>24.4. <A
HREF="portability.html#AEN3237"
>RedHat Linux Rembrandt-II</A
></DT
></DL
></DD
><DT
>25. <A
HREF="other-clients.html"
>Samba and other CIFS clients</A
></DT
><DD
><DL
><DT
>25.1. <A
HREF="other-clients.html#AEN3258"
>Macintosh clients?</A
></DT
><DT
>25.2. <A
HREF="other-clients.html#AEN3267"
>OS2 Client</A
></DT
><DD
><DL
><DT
>25.2.1. <A
HREF="other-clients.html#AEN3269"
>How can I configure OS/2 Warp Connect or
OS/2 Warp 4 as a client for Samba?</A
></DT
><DT
>25.2.2. <A
HREF="other-clients.html#AEN3284"
>How can I configure OS/2 Warp 3 (not Connect),
OS/2 1.2, 1.3 or 2.x for Samba?</A
></DT
><DT
>25.2.3. <A
HREF="other-clients.html#AEN3293"
>Are there any other issues when OS/2 (any version)
is used as a client?</A
></DT
><DT
>25.2.4. <A
HREF="other-clients.html#AEN3297"
>How do I get printer driver download working
for OS/2 clients?</A
></DT
></DL
></DD
><DT
>25.3. <A
HREF="other-clients.html#AEN3307"
>Windows for Workgroups</A
></DT
><DD
><DL
><DT
>25.3.1. <A
HREF="other-clients.html#AEN3309"
>Use latest TCP/IP stack from Microsoft</A
></DT
><DT
>25.3.2. <A
HREF="other-clients.html#AEN3314"
>Delete .pwl files after password change</A
></DT
><DT
>25.3.3. <A
HREF="other-clients.html#AEN3319"
>Configure WfW password handling</A
></DT
><DT
>25.3.4. <A
HREF="other-clients.html#AEN3323"
>Case handling of passwords</A
></DT
></DL
></DD
><DT
>25.4. <A
HREF="other-clients.html#AEN3328"
>Windows '95/'98</A
></DT
><DT
>25.5. <A
HREF="other-clients.html#AEN3344"
>Windows 2000 Service Pack 2</A
></DT
></DL
></DD
><DT
>26. <A
HREF="bugreport.html"
>Reporting Bugs</A
></DT
><DD
><DL
><DT
>26.1. <A
HREF="bugreport.html#AEN3368"
>Introduction</A
></DT
><DT
>26.2. <A
HREF="bugreport.html#AEN3378"
>General info</A
></DT
><DT
>26.3. <A
HREF="bugreport.html#AEN3384"
>Debug levels</A
></DT
><DT
>26.4. <A
HREF="bugreport.html#AEN3401"
>Internal errors</A
></DT
><DT
>26.5. <A
HREF="bugreport.html#AEN3411"
>Attaching to a running process</A
></DT
><DT
>26.6. <A
HREF="bugreport.html#AEN3414"
>Patches</A
></DT
></DL
></DD
><DT
>27. <A
HREF="diagnosis.html"
>Diagnosing your samba server</A
></DT
><DD
><DL
><DT
>27.1. <A
HREF="diagnosis.html#AEN3437"
>Introduction</A
></DT
><DT
>27.2. <A
HREF="diagnosis.html#AEN3442"
>Assumptions</A
></DT
><DT
>27.3. <A
HREF="diagnosis.html#AEN3452"
>Tests</A
></DT
><DD
><DL
><DT
>27.3.1. <A
HREF="diagnosis.html#AEN3454"
>Test 1</A
></DT
><DT
>27.3.2. <A
HREF="diagnosis.html#AEN3460"
>Test 2</A
></DT
><DT
>27.3.3. <A
HREF="diagnosis.html#AEN3466"
>Test 3</A
></DT
><DT
>27.3.4. <A
HREF="diagnosis.html#AEN3481"
>Test 4</A
></DT
><DT
>27.3.5. <A
HREF="diagnosis.html#AEN3486"
>Test 5</A
></DT
><DT
>27.3.6. <A
HREF="diagnosis.html#AEN3492"
>Test 6</A
></DT
><DT
>27.3.7. <A
HREF="diagnosis.html#AEN3500"
>Test 7</A
></DT
><DT
>27.3.8. <A
HREF="diagnosis.html#AEN3526"
>Test 8</A
></DT
><DT
>27.3.9. <A
HREF="diagnosis.html#AEN3543"
>Test 9</A
></DT
><DT
>27.3.10. <A
HREF="diagnosis.html#AEN3551"
>Test 10</A
></DT
><DT
>27.3.11. <A
HREF="diagnosis.html#AEN3557"
>Test 11</A
></DT
></DL
></DD
><DT
>27.4. <A
HREF="diagnosis.html#AEN3562"
>Still having troubles?</A
></DT
></DL
></DD
></DL
></DIV
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="speed.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="portability.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Samba performance issues</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Portability</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

438
docs/htmldocs/introduction.html Normal file
View File

@ -0,0 +1,438 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>General installation</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="PREVIOUS"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="NEXT"
TITLE="How to Install and Test SAMBA"
HREF="install.html"></HEAD
><BODY
CLASS="PART"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="install.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="PART"
><A
NAME="INTRODUCTION"
></A
><DIV
CLASS="TITLEPAGE"
><H1
CLASS="TITLE"
>I. General installation</H1
><DIV
CLASS="PARTINTRO"
><A
NAME="AEN21"
></A
><H1
>Introduction</H1
><P
>This part contains general info on how to install samba
and how to configure the parts of samba you will most likely need.
PLEASE read this.</P
></DIV
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>1. <A
HREF="install.html"
>How to Install and Test SAMBA</A
></DT
><DD
><DL
><DT
>1.1. <A
HREF="install.html#AEN26"
>Read the man pages</A
></DT
><DT
>1.2. <A
HREF="install.html#AEN36"
>Building the Binaries</A
></DT
><DT
>1.3. <A
HREF="install.html#AEN64"
>The all important step</A
></DT
><DT
>1.4. <A
HREF="install.html#AEN68"
>Create the smb configuration file.</A
></DT
><DT
>1.5. <A
HREF="install.html#AEN82"
>Test your config file with
<B
CLASS="COMMAND"
>testparm</B
></A
></DT
><DT
>1.6. <A
HREF="install.html#AEN90"
>Starting the smbd and nmbd</A
></DT
><DD
><DL
><DT
>1.6.1. <A
HREF="install.html#AEN100"
>Starting from inetd.conf</A
></DT
><DT
>1.6.2. <A
HREF="install.html#AEN129"
>Alternative: starting it as a daemon</A
></DT
></DL
></DD
><DT
>1.7. <A
HREF="install.html#AEN145"
>Try listing the shares available on your
server</A
></DT
><DT
>1.8. <A
HREF="install.html#AEN154"
>Try connecting with the unix client</A
></DT
><DT
>1.9. <A
HREF="install.html#AEN170"
>Try connecting from a DOS, WfWg, Win9x, WinNT,
Win2k, OS/2, etc... client</A
></DT
><DT
>1.10. <A
HREF="install.html#AEN184"
>What If Things Don't Work?</A
></DT
><DD
><DL
><DT
>1.10.1. <A
HREF="install.html#AEN189"
>Diagnosing Problems</A
></DT
><DT
>1.10.2. <A
HREF="install.html#AEN193"
>Scope IDs</A
></DT
><DT
>1.10.3. <A
HREF="install.html#AEN196"
>Choosing the Protocol Level</A
></DT
><DT
>1.10.4. <A
HREF="install.html#AEN205"
>Printing from UNIX to a Client PC</A
></DT
><DT
>1.10.5. <A
HREF="install.html#AEN210"
>Locking</A
></DT
><DT
>1.10.6. <A
HREF="install.html#AEN219"
>Mapping Usernames</A
></DT
></DL
></DD
></DL
></DD
><DT
>2. <A
HREF="improved-browsing.html"
>Improved browsing in samba</A
></DT
><DD
><DL
><DT
>2.1. <A
HREF="improved-browsing.html#AEN229"
>Overview of browsing</A
></DT
><DT
>2.2. <A
HREF="improved-browsing.html#AEN233"
>Browsing support in samba</A
></DT
><DT
>2.3. <A
HREF="improved-browsing.html#AEN242"
>Problem resolution</A
></DT
><DT
>2.4. <A
HREF="improved-browsing.html#AEN249"
>Browsing across subnets</A
></DT
><DD
><DL
><DT
>2.4.1. <A
HREF="improved-browsing.html#AEN254"
>How does cross subnet browsing work ?</A
></DT
></DL
></DD
><DT
>2.5. <A
HREF="improved-browsing.html#AEN289"
>Setting up a WINS server</A
></DT
><DT
>2.6. <A
HREF="improved-browsing.html#AEN308"
>Setting up Browsing in a WORKGROUP</A
></DT
><DT
>2.7. <A
HREF="improved-browsing.html#AEN326"
>Setting up Browsing in a DOMAIN</A
></DT
><DT
>2.8. <A
HREF="improved-browsing.html#AEN336"
>Forcing samba to be the master</A
></DT
><DT
>2.9. <A
HREF="improved-browsing.html#AEN345"
>Making samba the domain master</A
></DT
><DT
>2.10. <A
HREF="improved-browsing.html#AEN363"
>Note about broadcast addresses</A
></DT
><DT
>2.11. <A
HREF="improved-browsing.html#AEN366"
>Multiple interfaces</A
></DT
></DL
></DD
><DT
>3. <A
HREF="oplocks.html"
>Oplocks</A
></DT
><DD
><DL
><DT
>3.1. <A
HREF="oplocks.html#AEN378"
>What are oplocks?</A
></DT
></DL
></DD
><DT
>4. <A
HREF="browsing-quick.html"
>Quick Cross Subnet Browsing / Cross Workgroup Browsing guide</A
></DT
><DD
><DL
><DT
>4.1. <A
HREF="browsing-quick.html#AEN393"
>Discussion</A
></DT
><DT
>4.2. <A
HREF="browsing-quick.html#AEN401"
>Use of the "Remote Announce" parameter</A
></DT
><DT
>4.3. <A
HREF="browsing-quick.html#AEN415"
>Use of the "Remote Browse Sync" parameter</A
></DT
><DT
>4.4. <A
HREF="browsing-quick.html#AEN420"
>Use of WINS</A
></DT
><DT
>4.5. <A
HREF="browsing-quick.html#AEN431"
>Do NOT use more than one (1) protocol on MS Windows machines</A
></DT
><DT
>4.6. <A
HREF="browsing-quick.html#AEN437"
>Name Resolution Order</A
></DT
></DL
></DD
><DT
>5. <A
HREF="pwencrypt.html"
>LanMan and NT Password Encryption in Samba</A
></DT
><DD
><DL
><DT
>5.1. <A
HREF="pwencrypt.html#AEN473"
>Introduction</A
></DT
><DT
>5.2. <A
HREF="pwencrypt.html#AEN478"
>Important Notes About Security</A
></DT
><DD
><DL
><DT
>5.2.1. <A
HREF="pwencrypt.html#AEN497"
>Advantages of SMB Encryption</A
></DT
><DT
>5.2.2. <A
HREF="pwencrypt.html#AEN504"
>Advantages of non-encrypted passwords</A
></DT
></DL
></DD
><DT
>5.3. <A
HREF="pwencrypt.html#AEN513"
>The smbpasswd Command</A
></DT
></DL
></DD
></DL
></DIV
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="install.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>SAMBA Project Documentation</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>How to Install and Test SAMBA</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

