diff options
| author | bubulle <bubulle@alioth.debian.org> | 2008-07-13 06:30:49 +0000 |
|---|---|---|
| committer | bubulle <bubulle@alioth.debian.org> | 2008-07-13 06:30:49 +0000 |
| commit | cd6517abeae38753494fcd64acabe7d15f779864 (patch) | |
| tree | 009660ad24d09f79efc1557aaf441de6a1ef8d03 /docs-xml | |
| parent | 96c59e01d403456741bef79b3106dd78e91dd012 (diff) | |
| download | samba-cd6517abeae38753494fcd64acabe7d15f779864.tar.gz | |
merge upstream 3.0.31
git-svn-id: svn://svn.debian.org/svn/pkg-samba/trunk/samba@2035 fc4039ab-9d04-0410-8cac-899223bdd6b0
Diffstat (limited to 'docs-xml')
| -rw-r--r-- | docs-xml/Samba3-HOWTO/TOSHARG-CUPS-printing.xml | 59 | ||||
| -rw-r--r-- | docs-xml/Samba3-HOWTO/TOSHARG-TDBFiles.xml | 152 | ||||
| -rw-r--r-- | docs-xml/Samba3-HOWTO/index.xml | 2 | ||||
| -rw-r--r-- | docs-xml/build/DTD/samba.entities | 10 | ||||
| -rw-r--r-- | docs-xml/configure.ac | 3 | ||||
| -rw-r--r-- | docs-xml/manpages-3/smbsh.1.xml | 164 | ||||
| -rw-r--r-- | docs-xml/manpages-3/winbindd.8.xml | 29 | ||||
| -rw-r--r-- | docs-xml/smbdotconf/browse/oslevel.xml | 3 | ||||
| -rw-r--r-- | docs-xml/smbdotconf/misc/dosfilemode.xml | 17 | ||||
| -rw-r--r-- | docs-xml/smbdotconf/security/aclgroupcontrol.xml | 6 | ||||
| -rw-r--r-- | docs-xml/smbdotconf/security/unixpasswordsync.xml | 2 | ||||
| -rw-r--r-- | docs-xml/smbdotconf/vfs/getquotacommand.xml | 5 | ||||
| -rw-r--r-- | docs-xml/xslt/expand-smbconfdoc.xsl | 3 |
13 files changed, 229 insertions, 226 deletions
diff --git a/docs-xml/Samba3-HOWTO/TOSHARG-CUPS-printing.xml b/docs-xml/Samba3-HOWTO/TOSHARG-CUPS-printing.xml index 9b12e4cac5..50d2f6b32e 100644 --- a/docs-xml/Samba3-HOWTO/TOSHARG-CUPS-printing.xml +++ b/docs-xml/Samba3-HOWTO/TOSHARG-CUPS-printing.xml @@ -185,11 +185,10 @@ libcups.so.2 => /usr/lib/libcups.so.2 (0x40123000) <smbconfoption name="comment">All Printers</smbconfoption> <smbconfoption name="path">/var/spool/samba</smbconfoption> <smbconfoption name="browseable">no</smbconfoption> - <smbconfoption name="public">yes</smbconfoption> <smbconfoption name="guest ok">yes</smbconfoption> <smbconfoption name="writable">no</smbconfoption> <smbconfoption name="printable">yes</smbconfoption> - <smbconfoption name="printer admin">root, @ntadmins</smbconfoption> + <smbconfoption name="printer admin">root, @ntadmins, @smbprintadm</smbconfoption> </smbconfblock> </example> @@ -230,11 +229,10 @@ libcups.so.2 => /usr/lib/libcups.so.2 (0x40123000) <smbconfsection name="[printers]"/> <smbconfoption name="comment">All Printers</smbconfoption> <smbconfoption name="path">/var/spool/samba</smbconfoption> - <smbconfoption name="public">yes</smbconfoption> <smbconfoption name="guest ok">yes</smbconfoption> <smbconfoption name="writable">no</smbconfoption> <smbconfoption name="printable">yes</smbconfoption> - <smbconfoption name="printer admin">root, @ntadmins</smbconfoption> + <smbconfoption name="printer admin">root, @ntadmins, @smbprintadm</smbconfoption> <smbconfsection name="[special_printer]"/> <smbconfoption name="comment">A special printer with his own settings</smbconfoption> @@ -242,7 +240,6 @@ libcups.so.2 => /usr/lib/libcups.so.2 (0x40123000) <smbconfoption name="printing">sysv</smbconfoption> <smbconfoption name="printcap">lpstat</smbconfoption> <smbconfoption name="print command">echo "NEW: `date`: printfile %f" >> /tmp/smbprn.log ; echo " `date`: p-%p s-%s f-%f" >> /tmp/smbprn.log ; echo " `date`: j-%j J-%J z-%z c-%c" >> /tmp/smbprn.log ; rm %f </smbconfoption> - <smbconfoption name="public">no</smbconfoption> <smbconfoption name="guest ok">no</smbconfoption> <smbconfoption name="writable">no</smbconfoption> <smbconfoption name="printable">yes</smbconfoption> @@ -402,7 +399,9 @@ libcups.so.2 => /usr/lib/libcups.so.2 (0x40123000) </itemizedlist> <para> - The second method is recommended for use over the first. + The second method is recommended for use over the first as it reduces the + administrative efforts and prevents that different versions of the drivers + are used accidentally. </para> </sect2> @@ -765,7 +764,7 @@ application/octet-stream application/vnd.cups-raw 0 - deficiencies. <indexterm><primary>Ghostscript</primary><secondary>ESP</secondary><see>ESP GhostScript</see></indexterm> Therefore, ESP Ghostscript was developed as an enhancement over GNU Ghostscript, with lots of bug-fixes, additional devices, and improvements. It is jointly maintained by developers from - CUPS, Gimp-Print, MandrakeSoft, SuSE, Red Hat, and Debian. It includes the <quote>cups</quote> device + CUPS, Gutenprint, MandrakeSoft, SuSE, Red Hat, and Debian. It includes the <quote>cups</quote> device (essential to print to non-PS printers from CUPS). </para></tip> @@ -992,7 +991,7 @@ application/postscript ai eps ps string(0,%!) string(0,<04>%!) <parameter>application/postscript</parameter>, the other is <parameter>application/vnd.cups-postscript</parameter>. While <parameter>application/postscript</parameter> is meant to be device-independent, job options for the file are still outside the PS file content, embedded in - command-line or environment variables by CUPS, <parameter>application/vnd.cups-postscript</parameter> may