Context Navigation

source: vendor/current/docs-xml/manpages-3/smbd.8.xml@ 740

Visit:

Last change on this file since 740 was 740, checked in by Silvan Scherrer, 12 years ago
Samba Server: update vendor to 3.6.0
File size: 17.0 KB

Line
1	<?xml version="1.0" encoding="iso-8859-1"?>
2	<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
3	<refentry id="smbd.8">
4
5	<refmeta>
6	<refentrytitle>smbd</refentrytitle>
7	<manvolnum>8</manvolnum>
8	<refmiscinfo class="source">Samba</refmiscinfo>
9	<refmiscinfo class="manual">System Administration tools</refmiscinfo>
10	<refmiscinfo class="version">3.6</refmiscinfo>
11	</refmeta>
12
13
14	<refnamediv>
15	<refname>smbd</refname>
16	<refpurpose>server to provide SMB/CIFS services to clients</refpurpose>
17	</refnamediv>
18
19	<refsynopsisdiv>
20	<cmdsynopsis>
21	<command>smbd</command>
22	<arg choice="opt">-D</arg>
23	<arg choice="opt">-F</arg>
24	<arg choice="opt">-S</arg>
25	<arg choice="opt">-i</arg>
26	<arg choice="opt">-h</arg>
27	<arg choice="opt">-V</arg>
28	<arg choice="opt">-b</arg>
29	<arg choice="opt">-d <debug level></arg>
30	<arg choice="opt">-l <log directory></arg>
31	<arg choice="opt">-p <port number(s)></arg>
32	<arg choice="opt">-P <profiling level></arg>
33	<arg choice="opt">-O <socket option></arg>
34	<arg choice="opt">-s <configuration file></arg>
35	</cmdsynopsis>
36	</refsynopsisdiv>
37
38	<refsect1>
39	<title>DESCRIPTION</title>
40	<para>This program is part of the <citerefentry><refentrytitle>samba</refentrytitle>
41	<manvolnum>7</manvolnum></citerefentry> suite.</para>
42
43	<para><command>smbd</command> is the server daemon that
44	provides filesharing and printing services to Windows clients.
45	The server provides filespace and printer services to
46	clients using the SMB (or CIFS) protocol. This is compatible
47	with the LanManager protocol, and can service LanManager
48	clients. These include MSCLIENT 3.0 for DOS, Windows for
49	Workgroups, Windows 95/98/ME, Windows NT, Windows 2000,
50	OS/2, DAVE for Macintosh, and smbfs for Linux.</para>
51
52	<para>An extensive description of the services that the
53	server can provide is given in the man page for the
54	configuration file controlling the attributes of those
55	services (see <citerefentry><refentrytitle>smb.conf</refentrytitle>
56	<manvolnum>5</manvolnum></citerefentry>. This man page will not describe the
57	services, but will concentrate on the administrative aspects
58	of running the server.</para>
59
60	<para>Please note that there are significant security
61	implications to running this server, and the <citerefentry><refentrytitle>smb.conf</refentrytitle>
62	<manvolnum>5</manvolnum></citerefentry> manual page should be regarded as mandatory reading before
63	proceeding with installation.</para>
64
65	<para>A session is created whenever a client requests one.
66	Each client gets a copy of the server for each session. This
67	copy then services all connections made by the client during
68	that session. When all connections from its client are closed,
69	the copy of the server for that client terminates.</para>
70
71	<para>The configuration file, and any files that it includes,
72	are automatically reloaded every minute, if they change. You
73	can force a reload by sending a SIGHUP to the server. Reloading
74	the configuration file will not affect connections to any service
75	that is already established. Either the user will have to
76	disconnect from the service, or <command>smbd</command> killed and restarted.</para>
77	</refsect1>
78
79	<refsect1>
80	<title>OPTIONS</title>
81
82	<variablelist>
83	<varlistentry>
84	<term>-D</term>
85	<listitem><para>If specified, this parameter causes
86	the server to operate as a daemon. That is, it detaches
87	itself and runs in the background, fielding requests
88	on the appropriate port. Operating the server as a
89	daemon is the recommended way of running <command>smbd</command> for
90	servers that provide more than casual use file and
91	print services. This switch is assumed if <command>smbd
92	</command> is executed on the command line of a shell.
93	</para></listitem>
94	</varlistentry>
95
96	<varlistentry>
97	<term>-F</term>
98	<listitem><para>If specified, this parameter causes
99	the main <command>smbd</command> process to not daemonize,
100	i.e. double-fork and disassociate with the terminal.