208
docs/htmldocs/oplocks.html Normal file
View File

@ -0,0 +1,208 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Oplocks</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="UP"
TITLE="General installation"
HREF="introduction.html"><LINK
REL="PREVIOUS"
TITLE="Improved browsing in samba"
HREF="improved-browsing.html"><LINK
REL="NEXT"
TITLE="Quick Cross Subnet Browsing / Cross Workgroup Browsing guide"
HREF="browsing-quick.html"></HEAD
><BODY
CLASS="CHAPTER"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="improved-browsing.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="browsing-quick.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="CHAPTER"
><H1
><A
NAME="OPLOCKS"
></A
>Chapter 3. Oplocks</H1
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN378"
></A
>3.1. What are oplocks?</H1
><P
>When a client opens a file it can request an "oplock" or file
lease. This is (to simplify a bit) a guarentee that no one else
has the file open simultaneously. It allows the client to not
send any updates on the file to the server, thus reducing a
network file access to local access (once the file is in
client cache). An "oplock break" is when the server sends
a request to the client to flush all its changes back to
the server, so the file is in a consistent state for other
opens to succeed. If a client fails to respond to this
asynchronous request then the file can be corrupted. Hence
the "turn off oplocks" answer if people are having multi-user
file access problems.</P
><P
>Unless the kernel is "oplock aware" (SGI IRIX and Linux are
the only two UNIXes that are at the moment) then if a local
UNIX process accesses the file simultaneously then Samba
has no way of telling this is occuring, so the guarentee
to the client is broken. This can corrupt the file. Short
answer - it you have UNIX clients accessing the same file
as smbd locally or via NFS and you're not running Linux or
IRIX then turn off oplocks for that file or share.</P
><P
>"Share modes". These are modes of opening a file, that
guarentee an invarient - such as DENY_WRITE - which means
that if any other opens are requested with write access after
this current open has succeeded then they should be denied
with a "sharing violation" error message. Samba handles these
internally inside smbd. UNIX clients accessing the same file
ignore these invarients. Just proving that if you need simultaneous
file access from a Windows and UNIX client you *must* have an
application that is written to lock records correctly on both
sides. Few applications are written like this, and even fewer
are cross platform (UNIX and Windows) so in practice this isn't
much of a problem.</P
><P
>"Locking". This really means "byte range locking" - such as
lock 10 bytes at file offset 24 for write access. This is the
area in which well written UNIX and Windows apps will cooperate.
Windows locks (at least from NT or above) are 64-bit unsigned
offsets. UNIX locks are either 31 bit or 63 bit and are signed
(the top bit is used for the sign). Samba handles these by
first ensuring that all the Windows locks don't conflict (ie.
if other Windows clients have competing locks then just reject
immediately) - this allows us to support 64-bit Windows locks
on 32-bit filesystems. Secondly any locks that are valid are
then mapped onto UNIX fcntl byte range locks. These are the
locks that will be seen by UNIX processes. If there is a conflict
here the lock is rejected.</P
><P
>Note that if a client has an oplock then it "knows" that no
other client can have the file open so usually doesn't bother
to send to lock request to the server - this means once again
if you need to share files between UNIX and Windows processes
either use IRIX or Linux, or turn off oplocks for these
files/shares.</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="improved-browsing.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="browsing-quick.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Improved browsing in samba</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="introduction.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Quick Cross Subnet Browsing / Cross Workgroup Browsing guide</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

955
docs/htmldocs/optional.html Normal file
View File

@ -0,0 +1,955 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Optional configuration</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="PREVIOUS"
TITLE="Samba as a NT4 domain member"
HREF="domain-security.html"><LINK
REL="NEXT"
TITLE="Integrating MS Windows networks with Samba"
HREF="integrate-ms-networks.html"></HEAD
><BODY
CLASS="PART"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="domain-security.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="integrate-ms-networks.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="PART"
><A
NAME="OPTIONAL"
></A
><DIV
CLASS="TITLEPAGE"
><H1
CLASS="TITLE"
>III. Optional configuration</H1
><DIV
CLASS="PARTINTRO"
><A
NAME="AEN1373"
></A
><H1
>Introduction</H1
><P
>Samba has several features that you might want or might not want to use. The chapters in this
part each cover one specific feature.</P
></DIV
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>11. <A
HREF="integrate-ms-networks.html"
>Integrating MS Windows networks with Samba</A
></DT
><DD
><DL
><DT
>11.1. <A
HREF="integrate-ms-networks.html#AEN1387"
>Agenda</A
></DT
><DT
>11.2. <A
HREF="integrate-ms-networks.html#AEN1409"
>Name Resolution in a pure Unix/Linux world</A
></DT
><DD
><DL
><DT
>11.2.1. <A
HREF="integrate-ms-networks.html#AEN1425"
><TT
CLASS="FILENAME"
>/etc/hosts</TT
></A
></DT
><DT
>11.2.2. <A
HREF="integrate-ms-networks.html#AEN1441"
><TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
></A
></DT
><DT
>11.2.3. <A
HREF="integrate-ms-networks.html#AEN1452"
><TT
CLASS="FILENAME"
>/etc/host.conf</TT
></A
></DT
><DT
>11.2.4. <A
HREF="integrate-ms-networks.html#AEN1460"
><TT
CLASS="FILENAME"
>/etc/nsswitch.conf</TT
></A
></DT
></DL
></DD
><DT
>11.3. <A
HREF="integrate-ms-networks.html#AEN1472"
>Name resolution as used within MS Windows networking</A
></DT
><DD
><DL
><DT
>11.3.1. <A
HREF="integrate-ms-networks.html#AEN1484"
>The NetBIOS Name Cache</A
></DT
><DT
>11.3.2. <A
HREF="integrate-ms-networks.html#AEN1489"
>The LMHOSTS file</A
></DT
><DT
>11.3.3. <A
HREF="integrate-ms-networks.html#AEN1497"
>HOSTS file</A
></DT
><DT
>11.3.4. <A
HREF="integrate-ms-networks.html#AEN1502"
>DNS Lookup</A
></DT
><DT
>11.3.5. <A
HREF="integrate-ms-networks.html#AEN1505"
>WINS Lookup</A
></DT
></DL
></DD
><DT
>11.4. <A
HREF="integrate-ms-networks.html#AEN1517"
>How browsing functions and how to deploy stable and
dependable browsing using Samba</A
></DT
><DT
>11.5. <A
HREF="integrate-ms-networks.html#AEN1527"
>MS Windows security options and how to configure
Samba for seemless integration</A
></DT
><DD
><DL
><DT
>11.5.1. <A
HREF="integrate-ms-networks.html#AEN1555"
>Use MS Windows NT as an authentication server</A
></DT
><DT
>11.5.2. <A
HREF="integrate-ms-networks.html#AEN1563"
>Make Samba a member of an MS Windows NT security domain</A
></DT
><DT
>11.5.3. <A
HREF="integrate-ms-networks.html#AEN1580"
>Configure Samba as an authentication server</A
></DT
></DL
></DD
><DT
>11.6. <A
HREF="integrate-ms-networks.html#AEN1597"
>Conclusions</A
></DT
></DL
></DD
><DT
>12. <A
HREF="unix-permissions.html"
>UNIX Permission Bits and Windows NT Access Control Lists</A
></DT
><DD
><DL
><DT
>12.1. <A
HREF="unix-permissions.html#AEN1618"
>Viewing and changing UNIX permissions using the NT
security dialogs</A
></DT
><DT
>12.2. <A
HREF="unix-permissions.html#AEN1627"
>How to view file security on a Samba share</A
></DT
><DT
>12.3. <A
HREF="unix-permissions.html#AEN1638"
>Viewing file ownership</A
></DT
><DT
>12.4. <A
HREF="unix-permissions.html#AEN1658"
>Viewing file or directory permissions</A
></DT
><DD
><DL
><DT
>12.4.1. <A
HREF="unix-permissions.html#AEN1673"
>File Permissions</A
></DT
><DT
>12.4.2. <A
HREF="unix-permissions.html#AEN1687"
>Directory Permissions</A
></DT
></DL
></DD
><DT
>12.5. <A
HREF="unix-permissions.html#AEN1694"
>Modifying file or directory permissions</A
></DT
><DT
>12.6. <A
HREF="unix-permissions.html#AEN1716"
>Interaction with the standard Samba create mask
parameters</A
></DT
><DT
>12.7. <A
HREF="unix-permissions.html#AEN1780"
>Interaction with the standard Samba file attribute
mapping</A
></DT
></DL
></DD
><DT
>13. <A
HREF="pam.html"
>Configuring PAM for distributed but centrally
managed authentication</A
></DT
><DD
><DL
><DT
>13.1. <A
HREF="pam.html#AEN1801"
>Samba and PAM</A
></DT
><DT
>13.2. <A
HREF="pam.html#AEN1845"
>Distributed Authentication</A
></DT
><DT
>13.3. <A
HREF="pam.html#AEN1852"
>PAM Configuration in smb.conf</A
></DT
></DL
></DD
><DT
>14. <A
HREF="msdfs.html"
>Hosting a Microsoft Distributed File System tree on Samba</A
></DT
><DD
><DL
><DT
>14.1. <A
HREF="msdfs.html#AEN1872"
>Instructions</A
></DT
><DD
><DL
><DT
>14.1.1. <A
HREF="msdfs.html#AEN1907"
>Notes</A
></DT
></DL
></DD
></DL
></DD
><DT
>15. <A
HREF="printing.html"
>Printing Support</A
></DT
><DD
><DL
><DT
>15.1. <A
HREF="printing.html#AEN1933"
>Introduction</A
></DT
><DT
>15.2. <A
HREF="printing.html#AEN1955"
>Configuration</A
></DT
><DD
><DL
><DT
>15.2.1. <A
HREF="printing.html#AEN1963"
>Creating [print$]</A
></DT
><DT
>15.2.2. <A
HREF="printing.html#AEN1998"
>Setting Drivers for Existing Printers</A
></DT
><DT
>15.2.3. <A
HREF="printing.html#AEN2014"
>Support a large number of printers</A
></DT
><DT
>15.2.4. <A
HREF="printing.html#AEN2025"
>Adding New Printers via the Windows NT APW</A
></DT
><DT
>15.2.5. <A
HREF="printing.html#AEN2055"
>Samba and Printer Ports</A
></DT
></DL
></DD
><DT
>15.3. <A
HREF="printing.html#AEN2063"
>The Imprints Toolset</A
></DT
><DD
><DL
><DT
>15.3.1. <A
HREF="printing.html#AEN2067"
>What is Imprints?</A
></DT
><DT
>15.3.2. <A
HREF="printing.html#AEN2077"
>Creating Printer Driver Packages</A
></DT
><DT
>15.3.3. <A
HREF="printing.html#AEN2080"
>The Imprints server</A
></DT
><DT
>15.3.4. <A
HREF="printing.html#AEN2084"
>The Installation Client</A
></DT
></DL
></DD
><DT
>15.4. <A
HREF="printing.html#AEN2106"
>Diagnosis</A
></DT
><DD
><DL
><DT
>15.4.1. <A
HREF="printing.html#AEN2108"
>Introduction</A
></DT
><DT
>15.4.2. <A
HREF="printing.html#AEN2124"
>Debugging printer problems</A
></DT
><DT
>15.4.3. <A
HREF="printing.html#AEN2133"
>What printers do I have?</A
></DT
><DT
>15.4.4. <A
HREF="printing.html#AEN2141"
>Setting up printcap and print servers</A
></DT
><DT
>15.4.5. <A
HREF="printing.html#AEN2169"
>Job sent, no output</A
></DT
><DT
>15.4.6. <A
HREF="printing.html#AEN2180"
>Job sent, strange output</A
></DT
><DT
>15.4.7. <A
HREF="printing.html#AEN2192"
>Raw PostScript printed</A
></DT
><DT
>15.4.8. <A
HREF="printing.html#AEN2195"
>Advanced Printing</A
></DT
><DT
>15.4.9. <A
HREF="printing.html#AEN2198"
>Real debugging</A
></DT
></DL
></DD
></DL
></DD
><DT
>16. <A
HREF="winbind.html"
>Unified Logons between Windows NT and UNIX using Winbind</A
></DT
><DD
><DL
><DT
>16.1. <A
HREF="winbind.html#AEN2238"
>Abstract</A
></DT
><DT
>16.2. <A
HREF="winbind.html#AEN2242"
>Introduction</A
></DT
><DT
>16.3. <A
HREF="winbind.html#AEN2255"
>What Winbind Provides</A
></DT
><DD
><DL
><DT
>16.3.1. <A
HREF="winbind.html#AEN2262"
>Target Uses</A
></DT
></DL
></DD
><DT
>16.4. <A
HREF="winbind.html#AEN2266"
>How Winbind Works</A
></DT
><DD
><DL
><DT
>16.4.1. <A
HREF="winbind.html#AEN2271"
>Microsoft Remote Procedure Calls</A
></DT
><DT
>16.4.2. <A
HREF="winbind.html#AEN2275"
>Name Service Switch</A
></DT
><DT
>16.4.3. <A
HREF="winbind.html#AEN2291"
>Pluggable Authentication Modules</A
></DT
><DT
>16.4.4. <A
HREF="winbind.html#AEN2299"
>User and Group ID Allocation</A
></DT
><DT
>16.4.5. <A
HREF="winbind.html#AEN2303"
>Result Caching</A
></DT
></DL
></DD
><DT
>16.5. <A
HREF="winbind.html#AEN2306"
>Installation and Configuration</A
></DT
><DD
><DL
><DT
>16.5.1. <A
HREF="winbind.html#AEN2313"
>Introduction</A
></DT
><DT
>16.5.2. <A
HREF="winbind.html#AEN2326"
>Requirements</A
></DT
><DT
>16.5.3. <A
HREF="winbind.html#AEN2340"
>Testing Things Out</A
></DT
></DL
></DD
><DT
>16.6. <A
HREF="winbind.html#AEN2555"
>Limitations</A
></DT
><DT
>16.7. <A
HREF="winbind.html#AEN2565"
>Conclusion</A
></DT
></DL
></DD
><DT
>17. <A
HREF="pdb-mysql.html"
>Passdb MySQL plugin</A
></DT
><DD
><DL
><DT
>17.1. <A
HREF="pdb-mysql.html#AEN2579"
>Building</A
></DT
><DT
>17.2. <A
HREF="pdb-mysql.html#AEN2585"
>Configuring</A
></DT
><DT
>17.3. <A
HREF="pdb-mysql.html#AEN2600"
>Using plaintext passwords or encrypted password</A
></DT
><DT
>17.4. <A
HREF="pdb-mysql.html#AEN2605"
>Getting non-column data from the table</A
></DT
></DL
></DD
><DT
>18. <A
HREF="pdb-xml.html"
>Passdb XML plugin</A
></DT
><DD
><DL
><DT
>18.1. <A
HREF="pdb-xml.html#AEN2624"
>Building</A
></DT
><DT
>18.2. <A
HREF="pdb-xml.html#AEN2630"
>Usage</A
></DT
></DL
></DD
><DT
>19. <A
HREF="vfs.html"
>Stackable VFS modules</A
></DT
><DD
><DL
><DT
>19.1. <A
HREF="vfs.html#AEN2651"
>Introduction and configuration</A
></DT
><DT
>19.2. <A
HREF="vfs.html#AEN2659"
>Included modules</A
></DT
><DD
><DL
><DT
>19.2.1. <A
HREF="vfs.html#AEN2661"
>audit</A
></DT
><DT
>19.2.2. <A
HREF="vfs.html#AEN2669"
>recycle</A
></DT
><DT
>19.2.3. <A
HREF="vfs.html#AEN2706"
>netatalk</A
></DT
></DL
></DD
><DT
>19.3. <A
HREF="vfs.html#AEN2713"
>VFS modules available elsewhere</A
></DT
><DD
><DL
><DT
>19.3.1. <A
HREF="vfs.html#AEN2717"
>DatabaseFS</A
></DT
><DT
>19.3.2. <A
HREF="vfs.html#AEN2725"
>vscan</A
></DT
></DL
></DD
></DL
></DD
><DT
>20. <A
HREF="samba-ldap-howto.html"
>Storing Samba's User/Machine Account information in an LDAP Directory</A
></DT
><DD
><DL
><DT
>20.1. <A
HREF="samba-ldap-howto.html#AEN2747"
>Purpose</A
></DT
><DT
>20.2. <A
HREF="samba-ldap-howto.html#AEN2767"
>Introduction</A
></DT
><DT
>20.3. <A
HREF="samba-ldap-howto.html#AEN2796"
>Supported LDAP Servers</A
></DT
><DT
>20.4. <A
HREF="samba-ldap-howto.html#AEN2801"
>Schema and Relationship to the RFC 2307 posixAccount</A
></DT
><DT
>20.5. <A
HREF="samba-ldap-howto.html#AEN2813"
>Configuring Samba with LDAP</A
></DT
><DD
><DL
><DT
>20.5.1. <A
HREF="samba-ldap-howto.html#AEN2815"
>OpenLDAP configuration</A
></DT
><DT
>20.5.2. <A
HREF="samba-ldap-howto.html#AEN2832"
>Configuring Samba</A
></DT
></DL
></DD
><DT
>20.6. <A
HREF="samba-ldap-howto.html#AEN2860"
>Accounts and Groups management</A
></DT
><DT
>20.7. <A
HREF="samba-ldap-howto.html#AEN2865"
>Security and sambaAccount</A
></DT
><DT
>20.8. <A
HREF="samba-ldap-howto.html#AEN2885"
>LDAP specials attributes for sambaAccounts</A
></DT
><DT
>20.9. <A
HREF="samba-ldap-howto.html#AEN2955"
>Example LDIF Entries for a sambaAccount</A
></DT
><DT
>20.10. <A
HREF="samba-ldap-howto.html#AEN2963"
>Comments</A
></DT
></DL
></DD
><DT
>21. <A
HREF="cvs-access.html"
>HOWTO Access Samba source code via CVS</A
></DT
><DD
><DL
><DT
>21.1. <A
HREF="cvs-access.html#AEN2974"
>Introduction</A
></DT
><DT
>21.2. <A
HREF="cvs-access.html#AEN2979"
>CVS Access to samba.org</A
></DT
><DD
><DL
><DT
>21.2.1. <A
HREF="cvs-access.html#AEN2982"
>Access via CVSweb</A
></DT
><DT
>21.2.2. <A
HREF="cvs-access.html#AEN2987"
>Access via cvs</A
></DT
></DL
></DD
></DL
></DD
><DT
>22. <A
HREF="groupmapping.html"
>Group mapping HOWTO</A
></DT
><DT
>23. <A
HREF="speed.html"
>Samba performance issues</A
></DT
><DD
><DL
><DT
>23.1. <A
HREF="speed.html#AEN3065"
>Comparisons</A
></DT
><DT
>23.2. <A
HREF="speed.html#AEN3071"
>Oplocks</A
></DT
><DD
><DL
><DT
>23.2.1. <A
HREF="speed.html#AEN3073"
>Overview</A
></DT
><DT
>23.2.2. <A
HREF="speed.html#AEN3081"
>Level2 Oplocks</A
></DT
><DT
>23.2.3. <A
HREF="speed.html#AEN3087"
>Old 'fake oplocks' option - deprecated</A
></DT
></DL
></DD
><DT
>23.3. <A
HREF="speed.html#AEN3091"
>Socket options</A
></DT
><DT
>23.4. <A
HREF="speed.html#AEN3098"
>Read size</A
></DT
><DT
>23.5. <A
HREF="speed.html#AEN3103"
>Max xmit</A
></DT
><DT
>23.6. <A
HREF="speed.html#AEN3108"
>Locking</A
></DT
><DT
>23.7. <A
HREF="speed.html#AEN3112"
>Share modes</A
></DT
><DT
>23.8. <A
HREF="speed.html#AEN3117"
>Log level</A
></DT
><DT
>23.9. <A
HREF="speed.html#AEN3120"
>Wide lines</A
></DT
><DT
>23.10. <A
HREF="speed.html#AEN3123"
>Read raw</A
></DT
><DT
>23.11. <A
HREF="speed.html#AEN3128"
>Write raw</A
></DT
><DT
>23.12. <A
HREF="speed.html#AEN3132"
>Read prediction</A
></DT
><DT
>23.13. <A
HREF="speed.html#AEN3139"
>Memory mapping</A
></DT
><DT
>23.14. <A
HREF="speed.html#AEN3144"
>Slow Clients</A
></DT
><DT
>23.15. <A
HREF="speed.html#AEN3148"
>Slow Logins</A
></DT
><DT
>23.16. <A
HREF="speed.html#AEN3151"
>Client tuning</A
></DT
><DT
>23.17. <A
HREF="speed.html#AEN3183"
>My Results</A
></DT
></DL
></DD
></DL
></DIV
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="domain-security.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="integrate-ms-networks.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Samba as a NT4 domain member</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Integrating MS Windows networks with Samba</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