have + command line or environment variables by CUPS, <parameter>application/vnd.cups-postscript</parameter> may have the job options inserted into the PostScript data itself (where applicable). The transformation of the generic PostScript (<parameter>application/postscript</parameter>) to the device-specific version (<parameter>application/vnd.cups-postscript</parameter>) is the responsibility of the CUPS @@ -1136,7 +1135,7 @@ text/plain application/postscript 33 texttops <varlistentry><term>filename</term> <listitem><para> - (optionally) The print request file (if missing, filters expected data + (optionally) The print request file (if missing, filters expect data fed through <filename>stdin</filename>). In most cases, it is easy to write a simple wrapper script around existing filters to make them work with CUPS. </para></listitem> @@ -1328,7 +1327,7 @@ text/plain application/postscript 33 texttops <indexterm><primary>rastertohp</primary></indexterm> <indexterm><primary>rastertoprinter</primary></indexterm> <indexterm><primary>rastertoprinter</primary></indexterm> -<indexterm><primary>Gimp-Print</primary></indexterm> +<indexterm><primary>Gutenprint</primary></indexterm> CUPS ships with quite a variety of raster drivers for processing CUPS raster. On my system, I find in /usr/lib/cups/filter/ the following: <parameter>rastertoalps</parameter>, <parameter>rastertobj</parameter>, <parameter>rastertoepson</parameter>, <parameter>rastertoescp</parameter>, <parameter>rastertopcl</parameter>, @@ -1336,7 +1335,7 @@ text/plain application/postscript 33 texttops <parameter>rastertodymo</parameter>, <parameter>rastertoescp</parameter>, <parameter>rastertohp</parameter>, and <parameter>rastertoprinter</parameter>. Don't worry if you have fewer drivers than this; some of these are installed by commercial add-ons to CUPS (like <parameter>rastertoturboprint</parameter>), and others (like - <parameter>rastertoprinter</parameter>) by third-party driver development projects (such as Gimp-Print) + <parameter>rastertoprinter</parameter>) by third-party driver development projects (such as Gutenprint) wanting to cooperate as closely as possible with CUPS. See <link linkend="small9">the Raster to Printer-Specific Formats illustration</link>. </para> @@ -1512,8 +1511,8 @@ text/plain application/postscript 33 texttops file. If you have such a PPD installed, the printer shows up in the CUPS Web interface with a <parameter>foomatic</parameter> namepart for the driver description. <parameter>cupsomatic</parameter> is a Perl script that runs - Ghostscript with all the complicated command-line options - autoconstructed from the selected PPD and command line options give to + Ghostscript with all the complicated command line options + autoconstructed from the selected PPD and command line options given to the print job. </para> @@ -1533,7 +1532,7 @@ text/plain application/postscript 33 texttops generation of them, still in heavy use out there) are not meeting the Adobe specifications. You might also suffer difficulties when you try to download them with <quote>Point'n'Print</quote> to Windows clients. A better - and more powerful successor is now in a stable beta-version: it is called <parameter>foomatic-rip</parameter>. To use + and more powerful successor is now available: it is called <parameter>foomatic-rip</parameter>. To use <parameter>foomatic-rip</parameter> as a filter with CUPS, you need the new type of PPDs, which have a similar but different line: <programlisting> @@ -1735,7 +1734,7 @@ application/octet-stream application/vnd.cups-raw 0 - file. Therefore, CUPS should autoconstruct a filtering chain, which delivers as its last output the specified MIME type. This is then taken as input to the specified <parameter>rastertoprinter</parameter> filter. After - the last filter has done its work (<parameter>rastertoprinter</parameter> is a Gimp-Print + the last filter has done its work (<parameter>rastertoprinter</parameter> is a Gutenprint filter), the file should go to the backend, which sends it to the output device. </para> @@ -1898,7 +1897,7 @@ application/octet-stream application/vnd.cups-raw 0 - would still show all pages of the original PDF).</para></listitem> <listitem><para>The file then passes the <parameter>pstops</parameter> - filter that applies the command-line options: it selects pages + filter that applies the command line options: it selects pages 2-5, 7, and 11-13, creates the imposed layout <quote>two pages on one sheet</quote>, and inserts the correct <quote>duplex</quote> command (as defined in the printer's PPD) into the new PostScript file; the file is now of PostScript MIME @@ -1951,7 +1950,7 @@ application/octet-stream application/vnd.cups-raw 0 - <indexterm><primary>pstops</primary></indexterm> <indexterm><primary>duplex printing</primary></indexterm> The file then passes the <quote>pstops</quote> filter that applies - the command-line options: it selects the pages 2-5, 7, and 11-13, + the command line options: it selects the pages 2-5, 7, and 11-13, creates the imposed layout <quote>two pages on one sheet,</quote> and inserts the correct <quote>duplex</quote> command (oops &smbmdash; this printer and PPD do not support duplex printing at all, so this option will @@ -2011,9 +2010,9 @@ application/octet-stream application/vnd.cups-raw 0 - </para></listitem> <listitem><para> - The <ulink url="http://gimp-print.sourceforge.net/">Gimp-Print Project</ulink> + The <ulink url="http://gimp-print.sourceforge.net/">Gutenprint Project</ulink> (GPL, free software) provides around 140 PPDs (supporting nearly 400 printers, many driven - to photo quality output), to be used alongside the Gimp-Print CUPS filters. + to photo quality output), to be used alongside the Gutenprint CUPS filters. </para></listitem> <listitem><para> @@ -2037,7 +2036,7 @@ application/octet-stream application/vnd.cups-raw 0 - <listitem><para> <ulink url="http://www.linuxprinting.org/">Foomatic/cupsomatic </ulink> (LPGL, free) from Linuxprinting.org provide PPDs for practically every Ghostscript - filter known to the world (including Omni, Gimp-Print, and HPIJS). + filter known to the world (including Omni, Gutenprint, and HPIJS). </para></listitem> </itemizedlist> @@ -2271,7 +2270,7 @@ PostScript, PCL, or PJL commands for the target printer. Printer driver GUI dial CUPS can load, without any conversions, the PPD file from any Windows (NT is recommended) PostScript driver and handle the options. There is a Web browser interface to the print options (select <ulink noescape="1" url="http://localhost:631/printers/">http://localhost:631/printers/</ulink> and click on one -<guibutton>Configure Printer</guibutton> button to see it) or a command-line interface (see <command>man +<guibutton>Configure Printer</guibutton> button to see it) or a command line interface (see <command>man lpoptions</command> or see if you have <command>lphelp</command> on your system). There are also some different GUI front-ends on Linux/UNIX, which can present PPD options to users. PPD options are normally meant to be evaluated by the PostScript RIP on the real PostScript printer. @@ -2481,7 +2480,6 @@ Prior to running <command>cupsaddsmb</command>, you need the settings in <smbconfoption name="comment">All Printers</smbconfoption> <smbconfoption name="path">/var/spool/samba</smbconfoption> <smbconfoption name="browseable">no</smbconfoption> -<smbconfoption name="public">yes</smbconfoption> <smbconfcomment>setting depends on your requirements</smbconfcomment> <smbconfoption name="guest ok">yes</smbconfoption> <smbconfoption name="writable">no</smbconfoption> @@ -2493,7 +2491,7 @@ Prior to running <command>cupsaddsmb</command>, you need the settings in <smbconfoption name="browseable">yes</smbconfoption> <smbconfoption name="guest ok">no</smbconfoption> <smbconfoption name="read only">yes</smbconfoption> -<smbconfoption name="write list">root</smbconfoption> +<smbconfoption name="write list">root, @smbprintadm</smbconfoption> </smbconfblock> </example> </sect2> @@ -3061,7 +3059,8 @@ CUPS/Samba server: After a few seconds, there should be a new printer in your client's <emphasis>local</emphasis> <guilabel>Printers</guilabel> folder. On Windows XP it will follow a naming convention of <emphasis>PrinterName on SambaServer</emphasis>. (In my current case it is infotec_2105 on kde-bitshop). If -you want to test it and send your first job from an application like Winword, the new printer appears in a +you want to test it and send your first job from an application like Microsoft Word, +the new printer appears in a <filename>\\SambaServer\PrinterName</filename> entry in the drop-down list of available printers. </para> @@ -3557,7 +3556,7 @@ driver in step 6. This command must succeed before you can proceed. </step> <step> -<para><title>Tell Samba which printer should use these driver files (<command>setdriver</command>).</title></para> +<title>Tell Samba which printer should use these driver files (<command>setdriver</command>).</title> <para> <indexterm><primary>rpcclient</primary><secondary>setdriver</secondary></indexterm> @@ -4119,8 +4118,8 @@ Speaking of the different driver development groups, most of the work is current models.</para></listitem> <listitem><para> -<indexterm><primary>Gimp-Print</primary></indexterm> - <ulink url="http://gimp-print.sf.net/">Gimp-Print</ulink> &smbmdash; a free software +<indexterm><primary>Gutenprint</primary></indexterm> + <ulink url="http://gimp-print.sourceforge.net/">Gutenprint</ulink> &smbmdash; a free software effort, started by Michael Sweet (also lead developer for CUPS), now directed by Robert Krawitz, which has achieved an amazing level of photo print quality (many Epson users swear that its quality is @@ -5050,9 +5049,9 @@ service first (renamed to <command>File & Print Sharing for MS Networks</com </sect2> <sect2> -<title>Win XP-SP1</title> +<title>Windows XP SP1</title> -<para>Win XP-SP1 introduced a Point and Print Restriction Policy (this restriction does not apply to +<para>Windows XP SP1 introduced a Point and Print Restriction Policy (this restriction does not apply to <quote>Administrator</quote> or <quote>Power User</quote> groups of users). In Group Policy Object Editor, go to <guimenu>User Configuration -> Administrative Templates -> Control Panel -> Printers</guimenu>. The policy is automatically set to <constant>Enabled</constant> and the <constant>Users can only Point and Print to @@ -5068,7 +5067,7 @@ possible. <para>How are you doing it? I bet the wrong way (it is not easy to find out, though). There are three different ways to bring you to a dialog that <emphasis>seems</emphasis> to set everything. All three dialogs <emphasis>look</emphasis> the same, yet only one of them does what you intend. You need to be Administrator or -Print Administrator to do this for all users. Here is how I do in on XP: +Print Administrator to do this for all users. Here is how I do it on XP: </para> <orderedlist numeration="upperalpha"> diff --git a/docs-xml/Samba3-HOWTO/TOSHARG-TDBFiles.xml b/docs-xml/Samba3-HOWTO/TOSHARG-TDBFiles.xml new file mode 100644 index 0000000000..cc8b105ffc --- /dev/null +++ b/docs-xml/Samba3-HOWTO/TOSHARG-TDBFiles.xml @@ -0,0 +1,152 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE chapter PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc"> +<chapter id="msdfs"> + +<chapterinfo> + &author.jht; + + <pubdate>May 28, 2008</pubdate> +</chapterinfo> + +<title>Managing TDB Files</title> + +<sect1> +<title>Features and Benefits</title> + + <para> +<indexterm><primary>tdb</primary></indexterm> +<indexterm><primary>Trivial Database</primary></indexterm> + Samba uses a lightweight database called Trivial Database (tdb) in which it stores persistent and transient data. + Some tdb files can be disposed of before restarting Samba, but others are used to store information that is vital + to Samba configuration and behavior. The following information is provided to help administrators who are seeking + to better manage their Samba installations. + </para> + + <para> +<indexterm><primary>tdb</primary></indexterm> +<indexterm><primary>currupted</primary></indexterm> +<indexterm><primary>backup</primary></indexterm> +<indexterm><primary>restore</primary></indexterm> + Those who package Samba for commercial distribution with operating systems and appliances would do well to take + note that tdb files can get corrupted, and for this reason ought to be backed up regularly. An appropriate time + is at system shutdown (backup) and startup (restore from backup). + </para> + +<table frame="all" id="TOSH-TDB"> + <title>Samba's Trivial Database Files</title> + <tgroup align="center" cols="2"> + <thead> + <row><entry>File name</entry><entry>Preserve</entry><entry>Description</entry></row> + </thead> + + <tbody> + <row><entry>account_policy.tdb</entry><entry>Y</entry> + <entry><para>NT account policy settings such as pw expiration, etc...</para></entry></row> + <row><entry>brlock.tdb</entry><entry>N</entry> + <entry><para>Byte range locks.</para></entry></row> + <row><entry>browse.dat</entry><entry>N</entry> + <entry><para>Browse lists - gets rebuilt automatically.</para></entry></row> + <row><entry>connections.tdb</entry><entry>N</entry> + <entry><para>Share connections. Used to enforce max connections, etc.</para></entry></row> + <row><entry>gencache.tdb</entry><entry>N</entry> + <entry><para>Generic caching database.</para></entry></row> + <row><entry>group_mapping.tdb</entry><entry>Y</entry> + <entry><para>Stores group mapping information. Not used when using LDAP backend.</para></entry></row> + <row><entry> lang_en.tdb</entry><entry>Y</entry> + <entry><para>Stores language encoding information.</para></entry></row> + <row><entry>locking.tdb</entry><entry>N</entry> + <entry><para>Stores share mode and oplock information.</para></entry></row> + <row><entry>login_cache.tdb</entry><entry>N</entry> + <entry><para>Keeps a log of bad pw attempts.</para></entry></row> + <row><entry>messages.tdb</entry><entry>N</entry> + <entry><para>Used to keep track of Samba internal messaging.</para></entry></row> + <row><entry>netsamlogon_cache.tdb</entry><entry>Y</entry> + <entry><para> + Cache of user net_info_3 struct from <emphasis>net_samlogon()</emphasis> + requests from domain member machines. + </para></entry></row> + <row><entry>ntdrivers.tdb</entry><entry>Y</entry> + <entry><para>Stores installed printer driver information.</para></entry></row> + <row><entry>ntforms.tdb</entry><entry>Y</entry> + <entry><para>Stores installed printer forms information.</para></entry></row> + <row><entry>ntprinters.tdb</entry><entry>Y</entry> + <entry><para>Stores installed printers information.</para></entry></row> + <row><entry>printing directory</entry><entry>Y</entry> + <entry><para>Directory containing tdb per print queue of cached lpq output.</para></entry></row> + <row><entry>registry.tdb</entry><entry>Y</entry> + <entry><para>Windows registry skeleton (connect via regedit.exe).</para></entry></row> + <row><entry>sessionid.tdb</entry><entry>N</entry> + <entry><para>Session information to support <literal>utmp = yes</literal> capabilities.