101	Child processes are still created as normal to service
102	each connection request, but the main process does not
103	exit. This operation mode is suitable for running
104	<command>smbd</command> under process supervisors such
105	as <command>supervise</command> and <command>svscan</command>
106	from Daniel J. Bernstein's <command>daemontools</command>
107	package, or the AIX process monitor.
108	</para></listitem>
109	</varlistentry>
110
111	<varlistentry>
112	<term>-S</term>
113	<listitem><para>If specified, this parameter causes
114	<command>smbd</command> to log to standard output rather
115	than a file.</para></listitem>
116	</varlistentry>
117
118	<varlistentry>
119	<term>-i</term>
120	<listitem><para>If this parameter is specified it causes the
121	server to run "interactively", not as a daemon, even if the
122	server is executed on the command line of a shell. Setting this
123	parameter negates the implicit daemon mode when run from the
124	command line. <command>smbd</command> also logs to standard
125	output, as if the <command>-S</command> parameter had been
126	given.
127	</para></listitem>
128	</varlistentry>
129
130	&stdarg.server.debug;
131	&popt.common.samba;
132	&stdarg.help;
133
134	<varlistentry>
135	<term>-b</term>
136	<listitem><para>Prints information about how
137	Samba was built.</para></listitem>
138	</varlistentry>
139
140	<varlistentry>
141	<term>-p\|--port<port number(s)></term>
142	<listitem><para><replaceable>port number(s)</replaceable> is a
143	space or comma-separated list of TCP ports smbd should listen on.
144	The default value is taken from the <smbconfoption name="ports"/> parameter in &smb.conf;</para>
145
146	<para>The default ports are 139 (used for SMB over NetBIOS over TCP)
147	and port 445 (used for plain SMB over TCP).
148	</para></listitem>
149	</varlistentry>
150
151	<varlistentry>
152	<term>-P\|--profiling-level<profiling level></term>
153	<listitem><para><replaceable>profiling level</replaceable> is a
154	number specifying the level of profiling data to be collected.
155	0 turns off profiling, 1 turns on counter profiling only,
156	2 turns on complete profiling, and 3 resets all profiling data.
157	</para></listitem>
158	</varlistentry>
159	</variablelist>
160	</refsect1>
161
162	<refsect1>
163	<title>FILES</title>
164
165	<variablelist>
166	<varlistentry>
167	<term><filename>/etc/inetd.conf</filename></term>
168	<listitem><para>If the server is to be run by the
169	<command>inetd</command> meta-daemon, this file
170	must contain suitable startup information for the
171	meta-daemon.
172	</para></listitem>
173	</varlistentry>
174
175	<varlistentry>
176	<term><filename>/etc/rc</filename></term>
177	<listitem><para>or whatever initialization script your
178	system uses).</para>
179
180	<para>If running the server as a daemon at startup,
181	this file will need to contain an appropriate startup
182	sequence for the server. </para></listitem>
183	</varlistentry>
184
185	<varlistentry>
186	<term><filename>/etc/services</filename></term>
187	<listitem><para>If running the server via the
188	meta-daemon <command>inetd</command>, this file
189	must contain a mapping of service name (e.g., netbios-ssn)
190	to service port (e.g., 139) and protocol type (e.g., tcp).
191	</para></listitem>
192	</varlistentry>
193
194	<varlistentry>
195	<term><filename>/usr/local/samba/lib/smb.conf</filename></term>
196	<listitem><para>This is the default location of the <citerefentry><refentrytitle>smb.conf</refentrytitle>
197	<manvolnum>5</manvolnum></citerefentry> server configuration file. Other common places that systems
198	install this file are <filename>/usr/samba/lib/smb.conf</filename>
199	and <filename>/etc/samba/smb.conf</filename>.</para>
200
201	<para>This file describes all the services the server
202	is to make available to clients. See <citerefentry><refentrytitle>smb.conf</refentrytitle>
203	<manvolnum>5</manvolnum></citerefentry> for more information.</para>
204	</listitem>
205	</varlistentry>
206	</variablelist>
207	</refsect1>
208
209	<refsect1>
210	<title>LIMITATIONS</title>
211	<para>On some systems <command>smbd</command> cannot change uid back
212	to root after a setuid() call. Such systems are called
213	trapdoor uid systems. If you have such a system,
214	you will be unable to connect from a client (such as a PC) as
215	two different users at once. Attempts to connect the
216	second user will result in access denied or
217	similar.</para>
218	</refsect1>
219
220	<refsect1>
221	<title>ENVIRONMENT VARIABLES</title>
222
223	<variablelist>
224	<varlistentry>
225	<term><envar>PRINTER</envar></term>
226	<listitem><para>If no printer name is specified to
227	printable services, most systems will use the value of
228	this variable (or <constant>lp</constant> if this variable is
229	not defined) as the name of the printer to use. This
230	is not specific to the server, however.</para></listitem>
231	</varlistentry>
232	</variablelist>
233	</refsect1>
234
235
236	<refsect1>
237	<title>PAM INTERACTION</title>
238	<para>Samba uses PAM for authentication (when presented with a plaintext
239	password), for account checking (is this account disabled?) and for
240	session management. The degree too which samba supports PAM is restricted
241	by the limitations of the SMB protocol and the <smbconfoption name="obey pam restrictions"/> <citerefentry><refentrytitle>smb.conf</refentrytitle>
242	<manvolnum>5</manvolnum></citerefentry> paramater. When this is set, the following restrictions apply:
243	</para>
244
245	<itemizedlist>
246	<listitem><para><emphasis>Account Validation</emphasis>: All accesses to a
247	samba server are checked
248	against PAM to see if the account is vaild, not disabled and is permitted to
249	login at this time. This also applies to encrypted logins.