286
docs/htmldocs/pdb-mysql.html Normal file
View File

@ -0,0 +1,286 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Passdb MySQL plugin</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="UP"
TITLE="Optional configuration"
HREF="optional.html"><LINK
REL="PREVIOUS"
TITLE="Unified Logons between Windows NT and UNIX using Winbind"
HREF="winbind.html"><LINK
REL="NEXT"
TITLE="Passdb XML plugin"
HREF="pdb-xml.html"></HEAD
><BODY
CLASS="CHAPTER"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="winbind.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="pdb-xml.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="CHAPTER"
><H1
><A
NAME="PDB-MYSQL"
></A
>Chapter 17. Passdb MySQL plugin</H1
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN2579"
></A
>17.1. Building</H1
><P
>To build the plugin, run <B
CLASS="COMMAND"
>make bin/pdb_mysql.so</B
>
in the <TT
CLASS="FILENAME"
>source/</TT
> directory of samba distribution. </P
><P
>Next, copy pdb_mysql.so to any location you want. I
strongly recommend installing it in $PREFIX/lib or /usr/lib/samba/</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN2585"
></A
>17.2. Configuring</H1
><P
>This plugin lacks some good documentation, but here is some short info:</P
><P
>Add a the following to the <B
CLASS="COMMAND"
>passdb backend</B
> variable in your <TT
CLASS="FILENAME"
>smb.conf</TT
>:
<PRE
CLASS="PROGRAMLISTING"
>passdb backend = [other-plugins] plugin:/location/to/pdb_mysql.so:identifier [other-plugins]</PRE
></P
><P
>The identifier can be any string you like, as long as it doesn't collide with
the identifiers of other plugins or other instances of pdb_mysql. If you
specify multiple pdb_mysql.so entries in 'passdb backend', you also need to
use different identifiers!</P
><P
>Additional options can be given thru the smb.conf file in the [global] section.</P
><P
><PRE
CLASS="PROGRAMLISTING"
>identifier:mysql host - host name, defaults to 'localhost'
identifier:mysql password
identifier:mysql user - defaults to 'samba'
identifier:mysql database - defaults to 'samba'
identifier:mysql port - defaults to 3306
identifier:table - Name of the table containing users</PRE
></P
><P
>Names of the columns in this table(I've added column types those columns should have first):</P
><P
><PRE
CLASS="PROGRAMLISTING"
>identifier:logon time column - int(9)
identifier:logoff time column - int(9)
identifier:kickoff time column - int(9)
identifier:pass last set time column - int(9)
identifier:pass can change time column - int(9)
identifier:pass must change time column - int(9)
identifier:username column - varchar(255) - unix username
identifier:domain column - varchar(255) - NT domain user is part of
identifier:nt username column - varchar(255) - NT username
identifier:fullname column - varchar(255) - Full name of user
identifier:home dir column - varchar(255) - Unix homedir path
identifier:dir drive column - varchar(2) - Directory drive path (eg: 'H:')
identifier:logon script column - varchar(255) - Batch file to run on client side when logging on
identifier:profile path column - varchar(255) - Path of profile
identifier:acct desc column - varchar(255) - Some ASCII NT user data
identifier:workstations column - varchar(255) - Workstations user can logon to (or NULL for all)
identifier:unknown string column - varchar(255) - unknown string
identifier:munged dial column - varchar(255) - ?
identifier:uid column - int(9) - Unix user ID (uid)
identifier:gid column - int(9) - Unix user group (gid)
identifier:user sid column - varchar(255) - NT user SID
identifier:group sid column - varchar(255) - NT group ID
identifier:lanman pass column - varchar(255) - encrypted lanman password
identifier:nt pass column - varchar(255) - encrypted nt passwd
identifier:plain pass column - varchar(255) - plaintext password
identifier:acct control column - int(9) - nt user data
identifier:unknown 3 column - int(9) - unknown
identifier:logon divs column - int(9) - ?
identifier:hours len column - int(9) - ?
identifier:unknown 5 column - int(9) - unknown
identifier:unknown 6 column - int(9) - unknown</PRE
></P
><P
>Eventually, you can put a colon (:) after the name of each column, which
should specify the column to update when updating the table. You can also
specify nothing behind the colon - then the data from the field will not be
updated. </P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN2600"
></A
>17.3. Using plaintext passwords or encrypted password</H1
><P
>I strongly discourage the use of plaintext passwords, however, you can use them:</P
><P
>If you would like to use plaintext passwords, set 'identifier:lanman pass column' and 'identifier:nt pass column' to 'NULL' (without the quotes) and 'identifier:plain pass column' to the name of the column containing the plaintext passwords. </P
><P
>If you use encrypted passwords, set the 'identifier:plain pass column' to 'NULL' (without the quotes). This is the default.</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN2605"
></A
>17.4. Getting non-column data from the table</H1
><P
>It is possible to have not all data in the database and making some 'constant'.</P
><P
>For example, you can set 'identifier:fullname column' to :
<B
CLASS="COMMAND"
>CONCAT(First_name,' ',Sur_name)</B
></P
><P
>Or, set 'identifier:workstations column' to :
<B
CLASS="COMMAND"
>NULL</B
></P
><P
>See the MySQL documentation for more language constructs.</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="winbind.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="pdb-xml.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Unified Logons between Windows NT and UNIX using Winbind</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="optional.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Passdb XML plugin</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