</para></entry></row> + <row><entry>share_info.tdb</entry><entry>Y</entry> + <entry><para>Stores share-level ACL configuration settings. + Default ACL is <emphasis>Everyone - Full Control</emphasis>. + </para></entry></row> + <row><entry>unexpected.tdb</entry><entry>N</entry> + <entry><para> + Unexpected packet queue needed to support windows clients that respond on a + different port that the originating reques. + </para></entry></row> + <row><entry>winbindd_cache.tdb</entry><entry>N</entry> + <entry><para>Winbind's cache of user lists.</para></entry></row> + <row><entry>winbindd_idmap.tdb</entry><entry>Y</entry> + <entry><para>Winbind's local IDMAP database.</para></entry></row> + <row><entry>wins.dat</entry><entry>N</entry> + <entry><para> + WINS database iused only when <parameter>wins support = yes</parameter> + has been set. This gets rebuilt or updated at every restart. + </para></entry></row> + <row><entry>wins.tdb</entry><entry>Y</entry> + <entry><para> + The working permanent storage for all WINS data. This database is used only + when <parameter>wins support = yes</parameter> has been set in the &smb.conf; file. + Note: This retains all manually configured WINS entries. Manual setting can be done use the net utility. + </para></entry></row> + <row><entry>secrets.tdb</entry><entry>Y</entry> + <entry><para> + This tdb file stores internal settings such as the machine and the domain SID, secret passwords + that are used with LDAP, the machine secret token, etc. This is an essential file that is stored + in a secure area. Vendors locate this in various folders. Check <command>smbd -b</command> to + find its location on your system. + </para></entry></row> + <row><entry>schannel_store.tdb</entry><entry>Y</entry> + <entry><para> + This stores secure channel access token information used with SMB signing. + </para></entry></row> + <row><entry>passdb.tdb</entry><entry>Y</entry> + <entry><para> + This stores the Samba SAM account information when using a tdbsam password backend. + </para></entry></row> + </tbody> + </tgroup> + </table> + +</sect1> + +<sect1> +<title>Managing TDB Files</title> + + <para> + The <command>tdbbackup</command> utility is a tool that may be used to backup samba tdb files. + This tool may also be used to verify the integrity of the tdb files prior to Samba startup or + during normal operation. If it finds file damage it will search for a prior backup the backup + file from which the damaged tdb file will be restored. The <command>tdbbackup</command> + utility can safely be run at any time. It was designed so that it can be used at any time to + validate the integrity of tdb files, even during Samba operation. + </para> + + <para> + It is recommended to backup all tdb files as part of the Samba start-up scripts on a Samba + server. The following command syntax can be used: + </para> +<screen> +myserver# > cd /var/lib/samba +myserver@ > tdbbackup *.tdb +</screen> + <para> + The default extension is <filename>.bak</filename>. Any alternate extension can be specified + by executing <literal>tdbbackup -s 'new_extension' *.tdb</literal> as part of your startup script. + </para> + +</sect1> + +</chapter> diff --git a/docs-xml/Samba3-HOWTO/index.xml b/docs-xml/Samba3-HOWTO/index.xml index 1253b0352e..87b07951c7 100644 --- a/docs-xml/Samba3-HOWTO/index.xml +++ b/docs-xml/Samba3-HOWTO/index.xml @@ -193,6 +193,8 @@ The chapters in this part each cover specific Samba features. <?latex \cleardoublepage ?> <xi:include href="TOSHARG-Bugs.xml"/> <?latex \cleardoublepage ?> + <xi:include href="TOSHARG-TDBFiles.xml"/> + <?latex \cleardoublepage ?> </part> diff --git a/docs-xml/build/DTD/samba.entities b/docs-xml/build/DTD/samba.entities index 2e924d46ba..e34fbda81e 100644 --- a/docs-xml/build/DTD/samba.entities +++ b/docs-xml/build/DTD/samba.entities @@ -180,7 +180,7 @@ use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic.</para> <para>Note that specifying this parameter here will -override the <smbconfoption><name>log level</name></smbconfoption> parameter +override the <smbconfoption name="log level" /> parameter in the &smb.conf; file.</para> </listitem> </varlistentry>'> @@ -207,7 +207,7 @@ use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic.</para> <para>Note that specifying this parameter here will -override the <smbconfoption><name>log level</name></smbconfoption> parameter +override the <smbconfoption name="log level" /> parameter in the &smb.conf; file.</para> </listitem> </varlistentry>'> @@ -297,11 +297,11 @@ being on a locally connected subnet. <para>If this parameter is not set then the name resolve order defined in the &smb.conf; file parameter -(<smbconfoption><name>name resolve order</name></smbconfoption>) will be used. +(<smbconfoption name="name resolve order" />) will be used. </para> <para>The default order is lmhosts, host, wins, bcast. Without -this parameter or any entry in the <smbconfoption><name>name resolve order</name></smbconfoption> parameter of the &smb.conf; file, the name +this parameter or any entry in the <smbconfoption name="name resolve order" /> parameter of the &smb.conf; file, the name resolution methods will be attempted in this order. </para></listitem> </varlistentry>'> @@ -310,7 +310,7 @@ resolution methods will be attempted in this order. </para></listitem> <term>-n <primary NetBIOS name></term> <listitem><para>This option allows you to override the NetBIOS name that Samba uses for itself. This is identical -to setting the <smbconfoption><name>netbios name</name></smbconfoption> parameter in the &smb.conf; file. +to setting the <smbconfoption name="netbios name"/> parameter in the &smb.conf; file. However, a command line setting will take precedence over settings in &smb.conf;.