summaryrefslogtreecommitdiffstats
path: root/docs/manpages/smbd.8
diff options
context:
space:
mode:
Diffstat (limited to 'docs/manpages/smbd.8')
-rw-r--r--docs/manpages/smbd.8407
1 files changed, 407 insertions, 0 deletions
diff --git a/docs/manpages/smbd.8 b/docs/manpages/smbd.8
new file mode 100644
index 00000000000..bae41b2c479
--- /dev/null
+++ b/docs/manpages/smbd.8
@@ -0,0 +1,407 @@
+.TH SMBD 8 17/1/1995 smbd smbd
+.SH NAME
+smbd \- provide SMB (aka LanManager) services to clients
+.SH SYNOPSIS
+.B smbd
+[
+.B -D
+] [
+.B -a
+] [
+.B -d
+.I debuglevel
+] [
+.B -l
+.I log file
+] [
+.B -p
+.I port number
+] [
+.B -O
+.I socket options
+] [
+.B -s
+.I configuration file
+]
+.SH DESCRIPTION
+This program is part of the Samba suite.
+
+.B smbd
+is a server that can provide most SMB services. The
+server provides filespace and printer services to clients using the SMB
+protocol. This is compatible with the LanManager protocol, and can
+service LanManager clients.
+
+An extensive description of the services that the server can provide is given
+in the man page for the configuration file controlling the attributes of those
+services (see
+.B smb.conf(5)). This man page will not describe the services, but
+will concentrate on the administrative aspects of running the server.
+
+Please note that there are significant security implications to running this
+server, and
+.B smb.conf(5) should be regarded as mandatory reading before proceeding with
+installation.
+
+A session is created whenever a client requests one. Each client gets a copy
+of the server for each session. This copy then services all connections made
+by the client during that session. When all connections from its client are
+are closed, the copy of the server for that client terminates.
+
+The configuration file is automatically reloaded if it changes. You
+can force a reload by sending a SIGHUP to the server.
+
+.SH OPTIONS
+.B -D
+
+.RS 3
+If specified, this parameter causes the server to operate as a daemon. That is,
+it detaches itself and runs in the background, fielding requests on the
+appropriate port.
+
+By default, the server will NOT operate as a daemon.
+.RE
+
+.B -a
+
+.RS 3
+If this parameter is specified, the log files will be overwritten with each
+new connection. By default, the log files will be appended to.
+.RE
+
+.B -d
+.I debuglevel
+.RS 3
+
+debuglevel is an integer from 0 to 5.
+
+The default value if this parameter is not specified is zero.
+
+The higher this value, the more detail will be logged to the log files about
+the activities of the server. At level 0, only critical errors and serious
+warnings will be logged. Level 1 is a reasonable level for day to day running
+- it generates a small amount of information about operations carried out.
+
+Levels above 1 will generate considerable amounts of log data, and should
+only be used when investigating a problem. Levels above 3 are designed for
+use only by developers and generate HUGE amounts of log data, most of which
+is extremely cryptic.
+.RE
+
+.B -l
+.I log file
+
+.RS 3
+If specified,
+.I logfile
+specifies a base filename into which operational data from the running server
+will be logged.
+
+The default base name is specified at compile time.
+
+The base name is used to generate actual log file names. For example, if the
+name specified was "log", the following files would be used for log data:
+
+.RS 3
+log.debug (containing debugging information)
+
+log.in (containing inbound transaction data)
+
+log.out (containing outbound transaction data)
+.RE
+
+The log files generated are never removed by the server.
+.RE
+
+.B -O
+.I socket options
+.RS 3
+
+See the socket options section of smb.conf(5) for details
+
+.RE
+.B -p
+.I port number
+.RS 3
+
+port number is a positive integer value.
+
+The default value if this parameter is not specified is 139.
+
+This number is the port number that will be used when making connections to
+the server from client software. The standard (well-known) port number for the
+server is 139, hence the default. If you wish to run the server as an ordinary
+user rather than as root, most systems will require you to use a port number
+greater than 1024 - ask your system administrator for help if you are in this
+situation.
+
+This parameter is not normally specified except in the above situation.
+.RE
+
+.B -s
+.I configuration file
+
+.RS 3
+The default configuration file name is determined at compile time.
+
+The file specified contains the configuration details required by the server.
+The information in this file includes server-specific information such as
+what printcap file to use, as well as descriptions of all the services that the
+server is to provide. See
+.B smb.conf(5) for more information.
+.RE
+
+.SH FILES
+
+.B /etc/inetd.conf
+
+.RS 3
+If the server is to be run by the inetd meta-daemon, this file must contain
+suitable startup information for the meta-daemon. See the section
+"INSTALLATION" below.
+.RE
+
+.B /etc/rc
+
+.RS 3
+(or whatever initialisation script your system uses)
+
+If running the server as a daemon at startup, this file will need to contain
+an appropriate startup sequence for the server. See the section "INSTALLATION"
+below.
+.RE
+
+.B /etc/services
+
+.RS 3
+If running the server via the meta-daemon inetd, this file must contain a
+mapping of service name (eg., netbios-ssn) to service port (eg., 139) and
+protocol type (eg., tcp). See the section "INSTALLATION" below.
+.RE
+
+.B /usr/local/smb/smb.conf
+
+.RS 3
+This file describes all the services the server is to make available to
+clients. See
+.B smb.conf(5) for more information.
+.RE
+.RE
+
+.SH LIMITATIONS
+
+On some systems smbd cannot change uid back to root after a setuid() call.
+Such systems are called "trapdoor" uid systems. If you have such a system,
+you will be unable to connect from a client (such as a PC) as two different
+users at once. Attempts to connect the second user will result in "access
+denied" or similar.
+
+.SH ENVIRONMENT VARIABLES
+
+.B PRINTER
+
+.RS 3
+If no printer name is specified to printable services, most systems will
+use the value of this variable (or "lp" if this variable is not defined)
+as the name of the printer to use. This is not specific to the server,
+however.
+.RE
+
+.SH INSTALLATION
+The location of the server and its support files is a matter for individual
+system administrators. The following are thus suggestions only.
+
+It is recommended that the server software be installed under the
+/usr/local hierarchy, in a directory readable by all, writeable only
+by root. The server program itself should be executable by all, as
+users may wish to run the server themselves (in which case it will of
+course run with their privileges). The server should NOT be
+setuid. On some systems it may be worthwhile to make smbd setgid to an
+empty group. This is because some systems may have a security hole where
+daemon processes that become a user can be attached to with a
+debugger. Making the smbd file setgid to an empty group may prevent
+this hole from being exploited. This secrity hole and the suggested
+fix has only been confirmed on Linux at the time this was written. It
+is possible that this hole only exists in Linux, as testing on other
+systems has thus far shown them to be immune.
+
+The server log files should be put in a directory readable and writable only
+by root, as the log files may contain sensitive information.
+
+The configuration file should be placed in a directory readable and writable
+only by root, as the configuration file controls security for the services
+offered by the server. The configuration file can be made readable by all if
+desired, but this is not necessary for correct operation of the server and
+is not recommended. A sample configuration file "smb.conf.sample" is supplied
+with the source to the server - this may be renamed to "smb.conf" and
+modified to suit your needs.
+
+The remaining notes will assume the following:
+
+.RS 3
+smbd (the server program) installed in /usr/local/smb
+
+smb.conf (the configuration file) installed in /usr/local/smb
+
+log files stored in /var/adm/smblogs
+.RE
+
+The server may be run either as a daemon by users or at startup, or it may
+be run from a meta-daemon such as inetd upon request. If run as a daemon, the
+server will always be ready, so starting sessions will be faster. If run from
+a meta-daemon some memory will be saved and utilities such as the tcpd
+TCP-wrapper may be used for extra security.
+
+When you've decided, continue with either "RUNNING THE SERVER AS A DAEMON" or
+"RUNNING THE SERVER ON REQUEST".
+.SH RUNNING THE SERVER AS A DAEMON
+To run the server as a daemon from the command line, simply put the "-D" option
+on the command line. There is no need to place an ampersand at the end of the
+command line - the "-D" option causes the server to detach itself from the
+tty anyway.
+
+Any user can run the server as a daemon (execute permissions permitting, of
+course). This is useful for testing purposes, and may even be useful as a
+temporary substitute for something like ftp. When run this way, however, the
+server will only have the privileges of the user who ran it.
+
+To ensure that the server is run as a daemon whenever the machine is started,
+and to ensure that it runs as root so that it can serve multiple clients, you
+will need to modify the system startup files. Wherever appropriate (for
+example, in /etc/rc), insert the following line, substituting
+port number, log file location, configuration file location and debug level as
+desired:
+
+.RS 3
+/usr/local/smb/smbd -D -l /var/adm/smblogs/log -s /usr/local/smb/smb.conf
+.RE
+
+(The above should appear in your initialisation script as a single line.
+Depending on your terminal characteristics, it may not appear that way in
+this man page. If the above appears as more than one line, please treat any
+newlines or indentation as a single space or TAB character.)
+
+If the options used at compile time are appropriate for your system, all
+parameters except the desired debug level and "-D" may be omitted. See the
+section "OPTIONS" above.
+.SH RUNNING THE SERVER ON REQUEST
+If your system uses a meta-daemon such as inetd, you can arrange to have the
+smbd server started whenever a process attempts to connect to it. This requires
+several changes to the startup files on the host machine. If you are
+experimenting as an ordinary user rather than as root, you will need the
+assistance of your system administrator to modify the system files.
+
+You will probably want to set up the name server
+.B nmbd
+at the same time as
+the smbd - refer to the man page
+.B nmbd(8).
+
+First, ensure that a port is configured in the file /etc/services. The
+well-known port 139 should be used if possible, though any port may be used.
+
+Ensure that a line similar to the following is in /etc/services:
+
+.RS 3
+netbios-ssn 139/tcp
+.RE
+
+Note for NIS/YP users - you may need to rebuild the NIS service maps rather
+than alter your local /etc/services file.
+
+Next, put a suitable line in the file /etc/inetd.conf (in the unlikely event
+that you are using a meta-daemon other than inetd, you are on your own). Note
+that the first item in this line matches the service name in /etc/services.
+Substitute appropriate values for your system in this line (see
+.B inetd(8)):
+
+.RS 3
+netbios-ssn stream tcp nowait root /usr/local/smb/smbd -d1
+-l/var/adm/smblogs/log -s/usr/local/smb/smb.conf
+.RE
+
+(The above should appear in /etc/inetd.conf as a single line. Depending on
+your terminal characteristics, it may not appear that way in this man page.
+If the above appears as more than one line, please treat any newlines or
+indentation as a single space or TAB character.)
+
+Note that there is no need to specify a port number here, even if you are
+using a non-standard port number.
+
+Lastly, edit the configuration file to provide suitable services. To start
+with, the following two services should be all you need:
+
+.RS 3
+[homes]
+.RS 3
+ writable = yes
+.RE
+
+[printers]
+.RS 3
+ writable = no
+ printable = yes
+ path = /tmp
+ public = yes
+.RE
+.RE
+
+This will allow you to connect to your home directory and print to any printer
+supported by the host (user privileges permitting).
+.SH TESTING THE INSTALLATION
+If running the server as a daemon, execute it before proceeding. If
+using a meta-daemon, either restart the system or kill and restart the
+meta-daemon. Some versions of inetd will reread their configuration tables if
+they receive a HUP signal.
+
+If your machine's name is "fred" and your name is "mary", you should now be
+able to connect to the service "\\\\fred\\mary".
+
+To properly test and experiment with the server, we recommend using the
+smbclient program (see
+.B smbclient(1)).
+.SH VERSION
+This man page is (mostly) correct for version 1.9.00 of the Samba suite, plus some
+of the recent patches to it. These notes will necessarily lag behind
+development of the software, so it is possible that your version of
+the server has extensions or parameter semantics that differ from or are not
+covered by this man page. Please notify these to the address below for
+rectification.
+.SH SEE ALSO
+.B hosts_access(5),
+.B inetd(8),
+.B nmbd(8),
+.B smb.conf(5),
+.B smbclient(1),
+.B testparm(1),
+.B testprns(1)
+
+.SH DIAGNOSTICS
+[This section under construction]
+
+Most diagnostics issued by the server are logged in a specified log file. The
+log file name is specified at compile time, but may be overridden on the
+command line.
+
+The number and nature of diagnostics available depends on the debug level used
+by the server. If you have problems, set the debug level to 3 and peruse the
+log files.
+
+Most messages are reasonably self-explanatory. Unfortunately, at time of
+creation of this man page the source code is still too fluid to warrant
+describing each and every diagnostic. At this stage your best bet is still
+to grep the source code and inspect the conditions that gave rise to the
+diagnostics you are seeing.
+
+.SH BUGS
+None known.
+.SH CREDITS
+The original Samba software and related utilities were created by
+Andrew Tridgell (samba-bugs@anu.edu.au). Andrew is also the Keeper
+of the Source for this project.
+
+This man page written by Karl Auer (Karl.Auer@anu.edu.au)
+
+See
+.B smb.conf(5) for a full list of contributors and details on how to
+submit bug reports, comments etc.