189
docs/htmldocs/pdb-xml.html Normal file
View File

@ -0,0 +1,189 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Passdb XML plugin</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="UP"
TITLE="Optional configuration"
HREF="optional.html"><LINK
REL="PREVIOUS"
TITLE="Passdb MySQL plugin"
HREF="pdb-mysql.html"><LINK
REL="NEXT"
TITLE="Stackable VFS modules"
HREF="vfs.html"></HEAD
><BODY
CLASS="CHAPTER"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="pdb-mysql.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="vfs.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="CHAPTER"
><H1
><A
NAME="PDB-XML"
></A
>Chapter 18. Passdb XML plugin</H1
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN2624"
></A
>18.1. Building</H1
><P
>This module requires libxml2 to be installed.</P
><P
>To build pdb_xml, run: <B
CLASS="COMMAND"
>make bin/pdb_xml.so</B
> in
the directory <TT
CLASS="FILENAME"
>source/</TT
>. </P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN2630"
></A
>18.2. Usage</H1
><P
>The usage of pdb_xml is pretty straightforward. To export data, use:
<B
CLASS="COMMAND"
>pdbedit -e plugin:/usr/lib/samba/pdb_xml.so:filename</B
>
(where filename is the name of the file to put the data in)</P
><P
>To import data, use:
<B
CLASS="COMMAND"
>pdbedit -i plugin:/usr/lib/samba/pdb_xml.so:filename -e current-pdb</B
>
Where filename is the name to read the data from and current-pdb to put it in.</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="pdb-mysql.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="vfs.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Passdb MySQL plugin</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="optional.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Stackable VFS modules</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

445
docs/htmldocs/pwencrypt.html Normal file
View File

@ -0,0 +1,445 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>LanMan and NT Password Encryption in Samba</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="UP"
TITLE="General installation"
HREF="introduction.html"><LINK
REL="PREVIOUS"
TITLE="Quick Cross Subnet Browsing / Cross Workgroup Browsing guide"
HREF="browsing-quick.html"><LINK
REL="NEXT"
TITLE="Type of installation"
HREF="type.html"></HEAD
><BODY
CLASS="CHAPTER"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="browsing-quick.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="type.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="CHAPTER"
><H1
><A
NAME="PWENCRYPT"
></A
>Chapter 5. LanMan and NT Password Encryption in Samba</H1
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN473"
></A
>5.1. Introduction</H1
><P
>Newer windows clients send encrypted passwords over
the wire, instead of plain text passwords. The newest clients
will only send encrypted passwords and refuse to send plain text
passwords, unless their registry is tweaked.</P
><P
>These passwords can't be converted to unix style encrypted
passwords. Because of that you can't use the standard unix
user database, and you have to store the Lanman and NT hashes
somewhere else. For more information, see the documentation
about the <B
CLASS="COMMAND"
>passdb backend = </B
> parameter.
</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN478"
></A
>5.2. Important Notes About Security</H1
><P
>The unix and SMB password encryption techniques seem similar
on the surface. This similarity is, however, only skin deep. The unix
scheme typically sends clear text passwords over the network when
logging in. This is bad. The SMB encryption scheme never sends the
cleartext password over the network but it does store the 16 byte
hashed values on disk. This is also bad. Why? Because the 16 byte hashed
values are a "password equivalent". You cannot derive the user's
password from them, but they could potentially be used in a modified
client to gain access to a server. This would require considerable
technical knowledge on behalf of the attacker but is perfectly possible.
You should thus treat the smbpasswd file as though it contained the
cleartext passwords of all your users. Its contents must be kept
secret, and the file should be protected accordingly.</P
><P
>Ideally we would like a password scheme which neither requires
plain text passwords on the net or on disk. Unfortunately this
is not available as Samba is stuck with being compatible with
other SMB systems (WinNT, WfWg, Win95 etc). </P
><DIV
CLASS="WARNING"
><P
></P
><TABLE
CLASS="WARNING"
WIDTH="100%"
BORDER="0"
><TR
><TD
WIDTH="25"
ALIGN="CENTER"
VALIGN="TOP"
><IMG
SRC="/docbook-dsssl/warning.gif"
HSPACE="5"
ALT="Warning"></TD
><TD
ALIGN="LEFT"
VALIGN="TOP"
><P
>Note that Windows NT 4.0 Service pack 3 changed the
default for permissible authentication so that plaintext
passwords are <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>never</I
></SPAN
> sent over the wire.
The solution to this is either to switch to encrypted passwords
with Samba or edit the Windows NT registry to re-enable plaintext
passwords. See the document WinNT.txt for details on how to do
this.</P
><P
>Other Microsoft operating systems which also exhibit
this behavior includes</P
><P
></P
><UL
><LI
><P
>MS DOS Network client 3.0 with
the basic network redirector installed</P
></LI
><LI
><P
>Windows 95 with the network redirector
update installed</P
></LI
><LI
><P
>Windows 98 [se]</P
></LI
><LI
><P
>Windows 2000</P
></LI
></UL
><P
><SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note :</I
></SPAN
>All current release of
Microsoft SMB/CIFS clients support authentication via the
SMB Challenge/Response mechanism described here. Enabling
clear text authentication does not disable the ability
of the client to participate in encrypted authentication.</P
></TD
></TR
></TABLE
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN497"
></A
>5.2.1. Advantages of SMB Encryption</H2
><P
></P
><UL
><LI
><P
>plain text passwords are not passed across
the network. Someone using a network sniffer cannot just
record passwords going to the SMB server.</P
></LI
><LI
><P
>WinNT doesn't like talking to a server
that isn't using SMB encrypted passwords. It will refuse
to browse the server if the server is also in user level
security mode. It will insist on prompting the user for the
password on each connection, which is very annoying. The
only things you can do to stop this is to use SMB encryption.
</P
></LI
></UL
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN504"
></A
>5.2.2. Advantages of non-encrypted passwords</H2
><P
></P
><UL
><LI
><P
>plain text passwords are not kept
on disk. </P
></LI
><LI
><P
>uses same password file as other unix
services such as login and ftp</P
></LI
><LI
><P
>you are probably already using other
services (such as telnet and ftp) which send plain text
passwords over the net, so sending them for SMB isn't
such a big deal.</P
></LI
></UL
></DIV
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN513"
></A
>5.3. The smbpasswd Command</H1
><P
>The smbpasswd command maintains the two 32 byte password fields
in the smbpasswd file. If you wish to make it similar to the unix
<B
CLASS="COMMAND"
>passwd</B
> or <B
CLASS="COMMAND"
>yppasswd</B
> programs,
install it in <TT
CLASS="FILENAME"
>/usr/local/samba/bin/</TT
> (or your
main Samba binary directory).</P
><P
><B
CLASS="COMMAND"
>smbpasswd</B
> now works in a client-server mode
where it contacts the local smbd to change the user's password on its
behalf. This has enormous benefits - as follows.</P
><P
><B
CLASS="COMMAND"
>smbpasswd</B
> now has the capability
to change passwords on Windows NT servers (this only works when
the request is sent to the NT Primary Domain Controller if you
are changing an NT Domain user's password).</P
><P
>To run smbpasswd as a normal user just type :</P
><P
><TT
CLASS="PROMPT"
>$ </TT
><TT
CLASS="USERINPUT"
><B
>smbpasswd</B
></TT
></P
><P
><TT
CLASS="PROMPT"
>Old SMB password: </TT
><TT
CLASS="USERINPUT"
><B
>&lt;type old value here -
or hit return if there was no old password&gt;</B
></TT
></P
><P
><TT
CLASS="PROMPT"
>New SMB Password: </TT
><TT
CLASS="USERINPUT"
><B
>&lt;type new value&gt;
</B
></TT
></P
><P
><TT
CLASS="PROMPT"
>Repeat New SMB Password: </TT
><TT
CLASS="USERINPUT"
><B
>&lt;re-type new value
</B
></TT
></P
><P
>If the old value does not match the current value stored for
that user, or the two new values do not match each other, then the
password will not be changed.</P
><P
>If invoked by an ordinary user it will only allow the user
to change his or her own Samba password.</P
><P
>If run by the root user smbpasswd may take an optional
argument, specifying the user name whose SMB password you wish to
change. Note that when run as root smbpasswd does not prompt for
or check the old password value, thus allowing root to set passwords
for users who have forgotten their passwords.</P
><P
><B
CLASS="COMMAND"
>smbpasswd</B
> is designed to work in the same way
and be familiar to UNIX users who use the <B
CLASS="COMMAND"
>passwd</B
> or
<B
CLASS="COMMAND"
>yppasswd</B
> commands.</P
><P
>For more details on using <B
CLASS="COMMAND"
>smbpasswd</B
> refer
to the man page which will always be the definitive reference.</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="browsing-quick.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="type.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Quick Cross Subnet Browsing / Cross Workgroup Browsing guide</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="introduction.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Type of installation</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

1132
docs/htmldocs/samba-howto-collection.html Normal file
View File

File diff suppressed because it is too large Load Diff

2649
docs/htmldocs/samba-pdc.html Normal file
View File

File diff suppressed because it is too large Load Diff

392
docs/htmldocs/type.html Normal file
View File

@ -0,0 +1,392 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Type of installation</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="PREVIOUS"
TITLE="LanMan and NT Password Encryption in Samba"
HREF="pwencrypt.html"><LINK
REL="NEXT"
TITLE="User and Share security level (for servers not in a domain)"
HREF="securitylevels.html"></HEAD
><BODY
CLASS="PART"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="pwencrypt.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="securitylevels.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="PART"
><A
NAME="TYPE"
></A
><DIV
CLASS="TITLEPAGE"
><H1
CLASS="TITLE"
>II. Type of installation</H1
><DIV
CLASS="PARTINTRO"
><A
NAME="AEN547"
></A
><H1
>Introduction</H1
><P
>Samba can operate in various SMB networks. This part contains information on configuring samba
for various environments.</P
></DIV
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>6. <A
HREF="securitylevels.html"
>User and Share security level (for servers not in a domain)</A
></DT
><DT
>7. <A
HREF="samba-pdc.html"
>How to Configure Samba as a NT4 Primary Domain Controller</A
></DT
><DD
><DL
><DT
>7.1. <A
HREF="samba-pdc.html#AEN591"
>Prerequisite Reading</A
></DT
><DT
>7.2. <A
HREF="samba-pdc.html#AEN597"
>Background</A
></DT
><DT
>7.3. <A
HREF="samba-pdc.html#AEN636"
>Configuring the Samba Domain Controller</A
></DT
><DT
>7.4. <A
HREF="samba-pdc.html#AEN679"
>Creating Machine Trust Accounts and Joining Clients to the
Domain</A
></DT
><DD
><DL
><DT
>7.4.1. <A
HREF="samba-pdc.html#AEN698"
>Manual Creation of Machine Trust Accounts</A
></DT
><DT
>7.4.2. <A
HREF="samba-pdc.html#AEN739"
>"On-the-Fly" Creation of Machine Trust Accounts</A
></DT
><DT
>7.4.3. <A
HREF="samba-pdc.html#AEN748"
>Joining the Client to the Domain</A
></DT
></DL
></DD
><DT
>7.5. <A
HREF="samba-pdc.html#AEN763"
>Common Problems and Errors</A
></DT
><DT
>7.6. <A
HREF="samba-pdc.html#AEN811"
>System Policies and Profiles</A
></DT
><DT
>7.7. <A
HREF="samba-pdc.html#AEN855"
>What other help can I get?</A
></DT
><DT
>7.8. <A
HREF="samba-pdc.html#AEN969"
>Domain Control for Windows 9x/ME</A
></DT
><DD
><DL
><DT
>7.8.1. <A
HREF="samba-pdc.html#AEN995"
>Configuration Instructions: Network Logons</A
></DT
><DT
>7.8.2. <A
HREF="samba-pdc.html#AEN1014"
>Configuration Instructions: Setting up Roaming User Profiles</A
></DT
></DL
></DD
><DT
>7.9. <A
HREF="samba-pdc.html#AEN1107"
>DOMAIN_CONTROL.txt : Windows NT Domain Control &#38; Samba</A
></DT
></DL
></DD
><DT
>8. <A
HREF="samba-bdc.html"
>How to Act as a Backup Domain Controller in a Purely Samba Controlled Domain</A
></DT
><DD
><DL
><DT
>8.1. <A
HREF="samba-bdc.html#AEN1143"
>Prerequisite Reading</A
></DT
><DT
>8.2. <A
HREF="samba-bdc.html#AEN1147"
>Background</A
></DT
><DT
>8.3. <A
HREF="samba-bdc.html#AEN1155"
>What qualifies a Domain Controller on the network?</A
></DT
><DD
><DL
><DT
>8.3.1. <A
HREF="samba-bdc.html#AEN1158"
>How does a Workstation find its domain controller?</A
></DT
><DT
>8.3.2. <A
HREF="samba-bdc.html#AEN1161"
>When is the PDC needed?</A
></DT
></DL
></DD
><DT
>8.4. <A
HREF="samba-bdc.html#AEN1164"
>Can Samba be a Backup Domain Controller?</A
></DT
><DT
>8.5. <A
HREF="samba-bdc.html#AEN1168"
>How do I set up a Samba BDC?</A
></DT
><DD
><DL
><DT
>8.5.1. <A
HREF="samba-bdc.html#AEN1185"
>How do I replicate the smbpasswd file?</A
></DT
></DL
></DD
></DL
></DD
><DT
>9. <A
HREF="ads.html"
>Samba as a ADS domain member</A
></DT
><DD
><DL
><DT
>9.1. <A
HREF="ads.html#AEN1203"
>Installing the required packages for Debian</A
></DT
><DT
>9.2. <A
HREF="ads.html#AEN1209"
>Installing the required packages for RedHat</A
></DT
><DT
>9.3. <A
HREF="ads.html#AEN1218"
>Compile Samba</A
></DT
><DT
>9.4. <A
HREF="ads.html#AEN1230"
>Setup your /etc/krb5.conf</A
></DT
><DT
>9.5. <A
HREF="ads.html#AEN1240"
>Create the computer account</A
></DT
><DD
><DL
><DT
>9.5.1. <A
HREF="ads.html#AEN1244"
>Possible errors</A
></DT
></DL
></DD
><DT
>9.6. <A
HREF="ads.html#AEN1256"
>Test your server setup</A
></DT
><DT
>9.7. <A
HREF="ads.html#AEN1261"
>Testing with smbclient</A
></DT
><DT
>9.8. <A
HREF="ads.html#AEN1264"
>Notes</A
></DT
></DL
></DD
><DT
>10. <A
HREF="domain-security.html"
>Samba as a NT4 domain member</A
></DT
><DD
><DL
><DT
>10.1. <A
HREF="domain-security.html#AEN1286"
>Joining an NT Domain with Samba 2.2</A
></DT
><DT
>10.2. <A
HREF="domain-security.html#AEN1350"
>Samba and Windows 2000 Domains</A
></DT
><DT
>10.3. <A
HREF="domain-security.html#AEN1355"
>Why is this better than security = server?</A
></DT
></DL
></DD
></DL
></DIV
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="pwencrypt.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="securitylevels.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>LanMan and NT Password Encryption in Samba</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>User and Share security level (for servers not in a domain)</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

