Sams Teach Yourself Samba in 24 Hours
Hour 5: The smb.conf File: Telling Samba What to Do
Previous
Hour
|
Sections in this Chapter: |
|
|
|
||
|
||
|
|
Sams Teach Yourself Samba in 24 Hours |
|
|||||||||||||
|
Hour 5: The smb.conf File: Telling Samba What to Do |
|
|||||||||||||
|
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
A quick grep through the smb.conf 2.0 man page reveals over 130 unique global parameters and approximately 100 parameters related to shares. The smb.conf man page for version 2.0 is around 8,500 lines in length. Needless to say, quite a few options are available for configuring your server. In this section, I'll mention some of the more common ones. I've deferred discussion of some [global] options until later hours where the context is more relevant to the parameter's functionality. For a complete listing of all current [global] parameters, as always, please read the smb.conf man page.
The values for parameters, with a few exceptions, fall into three categories:
Parameters are of the form name = value such as:
netbios name = EAGLE
Only the first = sign is used in the parsing of the parameter and value. The value begins at the first non-white space character following the equals sign and continues until it locates the first carriage return that is not preceded by a \ character. Therefore, the following setting is equivalent to the netbios name parameter example.
netbios name = EAGLE
You have briefly seen the netbios name parameter, which enables you to set the NetBIOS machine name of the Samba server. As with most smb.conf parameters, it has a default value of the server's hostname. It is possible not to set this parameter and use the default value, but my personal preference is to define the machine name explicitly.
Default: netbios name = machine's internet hostname
Without getting too much into name resolution and browsing issues, it has been my experience that unless you have a very good reason to use a different NetBIOS machine name than the current Internet hostname, it is generally easier to manage if both names are the same. As an example, if the server's hostname was eagle, I would explicitly set the NetBIOS name as
netbios name = EAGLE
In Hour 2, "Windows Networking," in the section, "NetBIOS Overview," I mentioned that in a NetBIOS connection, there is a "calling" name held by the client and a "called" name requested by the client. A NetBIOS server answers only requests that match its called name. The netbios aliases parameter allows Samba to reply to multiple called names. In a particle sense, this means that you can see the same server under multiple names within a workgroup when browsing through the Network Neighborhood on a Windows client. Each server name could provide different services while still residing on the same physical machine. The default is to have no netbios aliases.
Default: netbios aliases = empty string
Figure 5.2 displays one server viewed through the Windows 95 Network Neighborhood when using this setting:
netbios aliases = admin acct business
|
Note - The Samba server's primary NetBIOS name, BILBO, also appears in the listing. Be aware that only the primary name (that is, netbios name = ...) is used for responding to requests for domain logons or when configured as a browse server. |
Figure
5.2
An example of a single Samba server using multiple NetBIOS aliases.
The workgroup parameter decides what workgroup the server indicates that it is a member of when servicing requests to clients. Workgroup membership also affects other settings such as domain logons, domain membership, and browse services.
The default for this parameter is determined at compile time by the WORKGROUP macro defined in the make file.
Default: workgoup = determined at compile
A workgroup name is a group NetBIOS name, and therefore must follow the standard naming conventions (see Hour 2). For example,
workgroup = FOWLPLAY
The server string parameter determines the text string displayed in the printer comment section of the Windows print manager. It is also displayed with the machine's NetBIOS name when viewing during network browsing such as in the Network Neighborhood. The text string, as with others, accepts smb.conf variables. This provides an easy way to verify the currently running version of Samba by using the %v variable. The default setting is
Default: server string = Samba %v
I normally use a more descriptive string to help determine the physical location of a machine:
server string = Administrative Print Server in Blg #1 [%v]
Here's an example of viewing the servers in the current workgroup from a Windows NT 4.0 SP3 machine.
H:\>net view Server Name Remark ------------------------------------------------------------------------- \\BURRITO Administrative Print Server in Blg #1 [2.1.0-prealpha] \\PIZZA Samba [1.9.18p7]
This parameter provides a means of overriding the compile time default location of the smbd log files.
Default: log file = set at compile time
There are some caveats to this parameter. You need to be aware of the order in which things occur.
1. If a file is specified using the -l switch at startup, smbd writes the initial log entries to the filename on the command line. If no location is given at startup, the smbd logs initial information in the file set at compile time.
2. After the configuration file is parsed once and the log file parameter is encountered, all future log entries are written to the file specified by the parameter's value.