250	</para></listitem>
251
252	<listitem><para><emphasis>Session Management</emphasis>: When not using share
253	level secuirty, users must pass PAM's session checks before access
254	is granted. Note however, that this is bypassed in share level secuirty.
255	Note also that some older pam configuration files may need a line
256	added for session support.
257	</para></listitem>
258	</itemizedlist>
259	</refsect1>
260
261	<refsect1>
262	<title>VERSION</title>
263
264	<para>This man page is correct for version 3 of
265	the Samba suite.</para>
266	</refsect1>
267
268	<refsect1>
269	<title>DIAGNOSTICS</title>
270
271	<para>Most diagnostics issued by the server are logged
272	in a specified log file. The log file name is specified
273	at compile time, but may be overridden on the command line.</para>
274
275	<para>The number and nature of diagnostics available depends
276	on the debug level used by the server. If you have problems, set
277	the debug level to 3 and peruse the log files.</para>
278
279	<para>Most messages are reasonably self-explanatory. Unfortunately,
280	at the time this man page was created, there are too many diagnostics
281	available in the source code to warrant describing each and every
282	diagnostic. At this stage your best bet is still to grep the
283	source code and inspect the conditions that gave rise to the
284	diagnostics you are seeing.</para>
285	</refsect1>
286
287	<refsect1>
288	<title>TDB FILES</title>
289
290	<para>Samba stores it's data in several TDB (Trivial Database) files, usually located in <filename>/var/lib/samba</filename>.</para>
291
292	<para>
293	(*) information persistent across restarts (but not
294	necessarily important to backup).
295	</para>
296
297	<variablelist>
298	<varlistentry><term>account_policy.tdb*</term>
299	<listitem>
300	<para>NT account policy settings such as pw expiration, etc...</para>
301	</listitem>
302	</varlistentry>
303
304	<varlistentry><term>brlock.tdb</term>
305	<listitem><para>byte range locks</para></listitem>
306	</varlistentry>
307
308	<varlistentry><term>browse.dat</term>
309	<listitem><para>browse lists</para></listitem>
310	</varlistentry>
311
312	<varlistentry><term>connections.tdb</term>
313	<listitem><para>share connections (used to enforce max connections, etc...)</para></listitem>
314	</varlistentry>
315
316	<varlistentry><term>gencache.tdb</term>
317	<listitem><para>generic caching db</para></listitem>
318	</varlistentry>
319
320	<varlistentry><term>group_mapping.tdb*</term>
321	<listitem><para>group mapping information</para></listitem>
322	</varlistentry>
323
324	<varlistentry><term>locking.tdb</term>
325	<listitem><para>share modes & oplocks</para></listitem>
326	</varlistentry>
327
328	<varlistentry><term>login_cache.tdb*</term>
329	<listitem><para>bad pw attempts</para></listitem>
330	</varlistentry>
331
332	<varlistentry><term>messages.tdb</term>
333	<listitem><para>Samba messaging system</para></listitem>
334	</varlistentry>
335
336	<varlistentry><term>netsamlogon_cache.tdb*</term>
337	<listitem><para>cache of user net_info_3 struct from net_samlogon() request (as a domain member)</para></listitem>
338	</varlistentry>
339
340	<varlistentry><term>ntdrivers.tdb*</term>
341	<listitem><para>installed printer drivers</para></listitem>
342	</varlistentry>
343
344	<varlistentry><term>ntforms.tdb*</term>
345	<listitem><para>installed printer forms</para></listitem>
346	</varlistentry>
347
348	<varlistentry><term>ntprinters.tdb*</term>
349	<listitem><para>installed printer information</para></listitem>
350	</varlistentry>
351
352	<varlistentry><term>printing/</term>
353	<listitem><para>directory containing tdb per print queue of cached lpq output</para></listitem>
354	</varlistentry>
355
356	<varlistentry><term>registry.tdb</term>
357	<listitem><para>Windows registry skeleton (connect via regedit.exe)</para></listitem>
358	</varlistentry>
359
360	<varlistentry><term>sessionid.tdb</term>
