• Choose a category
• All
• Classic-Fiction

Here’s a complete smb.conf example for a simple network:

[global]

# workgroup = NT-Domain-Name or Workgroup-Name

workgroup = MYGROUP

# List the hosts that may access Samba-shared objects.

# Here, only hosts on two class C nets are allowed.

hosts allow = 192.168.1. 192.168.2.

# Automatically load your printer list from a file.3

printcap name = /etc/printcap

load printers = yes

# Use a separate log file for each machine, and limit size to 50K.

log file = /var/log/samba/log.%m

max log size = 50

# Set the security mode. Most people will want user-level security. See

# security_level.txt in the Samba doc for details.

security = user

# You may wish to use password encryption. Please read ENCRYPTION.txt,

# Win95.txt and WinNT.txt in the Samba documentation. Do not enable this

# option unless you have read those documents.

; encrypt passwords = yes

; smb passwd file = /etc/smbpasswd

# Most people will find that this option gives better performance. See

# speed.txt and the manual pages for details.

socket options = TCP_NODELAY

# Share home directories. For instance, ~trent under UNIX will appear

# as the share "trent" in the PC browser.

[homes]

comment = Home Directories

browseable = no

writable = yes

# Share all printers.

[printers]

comment = All Printers

path = /var/spool/samba

browseable = no

guest ok = no

writable = no

printable = yes

# Share a specific directory.

[devel]

comment = Staff Development Shared Directory

path = /devel/shared

public = no

writable = yes

printable = no

create mask = 0765

As you can see from the comments, this smb.conf file is set up so that when users log in to their PCs, their home directories and the /devel/shared directory are both available. They can also print to all the printers that the server knows about.

Debugging Samba

Samba usually runs without requiring much attention. However, if you do have a problem, you can consult two primary sources of debugging information: the per-client log files and the smbstatus command.

The location of log files is specified in the smb.conf file, and in that directory you will find a file for each client that has attempted a connection. smbd grooms these files so that they do not exceed their specified maximum sizes.

These following log entries show successful connections:

01/19/2000 17:38:01 pan (192.225.55.154) connect to service trent as user trent

(uid=8164,gid=10) (pid 16625)

01/19/2000 17:40:30 pan (192.225.55.154) connect to service silver-lw as user

trent (uid=8164,gid=10) (pid 16625)

01/19/2000 17:43:51 pan (192.225.55.154) closed connection to service silver-lw

01/19/2000 17:43:51 pan (192.225.55.154) closed connection to service trent

smbstatus enables you to examine currently active connections and open files. This information can be especially useful when you are tracking down locking problems (“Which user has file xyz open read-write exclusive?”). The first section of output lists the resources that a user has connected to. The second part lists any active file locks, and the third part displays smbd’s resource usage.4

Samba version 2.0.5

Service uid gid pid machine

---------------------------------------------------

info trent staff 22545 pan

trent trent staff 22545 pan

Locked files:

Pid DenyMode R/W Oplock Name

--------------------------------------------------------------------------

22545 DENY_NONE RDWR EXCLUSIVE+BATCH /home/trent/res alloc 2.xls

Share mode memory usage (bytes):

1048336(99%) free + 168(0%) used + 72(0%) overhead = 1048576(100%) total

You can force a lock to be released by killing the smbd that “owns” the lock; the PID for each lock is shown in the output of smbstatus. Don’t tell your users you know how to do this, and be aware that breaking locks can lead to corrupted files. Sometimes you gotta do what you gotta do.

26.2 SECURE TERMINAL EMULATION WITH SSH

Some users may find themselves wanting to leave Windows behind and head for