This means that because smbd cannot be aware of the log file location as defined in the smb.conf file, it writes some initial information in the log file that it is aware of at startup.
|
Caution - The only way to override the compile default location for nmbd's log file is to use the -l switch at startup. |
This example would create a separate log file for each user who connected (or attempted to connect) to the server.
log file = /var/log/log.%U
The max log size parameter takes an integer value that specifies the maximum size in kilobytes that the log size should be allowed to grow. Samba regularly checks the size of the log files. If a log file has exceeded the maximum size defined, Samba renames the file using the extension .old and creates a new one. If a file by the same name (logfile.old) exists, it is overwritten. The default value is set to 5MB.
Default: max log size = 5000
You can, however, set this to whatever value you want. The following entry would set the maximum log file size to 2MB.
max log size = 2000
In order for this parameter to have any effect, you must set the compile-time option to enable syslog support:
./configure --with-syslog
The syslog parameter takes an integer value and maps Samba debug levels to syslog log levels. Table 5.3 lists the mappings. Only Samba debug messages with a level less than the integer specified are sent to the syslog daemon. Therefore, the default is to send only 0-level debug messages to syslog even though the value is set to 1:
Default: syslog = 1
Table 5.3 lists how the various debug levels map to the syslog error levels.
|
Samba Debug Level |
syslog Level |
0 |
LOG_ERR |
1 |
LOG_WARNING |
2 |
LOG_NOTICE |
3 |
LOG_INFO |
>3 |
LOG_DEBUG |
If I wanted to send all equivalent LOG_NOTICE messages to the syslogd process, I would add this entry in smb.conf:
syslog = 3
This Boolean parameter determines whether messages are sent only to the syslog daemon and not to the normal debug log files. This parameter is used in conjunction with the syslog parameter and also requires that syslog support be enabled at compile time. The default is to log debug entry to the standard smbd and nmbd logs in addition to the syslog files. You can force Samba to send only logging information to the syslogd daemon by setting
syslog only = yes
The debug level, also named log level, parameter enables you to set the maximum level of debug messages to be written to disk. The parameter has a default integer value of 2.
Default: debug level = 2
The debug level parameter sets the logging level for both smbd and nmbd. You use Samba's logs extensively for debugging purposes in later hours. Here is an example that sets the log level to 5:
debug level = 5
|
Caution - If you specify a debug level from the command line using the -d option, it overrides the value set by the debug level parameter. |
This parameter takes a directory path that determines where Samba writes its shared memory file, status file, browse list, WINS database (if WINS support is enabled), and lock files that are used to implement the max connections parameter. Samba's max connections setting is discussed in Hour 7, when you examine how to configure Samba to share directories. The purpose of the parameters is to define a limit on the number of clients that are able to simultaneously connect to a service.
The default lock directory, determined at compile time, is normally /usr/local/samba/var/locks:
Default: lock directory = determined at compile time
A practical example of why you would want to specify a lock directory other than the default would be in the case of allowing several servers to use the same set of Samba binaries by placing tools on an NFS-mounted file system. Many sites mount a file system at /usr/local/ for the purpose of sharing tools and utilities unique to its network. Although you can share binaries among Samba servers, it is impossible to share a lock directory. Therefore, you would need to specify a directory local to each server where Samba could place the necessary files.
lock directory = /var/spool/locks/samba
The name resolve order parameter is analogous to the /etc/nsswitch.conf file on platforms such as Linux, Solaris, and IRIX. This parameter lets you control the order in which names are attempted to be resolved. The parameter value is a space-separated list of four possible words. Table 5.4 lists the possible values and any curiosities.
Value |
Description |
The Samba lmhosts file is searched for a match to the requested name. | |
This value instructs Samba to perform a standard hostname-to-IP-address mapping using whatever means are available on the system such as /etc/hosts lookups, DNS queries, or NIS/NIS+ matches. Be aware that this method is used only if the NetBIOS name being resolved has the server resource tag (<20>). | |
|
If a WINS server is specified by the wins server or wins support parameters (see Hour 18, "WINS"), attempt to resolve the NetBIOS name by querying the WINS server. | |
Perform normal NetBIOS broadcast name resolution, which requires that the host in question be located on the same broadcast subnet (or there's a WINS proxy server perhaps). |
The default setting looks up the host first in the local lmhosts file. An lmhosts file is the NetBIOS equivalent to UNIX's /etc/hosts file. Next, Samba attempts to match the name with a hostname and resolve it using standard the standard means such as /etc/hosts lookups or DNS queries. If both of the two previous methods fail, the server contacts a WINS server if one has been specified in smb.conf. Finally Samba resorts to broadcast name queries.