361	<listitem><para>session information (e.g. support for 'utmp = yes')</para></listitem>
362	</varlistentry>
363
364	<varlistentry><term>share_info.tdb*</term>
365	<listitem><para>share acls</para></listitem>
366	</varlistentry>
367
368	<varlistentry><term>winbindd_cache.tdb</term>
369	<listitem><para>winbindd's cache of user lists, etc...</para></listitem>
370	</varlistentry>
371
372	<varlistentry><term>winbindd_idmap.tdb*</term>
373	<listitem><para>winbindd's local idmap db</para></listitem>
374	</varlistentry>
375
376	<varlistentry><term>wins.dat*</term>
377	<listitem><para>wins database when 'wins support = yes'</para></listitem>
378	</varlistentry>
379
380	</variablelist>
381
382	</refsect1>
383
384	<refsect1>
385	<title>SIGNALS</title>
386
387	<para>Sending the <command>smbd</command> a SIGHUP will cause it to
388	reload its <filename>smb.conf</filename> configuration
389	file within a short period of time.</para>
390
391	<para>To shut down a user's <command>smbd</command> process it is recommended
392	that <command>SIGKILL (-9)</command> <emphasis>NOT</emphasis>
393	be used, except as a last resort, as this may leave the shared
394	memory area in an inconsistent state. The safe way to terminate
395	an <command>smbd</command> is to send it a SIGTERM (-15) signal and wait for
396	it to die on its own.</para>
397
398	<para>The debug log level of <command>smbd</command> may be raised
399	or lowered using <citerefentry><refentrytitle>smbcontrol</refentrytitle>
400	<manvolnum>1</manvolnum></citerefentry> program (SIGUSR[1\|2] signals are no longer
401	used since Samba 2.2). This is to allow transient problems to be diagnosed,
402	whilst still running at a normally low log level.</para>
403
404	<para>Note that as the signal handlers send a debug write,
405	they are not re-entrant in <command>smbd</command>. This you should wait until
406	<command>smbd</command> is in a state of waiting for an incoming SMB before
407	issuing them. It is possible to make the signal handlers safe
408	by un-blocking the signals before the select call and re-blocking
409	them after, however this would affect performance.</para>
410	</refsect1>
411
412	<refsect1>
413	<title>SEE ALSO</title>
414	<para><citerefentry><refentrytitle>hosts_access</refentrytitle>
415	<manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>inetd</refentrytitle>
416	<manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>nmbd</refentrytitle>
417	<manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>smb.conf</refentrytitle>
418	<manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>smbclient</refentrytitle>
419	<manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>testparm</refentrytitle>
420	<manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>testprns</refentrytitle>
421	<manvolnum>1</manvolnum></citerefentry>, and the
422	Internet RFC's <filename>rfc1001.txt</filename>, <filename>rfc1002.txt</filename>.
423	In addition the CIFS (formerly SMB) specification is available
424	as a link from the Web page <ulink noescape="1" url="http://samba.org/cifs/">
425	http://samba.org/cifs/</ulink>.</para>
426	</refsect1>
427
428	<refsect1>
429	<title>AUTHOR</title>
430
431	<para>The original Samba software and related utilities
432	were created by Andrew Tridgell. Samba is now developed
433	by the Samba Team as an Open Source project similar
434	to the way the Linux kernel is developed.</para>
435
436	<para>The original Samba man pages were written by Karl Auer.
437	The man page sources were converted to YODL format (another
438	excellent piece of Open Source software, available at <ulink url="ftp://ftp.icce.rug.nl/pub/unix/">
439	ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0
440	release by Jeremy Allison. The conversion to DocBook for
441	Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 for
442	Samba 3.0 was done by Alexander Bokovoy.</para>
443	</refsect1>
444
445	</refentry>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: