Robert Eckstein, David Collier-Brown, Peter Kelly 1st Edition November 1999, 1-56592-449-5, 416 pages
Now that we've gotten our feet wet with variables, there are a few special sections of the Samba configuration file that we should talk about. Again, don't worry if you do not understand each and every configuration options listed below; we'll go over each of them over the course of the upcoming chapters.
The
[globals] section appears in virtually every Samba configuration file, even though it is not mandatory to define one. Any option set in this section of the file will apply to all the other shares, as if the contents of the section were copied into the share itself. There is one catch: other sections can list the same option in their section with a new value; this has the effect of overriding the value specified in the
[globals] section.
To illustrate this, let's again look at the opening example of the chapter:
[global]
log level = 1
max log size = 1000
socket options = TCP_NODELAY IPTOS_LOWDELAY
guest ok = no
[homes]
browseable = no
map archive = yes
[printers]
path = /usr/tmp
guest ok = yes
printable = yes
min print space = 2000
[test]
browseable = yes
read only = yes
guest ok = yes
path = /export/samba/test
In the previous example, if we were going to connect a client to the
[test] share, Samba would first read in the
[globals] section. At that point, it would set the option
guest
ok
=
no as the global default for each share it encounters throughout the configuration file. This includes the
[homes] and
[printers] shares. When it reads in the
[test] share, however, it would then find the configuration option
guest
ok
=
yes , and override the default from the
[globals] section with the value
yes in the context of the
[pub] share.
Any option that appears outside of a section (before the first marked section) is also assumed to be a global option.
If a client attempts to connect to a share that doesn't appear in the
smb.conf file, Samba will search for a
[homes] share in the configuration file. If one exists, the unidentified share name is assumed to be a Unix username, which is queried in the password database of the Samba server. If that username appears, Samba assumes the client is a Unix user trying to connect to his or her home directory on the server.
For example, assume a client machine is connecting to the Samba server
hydra for the first time, and tries to connect to a share named [
alice] . There is no
[alice] share defined in the
smb.conf file, but there is a
[homes] , so Samba searches the password database file and finds an
alice user account is present on the system. Samba then checks the password provided by the client against user
alice 's Unix password - either with the password database file if it's using non-encrypted passwords, or Samba's
smbpasswd file if encrypted passwords are in use. If the passwords match, then Samba knows it has guessed right: the user
alice is trying to connect to her home directory. Samba will then create a share called
[alice] for her.
The process of using the
[homes] section to create users (and dealing with their passwords) is discussed in more detail in the Chapter 6,
Users, Security, and Domains .
The third special section is called
[printers] and is similar to
[homes] . If a client attempts to connect to a share that isn't in the
smb.conf file, and its name can't be found in the password file, Samba will check to see if it is a printer share. Samba does this by reading the printer capabilities file (usually
/etc/printcap) to see if the share name appears there.[] If it does, Samba creates a share named after the printer.
Like
[homes] , this means you don't have to maintain a share for each of your system printers in the
smb.conf file. Instead, Samba honors the Unix printer registry if you request it to, and provides the registered printers to the client machines. There is, however, an obvious limitation: if you have an account named
fred and a printer named
fred , Samba will always find the user account first, even if the client really needed to connect to the printer.
The process of setting up the
[printers] share is discussed in more detail in Chapter 7,
Printing and Name Resolution.
Options in the Samba configuration files fall into one of two categories:
global or
share. Each category dictates where an option can appear in the configuration file.
-
Global
-
Global options
must appear in the
[global] section and nowhere else. These are options that typically apply to the behavior of the Samba server itself, and not to any of its shares. -
Share
-
Share options can appear in specific shares, or they can appear in the
[global] section. If they appear in the
[global] section, they will define a default behavior for all shares, unless a share overrides the option with a value of its own.
In addition, the values that a configuration option can take can be divided into four categories. They are as follows:
-
Boolean
-
These are simply yes or no values, but can be represented by any of the following:
yes ,
no ,
true ,
false ,
0 ,
1 . The values are case insensitive:
YES is the same as
yes . -
Numerical
-
An integer, hexidecimal, or octal number. The standard
0x
nn syntax is used for hexadecimal and
0
nnn for octal. -
String
-
A string of case-sensitive characters, such as a filename or a username. -
Enumerated list
-
A finite list of known values. In effect, a boolean is an enumerated list with only two values.
|
|
|
4.1 Learning the Samba Configuration File |
|
4.3 Configuration File Options |
|
|