Default: name resolve order = lmhosts hosts wins bcast
If you want to configure Samba so it never uses broadcasts as a means of resolving a name, you would use the following settings:
name resolve order = lmhosts wins hosts
This parameter enables you to set the number of minutes of inactivity before a connection (such as an smbd process) is considered to be dead and dropped. A connection is considered idle when there is no activity and it contains no open files. This can be helpful on a server that handles a large number of connections that are not always in use. My users have a tendency to log in and never log out, even when they go on vacation. Most modern clients have an automatic reconnect feature that makes this setting transparent to the user.
The default value of 0 indicates that the connection should never be dropped.
Default: dead time = 0
On my servers at work, I use a dead time of fifteen minutes:
dead time = 15
This parameter sets the absolute path to the smbrun binary, a small program used by the smbd daemon to execute shell commands. If you installed Samba using the standard make install, this parameter should not be needed. If you manually installed the Samba binaries to a location other than the $prefix defined in the make file, you need to set this parameter. If smbd cannot locate the smbrun binary, it logs appropriate debug messages in the log.smb file. The actual default value is determined by the $prefix make file variable.
Default: smbrun = set at compile time
If you have installed the tool in another directory, such as /usr/bin, you need to set the path location.
smbrun = /usr/bin/smbrun
The message command parameter sets the action that smbd takes when it receives a WinPopup-style message. From the discussion of NetBIOS names in Hour 2, you know that names with the <03> resource tag represent the messenger server. The WinPopup messages are sent to this name. Figure 5.3 shows the WinPopup Windows 95 utility preparing to send a message to the Samba servernamed BILBO.
Figure
5.3
Windows 95 OSR2 WinPopup.exe sends and receives messages.
Samba's default action is to discard WinPopup style messages.
Default: message command = none
Many possibilities can be used to send the message. The following example is one I used to display the message sent by the WinPopup client (see Figure 5.3) on my Linux box (see Figure 5.4).
message command = /bin/bash -c `/usr/X11R6/bin/xterm -T "WinPopup Message" \ -e /usr/bin/vim %s; rm %s' &
Figure
5.4
Message command executed on receipt of a WinPopup message.
Another example would be to use a command-line mail utility such as /bin/mailx to deliver the message using SMTP.
The WinPopup message is delivered as the global guest account (usually the nobody account). The command can contain additional variables besides the standard macros. These are listed in Table 5.5.
|
Variable |
Description |
The name of the file containing the message body. | |
The destination name to which the message was sent. This is normally the name of the server. | |
The name of the client who sent the message. |
There are a few items to be aware of when setting a message command:
This parameter accepts a list of all the share names that you want to be automatically visible in the browse list for the Samba server. This is probably most useful with regard to dynamically created services such as [homes] and [printers]. The default action (no shares automatically visible) would not allow the expanded version of these services to be seen.
Default: auto services = none
The following setting would enable the home directories for users jerryc and peteh to be seen in a browse list. This parameter does not delegate any more access to the files contained in the shares than a user would normally have.
Assume that jerryc and peteh are usernames in the local /etc/passwd and that the [homes] share has been defined correctly. These services are not normally available until the user has made a connection to the server. The following sample setting causes the shares to be shown in the browse list no matter what user connects to the server.
auto services = jerryc peteh
This, however, does not mean that users are able to connect to those particular shares; only that they can see that they are available on the particular server.
During the negotiation phase of an SMB connection setup, the client sends a list of protocol dialects that it understands. The server then selects the highest one that it knows. See Hour 2 for a review of this if you need to.
The protocol parameter enables you to specify the highest SMB dialect that Samba can negotiate. Normally this option should be left alone so that Samba handles the protocol selection automatically. The default allows smbd to negotiate the highest possible SMB dialect, NT1.
Default: protocol = NT1
The valid names and a short description of each one are listed in Table 5.6.
Setting this parameter to true makes nmbd announce itself as a time server to Windows clients and thus enables you to execute the following command and attain the appropriate result.
C:\WINDOWS> net time Current time at \\BILBO is 1-27-1999 9:39P.M. The command was completed successfully.
Even if you do not set this parameter, you can always query a specific server for the current time by executing the following
C:\WINDOWS> net time \\<servername> Default: time server = no
The default is not to respond to time server requests.
Default: time server = no
|
Sams Teach Yourself Samba in 24 Hours |
|
|||||||||||||
|
Hour 5: The smb.conf File: Telling Samba What to Do |
|
|||||||||||||
|
© Copyright Macmillan USA. All rights reserved.
){kind=link}
){kind=link}
){kind=link}