403
docs/htmldocs/vfs.html Normal file
View File

@ -0,0 +1,403 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Stackable VFS modules</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.77"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="UP"
TITLE="Optional configuration"
HREF="optional.html"><LINK
REL="PREVIOUS"
TITLE="Passdb XML plugin"
HREF="pdb-xml.html"><LINK
REL="NEXT"
TITLE="Storing Samba's User/Machine Account information in an LDAP Directory"
HREF="samba-ldap-howto.html"></HEAD
><BODY
CLASS="CHAPTER"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="pdb-xml.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="samba-ldap-howto.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="CHAPTER"
><H1
><A
NAME="VFS"
></A
>Chapter 19. Stackable VFS modules</H1
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN2651"
></A
>19.1. Introduction and configuration</H1
><P
>Since samba 3.0, samba supports stackable VFS(Virtual File System) modules.
Samba passes each request to access the unix file system thru the loaded VFS modules.
This chapter covers all the modules that come with the samba source and references to
some external modules.</P
><P
>You may have problems to compile these modules, as shared libraries are
compiled and linked in different ways on different systems.
I currently tested them against GNU/linux and IRIX.</P
><P
>To use the VFS modules, create a share similar to the one below. The
important parameter is the <B
CLASS="COMMAND"
>vfs object</B
> parameter which must point to
the exact pathname of the shared library object. For example, to use audit.so:
<PRE
CLASS="PROGRAMLISTING"
> [audit]
comment = Audited /data directory
path = /data
vfs object = /path/to/audit.so
writeable = yes
browseable = yes</PRE
></P
><P
>Further documentation on writing VFS modules for Samba can be found in
docs directory of the Samba source distribution.</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN2659"
></A
>19.2. Included modules</H1
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN2661"
></A
>19.2.1. audit</H2
><P
>A simple module to audit file access to the syslog
facility. The following operations are logged:
<P
></P
><TABLE
BORDER="0"
><TBODY
><TR
><TD
>share</TD
></TR
><TR
><TD
>connect/disconnect</TD
></TR
><TR
><TD
>directory opens/create/remove</TD
></TR
><TR
><TD
>file open/close/rename/unlink/chmod</TD
></TR
></TBODY
></TABLE
><P
></P
></P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN2669"
></A
>19.2.2. recycle</H2
><P
>A recycle-bin like modules. When used any unlink call
will be intercepted and files moved to the recycle
directory instead of beeing deleted.</P
><P
>Supported options:
<P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>vfs_recycle_bin:repository</DT
><DD
><P
>FIXME</P
></DD
><DT
>vfs_recycle_bin:keeptree</DT
><DD
><P
>FIXME</P
></DD
><DT
>vfs_recycle_bin:versions</DT
><DD
><P
>FIXME</P
></DD
><DT
>vfs_recycle_bin:touch</DT
><DD
><P
>FIXME</P
></DD
><DT
>vfs_recycle_bin:maxsize</DT
><DD
><P
>FIXME</P
></DD
><DT
>vfs_recycle_bin:exclude</DT
><DD
><P
>FIXME</P
></DD
><DT
>vfs_recycle_bin:exclude_dir</DT
><DD
><P
>FIXME</P
></DD
><DT
>vfs_recycle_bin:noversions</DT
><DD
><P
>FIXME</P
></DD
></DL
></DIV
></P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN2706"
></A
>19.2.3. netatalk</H2
><P
>A netatalk module, that will ease co-existence of samba and
netatalk file sharing services.</P
><P
>Advantages compared to the old netatalk module:
<P
></P
><TABLE
BORDER="0"
><TBODY
><TR
><TD
>it doesn't care about creating of .AppleDouble forks, just keeps ones in sync</TD
></TR
><TR
><TD
>if share in smb.conf doesn't contain .AppleDouble item in hide or veto list, it will be added automatically</TD
></TR
></TBODY
></TABLE
><P
></P
></P
></DIV
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN2713"
></A
>19.3. VFS modules available elsewhere</H1
><P
>This section contains a listing of various other VFS modules that
have been posted but don't currently reside in the Samba CVS
tree for one reason ot another (e.g. it is easy for the maintainer
to have his or her own CVS tree).</P
><P
>No statemets about the stability or functionality any module
should be implied due to its presence here.</P
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN2717"
></A
>19.3.1. DatabaseFS</H2
><P
>URL: <A
HREF="http://www.css.tayloru.edu/~elorimer/databasefs/index.php"
TARGET="_top"
>http://www.css.tayloru.edu/~elorimer/databasefs/index.php</A
></P
><P
>By <A
HREF="mailto:elorimer@css.tayloru.edu"
TARGET="_top"
>Eric Lorimer</A
>.</P
><P
>I have created a VFS module which implements a fairly complete read-only
filesystem. It presents information from a database as a filesystem in
a modular and generic way to allow different databases to be used
(originally designed for organizing MP3s under directories such as
"Artists," "Song Keywords," etc... I have since applied it to a student
roster database very easily). The directory structure is stored in the
database itself and the module makes no assumptions about the database
structure beyond the table it requires to run.</P
><P
>Any feedback would be appreciated: comments, suggestions, patches,
etc... If nothing else, hopefully it might prove useful for someone
else who wishes to create a virtual filesystem.</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN2725"
></A
>19.3.2. vscan</H2
><P
>URL: <A
HREF="http://www.openantivirus.org/"
TARGET="_top"
>http://www.openantivirus.org/</A
></P
><P
>samba-vscan is a proof-of-concept module for Samba, which
uses the VFS (virtual file system) features of Samba 2.2.x/3.0
alphaX. Of couse, Samba has to be compiled with VFS support.
samba-vscan supports various virus scanners and is maintained
by Rainer Link.</P
></DIV
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="pdb-xml.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="samba-ldap-howto.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Passdb XML plugin</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="optional.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Storing Samba's User/Machine Account information in an LDAP Directory</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

268
source/modules/vfs_audit.c Normal file
View File

@ -0,0 +1,268 @@
/*
* Auditing VFS module for samba. Log selected file operations to syslog
* facility.
*
* Copyright (C) Tim Potter, 1999-2000
* Copyright (C) Alexander Bokovoy, 2002
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "config.h"
#include <stdio.h>
#include <sys/stat.h>
#ifdef HAVE_UTIME_H
#include <utime.h>
#endif
#ifdef HAVE_DIRENT_H
#include <dirent.h>
#endif
#include <syslog.h>
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
#include <errno.h>
#include <string.h>
#include <includes.h>
#include <vfs.h>
#ifndef SYSLOG_FACILITY
#define SYSLOG_FACILITY LOG_USER
#endif
#ifndef SYSLOG_PRIORITY
#define SYSLOG_PRIORITY LOG_NOTICE
#endif
/* Function prototypes */
static int audit_connect(struct connection_struct *conn, const char *svc, const char *user);
static void audit_disconnect(struct connection_struct *conn);
static DIR *audit_opendir(struct connection_struct *conn, const char *fname);
static int audit_mkdir(struct connection_struct *conn, const char *path, mode_t mode);
static int audit_rmdir(struct connection_struct *conn, const char *path);
static int audit_open(struct connection_struct *conn, const char *fname, int flags, mode_t mode);
static int audit_close(struct files_struct *fsp, int fd);
static int audit_rename(struct connection_struct *conn, const char *old, const char *new);
static int audit_unlink(struct connection_struct *conn, const char *path);
static int audit_chmod(struct connection_struct *conn, const char *path, mode_t mode);
static int audit_chmod_acl(struct connection_struct *conn, const char *name, mode_t mode);
static int audit_fchmod(struct files_struct *fsp, int fd, mode_t mode);
static int audit_fchmod_acl(struct files_struct *fsp, int fd, mode_t mode);
/* VFS operations */
static struct vfs_ops default_vfs_ops; /* For passthrough operation */
static struct smb_vfs_handle_struct *audit_handle;
static vfs_op_tuple audit_ops[] = {
/* Disk operations */
{audit_connect, SMB_VFS_OP_CONNECT, SMB_VFS_LAYER_LOGGER},
{audit_disconnect, SMB_VFS_OP_DISCONNECT, SMB_VFS_LAYER_LOGGER},
/* Directory operations */
{audit_opendir, SMB_VFS_OP_OPENDIR, SMB_VFS_LAYER_LOGGER},
{audit_mkdir, SMB_VFS_OP_MKDIR, SMB_VFS_LAYER_LOGGER},
{audit_rmdir, SMB_VFS_OP_RMDIR, SMB_VFS_LAYER_LOGGER},
/* File operations */
{audit_open, SMB_VFS_OP_OPEN, SMB_VFS_LAYER_LOGGER},
{audit_close, SMB_VFS_OP_CLOSE, SMB_VFS_LAYER_LOGGER},
{audit_rename, SMB_VFS_OP_RENAME, SMB_VFS_LAYER_LOGGER},
{audit_unlink, SMB_VFS_OP_UNLINK, SMB_VFS_LAYER_LOGGER},
{audit_chmod, SMB_VFS_OP_CHMOD, SMB_VFS_LAYER_LOGGER},
{audit_fchmod, SMB_VFS_OP_FCHMOD, SMB_VFS_LAYER_LOGGER},
{audit_chmod_acl, SMB_VFS_OP_CHMOD_ACL, SMB_VFS_LAYER_LOGGER},
{audit_fchmod_acl, SMB_VFS_OP_FCHMOD_ACL, SMB_VFS_LAYER_LOGGER},
/* Finish VFS operations definition */
{NULL, SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
};
/* VFS initialisation function. Return vfs_op_tuple array back to SAMBA. */
vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops,
struct smb_vfs_handle_struct *vfs_handle)
{
*vfs_version = SMB_VFS_INTERFACE_VERSION;
memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops));
audit_handle = vfs_handle;
openlog("smbd_audit", LOG_PID, SYSLOG_FACILITY);
syslog(SYSLOG_PRIORITY, "VFS_INIT: vfs_ops loaded\n");
return audit_ops;
}
/* VFS finalization function. */
void vfs_done(connection_struct *conn)
{
syslog(SYSLOG_PRIORITY, "VFS_DONE: vfs module unloaded\n");
}
/* Implementation of vfs_ops. Pass everything on to the default
operation but log event first. */
static int audit_connect(struct connection_struct *conn, const char *svc, const char *user)
{
syslog(SYSLOG_PRIORITY, "connect to service %s by user %s\n",
svc, user);
return default_vfs_ops.connect(conn, svc, user);
}
static void audit_disconnect(struct connection_struct *conn)
{
syslog(SYSLOG_PRIORITY, "disconnected\n");
default_vfs_ops.disconnect(conn);
}
static DIR *audit_opendir(struct connection_struct *conn, const char *fname)
{
DIR *result = default_vfs_ops.opendir(conn, fname);
syslog(SYSLOG_PRIORITY, "opendir %s %s%s\n",
fname,
(result == NULL) ? "failed: " : "",
(result == NULL) ? strerror(errno) : "");
return result;
}
static int audit_mkdir(struct connection_struct *conn, const char *path, mode_t mode)
{
int result = default_vfs_ops.mkdir(conn, path, mode);
syslog(SYSLOG_PRIORITY, "mkdir %s %s%s\n",
path,
(result < 0) ? "failed: " : "",
(result < 0) ? strerror(errno) : "");
return result;
}
static int audit_rmdir(struct connection_struct *conn, const char *path)
{
int result = default_vfs_ops.rmdir(conn, path);
syslog(SYSLOG_PRIORITY, "rmdir %s %s%s\n",
path,
(result < 0) ? "failed: " : "",
(result < 0) ? strerror(errno) : "");
return result;
}
static int audit_open(struct connection_struct *conn, const char *fname, int flags, mode_t mode)
{
int result = default_vfs_ops.open(conn, fname, flags, mode);
syslog(SYSLOG_PRIORITY, "open %s (fd %d) %s%s%s\n",
fname, result,
((flags & O_WRONLY) || (flags & O_RDWR)) ? "for writing " : "",
(result < 0) ? "failed: " : "",
(result < 0) ? strerror(errno) : "");
return result;
}
static int audit_close(struct files_struct *fsp, int fd)
{
int result = default_vfs_ops.close(fsp, fd);
syslog(SYSLOG_PRIORITY, "close fd %d %s%s\n",
fd,
(result < 0) ? "failed: " : "",
(result < 0) ? strerror(errno) : "");
return result;
}
static int audit_rename(struct connection_struct *conn, const char *old, const char *new)
{
int result = default_vfs_ops.rename(conn, old, new);
syslog(SYSLOG_PRIORITY, "rename %s -> %s %s%s\n",
old, new,
(result < 0) ? "failed: " : "",
(result < 0) ? strerror(errno) : "");
return result;
}
static int audit_unlink(struct connection_struct *conn, const char *path)
{
int result = default_vfs_ops.unlink(conn, path);
syslog(SYSLOG_PRIORITY, "unlink %s %s%s\n",
path,
(result < 0) ? "failed: " : "",
(result < 0) ? strerror(errno) : "");
return result;
}
static int audit_chmod(struct connection_struct *conn, const char *path, mode_t mode)
{
int result = default_vfs_ops.chmod(conn, path, mode);
syslog(SYSLOG_PRIORITY, "chmod %s mode 0x%x %s%s\n",
path, mode,
(result < 0) ? "failed: " : "",
(result < 0) ? strerror(errno) : "");
return result;
}
static int audit_chmod_acl(struct connection_struct *conn, const char *path, mode_t mode)
{
int result = default_vfs_ops.chmod_acl(conn, path, mode);
syslog(SYSLOG_PRIORITY, "chmod_acl %s mode 0x%x %s%s\n",
path, mode,
(result < 0) ? "failed: " : "",
(result < 0) ? strerror(errno) : "");
return result;
}
static int audit_fchmod(struct files_struct *fsp, int fd, mode_t mode)
{
int result = default_vfs_ops.fchmod(fsp, fd, mode);
syslog(SYSLOG_PRIORITY, "fchmod %s mode 0x%x %s%s\n",
fsp->fsp_name, mode,
(result < 0) ? "failed: " : "",
(result < 0) ? strerror(errno) : "");
return result;
}
static int audit_fchmod_acl(struct files_struct *fsp, int fd, mode_t mode)
{
int result = default_vfs_ops.fchmod_acl(fsp, fd, mode);
syslog(SYSLOG_PRIORITY, "fchmod_acl %s mode 0x%x %s%s\n",
fsp->fsp_name, mode,
(result < 0) ? "failed: " : "",
(result < 0) ? strerror(errno) : "");
return result;
}

