1<html> 2<body bgcolor="#ffffff"> 3 4<img src="samba2_xs.gif" border="0" alt=" " height="100" width="76" 5hspace="10" align="left" /> 6 7<h1 class="head0">Chapter 2. Installing Samba on a Unix System</h1> 8 9<p><a name="INDEX-1"/>Now 10that you know what Samba can do for you and your users, 11it's time to get your own network set up. 12Let's start with the installation of Samba. When 13dancing the samba, one learns by taking small steps. 14It's just the same when installing Samba; we need to 15teach it step by step. This chapter will help you start off on the 16right foot.</p> 17 18<p>For illustrative purposes, we will be installing the 2.2.6 version of 19the Samba server on a Linux system running Version 2.4 of the kernel. 20However, the installation steps are essentially the same for all the 21platforms Samba supports.</p> 22 23 24<div class="sect1"><a name="samba2-CHP-2-SECT-1"/> 25 26<h2 class="head1">Bundled Versions</h2> 27 28<p><a name="INDEX-2"/><a name="INDEX-3"/>Samba is in such 29popular use that many Unix distributions come with it already 30installed. If you choose to use a bundled version of Samba, you can 31breeze through most of this chapter, but you'll be 32stuck with the Samba version and compile-time options your vendor 33selected for you. That version of Samba can't be any 34newer than the operating system release, so you're 35likely to be pretty far behind the latest developments. On the other 36hand, you can be fairly sure that a bundled version has been 37installed properly, and perhaps it will take only a few simple 38modifications to your <em class="emphasis">smb.conf</em> file for you to 39be off and running. Samba is mature enough that you probably 40don't need the latest release to meet your basic 41needs, so you might be perfectly happy running a bundled version.</p> 42 43<p>If you choose this option, be aware that your Samba files, including 44the very important 45<em class="emphasis">smb.conf</em>,<a name="INDEX-4"/> might be in different places 46than they would be if you were to install from a binary or source 47distribution. For example, with the Red Hat, Debian, and Mandrake 48Linux distributions, <em class="emphasis">smb.conf</em> and some other 49Samba-related files are in the <em class="emphasis">/etc/samba</em> 50directory.</p> 51 52<p>If Samba is already installed on your system, you can check to see 53what version you have by using the command:</p> 54 55<blockquote><pre class="code">$ <tt class="userinput"><b>smbd -V</b></tt> 56Version 2.2.6</pre></blockquote> 57 58<p>(If this doesn't work, it might be because 59<em class="emphasis">smbd</em> is not in your shell's 60search path. If you have the <em class="emphasis">locate</em> or 61<em class="emphasis">whereis</em> command in your Unix variant, you can 62use it to locate the <em class="emphasis">smbd</em> executable.)</p> 63 64<p>You might also be able to use a system-specific tool to query a 65software-package maintenance utility. On Red Hat Linux, you can use 66the <em class="emphasis">rpm</em><a name="INDEX-5"/> command to query the installed packages 67for Samba:</p> 68 69<blockquote><pre class="code">$ <tt class="userinput"><b>rpm -qa | grep samba</b></tt> 70samba-client-2.0.8-1.7.1 71samba-2.0.8-1.7.1 72samba-common-2.0.8-1.7.1</pre></blockquote> 73 74<p>This shows we have Samba 2.0.8, divided into three Red Hat Package 75Manager (RPM) packages, bundled with Red Hat 7.1. If your version of 76Samba is old, you might at the very least want to check with your 77vendor for an update.</p> 78 79<p>Otherwise, if you're sure you are going to install 80from a binary or source distribution, you can remove the RPM packages 81as follows:</p> 82 83<blockquote><pre class="code"># <tt class="userinput"><b>rpm -e samba</b></tt> 84# <tt class="userinput"><b>rpm -e samba-client</b></tt> 85# <tt class="userinput"><b>rpm -e samba-common</b></tt></pre></blockquote> 86 87<p>If you are not using Red Hat Linux, consult your 88system's documentation to find the method that works 89for you.</p> 90 91 92<div class="sect2"><a name="samba2-CHP-2-SECT-1.1"/> 93 94<h3 class="head2">Binary or Source?</h3> 95 96<p><a name="INDEX-6"/>Precompiled 97"binary" packages are also 98available for a large number of Unix platforms. These packages 99contain binaries for each Samba executable, as well as the standard 100Samba documentation. Note that while installing a binary distribution 101can save you a fair amount of time and trouble, you should keep a 102couple of issues in mind when deciding whether to use the binary or 103compile the source yourself:</p> 104 105<ul><li> 106<p>The binary packages can lag behind the latest version of the software 107by one or two (maybe more) minor releases, especially after a series 108of small changes and for less popular platforms. Compare the release 109notes for the source and binary packages to make sure there 110aren't any new features that you need on your 111platform.</p> 112</li><li> 113<p>If you use a precompiled binary that is dynamically linked, you will 114need to ensure that you have the correct libraries required by the 115executables. If your system does not already have the required 116version of a library, you might have to install a new version. The 117<em class="filename">README</em> file or <em class="filename">makefile</em> 118that accompanies the binary distribution should list any special 119requirements.</p> 120 121<p>Many systems with shared libraries come with a nifty tool called 122<em class="emphasis">ldd</em>. This tool will tell you which libraries a 123specific binary requires and which libraries on the system satisfy 124that requirement. For example, checking the <em class="emphasis">smbd</em> 125program on our test machine gave us:</p> 126 127<blockquote><pre class="code">$ <tt class="userinput"><b>ldd smbd</b></tt> 128 libdl.so.2 => /lib/libdl.so.2 (0x40026000) 129 libnsl.so.1 => /lib/libnsl.so.1 (0x4002a000) 130 libpam.so.0 => /lib/libpam.so.0 (0x40041000) 131 libc.so.6 => /lib/libc.so.6 (0x40049000) 132 /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)</pre></blockquote> 133 134<p>If there are any incompatibilities between Samba and specific 135libraries on your machine, the distribution-specific documentation 136should highlight them.</p> 137</li><li> 138<p>If your precompiled binary is statically linked, it is still possible 139to have problems. There have been cases in which the statically 140linked C library calls in Samba programs have been out of sync with 141the operating-system kernel, even though this is 142"not supposed to happen."</p> 143</li><li> 144<p>Keep in mind that each binary distribution carries preset values 145about the target platform, such as default directories and 146configuration option values. Again, check the documentation and the 147makefile included in the source directory to see which directives and 148variables were used when the binary was compiled. In some cases, 149these will not be appropriate for your situation.</p> 150 151<p>A few configuration items can be reset with command-line options at 152runtime rather than at compile time. For example, if your binary 153tries to place any log, lock, or status files in the 154"wrong" place (for example, in 155<em class="filename">/usr/local</em> ), you can override this without 156recompiling.</p> 157</li></ul> 158<p>One point worth mentioning is that the Samba source requires an 159<a name="INDEX-7"/><a name="INDEX-8"/><a name="INDEX-9"/>ANSI C 160compiler. If you are on a legacy platform with a non-ANSI compiler, 161such as the <em class="emphasis">cc</em> compiler on SunOS Version 4, 162you'll have to install an ANSI-compliant compiler 163such as <em class="emphasis">gcc</em> <a name="INDEX-10"/>before you do anything else.<a name="FNPTR-1"/><a href="#FOOTNOTE-1">[1]</a> 164If installing a compiler isn't something you want to 165wrestle with, you can start off with a binary package. However, for 166the most flexibility and compatibility on your system, we always 167recommend compiling from the latest stable or production source.</p> 168 169<p>A typical installation will take about an hour to complete, including 170downloading the source files and compiling them, setting up the 171configuration files, and testing the server.</p> 172 173<p>Here is an overview of the steps:</p> 174 175<ol><li> 176<p><a name="INDEX-11"/>Download the source or binary files.</p> 177</li><li> 178<p>Read the installation documentation.</p> 179</li><li> 180<p>Configure a makefile.</p> 181</li><li> 182<p>Compile the server and utility programs.</p> 183</li><li> 184<p>Install the server files.</p> 185</li><li> 186<p>Create a Samba configuration file.</p> 187</li><li> 188<p>Test the configuration file.</p> 189</li><li> 190<p>Start the Samba daemons.</p> 191</li><li> 192<p>Test the Samba daemons. <a name="INDEX-12"/></p> 193</li></ol> 194 195</div> 196 197 198</div> 199 200 201 202<div class="sect1"><a name="samba2-CHP-2-SECT-2"/> 203 204<h2 class="head1">Downloading the Samba Distribution</h2> 205 206<p><a name="INDEX-13"/>If 207you would like to download the latest version of the Samba software, 208the primary web site is <a href="http://www.samba.org">http://www.samba.org</a>. Once connected to this 209page, you'll see links to several Samba mirror sites 210across the world, both for the standard Samba web pages and for sites 211devoted exclusively to downloading Samba. For the best performance, 212choose a site that is closest to your own geographic location.</p> 213 214<p>The standard Samba web sites have Samba 215<a name="INDEX-14"/>documentation and 216<a name="INDEX-15"/>tutorials, 217<a name="INDEX-16"/>mailing-list 218archives, and the latest Samba <a name="INDEX-17"/>news, as well as source and binary 219distributions of Samba. The download sites (sometimes called 220<em class="emphasis">F T P sites</em>) have only the source and binary 221distributions. Unless you specifically want an older version of the 222Samba server or are going to install a binary distribution, download 223the latest source distribution from the closest mirror site. This 224distribution is always named:</p> 225 226<blockquote><pre class="code">samba-latest.tar.gz</pre></blockquote> 227 228<p>which for the 2.2.6 release is an approximately 5MB file.</p> 229 230<p>The source distribution has been archived with 231<em class="emphasis">tar</em> and then compressed with the GNU 232<em class="emphasis">gzip</em> program. To unpack it, move the file to the 233directory in which you want the Samba source directory to be located, 234then <em class="emphasis">cd</em> to that directory and run the command:</p> 235 236<blockquote><pre class="code">$ <tt class="userinput"><b>tar xvfz samba-latest.tar.gz</b></tt></pre></blockquote> 237 238<p>Or, if you do not have the GNU <em class="emphasis">tar</em> program 239(which also handles the unzipping):</p> 240 241<blockquote><pre class="code">$ <tt class="userinput"><b>gunzip samba-latest.tar.gz</b></tt> 242$ <tt class="userinput"><b>tar xvf samba-latest.tar</b></tt></pre></blockquote> 243 244<p>In that latter case, you might need to install the GNU 245<em class="emphasis">gunzip</em> program first. While the 246<em class="emphasis">tar</em> command runs, it will print out a list of 247the files it installs.</p> 248 249 250<div class="sect2"><a name="samba2-CHP-2-SECT-2.1"/> 251 252<h3 class="head2">Read the Documentation</h3> 253 254<p><a name="INDEX-18"/>This 255part might seem obvious, but at one time or other you probably 256uncompressed a package, blindly typed:</p> 257 258<blockquote><pre class="code">$ <tt class="userinput"><b>configure; make; make install</b></tt></pre></blockquote> 259 260<p>and walked away to get another cup of coffee. Do yourself a favor and 261be a little more careful this time.</p> 262 263<p>In the top-level directory that you just installed, there is a file 264named <em class="filename">WHATSNEW.txt</em>, which contains the latest 265news about the release. If you are upgrading, you can find important 266information about bug fixes or configuration parameters that have 267been added or are no longer supported.</p> 268 269<p>With both source and binary packages you'll find a 270large number of documents in the <em class="filename">docs</em> directory, 271in a variety of formats. One file is especially important:</p> 272 273<blockquote><pre class="code">docs/htmldocs/UNIX_INSTALL.html</pre></blockquote> 274 275<p>This is the Samba Team's official instructions on 276installing Samba on a Unix system, which you might like to use as 277another perspective besides what we are telling you here.</p> 278 279<p>In general, we expect you'll find to be most useful 280the files in the following directories:</p> 281 282<dl> 283<dt><b>docs/faq</b></dt> 284<dd> 285<p>This is the Samba Frequently Asked Questions (FAQ) files.</p> 286</dd> 287 288 289 290<dt><b>docs/htmldocs</b></dt> 291<dd> 292<p>This is the miscellaneous documentation in HTML format.</p> 293</dd> 294 295 296 297<dt><b>docs/textdocs</b></dt> 298<dd> 299<p>Here is more documentation, in simple text format.</p> 300</dd> 301 302 303 304<dt><b>docs/manpages</b></dt> 305<dd> 306<p>You don't need to worry about these yet; during the 307installation, the files will be installed so that you can use the 308<em class="emphasis">man</em> command to read them. But you can take a 309look in the directory to see which manpages are available.</p> 310</dd> 311 312</dl> 313 314 315</div> 316 317 318</div> 319 320 321 322<div class="sect1"><a name="samba2-CHP-2-SECT-3"/> 323 324<h2 class="head1">Configuring Samba</h2> 325 326<p><a name="INDEX-19"/><a name="INDEX-20"/>Samba automatically configures itself 327prior to compilation. This reduces the likelihood of a 328machine-specific problem, but you might end up wishing for an option 329after Samba has been installed.</p> 330 331<p>The source distribution of Samba 2.2 and above 332doesn't initially have a 333<a name="INDEX-21"/>makefile. Instead, one is 334generated through a <a name="INDEX-22"/><a name="INDEX-23"/>GNU <em class="filename">configure</em> 335script, which is located in the <em class="filename">samba-2.2.x 336/source/</em> directory. The <em class="firstterm">configure</em> 337script takes care of the machine-specific issues of building Samba.</p> 338 339<a name="samba2-CHP-2-NOTE-88"/><blockquote class="note"><h4 class="objtitle">NOTE</h4> 340 341 342 343<p>Before running the <em class="filename">configure</em> script, it is 344important that you become the root user on the system. Otherwise, you 345might get a warning such as:</p> 346 347 348<blockquote><pre class="code">configure: warning: running as non-root will disable some tests</pre></blockquote> 349 350 351<p>You don't want any test to be disabled when the 352Samba makefile is being created; it would leave the potential for 353errors down the road when compiling or running Samba on your system.</p> 354</blockquote> 355 356<p>When the <em class="filename">configure </em>script is run, it prints out 357messages telling what it is doing, and error messages might be mixed 358in. To make sure you see those very important error messages, we 359suggest you run <em class="filename">configure </em>with its standard 360output passed through some filter to capture the output and keep it 361from scrolling out of sight. One method is using the 362<em class="filename">more</em> command:</p> 363 364<blockquote><pre class="code"># <tt class="userinput"><b>./configure | more</b></tt></pre></blockquote> 365 366<p>We will show you another in a moment.</p> 367 368<p>Although you can run <em class="filename">configure </em>as previously 369with no options, you might want to add support for extra features by 370passing options on the command line. For example:</p> 371 372<blockquote><pre class="code"># <tt class="userinput"><b>./configure --with-winbind</b></tt></pre></blockquote> 373 374<p>will configure the Samba makefile with support for winbind 375authentication. If you would like a complete list of options, type 376the following:</p> 377 378<blockquote><pre class="code"># <tt class="userinput"><b>./configure --help</b></tt></pre></blockquote> 379 380<p>Each option enables or disables various features. You typically 381enable a feature by specifying the 382<tt class="literal">--</tt><a name="INDEX-24"/><a name="INDEX-25"/><a name="INDEX-26"/><a name="INDEX-27"/><tt class="literal">with-</tt><em class="replaceable">feature</em> 383option, which will cause the feature to be compiled and installed. 384Likewise, if you specify a 385<tt class="literal">--without-</tt><em class="replaceable">feature</em> 386option, the feature will be disabled. A full list of configuration 387options is provided in <a href="appe.html">Appendix E</a>, but for now we 388want to point out three of them, which are features we cover later in 389this book:</p> 390 391<dl> 392<dt><b><tt class="literal">--with-msdfs</tt><a name="INDEX-28"/><a name="INDEX-29"/></b></dt> 393<dd> 394<p>Include support for Microsoft Distributed filesystem (Dfs), which 395allows dispersed network resources to be clumped together into one 396easy-to-navigate directory tree. See <a href="ch08.html">Chapter 8</a>.</p> 397</dd> 398 399 400 401<dt><b><tt class="literal">--with-smbwrapper</tt><a name="INDEX-30"/><a name="INDEX-31"/></b></dt> 402<dd> 403<p>Include SMB wrapper support, which allows programs running on the 404Unix host to access SMB shared folders as if they were Unix 405filesystems. We recommend using this option. See <a href="ch05.html">Chapter 5</a>.</p> 406</dd> 407 408 409 410<dt><b><tt class="literal">--with-smbmount</tt><a name="INDEX-32"/><a name="INDEX-33"/></b></dt> 411<dd> 412<p>Include <em class="emphasis">smbmount</em> support, which allows SMB 413shared folders to be mounted in the Unix filesystem. At the time of 414this writing, support for this feature exists only for Linux. This is 415also covered in <a href="ch05.html">Chapter 5</a>.</p> 416</dd> 417 418</dl> 419 420<p>Each option is disabled by default, and none of the features is 421essential to Samba. However, you may want to include them in your 422configuration (as we will in our example) at least to be able to try 423out the options in later chapters.</p> 424 425<p>In addition, <a href="ch02.html#samba2-CHP-2-TABLE-1">Table 2-1</a> shows some other parameters 426that you can give the <em class="filename">configure</em> script if you 427wish to store parts of the Samba distribution in different places, 428perhaps to make use of multiple disks or partitions. Note that the 429defaults sometimes refer to a prefix specified earlier in the table.</p> 430 431<a name="samba2-CHP-2-TABLE-1"/><h4 class="head4">Table 2-1. Additional configure options</h4><table border="1"> 432 433 434 435 436<tr> 437<th> 438<p>Option</p> 439</th> 440<th> 441<p>Meaning</p> 442</th> 443<th> 444<p>Default</p> 445</th> 446</tr> 447 448 449<tr> 450<td> 451<p><tt class="literal">--prefix</tt><a name="INDEX-34"/><a name="INDEX-35"/>=<em class="replaceable">directory</em></p> 452</td> 453<td> 454<p>Install architecture-independent files at the base directory 455specified.</p> 456</td> 457<td> 458<p><em class="filename">/usr/local/samba</em></p> 459</td> 460</tr> 461<tr> 462<td> 463<p><tt class="literal">--eprefix</tt><a name="INDEX-36"/><a name="INDEX-37"/>=<em class="replaceable">directory</em></p> 464</td> 465<td> 466<p>Install architecture-dependent files at the base directory specified.</p> 467</td> 468<td> 469<p><em class="filename">/usr/local/samba</em></p> 470</td> 471</tr> 472<tr> 473<td> 474<p><tt class="literal">--bindir</tt><a name="INDEX-38"/><a name="INDEX-39"/>=<em class="replaceable">directory</em></p> 475</td> 476<td> 477<p>Install user executables in the directory specified.</p> 478</td> 479<td> 480<p><em class="replaceable">eprefix</em><em class="filename">/bin</em></p> 481</td> 482</tr> 483<tr> 484<td> 485<p><tt class="literal">--sbindir</tt><a name="INDEX-40"/><a name="INDEX-41"/>=<em class="replaceable">directory</em></p> 486</td> 487<td> 488<p>Install administrator executables in the directory specified.</p> 489</td> 490<td> 491<p><em class="replaceable">eprefix</em><em class="filename">/bin</em></p> 492</td> 493</tr> 494<tr> 495<td> 496<p><tt class="literal">--libexecdir</tt><a name="INDEX-42"/><a name="INDEX-43"/>=<em class="replaceable">directory</em></p> 497</td> 498<td> 499<p>Install program executables in the directory specified.</p> 500</td> 501<td> 502<p><em class="replaceable">eprefix</em><em class="filename">/libexec</em></p> 503</td> 504</tr> 505<tr> 506<td> 507<p><tt class="literal">--datadir</tt><a name="INDEX-44"/><a name="INDEX-45"/>=<em class="replaceable">directory</em></p> 508</td> 509<td> 510<p>Install read-only architecture-independent data in the directory 511specified.</p> 512</td> 513<td> 514<p><em class="replaceable">prefix</em><em class="filename">/share</em></p> 515</td> 516</tr> 517<tr> 518<td> 519<p><tt class="literal">--libdir</tt><a name="INDEX-46"/><a name="INDEX-47"/>=<em class="replaceable">directory</em></p> 520</td> 521<td> 522<p>Install program libraries in the directory specified.</p> 523</td> 524<td> 525<p><em class="replaceable">eprefix</em><em class="filename">/lib</em></p> 526</td> 527</tr> 528<tr> 529<td> 530<p><tt class="literal">--includedir</tt><a name="INDEX-48"/><a name="INDEX-49"/>=<em class="replaceable">directory</em></p> 531</td> 532<td> 533<p>Install package-include files in the directory specified.</p> 534</td> 535<td> 536<p><em class="replaceable">prefix</em><em class="filename">/include</em></p> 537</td> 538</tr> 539<tr> 540<td> 541<p><tt class="literal">--infodir</tt><a name="INDEX-50"/><a name="INDEX-51"/>=<em class="replaceable">directory</em></p> 542</td> 543<td> 544<p>Install additional information files in the directory specified.</p> 545</td> 546<td> 547<p><em class="replaceable">prefix</em><em class="filename">/info</em></p> 548</td> 549</tr> 550<tr> 551<td> 552<p><tt class="literal">--mandir</tt><a name="INDEX-52"/><a name="INDEX-53"/>=<em class="replaceable">directory</em></p> 553</td> 554<td> 555<p>Install manual pages in the directory specified.</p> 556</td> 557<td> 558<p><em class="replaceable">prefix</em><em class="filename">/man</em></p> 559</td> 560</tr> 561 562</table> 563 564<p>Here is a sample execution of the 565<em class="filename">configure</em><a name="INDEX-54"/> 566script, which creates a Samba 2.2.6 makefile for the Linux platform. 567Note that you must run the configure script in the 568<em class="emphasis">source</em> directory and that we are showing you yet 569another way to capture the output of the script:</p> 570 571<blockquote><pre class="code">$ <tt class="userinput"><b>cd samba-2.2.6/source/</b></tt> 572$ <tt class="userinput"><b>su</b></tt> 573Password: 574# <tt class="userinput"><b>./configure --with-smbwrapper --with-smbmount \</b></tt> 575<tt class="userinput"><b>--with-msdfs --with-syslog --with-utmp 2>&1 | tee config.my.log</b></tt> 576loading cache ./config.cache 577checking for gcc... (cached) gcc 578checking whether the C compiler (gcc -O ) works... yes 579checking whether the C compiler (gcc -O ) is a cross-compiler... no 580checking whether we are using GNU C... (cached) yes 581checking whether gcc accepts -g... (cached) yes 582checking for a BSD-compatible install... (cached) /usr/bin/install -c 583 584<i class="lineannotation">...(content omitted)...</i> 585 586checking configure summary 587configure OK 588creating ./config.status 589creating include/stamp-h 590creating Makefile 591creating include/config.h</pre></blockquote> 592 593<p>In general, any message from <em class="filename">configure</em> that 594doesn't begin with the words 595<tt class="literal">checking</tt><a name="INDEX-55"/> or 596<tt class="literal">creating</tt><a name="INDEX-56"/> is an 597<a name="INDEX-57"/>error; it often helps to redirect the 598output of the configure script to a file so that you can quickly 599search for errors, as we did with the <em class="filename">tee</em> 600command earlier. If there was an error during configuration, more 601detailed information about it can be found in the 602<em class="filename">config.log</em><a name="INDEX-58"/> file, which is written to the local 603directory by the <em class="filename">configure</em> script, as well as in 604the <em class="filename">config.my.log</em> file, which we created by 605piping through the <em class="filename">tee</em> command. These files are 606very similar in both name and content, but be careful to check both 607of them for error messages before continuing!</p> 608 609<p>If the configuration works, you'll see a 610<tt class="literal">checking</tt> <tt class="literal">configure</tt> 611<tt class="literal">summary</tt> message followed by a 612<tt class="literal">configure</tt> <tt class="literal">OK</tt> message and four 613or five file-creation messages. So far, so good. <a name="INDEX-59"/></p> 614 615 616</div> 617 618 619 620<div class="sect1"><a name="samba2-CHP-2-SECT-4"/> 621 622<h2 class="head1">Compiling and Installing Samba</h2> 623 624<p><a name="INDEX-60"/><a name="INDEX-61"/><a name="INDEX-62"/><a name="INDEX-63"/>At this point you should be ready to build 625the Samba executables. Compiling is also easy: in the 626<em class="filename">source</em> directory, type <tt class="literal">make</tt> 627on the command line. The 628<em class="filename">make</em><a name="INDEX-64"/> utility will produce a stream of 629explanatory and success messages, beginning with:</p> 630 631<blockquote><pre class="code">Using FLAGS = -O -Iinclude ...</pre></blockquote> 632 633<p>This build includes compiles for both <em class="emphasis">smbd</em> and 634<em class="emphasis">nmbd</em> and ends in a linking command for 635<em class="filename">bin/nmblookup</em>. For example, here is a sample 636make of Samba Version 2.2.6 on a Linux server:</p> 637 638<blockquote><pre class="code"># make 2>&1 | tee make.log 639Using FLAGS = -O -Iinclude -I./include -I./ubiqx -I./smbwrapper -D_LARGEFILE64 640_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DLOGFILEBASE="/usr/local/samba/va 641r" -DCONFIGFILE="/usr/local/samba/lib/smb.conf" -DLMHOSTSFILE="/usr/local/samba/ 642lib/lmhosts" -DSWATDIR="/usr/local/samba/swat" -DSBINDIR="/usr/local/samba/bin 643" -DLOCKDIR="/usr/local/samba/var/locks" -DCODEPAGEDIR="/usr/local/samba/lib/cod 644epages" -DDRIVERFILE="/usr/local/samba/lib/printers.def" -DBINDIR="/usr/local/sa 645mba/bin" -DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/bin/passwd" -DSMB_PASSWD_FILE="/u 646sr/local/samba/private/smbpasswd" -DTDB_PASSWD_FILE="/usr/local/samba/private/sm 647bpasswd.tdb" 648Using FLAGS32 = -O -Iinclude -I./include -I./ubiqx -I./smbwrapper -D_LARGEFILE 64964_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DLOGFILEBASE="/usr/local/samba/ 650var" -DCONFIGFILE="/usr/local/samba/lib/smb.conf" -DLMHOSTSFILE="/usr/local/samb 651a/lib/lmhosts" -DSWATDIR="/usr/local/samba/swat" -DSBINDIR="/usr/local/samba/b 652in" -DLOCKDIR="/usr/local/samba/var/locks" -DCODEPAGEDIR="/usr/local/samba/lib/c 653odepages" -DDRIVERFILE="/usr/local/samba/lib/printers.def" -DBINDIR="/usr/local/ 654samba/bin" -DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/bin/passwd" -DSMB_PASSWD_FILE=" 655/usr/local/samba/private/smbpasswd" -DTDB_PASSWD_FILE="/usr/local/samba/private/ 656smbpasswd.tdb" 657Using LIBS = -ldl -lnsl -lpam 658Compiling smbd/server.c 659Compiling smbd/files.c 660Compiling smbd/chgpasswd.c 661Compiling smbd/connection.c 662Compiling smbd/utmp.c 663Compiling smbd/session.c 664Compiling smbd/dfree.c 665Compiling smbd/dir.c 666 667<i class="lineannotation">...(content omitted)...</i> 668 669Compiling rpc_server/srv_srvsvc.c 670Compiling rpc_server/srv_srvsvc_nt.c 671Compiling rpc_server/srv_util.c 672Compiling rpc_server/srv_wkssvc.c 673Compiling rpc_server/srv_wkssvc_nt.c 674Compiling rpc_server/srv_pipe.c 675Compiling rpc_server/srv_dfs.c 676Compiling rpc_server/srv_dfs_nt.c 677Compiling rpc_server/srv_spoolss.c 678Compiling rpc_server/srv_spoolss_nt.c 679Compiling lib/util_getent.c 680Compiling rpc_parse/parse_lsa.c 681Compiling rpc_parse/parse_net.c 682Compiling rpc_parse/parsen/smbmount 683Compiling client/smbmnt.c 684Linking bin/smbmnt 685Compiling client/smbumount.c 686Linking bin/smbumount 687Compiling utils/nmblookup.c 688Linking bin/nmblookup</pre></blockquote> 689 690<p>If you encounter a problem when compiling, first check the Samba 691documentation to see if it is easily fixable. Another possibility is 692to search or post to the Samba mailing lists, which are given at the 693end of <a href="ch12.html">Chapter 12</a> and on the Samba home page. Most 694compilation issues are system-specific and almost always easy to 695overcome.</p> 696 697<p>Now that the files have been compiled, you can install them into the 698directories you identified with the command:</p> 699 700<blockquote><pre class="code">#<tt class="userinput"><b> make install</b></tt></pre></blockquote> 701 702<p>If you happen to be <a name="INDEX-65"/>upgrading, your old Samba files will be 703saved with the extension 704<em class="emphasis">.old</em>,<a name="INDEX-66"/> and you can go back to that previous 705version with the command 706<tt class="literal">make</tt><a name="INDEX-67"/> <tt class="literal">revert</tt>. After doing a 707<tt class="literal">make</tt><a name="INDEX-68"/> <tt class="literal">install</tt>, you should 708copy the <em class="emphasis">.old</em> files (if they exist) to a new 709location or name. Otherwise, the next time you install Samba, the 710original <em class="emphasis">.old</em> will be overwritten without 711warning and you could lose your earlier version. If you configured 712Samba to use the default locations for files, the new files will be 713installed in the directories listed in <a href="ch02.html#samba2-CHP-2-TABLE-2">Table 2-2</a>. 714Remember that you need to perform the installation from an account 715that has write privileges on these target directories; this is 716typically the root account.</p> 717 718<a name="samba2-CHP-2-TABLE-2"/><h4 class="head4">Table 2-2. Samba installation directories</h4><table border="1"> 719 720 721 722<tr> 723<th> 724<p>Directory</p> 725</th> 726<th> 727<p>Description</p> 728</th> 729</tr> 730 731 732<tr> 733<td> 734<p><em class="emphasis">/usr/local/samba</em></p> 735</td> 736<td> 737<p>Main tree</p> 738</td> 739</tr> 740<tr> 741<td> 742<p><em class="emphasis">/usr/local/samba/bin</em></p> 743</td> 744<td> 745<p>Binaries</p> 746</td> 747</tr> 748<tr> 749<td> 750<p><em class="emphasis">/usr/local/samba/lib</em></p> 751</td> 752<td> 753<p><em class="emphasis">smb.conf</em>, <em class="emphasis">lmhosts</em>, 754configuration files, etc.</p> 755</td> 756</tr> 757<tr> 758<td> 759<p><em class="emphasis">/usr/local/samba/man</em></p> 760</td> 761<td> 762<p>Samba documentation</p> 763</td> 764</tr> 765<tr> 766<td> 767<p><em class="emphasis">/usr/local/samba/private</em></p> 768</td> 769<td> 770<p>Samba-encrypted password file</p> 771</td> 772</tr> 773<tr> 774<td> 775<p><em class="emphasis">/usr/local/samba/swat</em></p> 776</td> 777<td> 778<p>SWAT files</p> 779</td> 780</tr> 781<tr> 782<td> 783<p><em class="emphasis">/usr/local/samba/var</em></p> 784</td> 785<td> 786<p>Samba log files, lock files, browse list info, shared memory files, 787process ID files</p> 788</td> 789</tr> 790 791</table> 792 793<p>Throughout the remainder of the book, we occasionally refer to the 794location of the main tree as <em class="filename">/usr/local/samba</em>. 795In most configurations, this is the base directory of the installed 796Samba package; however, it can vary from system to system<em class="filename"> 797</em>.</p> 798 799<a name="samba2-CHP-2-NOTE-90"/><blockquote class="note"><h4 class="objtitle">TIP</h4> 800<p>Watch out if you've made <em class="filename">/usr</em> a 801read-only partition. You will want to put the logs, locks, and 802password files somewhere else.</p> 803</blockquote> 804 805<p>Here is the installation that we performed on our machine. You can 806see that we used <em class="filename">/usr/local/samba</em> as the base 807directory for the distribution:</p> 808 809<blockquote><pre class="code"># <tt class="userinput"><b>make install 2>&1 | tee make-install.log</b></tt> 810Using FLAGS = -O -Iinclude -I./include -I./ubiqx -I./smbwrapper -D_LARGEFILE64 811_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -DLOGFILEBASE="/usr/local/samba/va 812r" -DCONFIGFILE="/usr/local/samba/lib/smb.conf" 813 814<i class="lineannotation">...(content omitted)...</i> 815 816The binaries are installed. You can restore the old binaries (if there 817were any) using the command "make revert". You can uninstall the binaries 818using the command "make uninstallbin" or "make uninstall" to uninstall 819binaries, manpages and shell scripts. 820 821<i class="lineannotation">...(content omitted)...</i> 822 823====================================================================== 824The SWAT files have been installed. Remember to read the swat/README 825for information on enabling and using SWAT. 826======================================================================</pre></blockquote> 827 828<p>If the last message is about SWAT, you've 829successfully installed all the files. Congratulations! You now have 830Samba on your system!</p> 831 832 833<div class="sect2"><a name="samba2-CHP-2-SECT-4.1"/> 834 835<h3 class="head2">Upgrading Your Installation</h3> 836 837<p><a name="INDEX-70"/><a name="INDEX-71"/>Eventually a new version of 838Samba will be released, and you will want to upgrade. This is simple; 839just repeat the same steps you used to install your current version. 840Download the source distribution from the Samba web site and install 841it, then run the <tt class="literal">./configure</tt>, 842<tt class="literal">make</tt>, and <tt class="literal">make</tt> 843<tt class="literal">install</tt> commands as before. If 844you've forgotten which options you used with the 845<a name="INDEX-72"/><a name="INDEX-73"/><a name="INDEX-74"/><a name="INDEX-75"/><em class="emphasis">configure</em> 846script, take a look at the 847<em class="filename">source/config.status</em><a name="INDEX-76"/><a name="INDEX-77"/> file in your previous 848version's source distribution. The first few lines 849of this file show the options used the last time 850<em class="emphasis">configure</em> was run.</p> 851 852<p>When you run the <tt class="literal">make 853install</tt><a name="INDEX-78"/> command to install your new 854version, the files of the previous version are replaced with the new 855ones, and then all you have to do is restart the Samba daemons to get 856your new version running. See <a href="ch02.html#samba2-CHP-2-SECT-8">Section 2.8</a> later in this chapter for directions on how to do this.</p> 857 858 859</div> 860 861 862<div class="sect2"><a name="samba2-CHP-2-SECT-4.2"/> 863 864<h3 class="head2">Reconfiguring Samba</h3> 865 866<p><a name="INDEX-79"/>If you 867have already compiled Samba and wish to recompile the same source 868code with different <em class="emphasis">configure</em> options, you 869should run the following three commands in the 870<em class="emphasis">source</em> directory before rerunning the 871<em class="emphasis">configure</em> script:</p> 872 873<blockquote><pre class="code"># <tt class="userinput"><b>autoconf</b></tt> 874# <tt class="userinput"><b>make clean</b></tt> 875# <tt class="userinput"><b>rm config.cache</b></tt></pre></blockquote> 876 877<p>This ensures that you are starting with a clean slate and that your 878previous <em class="emphasis">configure</em> command does not leave any 879data around that can affect your new build. From here, you can rerun 880<tt class="literal">./configure</tt> and then <tt class="literal">make</tt> and 881<tt class="literal">make install</tt>.</p> 882 883 884</div> 885 886 887<div class="sect2"><a name="samba2-CHP-2-SECT-4.3"/> 888 889<h3 class="head2">Setting Search Paths</h3> 890 891<p><a name="INDEX-80"/>You 892will probably want to run commands included in the Samba distribution 893without having to specify their full directory paths. For that to 894work, the directory in which the Samba executables are located, 895<em class="filename">/usr/local/samba/bin</em> by default, must be added 896to your shell's <a name="INDEX-81"/>PATH environment variable. This 897environment variable is usually set in one or more of the 898shell's startup files, which in the case of 899<em class="emphasis">bash</em> are <em class="filename">/etc/profile</em> 900(systemwide) and the <em class="filename">.bash_profile</em> and 901<em class="filename">.bashrc</em> files in each user's 902home directory.</p> 903 904<p>To be able to read the <a name="INDEX-82"/><a name="INDEX-83"/><a name="INDEX-84"/>Samba manual pages using the 905<em class="emphasis">man</em> command, the directory where 906Samba's manual pages reside, 907<em class="filename">/usr/local/samba/man</em> by default, must be in your 908<a name="INDEX-85"/>MANPATH environment variable. On Red 909Hat Linux, this can be accomplished by adding the following two lines 910to <em class="filename">/etc/man.config</em>:</p> 911 912<a name="INDEX-86"/><a name="INDEX-87"/><blockquote><pre class="code"> 913MANPATH /usr/local/samba/man 914MANPATH_MAP /usr/local/samba/bin /usr/local/samba/man</pre></blockquote> 915 916 917</div> 918 919 920</div> 921 922 923 924<div class="sect1"><a name="samba2-CHP-2-SECT-5"/> 925 926<h2 class="head1">Enabling SWAT</h2> 927 928<p>The <a name="INDEX-88"/><a name="INDEX-89"/>Samba 929Web Administration Tool (SWAT) runs as a daemon under 930<em class="emphasis">inetd</em> or <em class="filename">xinetd </em>and 931provides a forms-based editor in your web browser for creating and 932modifying <a name="INDEX-90"/>Samba's 933configuration file. For SWAT to work, entries must be added for it in 934the <em class="filename">/etc/services</em> and 935<em class="filename">/etc/inetd.conf</em> (or 936<em class="filename">/etc/xinetd.d/swat) </em>configuration files. To add 937the entries, follow these two steps:</p> 938 939<ol><li> 940<p>Check your <em class="filename">/etc/services</em> file, and if it does 941not contain the following line, add it to the end of the file:</p> 942 943<blockquote><pre class="code">swat 901/tcp</pre></blockquote> 944</li> 945<li> 946<p>Now for <em class="filename">inetd </em><a name="INDEX-91"/>or <em class="filename">xinetd. 947</em><a name="INDEX-92"/>These are "Internet 948super daemons" that handle starting daemons on 949demand, instead of letting them sit around in memory consuming system 950resources. Most systems use <em class="filename">inetd, </em>but 951<em class="filename">xinetd </em>is also used in some versions of Unix, 952notably the Red Hat Linux (Versions 7 and newer) that we use in our 953examples. You can use the <em class="emphasis">ps</em> command to see 954which of the two your system is running.