1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
8 CONTENT="Modular DocBook HTML Stylesheet Version 1.77"></HEAD
28 >smbd -- server to provide SMB/CIFS services to clients</DIV
30 CLASS="REFSYNOPSISDIV"
40 > [-D] [-a] [-i] [-o] [-P] [-h] [-V] [-b] [-d <debug level>] [-l <log directory>] [-p <port number>] [-O <socket option>] [-s <configuration file>]</P
50 >This program is part of the Samba suite.</P
55 > is the server daemon that
56 provides filesharing and printing services to Windows clients.
57 The server provides filespace and printer services to
58 clients using the SMB (or CIFS) protocol. This is compatible
59 with the LanManager protocol, and can service LanManager
60 clients. These include MSCLIENT 3.0 for DOS, Windows for
61 Workgroups, Windows 95/98/ME, Windows NT, Windows 2000,
62 OS/2, DAVE for Macintosh, and smbfs for Linux.</P
64 >An extensive description of the services that the
65 server can provide is given in the man page for the
66 configuration file controlling the attributes of those
68 HREF="smb.conf.5.html"
75 >. This man page will not describe the
76 services, but will concentrate on the administrative aspects
77 of running the server.</P
79 >Please note that there are significant security
80 implications to running this server, and the <A
81 HREF="smb.conf.5.html"
88 manpage should be regarded as mandatory reading before
89 proceeding with installation.</P
91 >A session is created whenever a client requests one.
92 Each client gets a copy of the server for each session. This
93 copy then services all connections made by the client during
94 that session. When all connections from its client are closed,
95 the copy of the server for that client terminates.</P
97 >The configuration file, and any files that it includes,
98 are automatically reloaded every minute, if they change. You
99 can force a reload by sending a SIGHUP to the server. Reloading
100 the configuration file will not affect connections to any service
101 that is already established. Either the user will have to
102 disconnect from the service, or <B
105 > killed and restarted.</P
123 >If specified, this parameter causes
124 the server to operate as a daemon. That is, it detaches
125 itself and runs in the background, fielding requests
126 on the appropriate port. Operating the server as a
127 daemon is the recommended way of running <B
131 servers that provide more than casual use file and
132 print services. This switch is assumed if <B
136 > is executed on the command line of a shell.
143 >If this parameter is specified, each new
144 connection will append log messages to the log file.
145 This is the default.</P
151 >If this parameter is specified it causes the
152 server to run "interactively", not as a daemon, even if the
153 server is executed on the command line of a shell. Setting this
154 parameter negates the implicit deamon mode when run from the
162 >If this parameter is specified, the
163 log files will be overwritten when opened. By default,
167 > will append entries to the log
174 >Passive option. Causes <B
178 send any network traffic out. Used for debugging by
179 the developers only.</P
185 >Prints the help information (usage)
195 >Prints the version number for
205 >Prints information about how
209 >-d <debug level></DT
218 from 0 to 10. The default value if this parameter is
219 not specified is zero.</P
221 >The higher this value, the more detail will be
222 logged to the log files about the activities of the
223 server. At level 0, only critical errors and serious
224 warnings will be logged. Level 1 is a reasonable level for
225 day to day running - it generates a small amount of
226 information about operations carried out.</P
228 >Levels above 1 will generate considerable
229 amounts of log data, and should only be used when
230 investigating a problem. Levels above 3 are designed for
231 use only by developers and generate HUGE amounts of log
232 data, most of which is extremely cryptic.</P
234 >Note that specifying this parameter here will
236 HREF="smb.conf.5.html#loglevel"
240 > parameter in the <A
241 HREF="smb.conf.5.html"
250 >-l <log directory></DT
260 specifies a log directory into which the "log.smbd" log
261 file will be created for informational and debug
262 messages from the running server. The log
263 file generated is never removed by the server although
264 its size may be controlled by the <A
265 HREF="smb.conf.5.html#maxlogsize"
270 HREF="smb.conf.5.html"
283 If the directory specified does not exist, <B
287 will log to the default debug log location defined at compile time.
290 >The default log directory is specified at
294 >-O <socket options></DT
298 HREF="smb.conf.5.html#socketoptions"
303 HREF="smb.conf.5.html"
310 > file for details.</P
313 >-p <port number></DT
321 > is a positive integer
322 value. The default value if this parameter is not
325 >This number is the port number that will be
326 used when making connections to the server from client
327 software. The standard (well-known) port number for the
328 SMB over TCP is 139, hence the default. If you wish to
329 run the server as an ordinary user rather than
330 as root, most systems will require you to use a port
331 number greater than 1024 - ask your system administrator
332 for help if you are in this situation.</P
334 >In order for the server to be useful by most
335 clients, should you configure it on a port other
336 than 139, you will require port redirection services
337 on port 139, details of which are outlined in rfc1002.txt
340 >This parameter is not normally specified except
341 in the above situation.</P
344 >-s <configuration file></DT
347 >The file specified contains the
348 configuration details required by the server. The
349 information in this file includes server-specific
350 information such as what printcap file to use, as well
351 as descriptions of all the services that the server is
353 HREF="smb.conf.5.html"
359 > for more information.