430
source/modules/vfs_netatalk.c Normal file
View File

@ -0,0 +1,430 @@
/*
* AppleTalk VFS module for Samba-3.x
*
* Copyright (C) Alexei Kotovich, 2002
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "config.h"
#include <stdio.h>
#include <sys/stat.h>
#ifdef HAVE_UTIME_H
#include <utime.h>
#endif
#ifdef HAVE_DIRENT_H
#include <dirent.h>
#endif
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
#include <errno.h>
#include <string.h>
#include <includes.h>
#include <vfs.h>
#define APPLEDOUBLE ".AppleDouble"
#define ADOUBLEMODE 0777
/* atalk functions */
static int atalk_build_paths(TALLOC_CTX *ctx, const char *path,
const char *fname, char **adbl_path, char **orig_path,
SMB_STRUCT_STAT *adbl_info, SMB_STRUCT_STAT *orig_info);
static int atalk_unlink_file(const char *path);
static struct vfs_ops default_vfs_ops; /* For passthrough operation */
static struct smb_vfs_handle_struct *atalk_handle;
static int atalk_get_path_ptr(char *path)
{
int i = 0;
int ptr = 0;
for (i = 0; path[i]; i ++) {
if (path[i] == '/')
ptr = i;
/* get out some 'spam';) from win32's file name */
else if (path[i] == ':') {
path[i] = '\0';
break;
}
}
return ptr;
}
static int atalk_build_paths(TALLOC_CTX *ctx, const char *path, const char *fname,
char **adbl_path, char **orig_path,
SMB_STRUCT_STAT *adbl_info, SMB_STRUCT_STAT *orig_info)
{
int ptr0 = 0;
int ptr1 = 0;
char *dname = 0;
char *name = 0;
if (!ctx || !path || !fname || !adbl_path || !orig_path ||
!adbl_info || !orig_info)
return -1;
#if 0
DEBUG(3, ("ATALK: PATH: %s[%s]\n", path, fname));
#endif
if (strstr(path, APPLEDOUBLE) || strstr(fname, APPLEDOUBLE)) {
DEBUG(3, ("ATALK: path %s[%s] already contains %s\n", path, fname, APPLEDOUBLE));
return -1;
}
if (fname[0] == '.') ptr0 ++;
if (fname[1] == '/') ptr0 ++;
*orig_path = talloc_asprintf(ctx, "%s/%s", path, &fname[ptr0]);
/* get pointer to last '/' */
ptr1 = atalk_get_path_ptr(*orig_path);
sys_lstat(*orig_path, orig_info);
if (S_ISDIR(orig_info->st_mode)) {
*adbl_path = talloc_asprintf(ctx, "%s/%s/%s/",
path, &fname[ptr0], APPLEDOUBLE);
} else {
dname = talloc_strdup(ctx, *orig_path);
dname[ptr1] = '\0';
name = *orig_path;
*adbl_path = talloc_asprintf(ctx, "%s/%s/%s",
dname, APPLEDOUBLE, &name[ptr1 + 1]);
}
#if 0
DEBUG(3, ("ATALK: DEBUG:\n%s\n%s\n", *orig_path, *adbl_path));
#endif
sys_lstat(*adbl_path, adbl_info);
return 0;
}
static int atalk_unlink_file(const char *path)
{
int ret = 0;
become_root();
ret = unlink(path);
unbecome_root();
return ret;
}
static void atalk_add_to_list(name_compare_entry **list)
{
int i, count = 0;
name_compare_entry *new_list = 0;
name_compare_entry *cur_list = 0;
cur_list = *list;
if (cur_list) {
for (i = 0, count = 0; cur_list[i].name; i ++, count ++) {
if (strstr(cur_list[i].name, APPLEDOUBLE))
return;
}
}
if (!(new_list = calloc(1,
(count == 0 ? 1 : count + 1) * sizeof(name_compare_entry))))
return;
for (i = 0; i < count; i ++) {
new_list[i].name = strdup(cur_list[i].name);
new_list[i].is_wild = cur_list[i].is_wild;
}
new_list[i].name = strdup(APPLEDOUBLE);
new_list[i].is_wild = False;
free_namearray(*list);
*list = new_list;
new_list = 0;
cur_list = 0;
}
static void atalk_rrmdir(TALLOC_CTX *ctx, char *path)
{
int n;
char *dpath;
struct dirent **namelist;
if (!path) return;
n = scandir(path, &namelist, 0, alphasort);
if (n < 0) {
return;
} else {
while (n --) {
if (strcmp(namelist[n]->d_name, ".") == 0 ||
strcmp(namelist[n]->d_name, "..") == 0)
continue;
if (!(dpath = talloc_asprintf(ctx, "%s/%s",
path, namelist[n]->d_name)))
continue;
atalk_unlink_file(dpath);
free(namelist[n]);
}
}
}
/* Disk operations */
/* Directory operations */
DIR *atalk_opendir(struct connection_struct *conn, const char *fname)
{
DIR *ret = 0;
ret = default_vfs_ops.opendir(conn, fname);
/*
* when we try to perform delete operation upon file which has fork
* in ./.AppleDouble and this directory wasn't hidden by Samba,
* MS Windows explorer causes the error: "Cannot find the specified file"
* There is some workaround to avoid this situation, i.e. if
* connection has not .AppleDouble entry in either veto or hide
* list then it would be nice to add one.
*/
atalk_add_to_list(&conn->hide_list);
atalk_add_to_list(&conn->veto_list);
return ret;
}
static int atalk_rmdir(struct connection_struct *conn, const char *path)
{
BOOL add = False;
TALLOC_CTX *ctx = 0;
char *dpath;
if (!conn || !conn->origpath || !path) goto exit_rmdir;
/* due to there is no way to change bDeleteVetoFiles variable
* from this module, gotta use talloc stuff..
*/
strstr(path, APPLEDOUBLE) ? (add = False) : (add = True);
if (!(ctx = talloc_init_named("remove_directory")))
goto exit_rmdir;
if (!(dpath = talloc_asprintf(ctx, "%s/%s%s",
conn->origpath, path, add ? "/"APPLEDOUBLE : "")))
goto exit_rmdir;
atalk_rrmdir(ctx, dpath);
exit_rmdir:
talloc_destroy(ctx);
return default_vfs_ops.rmdir(conn, path);
}
/* File operations */
static int atalk_rename(struct connection_struct *conn, const char *old, const char *new)
{
int ret = 0;
char *adbl_path = 0;
char *orig_path = 0;
SMB_STRUCT_STAT adbl_info;
SMB_STRUCT_STAT orig_info;
TALLOC_CTX *ctx;
ret = default_vfs_ops.rename(conn, old, new);
if (!conn || !old) return ret;
if (!(ctx = talloc_init_named("rename_file")))
return ret;
if (atalk_build_paths(ctx, conn->origpath, old, &adbl_path, &orig_path,
&adbl_info, &orig_info) != 0)
return ret;
if (S_ISDIR(orig_info.st_mode) || S_ISREG(orig_info.st_mode)) {
DEBUG(3, ("ATALK: %s has passed..\n", adbl_path));
goto exit_rename;
}
atalk_unlink_file(adbl_path);
exit_rename:
talloc_destroy(ctx);
return ret;
}
static int atalk_unlink(struct connection_struct *conn, const char *path)
{
int ret = 0, i;
char *adbl_path = 0;
char *orig_path = 0;
SMB_STRUCT_STAT adbl_info;
SMB_STRUCT_STAT orig_info;
TALLOC_CTX *ctx;
ret = default_vfs_ops.unlink(conn, path);
if (!conn || !path) return ret;
/* no .AppleDouble sync if veto or hide list is empty,
* otherwise "Cannot find the specified file" error will be caused
*/
if (!conn->veto_list) return ret;
if (!conn->hide_list) return ret;
for (i = 0; conn->veto_list[i].name; i ++) {
if (strstr(conn->veto_list[i].name, APPLEDOUBLE))
break;
}
if (!conn->veto_list[i].name) {
for (i = 0; conn->hide_list[i].name; i ++) {
if (strstr(conn->hide_list[i].name, APPLEDOUBLE))
break;
else {
DEBUG(3, ("ATALK: %s is not hidden, skipped..\n",
APPLEDOUBLE));
return ret;
}
}
}
if (!(ctx = talloc_init_named("unlink_file")))
return ret;
if (atalk_build_paths(ctx, conn->origpath, path, &adbl_path, &orig_path,
&adbl_info, &orig_info) != 0)
return ret;
if (S_ISDIR(orig_info.st_mode) || S_ISREG(orig_info.st_mode)) {
DEBUG(3, ("ATALK: %s has passed..\n", adbl_path));
goto exit_unlink;
}
atalk_unlink_file(adbl_path);
exit_unlink:
talloc_destroy(ctx);
return ret;
}
static int atalk_chmod(struct connection_struct *conn, const char *path, mode_t mode)
{
int ret = 0;
char *adbl_path = 0;
char *orig_path = 0;
SMB_STRUCT_STAT adbl_info;
SMB_STRUCT_STAT orig_info;
TALLOC_CTX *ctx;
ret = default_vfs_ops.chmod(conn, path, mode);
if (!conn || !path) return ret;
if (!(ctx = talloc_init_named("chmod_file")))
return ret;
if (atalk_build_paths(ctx, conn->origpath, path, &adbl_path, &orig_path,
&adbl_info, &orig_info) != 0)
return ret;
if (!S_ISDIR(orig_info.st_mode) && !S_ISREG(orig_info.st_mode)) {
DEBUG(3, ("ATALK: %s has passed..\n", orig_path));
goto exit_chmod;
}
chmod(adbl_path, ADOUBLEMODE);
exit_chmod:
talloc_destroy(ctx);
return ret;
}
static int atalk_chown(struct connection_struct *conn, const char *path, uid_t uid, gid_t gid)
{
int ret = 0;
char *adbl_path = 0;
char *orig_path = 0;
SMB_STRUCT_STAT adbl_info;
SMB_STRUCT_STAT orig_info;
TALLOC_CTX *ctx;
ret = default_vfs_ops.chown(conn, path, uid, gid);
if (!conn || !path) return ret;
if (!(ctx = talloc_init_named("chown_file")))
return ret;
if (atalk_build_paths(ctx, conn->origpath, path, &adbl_path, &orig_path,
&adbl_info, &orig_info) != 0)
return ret;
if (!S_ISDIR(orig_info.st_mode) && !S_ISREG(orig_info.st_mode)) {
DEBUG(3, ("ATALK: %s has passed..\n", orig_path));
goto exit_chown;
}
chown(adbl_path, uid, gid);
exit_chown:
talloc_destroy(ctx);
return ret;
}
static vfs_op_tuple atalk_ops[] = {
/* Directory operations */
{atalk_opendir, SMB_VFS_OP_OPENDIR, SMB_VFS_LAYER_TRANSPARENT},
{atalk_rmdir, SMB_VFS_OP_RMDIR, SMB_VFS_LAYER_TRANSPARENT},
/* File operations */
{atalk_rename, SMB_VFS_OP_RENAME, SMB_VFS_LAYER_TRANSPARENT},
{atalk_unlink, SMB_VFS_OP_UNLINK, SMB_VFS_LAYER_TRANSPARENT},
{atalk_chmod, SMB_VFS_OP_CHMOD, SMB_VFS_LAYER_TRANSPARENT},
{atalk_chown, SMB_VFS_OP_CHOWN, SMB_VFS_LAYER_TRANSPARENT},
/* Finish VFS operations definition */
{NULL, SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
};
/* VFS initialisation function. Return vfs_op_tuple array back to SAMBA. */
vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops,
struct smb_vfs_handle_struct *vfs_handle)
{
*vfs_version = SMB_VFS_INTERFACE_VERSION;
memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops));
atalk_handle = vfs_handle;
DEBUG(3, ("ATALK: vfs module loaded\n"));
return atalk_ops;
}
/* VFS finalization function. */
void vfs_done(connection_struct *conn)
{
DEBUG(3, ("ATALK: vfs module unloaded\n"));
}

