1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-26 10:04:02 +03:00
Samba Release Account c290c229f9 Modified demo smb.conf to not have /tmp writeable by everyone by default.
According to server-linux some people seem to be uncommenting the example
[tmp] without thinking what it does  :-)

Dan
-

168 lines
5.3 KiB
Plaintext

; Configuration file for smbd.
; ============================================================================
; For the format of this file and comprehensive descriptions of all the
; configuration option, please refer to the man page for smb.conf(5).
;
; The following configuration should suit most systems for basic usage and
; initial testing. It gives all clients access to their home directories and
; allows access to all printers specified in /etc/printcap.
;
; Things you need to check:
; --------------------------
;
; 1: Check the path to your printcap file. If you are using a system that does
; not use printcap (eg., Solaris), create a file containing lines of the
; form
;
; printername|printername|printername|
;
; where each "printername" is the name of a printer you want to provide
; access to. Then alter the "printcap =" entry to point to the new file.
;
; If using Solaris, the following command will generate a suitable printcap
; file:
;
; lpc status | grep ":" | sed s/:/\|/ > myprintcap
;
; 2: Make sure the "print command" entry is correct for your system. This
; command should submit a file (represented by %s) to a printer
; (represented by %p) for printing and should REMOVE the file after
; printing.
;
; One most systems the default will be OK, as long as you get "printing ="
; right.
;
; It is also a good idea to use an absolute path in the print command
; as there is no guarantee the search path will be set correctly.
;
; 3: Make sure the "printing =" option is set correctly for your system.
; Possible values are "sysv", "bsd" or "aix".
;
; 4: Make sure the "lpq command" entry is correct for your system. The default
; may not work for you.
;
; 5: Make sure that the user specified in "guest account" exists. Typically
; this will be a user that cannot log in and has minimal privileges.
; Often the "nobody" account doesn't work (very system dependant).
;
; 6: You should consider the "security =" option. See a full description
; in the main documentation and the smb.conf(5) manual page
;
; 7: Look at the "hosts allow" option, unless you want everyone on the internet
; to be able to access your files.
;
[global]
printing = bsd
printcap name = /etc/printcap
load printers = yes
guest account = pcguest
; This next option sets a separate log file for each client. Remove
; it if you want a combined log file.
log file = /usr/local/samba/log.%m
; You will need a world readable lock directory and "share modes=yes"
; if you want to support the file sharing modes for multiple users
; of the same files
; lock directory = /usr/local/samba/var/locks
; share modes = yes
[homes]
comment = Home Directories
browseable = no
read only = no
create mode = 0750
[printers]
comment = All Printers
browseable = no
printable = yes
public = no
writable = no
create mode = 0700
; you might also want this one, notice that it is read only so as not to give
; people without an account write access.
;
; [tmp]
; comment = Temporary file space
; path = /tmp
; read only = yes
; public = yes
;
; Other examples.
;
; A private printer, usable only by fred. Spool data will be placed in fred's
; home directory. Note that fred must have write access to the spool directory,
; wherever it is.
;[fredsprn]
; comment = Fred's Printer
; valid users = fred
; path = /homes/fred
; printer = freds_printer
; public = no
; writable = no
; printable = yes
;
; A private directory, usable only by fred. Note that fred requires write
; access to the directory.
;[fredsdir]
; comment = Fred's Service
; path = /usr/somewhere/private
; valid users = fred
; public = no
; writable = yes
; printable = no
;
; A publicly accessible directory, but read only, except for people in
; the staff group
;[public]
; comment = Public Stuff
; path = /usr/somewhere/public
; public = yes
; writable = no
; printable = no
; write list = @staff
;
; a service which has a different directory for each machine that connects
; this allows you to tailor configurations to incoming machines. You could
; also use the %u option to tailor it by user name.
; The %m gets replaced with the machine name that is connecting.
;[pchome]
; comment = PC Directories
; path = /usr/pc/%m
; public = no
; writeable = yes
;
;
; A publicly accessible directory, read/write to all users. Note that all files
; created in the directory by users will be owned by the default user, so
; any user with access can delete any other user's files. Obviously this
; directory must be writable by the default user. Another user could of course
; be specified, in which case all files would be owned by that user instead.
;[public]
; path = /usr/somewhere/else/public
; public = yes
; only guest = yes
; writable = yes
; printable = no
;
;
; The following two entries demonstrate how to share a directory so that two
; users can place files there that will be owned by the specific users. In this
; setup, the directory should be writable by both users and should have the
; sticky bit set on it to prevent abuse. Obviously this could be extended to
; as many users as required.
;[myshare]
; comment = Mary's and Fred's stuff
; path = /usr/somewhere/shared
; valid users = mary fred
; public = no
; writable = yes
; printable = no
; create mask = 0765