</p> 955</li></ol> 956<p>For <em class="filename">inetd, </em>add a line to the 957<em class="emphasis">/etc/</em><em class="filename">inetd.conf </em>file. 958(Check your <em class="filename">inetd.conf</em> manual page to see the 959exact format of the<em class="filename"> inetd.conf</em> file if it 960differs from the following example.) Don't forget to 961change the path to the SWAT binary if you installed it in a different 962location from the default <em class="filename">/usr/local/samba</em>:</p> 963 964<blockquote><pre class="code">swat stream tcp nowait root /usr/local/samba/bin/swat swat</pre></blockquote> 965 966<p>Then force <em class="filename">inetd</em> to reread its configuration 967file by sending it a SIGHUP (hangup) signal:</p> 968 969<blockquote><pre class="code"># <tt class="userinput"><b>/bin/kill -HUP -a inetd</b></tt></pre></blockquote> 970 971<p>Notice that we are using a version of the <em class="emphasis">kill</em> 972command that supports the <em class="emphasis">-a</em> option, so as to 973allow us to specify the process by name. On FreeBSD and Linux, you 974can use the <em class="emphasis">killall</em> command<a name="FNPTR-2"/><a href="#FOOTNOTE-2">[2]</a> as follows:</p> 975 976<blockquote><pre class="code"># <tt class="userinput"><b>killall -HUP inetd</b></tt></pre></blockquote> 977 978<p>If you are not running Linux or FreeBSD and your version of 979<em class="emphasis">kill</em> doesn't have the 980<em class="emphasis">-a</em> option, you will need to use the 981<em class="emphasis">ps</em> command to find the process ID and then 982supply that to <em class="emphasis">kill</em>:</p> 983 984<blockquote><pre class="code"># <tt class="userinput"><b>ps ax | grep inetd</b></tt> 985 780 ? S 0:00 inetd 986 1981 pts/4 S 0:00 grep inetd 987# <tt class="userinput"><b>kill -HUP 780</b></tt></pre></blockquote> 988 989<p>If your system is using <em class="filename">xinet, </em>add a file named 990<em class="emphasis">swat</em> in your <em class="filename">/etc/xinetd.d 991</em>directory, containing the following:</p> 992 993<blockquote><pre class="code"># description: swat is the Samba Web Administration Tool, which 994# allows an administrator to configure Samba using a web 995# browser interface, with the URL http://localhost:901 996service swat. 997{ 998 socket_type = stream 999 wait = no 1000 protocol = tcp 1001 only_from = localhost 1002 user = root 1003 log_on_failure += USERID 1004 server = /usr/local/samba/bin/swat 1005 port = 901 1006 disable = no 1007}</pre></blockquote> 1008 1009<p>Then <em class="emphasis">xinetd</em> needs to be sent a signal<a name="FNPTR-3"/><a href="#FOOTNOTE-3">[3]</a> to make it reread its configuration files:</p> 1010 1011<blockquote><pre class="code"># <tt class="userinput"><b>/bin/kill -HUP -a xinetd</b></tt></pre></blockquote> 1012 1013<p>And that's pretty much it for the installation. 1014Before you can start up Samba, however, you need to create a 1015configuration file for it.</p> 1016 1017 1018</div> 1019 1020 1021 1022<div class="sect1"><a name="samba2-CHP-2-SECT-6"/> 1023 1024<h2 class="head1">A Basic Samba Configuration File</h2> 1025 1026<p><a name="INDEX-93"/>The 1027key to configuring Samba is its configuration file, 1028<em class="filename">smb.conf</em>. This configuration file can be very 1029simple or extremely complex, and the rest of this book is devoted to 1030helping you get deeply personal with this file. For now, however, 1031we'll show you how to set up a single file service, 1032which will allow you to fire up the Samba daemons and see that 1033everything is running as it should be. In later chapters, you will 1034see how to configure Samba for more complicated and interesting 1035tasks.</p> 1036 1037<p>The installation process does not automatically create an 1038<em class="filename">smb.conf</em> configuration file, although several 1039example files are included in the Samba distribution. To test the 1040server software, though, we'll use the following 1041file, which you can create in a text editor. It should be named 1042<em class="filename">smb.conf</em> and placed in the 1043<em class="emphasis">/usr/local/samba/lib</em> directory:<a name="FNPTR-4"/><a href="#FOOTNOTE-4">[4]</a></p> 1044 1045<blockquote><pre class="code">[global] 1046 workgroup = METRAN 1047[test] 1048 comment = For testing only, please 1049 path = /usr/local/samba/tmp 1050 read only = no 1051 guest ok = yes</pre></blockquote> 1052 1053<p>This brief configuration file tells the Samba server to offer the 1054<em class="filename">/usr/local/samba/tmp</em> directory on the server as 1055an SMB share called <em class="emphasis">test</em>. The server also 1056becomes part of the METRAN workgroup, of which each client must also 1057be a part. If you have already chosen a name for your own workgroup, 1058use the name of your workgroup instead of METRAN in the previous 1059example. In case you are connecting your Samba system into an 1060existing network and need to know the workgroup name, you can ask 1061another system administrator or go to a Windows system in the 1062workgroup and follow these instructions:</p> 1063 1064<ul><li> 1065<p>Windows 95/98/Me/NT: open the Control Panel, then double-click the 1066Network icon. Click the Identification tab, and look for the 1067"Workgroup:" label.</p> 1068</li><li> 1069<p>Windows 2000: open the Control Panel and double-click the System 1070icon. Click the Network Identification tab. The workgroup name will 1071appear below the computer name.</p> 1072</li><li> 1073<p>Windows XP: open the Control Panel in Classic View mode and 1074double-click the System icon. Then click the Computer Name tab.</p> 1075</li></ul> 1076<p>We'll use the <tt class="literal">[test]</tt> share in the 1077next chapter to set up the Windows clients. For now, you can complete 1078the setup by performing the following commands as root on your Unix 1079server:</p> 1080 1081<blockquote><pre class="code"># <tt class="userinput"><b>mkdir /usr/local/samba/tmp</b></tt> 1082# <tt class="userinput"><b>chmod 777 /usr/local/samba/tmp</b></tt></pre></blockquote> 1083 1084<p>You might also want to put a file or two in the 1085<em class="filename">/usr/local/samba/tmp</em> directory so that after 1086your Windows systems are initially configured, you will have 1087something to use to check that everything works.</p> 1088 1089<p>We should point out that in terms of system security, this is the 1090worst setup possible. For the moment, however, we only wish to test 1091Samba, so we'll leave security out of the picture. 1092In addition, we will encounter some encrypted password issues with 1093Windows clients later on, so this setup will afford us the least 1094amount of headaches.</p> 1095 1096 1097<div class="sect2"><a name="samba2-CHP-2-SECT-6.1"/> 1098 1099<h3 class="head2">Encrypted Passwords</h3> 1100 1101<p><a name="INDEX-94"/><a name="INDEX-95"/><a name="INDEX-96"/>If your Windows clients are using Windows 110298 or Windows NT 4 Service Pack 3 or above (including Windows 2000 1103and Windows XP) and you are using a version of Samba earlier than 11043.0, you must add the following entry to the 1105<tt class="literal">[global]</tt> section of the Samba configuration file:</p> 1106 1107<blockquote><pre class="code">[global] 1108 encrypt passwords = yes</pre></blockquote> 1109 1110<p>In addition, you must use the 1111<em class="filename">smbpasswd</em><a name="INDEX-97"/> program (typically located in the 1112directory <em class="filename">/usr/local/samba/bin/ </em>) to enter the 1113username/password combinations of the Samba users into 1114Samba's encrypted password database. For example, if 1115you wanted to allow Unix user <tt class="literal">steve</tt> to access 1116shares from a client system, you would use this command:</p> 1117 1118<blockquote><pre class="code"># <tt class="userinput"><b>smbpasswd -a steve</b></tt> 1119New SMB password: 1120Retype new SMB password: 1121Added user steve.</pre></blockquote> 1122 1123<p>When the first user is added, the program will output a message 1124saying that the encrypted password database does not exist. 1125Don't worry: it will then create the database for 1126you. Make sure that the username/password combinations you add to the 1127encrypted database match the usernames and passwords you intend to 1128use on the Windows client side. You must run 1129<em class="emphasis">smbpasswd</em> for each client user.</p> 1130 1131<p>In Samba 3.0, passwords are encrypted by default, so the 1132<tt class="literal">encrypt</tt> <tt class="literal">passwords</tt> 1133<tt class="literal">=</tt> <tt class="literal">yes</tt> parameter in the 1134configuration file is optional. However, you will still need to run 1135the <em class="emphasis">smbpasswd</em> command to add users to the 1136encrypted password file.</p> 1137 1138 1139</div> 1140 1141 1142<div class="sect2"><a name="samba2-CHP-2-SECT-6.2"/> 1143 1144<h3 class="head2">Using SWAT</h3> 1145 1146<p><a name="INDEX-98"/>Creating 1147a configuration file with SWAT is even easier than writing a 1148configuration file by hand. To invoke SWAT, use your web browser to 1149connect to <em class="emphasis">http://localhost:901</em>, and log on as 1150root with the root password, as shown in <a href="ch02.html#samba2-CHP-2-FIG-1">Figure 2-1</a>.</p> 1151 1152<div class="figure"><a name="samba2-CHP-2-FIG-1"/><a name="INDEX-99"/><img src="figs/sam2_0201.gif"/></div><h4 class="head4">Figure 2-1. SWAT login</h4> 1153 1154<p>After logging in, click the GLOBALS button at the top of the screen. 1155You should see the Global Variables page shown in <a href="ch02.html#samba2-CHP-2-FIG-2">Figure 2-2</a>.</p> 1156 1157<div class="figure"><a name="samba2-CHP-2-FIG-2"/><img src="figs/sam2_0202.gif"/></div><h4 class="head4">Figure 2-2. SWAT Global Variables page</h4> 1158 1159<p>In this example, notice that SWAT retrieved the workgroup name from 1160the <em class="emphasis">smb.conf</em> file that you created. (If it 1161didn't, go back and perform that step correctly.) 1162Make sure that the <tt class="literal">security</tt> field is set to 1163<tt class="literal">USER</tt>.</p> 1164 1165<p>If you are running Samba 2.2 and your Windows clients are at least 1166Windows 98 or Windows NT 4 SP 3 or later versions, find 1167<tt class="literal">encrypt</tt> <tt class="literal">passwords</tt> in the 1168Security Options section and select <tt class="literal">yes</tt>.</p> 1169 1170<p>The only other option you need to change from the menu is one 1171determining which system on the LAN resolves NetBIOS addresses; this 1172system is called the <em class="emphasis">WINS server</em>. At the very 1173bottom of the page, set the <tt class="literal">wins</tt> 1174<tt class="literal">support</tt> field to <tt class="literal">Yes</tt>, unless 1175you already have a WINS server on your network. If you do, put the 1176WINS server's IP address in the 1177<tt class="literal">wins</tt> <tt class="literal">server</tt> field instead. Then 1178return to the top of the screen, and press the Commit Changes button 1179to write the changes out to the <em class="emphasis">smb.conf</em> file.</p> 1180 1181<p>Next, click the SHARES icon. You should see a page similar to <a href="ch02.html#samba2-CHP-2-FIG-3">Figure 2-3</a>. Select <tt class="literal">test</tt> (to the right 1182of the Choose Share button), and click the Choose Share button. You 1183will see the Share Parameters screen, as shown in <a href="ch02.html#samba2-CHP-2-FIG-3">Figure 2-3</a>, with the <tt class="literal">comment</tt> and 1184<tt class="literal">path</tt> fields filled in from your 1185<em class="emphasis">smb.conf</em> file.</p> 1186 1187<div class="figure"><a name="samba2-CHP-2-FIG-3"/><img src="figs/sam2_0203.gif"/></div><h4 class="head4">Figure 2-3. SWAT Share Parameters screen</h4> 1188 1189<p>If you specified that you want to use encrypted passwords on the 1190GLOBALS page, click the PASSWORD button. Near the top of the screen, 1191you will see the Server Password Management section. Enter your Unix 1192username and password in the spaces, and click the Add New User 1193button. This functions the same as the <em class="emphasis">smbpasswd</em> 1194utility and creates an entry in the 1195<em class="emphasis">/usr/local/samba/private/smbpasswd</em> file to allow 1196you to authenticate from a Windows client.</p> 1197 1198<p>Now click the VIEW button at the top, and SWAT shows you the 1199following <em class="filename">smb.conf</em> file:</p> 1200 1201<blockquote><pre class="code"># Samba config file created using SWAT 1202# from localhost (127.0.0.1) 1203# Date: 2002/09/05 04:56:43 1204 1205# Global parameters 1206 workgroup = METRAN 1207 encrypt passwords = Yes 1208 wins support = Yes 1209 1210[test] 1211 comment = For testing only! 1212 path = /usr/local/samba/tmp 1213 read only = No</pre></blockquote> 1214 1215<p>Once this configuration file is completed, you can skip the next step 1216because the output of SWAT is guaranteed to be syntactically correct. 1217<a name="INDEX-100"/></p> 1218 1219 1220</div> 1221 1222 1223<div class="sect2"><a name="samba2-CHP-2-SECT-6.3"/> 1224 1225<h3 class="head2">Disabling Oplocks</h3> 1226 1227<p>The <em class="filename">smb.conf</em><a name="INDEX-101"/><a name="INDEX-102"/> 1228file you have just created is certainly good enough for the purpose 1229of initial setup and testing, and you can use it as a starting point 1230from which to develop the configuration of your production Samba 1231server. But before you get too far with that, we want to bring one 1232thing to your attention.</p> 1233 1234<p>If you are the type of administrator who is highly concerned about 1235data integrity, you might want to make the following modification to 1236your <em class="filename">smb.conf</em> file before continuing:</p> 1237 1238<blockquote><pre class="code">[global] 1239 oplocks = no</pre></blockquote> 1240 1241<p>That is, use a text editor to add the line <tt class="literal">oplocks</tt> 1242<tt class="literal">=</tt> <tt class="literal">no</tt> to the 1243<tt class="literal">[global]</tt> section of your 1244<em class="filename">smb.conf</em> file. With this example, as with other 1245examples we will present throughout this book, you do not need to 1246enter the <tt class="literal">[global]</tt> line again in your 1247configuration file. We include it only to indicate in which section 1248the parameter belongs.</p> 1249 1250<p>The <tt class="literal">oplocks</tt> <tt class="literal">=</tt> 1251<tt class="literal">no</tt> parameter disables opportunistic locking by 1252clients. This will result in significantly poorer performance, but 1253will help ensure that flaky Windows clients and/or unreliable network 1254hardware will not lead to corrupted files on the Samba server.</p> 1255 1256<p>We will cover opportunistic locking (oplocks) in more detail in the 1257section "Locks and Oplocks" in 1258<a href="ch08.html">Chapter 8</a>, and recommend that you understand the 1259ideas presented there before implementing a production Samba server 1260that serves database files or other valuable data.</p> 1261 1262 1263</div> 1264 1265 1266<div class="sect2"><a name="samba2-CHP-2-SECT-6.4"/> 1267 1268<h3 class="head2">Testing the Configuration File</h3> 1269 1270<p><a name="INDEX-103"/>If you 1271didn't use SWAT to create your configuration file, 1272you should probably test it to ensure that it is syntactically 1273correct. It might seem silly to run a test program against an 1274eight-line configuration file, but it's good 1275practice for the real ones that we'll be writing 1276later on.</p> 1277 1278<p>The test parser, 1279<em class="filename">testparm</em><a name="INDEX-104"/>, examines an 1280<em class="filename">smb.conf</em> file for syntax errors and reports any 1281it finds along with a list of the services enabled on your machine. 1282An example follows; you'll notice that in our haste 1283to get the server running we mistyped <tt class="literal">workgroup</tt> as 1284<tt class="literal">workgrp</tt> (the output is often lengthy, so we 1285recommend capturing it with the <em class="emphasis">tee</em> command):</p> 1286 1287<blockquote><pre class="code">Load smb config files from smb.conf 1288Unknown parameter encountered: "workgrp" 1289Ignoring unknown parameter "workgrp" 1290Processing section "[test]" 1291Loaded services file OK. 1292Press Enter to see a dump of your service definitions 1293# Global parameters 1294[global] 1295 workgroup = WORKGROUP 1296 netbios name = 1297 netbios aliases = 1298 server string = Samba 2.2.6 1299 interfaces = 1300 bind interfaces only = No 1301 1302<i class="lineannotation">...(content omitted)...</i> 1303 1304[test] 1305 comment = For testing only! 1306 path = /usr/local/samba/tmp 1307 read only = No</pre></blockquote> 1308 1309<p>The interesting parts are at the top and bottom. The top of the 1310output will flag any syntax errors that you might have made, and the 1311bottom lists the services that the server thinks it should offer. A 1312word of advice: make sure you and the server have the same 1313expectations. <a name="INDEX-105"/></p> 1314 1315 1316</div> 1317 1318 1319</div> 1320 1321 1322 1323<div class="sect1"><a name="samba2-CHP-2-SECT-7"/> 1324 1325<h2 class="head1">Firewall Configuration</h2> 1326 1327<p><a name="INDEX-106"/>As 1328with any services that run on TCP/IP, the SMB networking services 1329offered by Samba can be accessed from across the Internet unless your 1330organization's firewall is properly configured. The 1331following ports are used by Samba for SMB networking and SWAT:</p> 1332 1333<dl> 1334<dt><b>Port 137</b></dt> 1335<dd> 1336<p>Used for NetBIOS network browsing</p> 1337</dd> 1338 1339 1340 1341<dt><b>Port 138</b></dt> 1342<dd> 1343<p>Used for NetBIOS name service</p> 1344</dd> 1345 1346 1347 1348<dt><b>Port 139</b></dt> 1349<dd> 1350<p>Used for file and printer sharing and other operations</p> 1351</dd> 1352 1353 1354 1355<dt><b>Port 445</b></dt> 1356<dd> 1357<p>Used by Windows 2000/XP when NetBIOS over TCP/IP is disabled</p> 1358</dd> 1359 1360 1361 1362<dt><b>Port 901</b></dt> 1363<dd> 1364<p>Used by SWAT</p> 1365</dd> 1366 1367</dl> 1368 1369<p>At the minimum, your organization's Internet 1370firewall should shut down all the ports in the list to traffic in 1371both directions. Do not assume that preventing incoming connections 1372is sufficient; there are cracks that trick Windows clients into 1373sending data out of the local area network and into the Internet by 1374SMB protocol, even from a local network that uses private IP 1375addresses not forwarded by routers. If you want SMB traffic to travel 1376across the Internet to remote sites, the best way is to use a virtual 1377private network (VPN). See the O'Reilly book, 1378<em class="citetitle">Virtual Private Networks</em>, for more information 1379on this subject.</p> 1380 1381<p>In addition, you might wish to configure a firewall on the Samba host 1382system to keep SMB packets from traveling further than necessary 1383within your organization's network. For example, 1384port 901 can be shut down for remote accesses so that SWAT can be run 1385only on the Samba host system. If you are using Samba to serve only a 1386fraction of the client systems within your organization, consider 1387allowing SMB packets (i.e., packets on ports 137-139 and 445) to go 1388to or come from only those clients.</p> 1389 1390<p>For more information on configuring firewalls, see the 1391O'Reilly book <em class="citetitle">Building Internet 1392Firewalls</em>.