</para></listitem> diff --git a/docs-xml/configure.ac b/docs-xml/configure.ac index c0d6686742..bc795ab0de 100644 --- a/docs-xml/configure.ac +++ b/docs-xml/configure.ac @@ -14,6 +14,9 @@ DOC_BUILD_DATE=`date '+%d-%m-%Y'` AC_SUBST(DOC_BUILD_DATE) AC_SUBST(SAMBASOURCEDIR) +BUILDDIR=$(pwd) +AC_SUBST(BUILDDIR) + DOCS_TARGET_REQUIRE_PROGRAM(XSLTPROC, xsltproc, ALL) DOCS_TARGET_REQUIRE_PROGRAM(RM, rm, ALL) dnl DOCS_TARGET_REQUIRE_PROGRAM(DIA, dia, LATEX) diff --git a/docs-xml/manpages-3/smbsh.1.xml b/docs-xml/manpages-3/smbsh.1.xml deleted file mode 100644 index 7424eb9605..0000000000 --- a/docs-xml/manpages-3/smbsh.1.xml +++ /dev/null @@ -1,164 +0,0 @@ -<?xml version="1.0" encoding="iso-8859-1"?> -<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc"> -<refentry id="smbsh.1"> - -<refmeta> - <refentrytitle>smbsh</refentrytitle> - <manvolnum>1</manvolnum> - <refmiscinfo class="source">Samba</refmiscinfo> - <refmiscinfo class="manual">User Commands</refmiscinfo> - <refmiscinfo class="version">3.0</refmiscinfo> -</refmeta> - - -<refnamediv> - <refname>smbsh</refname> - <refpurpose>Allows access to remote SMB shares - using UNIX commands</refpurpose> -</refnamediv> - -<refsynopsisdiv> - <cmdsynopsis> - <command>smbsh</command> - <arg choice="opt">-W workgroup</arg> - <arg choice="opt">-U username</arg> - <arg choice="opt">-P prefix</arg> - <arg choice="opt">-R <name resolve order></arg> - <arg choice="opt">-d <debug level></arg> - <arg choice="opt">-l logdir</arg> - <arg choice="opt">-L libdir</arg> - </cmdsynopsis> -</refsynopsisdiv> - -<refsect1> - <title>DESCRIPTION</title> - - <para>This tool is part of the <citerefentry><refentrytitle>samba</refentrytitle> - <manvolnum>7</manvolnum></citerefentry> suite.</para> - - <para><command>smbsh</command> allows you to access an NT filesystem - using UNIX commands such as <command>ls</command>, <command> - egrep</command>, and <command>rcp</command>. You must use a - shell that is dynamically linked in order for <command>smbsh</command> - to work correctly.</para> -</refsect1> - -<refsect1> - <title>OPTIONS</title> - - <variablelist> - <varlistentry> - <term>-W WORKGROUP</term> - <listitem><para>Override the default workgroup specified in the - workgroup parameter of the <citerefentry><refentrytitle>smb.conf</refentrytitle> - <manvolnum>5</manvolnum></citerefentry> file - for this session. This may be needed to connect to some - servers. </para></listitem> - </varlistentry> - - <varlistentry> - <term>-U username[%pass]</term> - <listitem><para>Sets the SMB username or username and password. - If this option is not specified, the user will be prompted for - both the username and the password. If %pass is not specified, - the user will be prompted for the password. - </para></listitem> - </varlistentry> - - <varlistentry> - <term>-P prefix</term> - <listitem><para>This option allows - the user to set the directory prefix for SMB access. The - default value if this option is not specified is - <emphasis>smb</emphasis>. - </para></listitem> - </varlistentry> - - &stdarg.configfile; - &stdarg.server.debug; - &stdarg.resolve.order; - - <varlistentry> - <term>-L libdir</term> - <listitem><para>This parameter specifies the location of the - shared libraries used by <command>smbsh</command>. The default - value is specified at compile time. - </para></listitem> - </varlistentry> - - </variablelist> -</refsect1> - -<refsect1> - <title>EXAMPLES</title> - - <para>To use the <command>smbsh</command> command, execute <command> - smbsh</command> from the prompt and enter the username and password - that authenticates you to the machine running the Windows NT - operating system. -<programlisting> -<prompt>system% </prompt><userinput>smbsh</userinput> -<prompt>Username: </prompt><userinput>user</userinput> -<prompt>Password: </prompt><userinput>XXXXXXX</userinput> -</programlisting></para> - - - <para>Any dynamically linked command you execute from - this shell will access the <filename>/smb</filename> directory - using the smb protocol. For example, the command <command>ls /smb - </command> will show a list of workgroups. The command - <command>ls /smb/MYGROUP </command> will show all the machines in - the workgroup MYGROUP. The command - <command>ls /smb/MYGROUP/<machine-name></command> will show the share - names for that machine. You could then, for example, use the <command> - cd</command> command to change directories, <command>vi</command> to - edit files, and <command>rcp</command> to copy files.</para> -</refsect1> - -<refsect1> - <title>VERSION</title> - - <para>This man page is correct for version 3.0 of the Samba suite.</para> -</refsect1> - -<refsect1> - <title>BUGS</title> - - <para><command>smbsh</command> works by intercepting the standard - libc calls with the dynamically loaded versions in <filename> - smbwrapper.o</filename>. Not all calls have been "wrapped", so - some programs may not function correctly under <command>smbsh - </command>.</para> - - <para>Programs which are not dynamically linked cannot make - use of <command>smbsh</command>'s functionality. Most versions - of UNIX have a <command>file</command> command that will - describe how a program was linked.</para> -</refsect1> - - -<refsect1> - <title>SEE ALSO</title> - <para><citerefentry><refentrytitle>smbd</refentrytitle> - <manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>smb.conf</refentrytitle> - <manvolnum>5</manvolnum></citerefentry></para> -</refsect1> - -<refsect1> - <title>AUTHOR</title> - - <para>The original Samba software and related utilities - were created by Andrew Tridgell. Samba is now developed - by the Samba Team as an Open Source project similar - to the way the Linux kernel is developed.</para> - - <para>The original Samba man pages were written by Karl Auer. - The man page sources were converted to YODL format (another - excellent piece of Open Source software, available at <ulink url="ftp://ftp.icce.rug.nl/pub/unix/"> - ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0 - release by Jeremy Allison. The conversion to DocBook for - Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 - for Samba 3.0 was done by Alexander Bokovoy.</para> -</refsect1> - -</refentry> diff --git a/docs-xml/manpages-3/winbindd.8.xml b/docs-xml/manpages-3/winbindd.8.xml index a52a4c25b0..fd1a2b2552 100644 --- a/docs-xml/manpages-3/winbindd.8.xml +++ b/docs-xml/manpages-3/winbindd.8.xml @@ -7,7 +7,7 @@ <manvolnum>8</manvolnum> <refmiscinfo class="source">Samba</refmiscinfo> <refmiscinfo class="manual">System Administration tools</refmiscinfo> - <refmiscinfo class="version">3.0</refmiscinfo> + <refmiscinfo class="version">3.2</refmiscinfo> </refmeta> @@ -45,15 +45,14 @@ <para>Even if winbind is not used for nsswitch, it still provides a service to <command>smbd</command>, <command>ntlm_auth</command> and the <command>pam_winbind.so</command> PAM module, by managing connections to - domain controllers. In this configuraiton the - <smbconfoption name="idmap uid"/> and - <smbconfoption name="idmap gid"/> + domain controllers. In this configuration the + <smbconfoption name="idmap uid"/> and <smbconfoption name="idmap gid"/> parameters are not required. (This is known as `netlogon proxy only mode'.)</para> - <para> The Name Service Switch allows user + <para>The Name Service Switch allows user and system information to be obtained from different databases services such as NIS or DNS. The exact behaviour can be configured - throught the <filename>/etc/nsswitch.conf</filename> file. + through the <filename>/etc/nsswitch.conf</filename> file. Users and groups are allocated as they are resolved to a range of user and group ids specified by the administrator of the Samba system.</para> @@ -61,13 +60,12 @@ <para>The service provided by <command>winbindd</command> is called `winbind' and can be used to resolve user and group information from a Windows NT server. The service can also provide authentication - services via an associated PAM module. </para> + services via an associated PAM module.</para> <para> The <filename>pam_winbind</filename> module supports the <parameter>auth</parameter>, <parameter>account</parameter> - and <parameter>password</parameter> - module-types. It should be noted that the + and <parameter>password</parameter> module-types. It should be noted that the <parameter>account</parameter> module simply performs a getpwnam() to verify that the system can obtain a uid for the user, as the domain controller has already performed access control. If the @@ -119,12 +117,17 @@ resolve user and group information from <filename>/etc/passwd </filename> and <filename>/etc/group</filename> and then from the Windows NT server. + </para> + <programlisting> passwd: files winbind group: files winbind -## only available on IRIX; Linux users should us libnss_wins.so -hosts: files dns winbind -</programlisting></para> +## only available on IRIX: use winbind to resolve hosts: +# hosts: files dns winbind +## All other NSS enabled systems should use libnss_wins.so like this: +hosts: files dns wins + +</programlisting> <para>The following simple configuration in the <filename>/etc/nsswitch.conf</filename> file can be used to initially @@ -470,7 +473,7 @@ auth required /lib/security/pam_unix.so \ <refsect1> <title>VERSION</title> - <para>This man page is correct for version 3.0 of + <para>This man page is correct for version 3 of the Samba suite.</para> </refsect1> diff --git a/docs-xml/smbdotconf/browse/oslevel.xml b/docs-xml/smbdotconf/browse/oslevel.xml index 7556a83051..1081597bcd 100644 --- a/docs-xml/smbdotconf/browse/oslevel.xml +++ b/docs-xml/smbdotconf/browse/oslevel.xml @@ -16,7 +16,8 @@ systems except a Windows NT 4.0/2000 Domain Controller. This means that a misconfigured Samba host can effectively isolate a subnet for browsing purposes. This parameter is largely auto-configured in the Samba-3 release series and it is seldom necessary to manually override the default setting. Please refer to - chapter 9 of the Samba-3 HOWTO document for further information regarding the use of this parameter. + the chapter on Network Browsing in the Samba-3 HOWTO document for further information regarding the use + of this parameter. <emphasis>Note:</emphasis> The maximum value for this parameter is 255. If you use higher values, counting will start at 0! </para> diff --git a/docs-xml/smbdotconf/misc/dosfilemode.xml b/docs-xml/smbdotconf/misc/dosfilemode.xml index ae3b475107..e67ccd935a 100644 --- a/docs-xml/smbdotconf/misc/dosfilemode.xml +++ b/docs-xml/smbdotconf/misc/dosfilemode.xml @@ -3,15 +3,16 @@ type="boolean" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> <description> - <para> The default behavior in Samba is to provide - UNIX-like behavior where only the owner of a file/directory is + <para> The default behavior in Samba is to provide + UNIX-like behavior where only the owner of a file/directory is able to change the permissions on it. However, this behavior - is often confusing to DOS/Windows users. Enabling this parameter - allows a user who has write access to the file (by whatever - means) to modify the permissions (including ACL) on it. Note that a user - belonging to the group owning the file will not be allowed to - change permissions if the group is only granted read access. - Ownership of the file/directory may also be changed.</para> + is often confusing to DOS/Windows users. Enabling this parameter + allows a user who has write access to the file (by whatever + means, including an ACL permission) to modify the permissions + (including ACL) on it. Note that a user belonging to the group + owning the file will not be allowed to change permissions if + the group is only granted read access. Ownership of the + file/directory may also be changed.</para> </description> <value type="default">no</value> </samba:parameter> diff --git a/docs-xml/smbdotconf/security/aclgroupcontrol.xml b/docs-xml/smbdotconf/security/aclgroupcontrol.xml index e2600ca9da..6efd46dd8d 100644 --- a/docs-xml/smbdotconf/security/aclgroupcontrol.xml +++ b/docs-xml/smbdotconf/security/aclgroupcontrol.xml @@ -30,8 +30,10 @@ </para> <para> - This is parameter has been marked deprecated in Samba 3.0.23. The same behavior is now - implemented by the <parameter moreinfo="none">dos filemode</parameter> option. + This is parameter has been was deprecated in Samba 3.0.23, but re-activated in + Samba 3.0.31 and above, as it now only controls permission changes if the user + is in the owning primary group. It is now no longer equivalent to the + <parameter moreinfo="none">dos filemode</parameter> option. </para> </description> diff --git a/docs-xml/smbdotconf/security/unixpasswordsync.xml b/docs-xml/smbdotconf/security/unixpasswordsync.xml index 7f30c47d90..22971da01c 100644 --- a/docs-xml/smbdotconf/security/unixpasswordsync.xml +++ b/docs-xml/smbdotconf/security/unixpasswordsync.xml @@ -8,7 +8,7 @@ attempts to synchronize the UNIX password with the SMB password when the encrypted SMB password in the smbpasswd file is changed. If this is set to <constant>yes</constant> the program specified in the <parameter moreinfo="none">passwd - program</parameter>parameter is called <emphasis>AS ROOT</emphasis> - + program</parameter> parameter is called <emphasis>AS ROOT</emphasis> - to allow the new UNIX password to be set without access to the old UNIX password (as the SMB password change code has no access to the old password cleartext, only the new).</para> diff --git a/docs-xml/smbdotconf/vfs/getquotacommand.xml b/docs-xml/smbdotconf/vfs/getquotacommand.xml index 809d1a118f..92016ef46c 100644 --- a/docs-xml/smbdotconf/vfs/getquotacommand.xml +++ b/docs-xml/smbdotconf/vfs/getquotacommand.xml @@ -8,8 +8,9 @@ whenever there is no operating system API available from the OS that samba can use.</para> - <para>This option is only available with <command>./configure --with-sys-quotas</command>. - Or on linux when <command>./configure --with-quotas</command> was used and a working quota api + <para>This option is only available you have compiled Samba with the + <command moreinfo="none">--with-sys-quotas</command> option or on Linux with + <command moreinfo="none">--with-quotas</command> and a working quota api was found in the system.</para> <para>This parameter should specify the path to a script that diff --git a/docs-xml/xslt/expand-smbconfdoc.xsl b/docs-xml/xslt/expand-smbconfdoc.xsl index 5b2de1ce1f..617d490ce9 100644 --- a/docs-xml/xslt/expand-smbconfdoc.xsl +++ b/docs-xml/xslt/expand-smbconfdoc.xsl @@ -136,12 +136,15 @@ </xsl:element> </xsl:element> <xsl:element name="title"> + <xsl:text> </xsl:text> + <xsl:text> </xsl:text> <xsl:element name="anchor"> <xsl:attribute name="id"> <xsl:value-of select="translate(translate(string(.),' ',''), 'abcdefghijklmnopqrstuvwxyz','ABCDEFGHIJKLMNOPQRSTUVWXYZ')"/> </xsl:attribute> </xsl:element> <xsl:value-of select="."/> + <xsl:text> </xsl:text> </xsl:element> <xsl:element name="variablelist"> <xsl:element name="varlistentry"> |