360 The default configuration file name is determined at
385 >If the server is to be run by the
389 > meta-daemon, this file
390 must contain suitable startup information for the
391 meta-daemon. See the <A
392 HREF="UNIX_INSTALL.html"
394 >UNIX_INSTALL.html</A
396 document for details.
406 >or whatever initialization script your
409 >If running the server as a daemon at startup,
410 this file will need to contain an appropriate startup
411 sequence for the server. See the <A
412 HREF="UNIX_INSTALL.html"
414 >UNIX_INSTALL.html</A
416 document for details.</P
425 >If running the server via the
430 must contain a mapping of service name (e.g., netbios-ssn)
431 to service port (e.g., 139) and protocol type (e.g., tcp).
433 HREF="UNIX_INSTALL.html"
435 >UNIX_INSTALL.html</A
437 document for details.</P
442 >/usr/local/samba/lib/smb.conf</TT
446 >This is the default location of the
448 HREF="smb.conf.5.html"
455 server configuration file. Other common places that systems
456 install this file are <TT
458 >/usr/samba/lib/smb.conf</TT
465 >This file describes all the services the server
466 is to make available to clients. See <A
467 HREF="smb.conf.5.html"
473 > for more information.</P
489 > cannot change uid back
490 to root after a setuid() call. Such systems are called
491 trapdoor uid systems. If you have such a system,
492 you will be unable to connect from a client (such as a PC) as
493 two different users at once. Attempts to connect the
494 second user will result in access denied or
503 >ENVIRONMENT VARIABLES</H2
516 >If no printer name is specified to
517 printable services, most systems will use the value of
518 this variable (or <TT
521 > if this variable is
522 not defined) as the name of the printer to use. This
523 is not specific to the server, however.</P
536 >Samba uses PAM for authentication (when presented with a plaintext
537 password), for account checking (is this account disabled?) and for
538 session management. The degree too which samba supports PAM is restricted
539 by the limitations of the SMB protocol and the
541 HREF="smb.conf.5.html#OBEYPAMRESRICTIONS"
543 >obey pam restricions</A
545 smb.conf paramater. When this is set, the following restrictions apply:
556 >Account Validation</I
558 >: All acccesses to a
559 samba server are checked
560 against PAM to see if the account is vaild, not disabled and is permitted to
561 login at this time. This also applies to encrypted logins.
570 >Session Management</I
572 >: When not using share
573 level secuirty, users must pass PAM's session checks before access
574 is granted. Note however, that this is bypassed in share level secuirty.
575 Note also that some older pam configuration files may need a line
576 added for session support.
589 >This man page is correct for version 2.2 of
600 >Most diagnostics issued by the server are logged
601 in a specified log file. The log file name is specified
602 at compile time, but may be overridden on the command line.</P
604 >The number and nature of diagnostics available depends
605 on the debug level used by the server. If you have problems, set
606 the debug level to 3 and peruse the log files.</P
608 >Most messages are reasonably self-explanatory. Unfortunately,
609 at the time this man page was created, there are too many diagnostics
610 available in the source code to warrant describing each and every
611 diagnostic. At this stage your best bet is still to grep the
612 source code and inspect the conditions that gave rise to the
613 diagnostics you are seeing.</P
626 > a SIGHUP will cause it to
631 file within a short period of time.</P
633 >To shut down a user's <B
636 > process it is recommended
647 be used, except as a last resort, as this may leave the shared
648 memory area in an inconsistent state. The safe way to terminate
652 > is to send it a SIGTERM (-15) signal and wait for
653 it to die on its own.</P
655 >The debug log level of <B
660 HREF="smbcontrol.1.html"
667 > program (SIGUSR[1|2] signals are no longer used in
668 Samba 2.2). This is to allow transient problems to be diagnosed,
669 whilst still running at a normally low log level.</P
671 >Note that as the signal handlers send a debug write,
672 they are not re-entrant in <B
675 >. This you should wait until
679 > is in a state of waiting for an incoming SMB before
680 issuing them. It is possible to make the signal handlers safe
681 by un-blocking the signals before the select call and re-blocking
682 them after, however this would affect performance.</P
705 HREF="smb.conf.5.html"
713 HREF="smbclient.1.html"
721 HREF="testparm.1.html"
728 HREF="testprns.1.html"
734 >, and the Internet RFC's
742 In addition the CIFS (formerly SMB) specification is available
743 as a link from the Web page <A
744 HREF="http://samba.org/cifs/"
747 http://samba.org/cifs/</A
758 >The original Samba software and related utilities
759 were created by Andrew Tridgell. Samba is now developed
760 by the Samba Team as an Open Source project similar
761 to the way the Linux kernel is developed.</P
763 >The original Samba man pages were written by Karl Auer.
764 The man page sources were converted to YODL format (another
765 excellent piece of Open Source software, available at
767 HREF="ftp://ftp.icce.rug.nl/pub/unix/"
769 > ftp://ftp.icce.rug.nl/pub/unix/</A
770 >) and updated for the Samba 2.0
771 release by Jeremy Allison. The conversion to DocBook for
772 Samba 2.2 was done by Gerald Carter</P
git.samba.org / kai / samba.git / blob