559
source/modules/vfs_recycle.c Normal file
View File

@ -0,0 +1,559 @@
/*
* Recycle bin VFS module for Samba.
*
* Copyright (C) 2001, Brandon Stone, Amherst College, <bbstone@amherst.edu>.
* Copyright (C) 2002, Jeremy Allison - modified to make a VFS module.
* Copyright (C) 2002, Alexander Bokovoy - cascaded VFS adoption,
* Copyright (C) 2002, Juergen Hasch - added some options.
* Copyright (C) 2002, Simo Sorce
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#define ALLOC_CHECK(ptr, label) do { if ((ptr) == NULL) { DEBUG(0, ("recycle.bin: out of memory!\n")); errno = ENOMEM; goto label; } } while(0)
static int vfs_recycle_debug_level = DBGC_VFS;
#undef DBGC_CLASS
#define DBGC_CLASS vfs_recycle_debug_level
static const char *delimiter = "|"; /* delimiter for options */
/* One per connection */
typedef struct recycle_bin_struct
{
TALLOC_CTX *ctx;
char *repository; /* name of the recycle bin directory */
BOOL keep_dir_tree; /* keep directory structure of deleted file in recycle bin */
BOOL versions; /* create versions of deleted files with identical name */
BOOL touch; /* touch access date of deleted file */
char *exclude; /* which files to exclude */
char *exclude_dir; /* which directories to exclude */
char *noversions; /* which files to exclude from versioning */
SMB_OFF_T maxsize; /* maximum file size to be saved */
} recycle_bin_struct;
/* VFS operations */
static struct vfs_ops default_vfs_ops; /* For passthrough operation */
static int recycle_connect(struct connection_struct *conn, const char *service, const char *user);
static void recycle_disconnect(struct connection_struct *conn);
static int recycle_unlink(connection_struct *, const char *);
#define VFS_OP(x) ((void *) x)
static vfs_op_tuple recycle_ops[] = {
/* Disk operations */
{VFS_OP(recycle_connect), SMB_VFS_OP_CONNECT, SMB_VFS_LAYER_TRANSPARENT},
{VFS_OP(recycle_disconnect), SMB_VFS_OP_DISCONNECT, SMB_VFS_LAYER_TRANSPARENT},
/* File operations */
{VFS_OP(recycle_unlink), SMB_VFS_OP_UNLINK, SMB_VFS_LAYER_TRANSPARENT},
{NULL, SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
};
static BOOL check_bool_param(const char *value)
{
if (strwicmp(value, "yes") == 0 ||
strwicmp(value, "true") == 0 ||
strwicmp(value, "1") == 0)
return True;
return False;
}
/**
* VFS initialisation function.
*
* @retval initialised vfs_op_tuple array
**/
vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops,
struct smb_vfs_handle_struct *vfs_handle)
{
DEBUG(10, ("Initializing VFS module recycle\n"));
*vfs_version = SMB_VFS_INTERFACE_VERSION;
memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops));
vfs_recycle_debug_level = debug_add_class("vfs_recycle_bin");
if (vfs_recycle_debug_level == -1) {
vfs_recycle_debug_level = DBGC_VFS;
DEBUG(0, ("vfs_recycle: Couldn't register custom debugging class!\n"));
} else {
DEBUG(0, ("vfs_recycle: Debug class number of 'vfs_recycle': %d\n", vfs_recycle_debug_level));
}
return recycle_ops;
}
/**
* VFS finalization function.
*
**/
void vfs_done(connection_struct *conn)
{
DEBUG(10,("Called for connection %d\n", SNUM(conn)));
}
static int recycle_connect(struct connection_struct *conn, const char *service, const char *user)
{
TALLOC_CTX *ctx = NULL;
recycle_bin_struct *recbin;
char *servicename;
char *tmp_str;
DEBUG(10, ("Called for service %s (%d) as user %s\n", service, SNUM(conn), user));
if (!(ctx = talloc_init_named("recycle bin"))) {
DEBUG(0, ("Failed to allocate memory in VFS module recycle_bin\n"));
return 0;
}
recbin = talloc(ctx,sizeof(recycle_bin_struct));
if ( recbin == NULL) {
DEBUG(0, ("Failed to allocate memory in VFS module recycle_bin\n"));
return -1;
}
recbin->ctx = ctx;
/* Set defaults */
recbin->repository = talloc_strdup(ctx, ".recycle");
ALLOC_CHECK(recbin->repository, error);
recbin->keep_dir_tree = False;
recbin->versions = False;
recbin->touch = False;
recbin->exclude = "";
recbin->exclude_dir = "";
recbin->noversions = "";
recbin->maxsize = 0;
/* parse configuration options */
servicename = talloc_strdup(recbin->ctx, lp_servicename(SNUM(conn)));
DEBUG(10, ("servicename = %s\n",servicename));
if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "repository")) != NULL) {
recbin->repository = talloc_sub_conn(ctx, conn, tmp_str);
ALLOC_CHECK(recbin->repository, error);
trim_string(recbin->repository, "/", "/");
DEBUG(5, ("recycle.bin: repository = %s\n", recbin->repository));
}
if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "keeptree")) != NULL) {
if (check_bool_param(tmp_str) == True)
recbin->keep_dir_tree = True;
DEBUG(5, ("recycle.bin: keeptree = %s\n", tmp_str));
}
if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "versions")) != NULL) {
if (check_bool_param(tmp_str) == True)
recbin->versions = True;
DEBUG(5, ("recycle.bin: versions = %s\n", tmp_str));
}
if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "touch")) != NULL) {
if (check_bool_param(tmp_str) == True)
recbin->touch = True;
DEBUG(5, ("recycle.bin: touch = %s\n", tmp_str));
}
if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "maxsize")) != NULL) {
recbin->maxsize = strtoul(tmp_str, NULL, 10);
if (recbin->maxsize == 0) {
recbin->maxsize = -1;
DEBUG(5, ("recycle.bin: maxsize = -infinite-\n"));
} else {
DEBUG(5, ("recycle.bin: maxsize = %ld\n", (long int)recbin->maxsize));
}
}
if ((tmp_str = lp_parm_string(servicename, "vfs_recycle_bin", "exclude")) != NULL) {
recbin->exclude = talloc_strdup(ctx, tmp_str);
ALLOC_CHECK(recbin->exclude, error);
DEBUG(5, ("recycle.bin: exclude = %s\n", recbin->exclude));
}
if ((tmp_str = lp_parm_string(servicename,"vfs_recycle_bin", "exclude_dir")) != NULL) {
recbin->exclude_dir = talloc_strdup(ctx, tmp_str);
ALLOC_CHECK(recbin->exclude_dir, error);
DEBUG(5, ("recycle.bin: exclude_dir = %s\n", recbin->exclude_dir));
}
if ((tmp_str = lp_parm_string(servicename,"vfs_recycle_bin", "noversions")) != NULL) {
recbin->noversions = talloc_strdup(ctx, tmp_str);
ALLOC_CHECK(recbin->noversions, error);
DEBUG(5, ("recycle.bin: noversions = %s\n", recbin->noversions));
}
conn->vfs_private = (void *)recbin;
return default_vfs_ops.connect(conn, service, user);
error:
talloc_destroy(ctx);
return -1;
}
static void recycle_disconnect(struct connection_struct *conn)
{
DEBUG(10, ("Disconnecting VFS module recycle bin\n"));
if (conn->vfs_private) {
talloc_destroy(((recycle_bin_struct *)conn->vfs_private)->ctx);
conn->vfs_private = NULL;
}
default_vfs_ops.disconnect(conn);
}
static BOOL recycle_directory_exist(connection_struct *conn, const char *dname)
{
SMB_STRUCT_STAT st;
if (default_vfs_ops.stat(conn, dname, &st) == 0) {
if (S_ISDIR(st.st_mode)) {
return True;
}
}
return False;
}
static BOOL recycle_file_exist(connection_struct *conn, const char *fname)
{
SMB_STRUCT_STAT st;
if (default_vfs_ops.stat(conn, fname, &st) == 0) {
if (S_ISREG(st.st_mode)) {
return True;
}
}
return False;
}
/**
* Return file size
* @param conn connection
* @param fname file name
* @return size in bytes
**/
static SMB_OFF_T recycle_get_file_size(connection_struct *conn, const char *fname)
{
SMB_STRUCT_STAT st;
if (default_vfs_ops.stat(conn, fname, &st) != 0) {
DEBUG(0,("recycle.bin: stat for %s returned %s\n", fname, strerror(errno)));
return (SMB_OFF_T)0;
}
return(st.st_size);
}
/**
* Create directory tree
* @param conn connection
* @param dname Directory tree to be created
* @return Returns True for success
**/
static BOOL recycle_create_dir(connection_struct *conn, const char *dname)
{
int len;
mode_t mode;
char *new_dir = NULL;
char *tmp_str = NULL;
char *token;
char *tok_str;
BOOL ret = False;
mode = S_IREAD | S_IWRITE | S_IEXEC;
tmp_str = strdup(dname);
ALLOC_CHECK(tmp_str, done);
tok_str = tmp_str;
len = strlen(dname);
new_dir = (char *)malloc(len + 1);
ALLOC_CHECK(new_dir, done);
*new_dir = '\0';
/* Create directory tree if neccessary */
for(token = strtok(tok_str, "/"); token; token = strtok(NULL, "/")) {
safe_strcat(new_dir, token, len);
if (recycle_directory_exist(conn, new_dir))
DEBUG(10, ("recycle.bin: dir %s already exists\n", new_dir));
else {
DEBUG(5, ("recycle.bin: creating new dir %s\n", new_dir));
if (default_vfs_ops.mkdir(conn, new_dir, mode) != 0) {
DEBUG(1,("recycle.bin: mkdir failed for %s with error: %s\n", new_dir, strerror(errno)));
ret = False;
goto done;
}
}
safe_strcat(new_dir, "/", len);
}
ret = True;
done:
SAFE_FREE(tmp_str);
SAFE_FREE(new_dir);
return ret;
}
/**
* Check if needle is contained exactly in haystack
* @param haystack list of parameters separated by delimimiter character
* @param needle string to be matched exactly to haystack
* @return True if found
**/
static BOOL checkparam(const char *haystack, const char *needle)
{
char *token;
char *tok_str;
char *tmp_str;
BOOL ret = False;
if (haystack == NULL || strlen(haystack) == 0 || needle == NULL || strlen(needle) == 0) {
return False;
}
tmp_str = strdup(haystack);
ALLOC_CHECK(tmp_str, done);
token = tok_str = tmp_str;
for(token = strtok(tok_str, delimiter); token; token = strtok(NULL, delimiter)) {
if(strcmp(token, needle) == 0) {
ret = True;
goto done;
}
}
done:
SAFE_FREE(tmp_str);
return ret;
}
/**
* Check if needle is contained in haystack, * and ? patterns are resolved
* @param haystack list of parameters separated by delimimiter character
* @param needle string to be matched exectly to haystack including pattern matching
* @return True if found
**/
static BOOL matchparam(const char *haystack, const char *needle)
{
char *token;
char *tok_str;
char *tmp_str;
BOOL ret = False;
if (haystack == NULL || strlen(haystack) == 0 || needle == NULL || strlen(needle) == 0) {
return False;
}
tmp_str = strdup(haystack);
ALLOC_CHECK(tmp_str, done);
token = tok_str = tmp_str;
for(token = strtok(tok_str, delimiter); token; token = strtok(NULL, delimiter)) {
if (!unix_wild_match(token, needle)) {
ret = True;
goto done;
}
}
done:
SAFE_FREE(tmp_str);
return ret;
}
/**
* Touch access date
**/
static void recycle_touch(connection_struct *conn, const char *fname)
{
SMB_STRUCT_STAT st;
struct utimbuf tb;
time_t currtime;
if (default_vfs_ops.stat(conn, fname, &st) != 0) {
DEBUG(0,("recycle.bin: stat for %s returned %s\n", fname, strerror(errno)));
return;
}
currtime = time(&currtime);
tb.actime = currtime;
tb.modtime = st.st_mtime;
if (default_vfs_ops.utime(conn, fname, &tb) == -1 )
DEBUG(0, ("recycle.bin: touching %s failed, reason = %s\n", fname, strerror(errno)));
}
/**
* Check if file should be recycled
**/
static int recycle_unlink(connection_struct *conn, const char *inname)
{
recycle_bin_struct *recbin;
char *file_name = NULL;
char *path_name = NULL;
char *temp_name = NULL;
char *final_name = NULL;
char *base;
int i;
SMB_BIG_UINT dfree, dsize, bsize;
SMB_OFF_T file_size, space_avail;
BOOL exist;
int rc = -1;
file_name = strdup(inname);
ALLOC_CHECK(file_name, done);
if (conn->vfs_private)
recbin = (recycle_bin_struct *)conn->vfs_private;
else {
DEBUG(0, ("Recycle bin not initialized!\n"));
rc = default_vfs_ops.unlink(conn, file_name);
goto done;
}
if(!recbin->repository || *(recbin->repository) == '\0') {
DEBUG(3, ("Recycle path not set, purging %s...\n", file_name));
rc = default_vfs_ops.unlink(conn, file_name);
goto done;
}
/* we don't recycle the recycle bin... */
if (strncmp(file_name, recbin->repository, strlen(recbin->repository)) == 0) {
DEBUG(3, ("File is within recycling bin, unlinking ...\n"));
rc = default_vfs_ops.unlink(conn, file_name);
goto done;
}
file_size = recycle_get_file_size(conn, file_name);
/* it is wrong to purge filenames only because they are empty imho
* --- simo
*
if(fsize == 0) {
DEBUG(3, ("File %s is empty, purging...\n", file_name));
rc = default_vfs_ops.unlink(conn,file_name);
goto done;
}
*/
/* FIXME: this is wrong, we should check the hole size of the recycle bin is
* not greater then maxsize, not the size of the single file, also it is better
* to remove older files
*/
if(recbin->maxsize > 0 && file_size > recbin->maxsize) {
DEBUG(3, ("File %s exceeds maximum recycle size, purging... \n", file_name));
rc = default_vfs_ops.unlink(conn, file_name);
goto done;
}
/* FIXME: this is wrong: moving files with rename does not change the disk space
* allocation
*
space_avail = default_vfs_ops.disk_free(conn, ".", True, &bsize, &dfree, &dsize) * 1024L;
DEBUG(5, ("space_avail = %Lu, file_size = %Lu\n", space_avail, file_size));
if(space_avail < file_size) {
DEBUG(3, ("Not enough diskspace, purging file %s\n", file_name));
rc = default_vfs_ops.unlink(conn, file_name);
goto done;
}
*/
/* extract filename and path */
path_name = (char *)malloc(PATH_MAX);
ALLOC_CHECK(path_name, done);
*path_name = '\0';
safe_strcpy(path_name, file_name, PATH_MAX);
base = strrchr(path_name, '/');
if (base == NULL) {
base = file_name;
safe_strcpy(path_name, "/", PATH_MAX);
}
else {
*base = '\0';
base++;
}
DEBUG(10, ("recycle.bin: fname = %s\n", file_name)); /* original filename with path */
DEBUG(10, ("recycle.bin: fpath = %s\n", path_name)); /* original path */
DEBUG(10, ("recycle.bin: base = %s\n", base)); /* filename without path */
if (matchparam(recbin->exclude, base)) {
DEBUG(3, ("recycle.bin: file %s is excluded \n", base));
rc = default_vfs_ops.unlink(conn, file_name);
goto done;
}
/* FIXME: this check will fail if we have more than one level of directories,
* we shoud check for every level 1, 1/2, 1/2/3, 1/2/3/4 ....
* ---simo
*/
if (checkparam(recbin->exclude_dir, path_name)) {
DEBUG(3, ("recycle.bin: directory %s is excluded \n", path_name));
rc = default_vfs_ops.unlink(conn, file_name);
goto done;
}
temp_name = (char *)malloc(PATH_MAX);
ALLOC_CHECK(temp_name, done);
safe_strcpy(temp_name, recbin->repository, PATH_MAX);
/* see if we need to recreate the original directory structure in the recycle bin */
if (recbin->keep_dir_tree == True) {
safe_strcat(temp_name, "/", PATH_MAX);
safe_strcat(temp_name, path_name, PATH_MAX);
}
exist = recycle_directory_exist(conn, temp_name);
if (exist) {
DEBUG(10, ("recycle.bin: Directory already exists\n"));
} else {
DEBUG(10, ("recycle.bin: Creating directory %s\n", temp_name));
if (recycle_create_dir(conn, temp_name) == False) {
DEBUG(3, ("Could not create directory, purging %s...\n", file_name));
rc = default_vfs_ops.unlink(conn, file_name);
goto done;
}
}
final_name = (char *)malloc(PATH_MAX);
ALLOC_CHECK(final_name, done);
snprintf(final_name, PATH_MAX, "%s/%s", temp_name, base);
DEBUG(10, ("recycle.bin: recycled file name%s\n", temp_name)); /* new filename with path */
/* check if we should delete file from recycle bin */
if (recycle_file_exist(conn, final_name)) {
if (recbin->versions == False || matchparam(recbin->noversions, base) == True) {
DEBUG(3, ("recycle.bin: Removing old file %s from recycle bin\n", final_name));
if (default_vfs_ops.unlink(conn, final_name) != 0) {
DEBUG(1, ("recycle.bin: Error deleting old file: %s\n", strerror(errno)));
}
}
}
/* rename file we move to recycle bin */
i = 1;
while (recycle_file_exist(conn, final_name)) {
snprintf(final_name, PATH_MAX, "%s/Copy #%d of %s", temp_name, i++, base);
}
DEBUG(10, ("recycle.bin: Moving %s to %s\n", file_name, final_name));
rc = default_vfs_ops.rename(conn, file_name, final_name);
if (rc != 0) {
DEBUG(3, ("recycle.bin: Move error %d (%s), purging file %s (%s)\n", errno, strerror(errno), file_name, final_name));
rc = default_vfs_ops.unlink(conn, file_name);
goto done;
}
/* touch access date of moved file */
if (recbin->touch == True )
recycle_touch(conn, final_name);
done:
SAFE_FREE(file_name);
SAFE_FREE(path_name);
SAFE_FREE(temp_name);
SAFE_FREE(final_name);
return rc;
}

26
source/script/installmodules.sh Executable file
View File

@ -0,0 +1,26 @@
#!/bin/sh
INSTALLPERMS=$1
BASEDIR=$2
LIBDIR=$3
shift
shift
shift
for p in $*; do
p2=`basename $p`
echo Installing $p as $LIBDIR/$p2
cp -f $p $LIBDIR/
chmod $INSTALLPERMS $LIBDIR/$p2
done
cat << EOF
======================================================================
The modules are installed. You may uninstall the modules using the
command "make uninstallmodules" or "make uninstall" to uninstall
binaries, man pages, shell scripts and modules.
======================================================================
EOF
exit 0

37
source/script/uninstallmodules.sh Executable file
View File

@ -0,0 +1,37 @@
#!/bin/sh
#4 July 96 Dan.Shearer@UniSA.edu.au
INSTALLPERMS=$1
BASEDIR=$2
LIBDIR=$3
shift
shift
shift
if [ ! -d $LIBDIR ]; then
echo Directory $LIBDIR does not exist!
echo Do a "make installmodules" or "make install" first.
exit 1
fi
for p in $*; do
p2=`basename $p`
if [ -f $LIBDIR/$p2 ]; then
echo Removing $LIBDIR/$p2
rm -f $LIBDIR/$p2
if [ -f $LIBDIR/$p2 ]; then
echo Cannot remove $LIBDIR/$p2 ... does $USER have privileges?
fi
fi
done
cat << EOF
======================================================================
The modules have been uninstalled. You may restore the modules using
the command "make installmodules" or "make install" to install
binaries, modules, man pages and shell scripts.
======================================================================
EOF
exit 0

28
testsuite/build_farm/basicsmb-preexec.test Normal file
View File

@ -0,0 +1,28 @@
. basicsmb.fns
password=samba
(test_smb_conf_setup && test_smbpasswd $password ) || exit 1
rm -f $prefix/testdir/preexec_touch
mode=PREEXEC
(test_listfilesauth $mode) || exit 1
if [ -f $prefix/testdir/preexec_touch ]; then
rm -f $prefix/testdir/preexec_touch
else
exit 1;
fi
mode=PREEXEC_close
(test_listfilesauth $mode) || exit 1
if [ -f $prefix/testdir/preexec_touch ]; then
rm -f $prefix/testdir/preexec_touch
else
exit 1;
fi
mode=PREEXEC_cl_fail
(test_listfilesauth_should_deny $mode) || exit 1

1
testsuite/build_farm/basicsmb.smb.conf.preexec.template Normal file
View File

@ -0,0 +1 @@
preexec = /bin/sh PREFIX/lib/preexec

2
testsuite/build_farm/basicsmb.smb.conf.preexec_cl_fail.template Normal file
View File

@ -0,0 +1,2 @@
preexec close = yes
preexec = /bin/sh PREFIX/lib/preexec_does_not_exist

2
testsuite/build_farm/basicsmb.smb.conf.preexec_close.template Normal file
View File

@ -0,0 +1,2 @@
preexec close = yes
preexec = /bin/sh PREFIX/lib/preexec

1
testsuite/build_farm/basicsmb.smb.conf.validusers.template Normal file
View File

@ -0,0 +1 @@
valid users = WHOAMI

2
testsuite/build_farm/preexec.template Normal file
View File

@ -0,0 +1,2 @@
#!/bin/sh
echo "Test worked" > PREFIX/testdir/preexec_touch