</p> 1393 1394 1395</div> 1396 1397 1398 1399<div class="sect1"><a name="samba2-CHP-2-SECT-8"/> 1400 1401<h2 class="head1">Starting the Samba Daemons</h2> 1402 1403<p>Two Samba processes, 1404<em class="emphasis">smbd</em><a name="INDEX-107"/> and 1405<em class="emphasis">nmbd</em><a name="INDEX-108"/>, need to be running for Samba to work 1406correctly. There are three ways to start them:</p> 1407 1408<ul><li> 1409<p>Manually</p> 1410</li><li> 1411<p>Automatically, during system boot</p> 1412</li><li> 1413<p>From <em class="emphasis">inetd or xinetd</em></p> 1414</li></ul> 1415 1416<div class="sect2"><a name="samba2-CHP-2-SECT-8.1"/> 1417 1418<h3 class="head2">Starting the Daemons Manually</h3> 1419 1420<p><a name="INDEX-109"/><a name="INDEX-110"/>If you're in a 1421hurry, you can start the Samba daemons by hand. As root, simply enter 1422the following commands:</p> 1423 1424<blockquote><pre class="code"># <tt class="userinput"><b>/usr/local/samba/bin/smbd -D</b></tt> 1425# <tt class="userinput"><b>/usr/local/samba/bin/nmbd -D</b></tt></pre></blockquote> 1426 1427<p>Samba will now be running on your system and is ready to accept 1428connections. However, keep in mind that if either of the daemons exit 1429for any reason (including system reboots), they will need to be 1430restarted manually.</p> 1431 1432 1433</div> 1434 1435 1436<div class="sect2"><a name="samba2-CHP-2-SECT-8.2"/> 1437 1438<h3 class="head2">Automatic Startup</h3> 1439 1440<p><a name="INDEX-111"/><a name="INDEX-112"/>To have the Samba daemons 1441started automatically when the system boots, you need to add the 1442commands listed in the previous section to your standard Unix startup 1443scripts. The exact method varies depending on the flavor of Unix 1444you're using.</p> 1445 1446 1447<div class="sect3"><a name="samba2-CHP-2-SECT-8.2.1"/> 1448 1449<h3 class="head3">BSD Unix</h3> 1450 1451<p><a name="INDEX-113"/><a name="INDEX-114"/><a name="INDEX-115"/>With a BSD-style Unix, you need to append 1452the following code to the <em class="filename">rc.local </em>file, which 1453is typically found in the <em class="filename">/etc</em> or 1454<em class="filename">/etc/rc.d</em> directories:</p> 1455 1456<blockquote><pre class="code">if [ -x /usr/local/samba/bin/smbd]; then 1457 echo "Starting smbd..." 1458 /usr/local/samba/bin/smbd -D 1459 echo "Starting nmbd..." 1460 /usr/local/samba/bin/nmbd -D 1461fi</pre></blockquote> 1462 1463<p>This code is very simple: it checks to see if the 1464<em class="filename">smbd</em> file exists and has execute permissions, 1465and if it does, it starts up both of the Samba daemons on system 1466boot.</p> 1467 1468 1469</div> 1470 1471 1472 1473<div class="sect3"><a name="samba2-CHP-2-SECT-8.2.2"/> 1474 1475<h3 class="head3">System V Unix</h3> 1476 1477<p><a name="INDEX-116"/><a name="INDEX-117"/><a name="INDEX-118"/>With System V, things can get a little 1478more complex. Depending on your Unix version, you might be able to 1479get away with making a simple change to an 1480<em class="filename">rc.local</em> file as with BSD Unix, but System V 1481typically uses directories containing links to scripts that control 1482daemons on the system. Hence, you need to instruct the system how to 1483start and stop the Samba daemons. The first step to implement this is 1484to modify the contents of the <em class="filename">/etc/rc.d/init.d</em> 1485directory by adding something similar to the following shell script, 1486which for this example we will name <em class="filename">smb </em>:</p> 1487 1488<blockquote><pre class="code">#!/bin/sh 1489 1490# Check that the Samba configuration file exists 1491[ -f /usr/local/samba/lib/smb.conf ] || exit 0 1492 1493start( ) 1494{ 1495 echo -n "Starting SMB services: " 1496 /usr/local/samba/bin/smbd -D 1497 ERROR=$? 1498 echo 1499 1500 echo -n "Starting NMB services: " 1501 /usr/local/samba/bin/nmbd -D 1502 ERROR2=$? 1503 if [ $ERROR2 -ne 0 ] 1504 then 1505 ERROR=1 1506 fi 1507 echo 1508 1509 return $ERROR 1510} 1511 1512stop( ) 1513{ 1514 echo -n "Shutting down SMB services: " 1515 /bin/kill -TERM -a smbd 1516 ERROR=$? 1517 echo 1518 1519 echo -n "Shutting down NMB services: " 1520 /bin/kill -TERM -a nmbd 1521 ERROR2=$? 1522 if [ $ERROR2 -ne 0 ] 1523 then 1524 ERROR=1 1525 fi 1526 echo 1527 1528 return $ERROR 1529} 1530 1531case "$1" in 1532 start) 1533 start 1534 ;; 1535 stop) 1536 stop 1537 ;; 1538 *) 1539 echo "Usage: $0 {start|stop}" 1540 exit 1 1541esac 1542 1543exit $?</pre></blockquote> 1544 1545<p>With this script, you can start and stop <em class="emphasis">smbd</em> 1546and <em class="emphasis">nmbd</em> like this:</p> 1547 1548<blockquote><pre class="code"># <tt class="userinput"><b>/etc/rc.d/init.d/smb start</b></tt> 1549Starting SMB services: 1550Starting NMB services: 1551# <tt class="userinput"><b>ps ax | grep mbd</b></tt> 1552 1268 ? S 0:00 /usr/local/samba/bin/smbd -D 1553 1270 ? S 0:00 /usr/local/samba/bin/nmbd -D 1554 1465 pts/2 S 0:00 grep mbd 1555# <tt class="userinput"><b>/etc/rc.d/init.d/smb stop</b></tt> 1556Shutting down SMB services: 1557Shutting down NMB services:</pre></blockquote> 1558 1559<p>If you are having trouble writing a startup script for your system, 1560check to see if there is a packaged release of Samba (available from 1561your Unix vendor or the Samba FTP site). If so, you might be able to 1562extract a startup script from it to use as a starting point. 1563Typically, this script doesn't change much (if at 1564all) from release to release, so using a script from an older Samba 1565version should not be a problem. Another possibility is to check the 1566<em class="filename">packaging</em> directory in the Samba source 1567distribution. In that directory, there are subdirectories for many 1568Unix versions in which you can find a startup script for those 1569versions. Even if your version isn't included, you 1570can probably find a startup script for a similar version to use as a 1571starting point.</p> 1572 1573<p>Finally, we need to add symbolic links to the 1574<em class="filename">smb</em> script in the 1575<em class="emphasis">/etc/rc.d/rcX.d</em> directories:</p> 1576 1577<blockquote><pre class="code"># <tt class="userinput"><b>ln -s /etc/rc.d/init.d/smb /etc/rc.d/rc3.d/S35smb</b></tt> 1578# <tt class="userinput"><b>ln -s /etc/rc.d/init.d/smb /etc/rc.d/rc5.d/S35smb</b></tt> 1579 1580# <tt class="userinput"><b>ln -s /etc/rc.d/init.d/smb /etc/rc.d/rc0.d/K35smb</b></tt> 1581# <tt class="userinput"><b>ln -s /etc/rc.d/init.d/smb /etc/rc.d/rc1.d/K35smb</b></tt> 1582# <tt class="userinput"><b>ln -s /etc/rc.d/init.d/smb /etc/rc.d/rc2.d/K35smb</b></tt> 1583# <tt class="userinput"><b>ln -s /etc/rc.d/init.d/smb /etc/rc.d/rc4.d/K35smb</b></tt> 1584# <tt class="userinput"><b>ln -s /etc/rc.d/init.d/smb /etc/rc.d/rc6.d/K35smb</b></tt></pre></blockquote> 1585 1586<p>The first two commands, with link names starting with an 1587"S", cause Samba to be started when 1588entering runlevels 3 or 5, which are the runlevels in which network 1589file sharing (NFS) is normally enabled. The second group of commands, 1590with link names starting with a 1591"K", cause Samba to be shut down 1592when entering any of the other runlevels (0, 1, 2, 4, or 6).</p> 1593 1594<p>The links starting with "S" are 1595used to start the daemons, and the links starting with 1596"K" are used for killing them. When 1597the runlevel is changed, the links starting with 1598"K" in the corresponding directory 1599(e.g., the <em class="filename">rc3.d</em> directory for runlevel 3) are 1600executed, followed by the links starting with 1601"S". If we wanted, we could have 1602Samba restarted when switching between runlevels 3 and 5 by adding a 1603<em class="filename">K35smb</em> link to each <em class="filename">rc3.d</em> 1604and <em class="filename">rc5.d </em>directory.</p> 1605 1606<p>The number after the K or S in the link names is used to set the 1607order in which all the daemons with links in the directory are 1608started or killed off. Get a long listing of the 1609<em class="emphasis">rc3.d</em> or <em class="emphasis">rc5.d</em> directories 1610to see how this is set up on your system. We use 35 to match the 1611behavior of Red Hat's Samba RPM package. The 1612important thing is to make sure when starting Samba that all services 1613it requires are started before it. When shutting down, it is a good 1614idea to shut down Samba before services it requires to avoid excess 1615error messages in the log files, but the order is not as crucial.</p> 1616 1617 1618</div> 1619 1620 1621 1622<div class="sect3"><a name="samba2-CHP-2-SECT-8.2.3"/> 1623 1624<h3 class="head3">Darwin and Mac OS X</h3> 1625 1626<p><a name="INDEX-119"/><a name="INDEX-120"/><a name="INDEX-121"/><a name="INDEX-122"/>An installation of Samba is bundled with the 1627Darwin distribution, which is included in Mac OS X.<a name="FNPTR-5"/><a href="#FOOTNOTE-5">[5]</a> </p> 1628 1629<p>The Samba daemons are started during system 1630boot by the script 1631<em class="filename">/System/Library/StartupItems/Samba/Samba</em>. To 1632trigger the execution of this script, edit the file 1633<em class="filename">/etc/hostconfig</em> and change the SMBSERVER 1634parameter to look like this:</p> 1635 1636<blockquote><pre class="code">SMBSERVER=-YES-</pre></blockquote> 1637 1638<p>On Mac OS X, the graphical user interface (GUI) provides an 1639alternative to using the command line. Launch the System Preferences 1640application, and select Sharing (see <a href="ch02.html#samba2-CHP-2-FIG-4">Figure 2-4</a>). 1641Under the Services tab, turn on Windows File Sharing. This will make 1642the aforementioned change to <em class="filename">/etc/hostconfig</em> and 1643immediately execute the startup item.</p> 1644 1645<div class="figure"><a name="samba2-CHP-2-FIG-4"/><img src="figs/sam2_0204.gif"/></div><h4 class="head4">Figure 2-4. Mac OS X sharing preferences</h4> 1646 1647<p>If you decide to install Samba yourself on Mac OS X, 1648it's best not to stomp on the installation provided 1649with the OS. Use the procedures detailed earlier in this chapter to 1650install the software into <em class="filename">/usr/local/samba</em> or 1651some other area unaffected by OS upgrades. (Remember to set up users 1652with <em class="emphasis">smbpasswd</em> if you're using 1653encrypted passwords, as described earlier in this chapter. This step 1654is handled automatically with entries in 1655<em class="filename">/var/db/samba/hash</em> if you're 1656using the built-in server on Mac OS X.) Once you've 1657got that working, you can edit the Samba startup item script to refer 1658to your installation, like this:</p> 1659 1660<blockquote><pre class="code"> #!/bin/sh 1661 # Start Samba 1662 1663 . /etc/rc.common 1664 1665 if [ "${SMBSERVER:=-NO-}" = "-YES-" ]; then 1666 ConsoleMessage "Starting SMB server" 1667 1668 if [ -f /usr/local/samba/lib/smb.conf ]; then 1669 /usr/local/samba/bin/smbd -D 1670 /usr/local/samba/bin/nmbd -D 1671 fi 1672 fi</pre></blockquote> 1673 1674<p>However, beware of OS updates, which can wipe out your changes. One 1675solution is to make the script immutable, like this:</p> 1676 1677<blockquote><pre class="code"># <tt class="userinput"><b>chflags uchg /System/Library/StartupItems/Samba/Samba</b></tt></pre></blockquote> 1678 1679 1680</div> 1681 1682 1683 1684<div class="sect3"><a name="samba2-CHP-2-SECT-8.2.4"/> 1685 1686<h3 class="head3">Testing automatic startup</h3> 1687 1688<p><a name="INDEX-123"/><a name="INDEX-124"/>If you can afford a few minutes of 1689downtime, reboot your system and again use the 1690<em class="emphasis">ps</em> command to check that the 1691<em class="emphasis">smbd</em> and <em class="emphasis">nmbd</em> daemons are 1692running. And if you are managing a 24/7 server, we highly recommend 1693that you find some downtime in which to reboot and perform this 1694check. Otherwise, your next unscheduled downtime might surprise you 1695with a mysterious absence of SMB networking services when the system 1696comes up again! <a name="INDEX-125"/><a name="INDEX-126"/></p> 1697 1698 1699</div> 1700 1701 1702</div> 1703 1704 1705<div class="sect2"><a name="samba2-CHP-2-SECT-8.3"/> 1706 1707<h3 class="head2">Starting from inetd</h3> 1708 1709<p><a name="INDEX-127"/><a name="INDEX-128"/><a name="INDEX-129"/>The <em class="emphasis">inetd</em> 1710<em class="emphasis"><a name="FNPTR-6"/><a href="#FOOTNOTE-6">[6]</a></em> daemon is a Unix 1711system's Internet "super 1712daemon." It listens on ports defined in 1713<em class="filename">/etc/services</em> and executes the appropriate 1714program for each port, which is defined in 1715<em class="filename">/etc/inetd.conf</em>. The advantage of this scheme is 1716that you can have a large number of daemons ready to answer queries, 1717but they don't all have to be running all the time. 1718Instead, <em class="emphasis">inetd</em> listens for connection requests 1719and starts the appropriate daemon when it is needed. The penalty is a 1720small overhead cost of creating a new daemon process, as well as the 1721fact that you need to edit two files rather than one to set things 1722up. The <em class="emphasis">inetd</em> daemon is handy if you have only 1723one or two Samba users or your machine is running too many daemons 1724already. It's also easier to perform an upgrade 1725without disturbing an existing connection.</p> 1726 1727<p>If you wish to start from <em class="filename">inetd</em>, first open 1728<em class="filename">/etc/services</em> in your text editor. If you 1729don't already have them defined, add the following 1730two lines:</p> 1731 1732<blockquote><pre class="code">netbios-ssn 139/tcp 1733netbios-ns 137/udp</pre></blockquote> 1734 1735<p>Next, edit <em class="filename">/etc/inetd.conf</em>. Look for the 1736following two lines and add them if they don't 1737exist. If you already have <tt class="literal">smbd</tt> and 1738<tt class="literal">nmbd</tt> lines in the file, edit them to point at the 1739new <em class="emphasis">smbd</em> and <em class="emphasis">nmbd</em> 1740you've installed. Your brand of Unix might use a 1741slightly different syntax in this file; use the existing entries and 1742the <em class="filename">inetd.conf </em> manual 1743page as a guide:</p> 1744 1745<blockquote><pre class="code">netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd smbd 1746netbios-ns dgram udp wait root /usr/local/samba/bin/nmbd nmbd</pre></blockquote> 1747 1748<p>Finally, kill any <em class="emphasis">smbd</em> or 1749<em class="emphasis">nmbd</em> processes and send the 1750<em class="emphasis">inetd</em> process a hangup (HUP) signal to tell it 1751to reread its configuration file:</p> 1752 1753<blockquote><pre class="code"># <tt class="userinput"><b>/bin/kill -TERM -a smbd</b></tt> 1754# <tt class="userinput"><b>/bin/kill -TERM -a nmbd</b></tt> 1755# <tt class="userinput"><b>/bin/kill -HUP -a inetd</b></tt></pre></blockquote> 1756 1757<p>After that, Samba should be up and running.</p> 1758 1759<p>As we've pointed out before, Red Hat and perhaps 1760other Unix vendors supply <em class="emphasis">xinetd</em> rather than 1761<em class="emphasis">inetd</em>. If you need to use 1762<em class="emphasis">xinetd</em>, you will need to supply a configuration 1763file in the <em class="emphasis">/etc/xinetd.d</em> directory. 1764<a name="INDEX-130"/></p> 1765 1766 1767</div> 1768 1769 1770</div> 1771 1772 1773 1774<div class="sect1"><a name="samba2-CHP-2-SECT-9"/> 1775 1776<h2 class="head1">Testing the Samba Daemons</h2> 1777 1778<p><a name="INDEX-131"/><a name="INDEX-132"/>We're 1779nearly done with the Samba server setup. All that's 1780left to do is to make sure everything is working as we think it 1781should. A convenient way to do this is to use the 1782<em class="filename">smbclient</em><a name="INDEX-133"/> program to examine what the server is 1783offering to the network. If everything is set up properly, you should 1784be able to do the following:</p> 1785 1786<blockquote><pre class="code"># <tt class="userinput"><b>/usr/local/samba/bin/smbclient -U% -L localhost</b></tt> 1787added interface ip=172.16.1.1 bcast=172.16.1.255 nmask=255.255.255.0 1788Domain=[METRAN] OS=[Unix] Server=[Samba 2.2.6] 1789 1790 Sharename Type Comment 1791 --------- ---- ------- 1792 test Disk For testing only, please 1793 IPC$ IPC IPC Service (Samba 2.2.6) 1794 ADMIN$ Disk IPC Service (Samba 2.2.6) 1795 1796 Server Comment 1797 --------- ------- 1798 TOLTEC Samba 2.2.6 on toltec 1799 1800 Workgroup Master 1801 --------- ------- 1802 METRAN TOLTEC</pre></blockquote> 1803 1804<p>If there is a problem, don't panic! Try to start the 1805daemons manually, and check the system output or the debug files at 1806<em class="filename">/usr/local/samba/var/log.smb</em><a name="INDEX-134"/><a name="INDEX-135"/><a name="INDEX-136"/> to see if you can determine what happened. 1807If you think it might be a more serious problem, skip to <a href="ch12.html">Chapter 12</a> for help on troubleshooting the Samba daemons.</p> 1808 1809<p>If it worked, congratulations! You now have successfully set up the 1810Samba server with a disk share. It's a simple one, 1811but we can use it to set up and test the Windows 95/98/Me and 1812NT/2000/XP clients in the next chapter. Then we will start making it 1813more interesting by adding services such as home directories, 1814printers, and security, and by seeing how to integrate the server 1815into a larger Windows domain. <a name="INDEX-137"/></p> 1816 1817 1818</div> 1819 1820<hr/><h4 class="head4">Footnotes</h4><blockquote><a name="FOOTNOTE-1"/> 1821<p><a href="#FNPTR-1">[1]</a> <em class="emphasis">gcc</em> binaries are available for almost 1822every modern machine. See <a href="http://www.gnu.org/">http://www.gnu.org/</a> for a list of sites with 1823<em class="emphasis">gcc</em> and other GNU software.</p> <a name="FOOTNOTE-2"/> <p><a href="#FNPTR-2">[2]</a> Do 1824not confuse this with the Solaris <em class="emphasis">killall</em> 1825command, which performs part of the system shutdown sequence!</p> 1826<a name="FOOTNOTE-3"/> 1827<p><a href="#FNPTR-3">[3]</a> Depending on the version of <em class="emphasis">xinetd</em> you 1828have and how it was compiled, you might need to send a USR1 or some 1829other signal rather than the HUP signal. Check the manual page for 1830<em class="emphasis">xinetd (8)</em> on your system for details.</p> 1831<a name="FOOTNOTE-4"/> 1832<p><a href="#FNPTR-4">[4]</a> If you did not compile Samba, but instead downloaded a binary, 1833check with the documentation for the package to find out where it 1834expects the <em class="filename">smb.conf</em> file to be. Or, try running 1835the <em class="emphasis">testparm</em> program and look for the location 1836of <em class="filename">smb.conf</em> in the first line of output. If 1837Samba came preinstalled with your Unix system, an 1838<em class="filename">smb.conf</em> file is probably already somewhere on 1839your system.</p> <a name="FOOTNOTE-5"/> 1840<p><a href="#FNPTR-5">[5]</a> In this book, we cover Darwin Version 6.0 and OS X Version 184110.2.</p> <a name="FOOTNOTE-6"/> <p><a href="#FNPTR-6">[6]</a> With early releases of Samba 2.2, there were reports 1842of intermittent errors when starting from <em class="emphasis">inetd</em>. 1843We provide this information so that it will be available for later 1844releases when the problem will hopefully have been identified and 1845corrected.</p> </blockquote> 1846 1847 1848<hr/><h4 class="head4"><a href="toc.html">TOC</a></h4> 1849</body></html> 1850